CN104115442B - RFID bidirectional authentication method based on asymmetric secret key and Hash function - Google Patents

RFID bidirectional authentication method based on asymmetric secret key and Hash function Download PDF

Info

Publication number
CN104115442B
CN104115442B CN201380003846.4A CN201380003846A CN104115442B CN 104115442 B CN104115442 B CN 104115442B CN 201380003846 A CN201380003846 A CN 201380003846A CN 104115442 B CN104115442 B CN 104115442B
Authority
CN
China
Prior art keywords
hash function
label
function value
reader
numeric string
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201380003846.4A
Other languages
Chinese (zh)
Other versions
CN104115442A (en
Inventor
苑津莎
胡岳
戚银城
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
North China Electric Power University
Original Assignee
North China Electric Power University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by North China Electric Power University filed Critical North China Electric Power University
Publication of CN104115442A publication Critical patent/CN104115442A/en
Application granted granted Critical
Publication of CN104115442B publication Critical patent/CN104115442B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
    • H04L9/3242Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions involving keyed hash functions, e.g. message authentication codes [MACs], CBC-MAC or HMAC
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0891Revocation or update of secret information, e.g. encryption key update or rekeying
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/80Wireless
    • H04L2209/805Lightweight hardware, e.g. radio-frequency identification [RFID] or sensor

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Power Engineering (AREA)
  • Storage Device Security (AREA)

Abstract

The invention discloses an RFID bidirectional authentication method based on an asymmetric secret key and a Hash function in the technical field of information security. The method comprises as follows: a reader sends request information to a label; after the label receives the request information, the label sends a label indentification symbol DID encrypted by a public key to the reader; the reader receives the label identification symol DID encrypted by the public key, decrypts the symbol via a private key, and obtains a label identification symbol ID; the reader obtains a digital string num used for Hash function verification according to the label identification symbol ID, and determining whether the label is a legal label; if the label is the legal label, the digital string num is updated. According to the method, the calculating amount of the label is not increased, the Hash function spying and attack are effectively avoided, the security of the updating of the digital string num is guaranteed, and the Hash conflict problem is solved.

Description

RFID mutual authentication method based on unsymmetrical key and Hash function
Technical field
The invention belongs to field of information security technology, more particularly, to one kind are based on unsymmetrical key and Hash letter
The RFID mutual authentication method of number.
Background technology
Internet of Things is the important component part of generation information technology." Internet of Things is exactly the internet that thing thing is connected ", its User side extends and extend between any article and article, enters row information and exchanges and communicate.Internet of Things is by intelligent sense Know, the fusion application of technology of identification and general fit calculation, Ubiquitous Network, be the application extension of internet.
RFID of Internet-of-things system is typically made up of three parts when carrying out authentication:It is built in the Internet of Things letter on internet Breath system EPC Information System (EPC-IS), read write line (Reader), label (Tag).If an inside The system of closing, EPC-IS can be substituted by local data base.
Communication between rfid interrogator and label is carried out by air interface, there is potential safety hazard.Rfid system The safety problem of itself can be summarized as privacy and two aspects of certification:It is mainly traceability problem in terms of privacy, grind at present Study carefully and find that the attack type that can suffer from has in open rfid system:1st, eavesdrop;2nd, label is followed the tracks of;3rd, spoofing attack;4、 Replay Attack;5th, Denial of Service attack;6th, man-in-the-middle attack;7th, label-copying;8th, physical attacks;9th, location-based attack.
Consider based on to aspects such as rfid system security, availabilities, researched and proposed a variety of solutions at present Scheme and safeguard measure, can be divided mainly into physical mechanism, cipher mechanism and the method that the two combines.Wherein, calculated based on password The security authentication mechanism of method becomes, because of the advantages of its security, the research emphasis researching and solving RFID security problem at present.
With the development of RFID, up to the present, many typically RFID security based on Hash function of planting have been had to assist View.
Document 1 (S.Weis.Security and Privacy in Radio Frequency Identification Device.Master Thesis of MIT, Massachusetts USA, 2003) propose Hash lock (Hash-Lock) association View, it replaces real tag ID using the cryptographic Hash of tag ID, it is to avoid leakage of information, but does not have ID dynamically to brush in agreement New mechanism, and the cryptographic Hash of ID keeps constant, and ID is to be transmitted by unsafe channel in the form of plaintext, and therefore Hash locks Agreement is highly susceptible to impersonation attack and replay attack, and attacker can also be easy to label is tracked.
Document 2 (S.Weis, S.Sarma, R.Rivest, etc.Security and Privacy Aspects of Low-Cost Radio Frequency Identification Systems.In:Proceedings of the First Security in Pervasive Computing, LNCS, 2004,2802:201 1 202) propose randomization Hash lock (Random Hash-Lock) agreement, solves the problems, such as that in Hash lock, position is followed the tracks of, but due to pseudorandom number generator collection Become in inside tags, inexpensive label realizes that the program is more difficult, and certification pass through after read write line by tag identifier ID with The mode of plaintext is transmitted in insecure channels, and therefore attacker effectively can be followed the trail of to label.Meanwhile, once obtaining The identifier ID of label, attacker just can palm off to label.
Document 3 (Mlyako Ohkubo, Koutarou Suzuki and Shingo Kinoshita., Cryptographic Approach to Privacv-Friendly Tags.http://www.r_dprivacy.org/ 2003/papers.ohkubo.pdf) propose Hash chain, label has autonomous updating ability, there is indistinguishability and forward direction Security, it is to avoid tracking, personation and the Replay Attack causing because of fixing output.But agreement is one-way authentication protocol, no The legal identity of smart-tag authentication read write line can be made.For realizing agreement, it is integrated with two Hash functions in label, increased cost. And in a database having N number of tag ID during certification, N number of record to be read from database, 2N time Hash calculates And n times compare.Computer disposal loads increase and linearly increasing, therefore the method with the contained certified number of times of label Be not suitable for the Internet of Things EPC-IS database environment that there are a large amount of RF tags.
Document 4 (Henrici D, Muller P.Hash-based enhancement of location privacy for radio-requency identification devices using varying identifiers.In: Proceedings of the2ndIEEE Annual Conference on Pervasive Computing and Communications Workshops, Washington, DC, USA, 2004:149 153) propose based on Hash function ID changes agreement, increased the dynamic refresh mechanism of tag ID, using a random number R, label identifier is entered with Mobile state brush Newly, make the ID in session each time exchange information to be different from.But there is also touchdown point privacy between ID and let out updating twice The problem of dew.And, attacker sends an inquiry instruction to label, records the response of label, then conjunction is issued in this response The read write line of method it is easy to make background end update ID so that the data in label database is asynchronous, label cannot with Cannot correctly be identified by read write line in communication afterwards, can not prevent man-in-the-middle attack.
The basic ideas of these agreements be all with the Hash functional value of label identifier as virtual ID come response reader Inquiry.Some research approaches are also had to use unsymmetrical key at present, however it is necessary that carrying out encryption and decryption in label to complete to recognize Card, increased the computational burden of label, is difficult to for inexpensive label.
Content of the invention
It is an object of the invention to, a kind of RFID mutual authentication method based on unsymmetrical key and Hash function is proposed, For solving the problems, such as the existing RFID security agreement based on Hash function.
To achieve these goals, technical scheme proposed by the present invention is, one kind is based on unsymmetrical key and Hash function RFID mutual authentication method, it is characterized in that methods described includes:
Step 1:Reader transmits request information to label;
Step 2:After label receives solicited message, label identifier DID of transmission public key encryption is to reader;
Step 3:Reader receives label identifier DID of public key encryption and with private key deciphering, obtains label identifier ID;
Step 4:Reader, according to label identifier ID, searches label identifier ID in the database being connected with reader Corresponding numeric string num, and judge whether label is legitimate tag, if label is legitimate tag, execution step 5;Otherwise, Label is illegal label, terminates verification process;
Step 5:Update numeric string num.
Described step 4 includes:
Step 101:Reader is transmitted to database label identifier ID, and database root searches it according to label identifier ID Numeric string Dnum after the corresponding public key encryption and Item Information DM after public key encryption, and by the numeral after described public key encryption Item Information DM after string Dnum and public key encryption sends to reader;
Step 102:Reader private key is believed to the numeric string Dnum after public key encryption and the article after public key encryption respectively Breath DM deciphering, obtains numeric string num and Item Information M;
Step 103:Reader produces the first random number R1And calculate the first hash function value H1=H (num | | R1), then will First random number R1It is sent to label;Wherein, H () represents Hash functional operation, and before and after " | | " represents, character string connects or displacement Computing;
Step 104:Label receives the first random number R1Afterwards, calculate the second hash function value H2=H (num | | R1) and Two hash function values H2It is sent to reader;
Step 105:Reader receives the second hash function value H2Afterwards, judge the second hash function value H2With the first Hash letter Numerical value H1Whether equal, if the second hash function value H2With the first hash function value H1Unequal, then judge that label is marked as illegal Sign;If the second hash function value H2With the first hash function value H1Equal, then label is legitimate tag.
Described renewal numeric string num includes:
Step 201:Reader produces the second random number R2And calculate the 3rd hash function value H3=H (num | | R2);
Step 202:Reader sends and comprises the 3rd hash function value H3, the second random number R2With renewal numeric string num order The first Frame to label;
Step 203:Label receives described first Frame, calculates the 4th hash function value H4=H (num | | R2);By the 4th Hash function value H4With the 3rd hash function value H3It is compared, if the 4th hash function value H4With the 3rd hash function value H3 Unequal, then terminate verification process;If the 4th hash function value H4With the 3rd hash function value H3Equal, then execution step 204;
Step 204:Label produces the 3rd random number R3, calculate numeric string Nnum=num R3, updated with numeric string Nnum Numeric string num, and calculate the 5th hash function value H5=H (Nnum | | R3);Wherein expression adds, subtracts, multiplication and division or XOR are transported Calculate;
Step 205:Label sends and comprises computing, the 3rd random number R3With the 5th hash function value H5The second Frame To reader;
Step 206:Reader receives described second Frame, according to the 3rd random number R3Calculate numeric string with computing Nnum'=num R3, and calculate the 6th hash function value H6=H (Nnum'| | R3);By the 5th hash function value H5With the 6th Kazakhstan Uncommon functional value H6It is compared, if the 5th hash function value H5With the 6th hash function value H6Equal, then tag update success, With public key, numeric string Nnum' is encrypted with the numeric string Dnnum after being encrypted;
Step 207:Send the numeric string Dnnum after described public key encryption to database, with the number after described public key encryption Word string Dnnum updates the numeric string Dnum after public key encryption.
Described renewal numeric string num includes:
Step 301:Reader produces the second random number R2, calculate numeric string Nnum=num R2, calculate the 3rd Hash letter Numerical value H3=H (Nnum | | R2);
Step 302:Reader sends and comprises the 3rd hash function value H3, the second random number R2The second data with computing Frame is to label;Wherein, computing represent add, subtract, multiplication and division or XOR;
Step 303:After label receives described second Frame, according to the second random number R2Calculate numeric string with computing Nnum'=num R2, and calculate the 4th hash function value H4=H (Nnum'| | R2), compare the 3rd hash function value H3With the 4th Hash function value H4If, the 3rd hash function value H3With the 4th hash function value H4Unequal, then terminate verification process;If 3rd hash function value H3With the 4th hash function value H4Equal, then execution step 304;
Step 304:Label replaces numeric string num with numeric string Nnum', and produces the 3rd random number R3, calculate the 5th Kazakhstan Uncommon functional value H5=H (Nnum'| | R3);
Step 305:Label sends and comprises the 3rd random number R3, the 5th hash function value H5With the information that is updated successfully the 3rd Frame is to reader;
Step 306:Reader receives described 3rd Frame, calculates the 6th hash function value H6=H (Nnum | | R3), will 6th hash function value H6With the 5th hash function value H5It is compared, if the 6th hash function value H6With the 5th hash function Value H5Equal, then tag update success, with public key, DNnum is obtained to numeric string Nnum encryption;
Step 307:Send the numeric string Dnnum after described public key encryption to database, with the number after described public key encryption Word string Dnnum updates the numeric string Dnum after public key encryption.
Described database includes local data base, also includes EPC-IS data environment.
Beneficial effects of the present invention include:
(1) unsymmetrical key is combined with Hash function, with private key verification reader identity, can be used for the EPC-IS of opening Environment, in label, the labeled marker symbol DID of storage public key encryption, does not increase tagged operand;
(2) increase the numeric string Dnum of numeric string num, EPC-IS database purchase public key encryption of setting, can be effective Prevent stealing secret information and attacking for Hash function;
(3) can be selected for public key encryption product information, safer when product information need for confidentiality;
(4) in scheme, authenticating tag is come using the Hash operation of numeric string num, the irreversibility of hash function has ensured number The safety that word string num updates, maintains tag identifier ID constant simultaneously;
(5) it is used as the data in major key inquiry EPC-IS using the unique identifier ID of label, solve Hash conflict Problem.
Brief description
Fig. 1 is the flow chart of the RFID mutual authentication method based on unsymmetrical key and Hash function that embodiment 1 provides;
Fig. 2 is the flow chart of the RFID mutual authentication method based on unsymmetrical key and Hash function that embodiment 2 provides.
Specific embodiment
Below in conjunction with the accompanying drawings, preferred embodiment is elaborated.It is emphasized that the description below is merely exemplary , rather than in order to limit the scope of the present invention and its application.
Introduce a random-number-generating module in reader (Reader), and store unsymmetrical key to (private key L, public key P), private key L is used for verification reader identity, and public key P discloses simultaneously and is present in internet.Label writes identical Hash with reader Algorithm.Reader is generally connected with a computer, and can pass through the EPC-IS data of internet access Internet of Things.
EPC-IS data includes field:(1) data field, for storing the unique identifier ID of label (Tag);(2) Dnum field, for the num numeric string calculating for Hash function after the encryption of storage of public keys P;(3) field DM, for storing Item Information after public key P encryption.Stored after numeric string num and the encryption of thing product information M using public key before product export EPC-IS, whether Item Information M encrypts can determine as the case may be.
Store DID on label (Tag), that is, use label identifier, numeric string num and Hash function after public key P encryption, And introduce a random-number-generating module.
As depicted in figs. 1 and 2, (step 2001 is to step for step 1001 to step 1008 for the authenticating step of this rfid system 2008) it is certification and the process reading information, step 1009 to step 1015 (step 2009 to step 2015) is used for updating number Word string num.Updating numeric string num in label has two methods, and one kind is to produce new numeric string Nnum (Fig. 1) by label, a kind of It is that new numeric string Nnum (Fig. 2) is produced by reader.
Embodiment 1
Included based on the RFID mutual authentication method of unsymmetrical key and Hash function:
Step 1001:Reader transmits request information to label.
Step 1002:After label receives solicited message, label identifier DID of transmission public key encryption is to reader.
Step 1003:Reader receives label identifier DID of public key encryption and with private key deciphering, obtains label identifier ID.
Step 1004:Reader is transmitted to database label identifier ID, and database root is searched according to label identifier ID Numeric string Dnum after its corresponding public key encryption and Item Information DM after public key encryption, and by the number after described public key encryption Item Information DM after word string Dnum and public key encryption sends to reader.
Step 1005:Reader private key is believed to the numeric string Dnum after public key encryption and the article after public key encryption respectively Breath DM deciphering, obtains numeric string num and Item Information M.
Step 1006:Reader produces the first random number R1And calculate the first hash function value H1=H (num | | R1), then will First random number R1It is sent to label;Wherein, H () represents Hash functional operation, " | | " represent before and after character string connection, displacement etc. Computing.
Step 1007:Label receives the first random number R1Afterwards, calculate the second hash function value H2=H (num | | R1) and Two hash function values H2It is sent to reader.
Step 1008:Reader receives the second hash function value H2Afterwards, judge the second hash function value H2With the first Hash letter Numerical value H1Whether equal, if the second hash function value H2With the first hash function value H1Unequal, then judge that label is marked as illegal Sign;If the second hash function value H2With the first hash function value H1Equal, then label is legitimate tag.
Step 1009:Reader produces the second random number R2And calculate the 3rd hash function value H3=H (num | | R2).
Step 1010:Reader sends and comprises the 3rd hash function value H3, the second random number R2Order with updating numeric string num First Frame of order is to label.
Step 1011:Label receives described first Frame, calculates the 4th hash function value H4=H (num | | R2);By Four hash function values H4With the 3rd hash function value H3It is compared, if the 4th hash function value H4With the 3rd hash function value H3Unequal, then terminate verification process;If the 4th hash function value H4With the 3rd hash function value H3Equal, then execution step 1012.
Step 1012:Label produces the 3rd random number R3, calculate numeric string Nnum=num R3, updated with numeric string Nnum Numeric string num, and calculate the 5th hash function value H5=H (Nnum | | R3);Wherein represent add, subtract, multiplication and division or XOR etc. Computing.
Step 1013:Label sends and comprises computing, the 3rd random number R3With the 5th hash function value H5The second Frame To reader.
Step 1014:Reader receives described second Frame, according to the 3rd random number R3Calculate numeric string with computing Nnum'=num R3, and calculate the 6th hash function value H6=H (Nnum'| | R3);By the 5th hash function value H5With the 6th Kazakhstan Uncommon functional value H6It is compared, if the 5th hash function value H5With the 6th hash function value H6Equal, then tag update success, With public key, numeric string Nnum' is encrypted with the numeric string Dnnum after being encrypted.
Step 1015:Send the numeric string Dnnum after public key encryption to database, with the numeric string after public key encryption Dnnum updates the numeric string Dnum after public key encryption.
Embodiment 2
Included based on the RFID mutual authentication method of unsymmetrical key and Hash function:
Step 2001:Reader transmits request information to label.
Step 2002:After label receives solicited message, label identifier DID of transmission public key encryption is to reader.
Step 2003:Reader receives label identifier DID of public key encryption and with private key deciphering, obtains label identifier ID.
Step 2004:Reader is transmitted to database label identifier ID, and database root is searched according to label identifier ID Numeric string Dnum after its corresponding public key encryption and Item Information DM after public key encryption, and by the number after described public key encryption Item Information DM after word string Dnum and public key encryption sends to reader.
Step 2005:Reader private key is believed to the numeric string Dnum after public key encryption and the article after public key encryption respectively Breath DM deciphering, obtains numeric string num and Item Information M.
Step 2006:Reader produces the first random number R1And calculate the first hash function value H1=H (num | | R1), then will First random number R1It is sent to label;Wherein, H () represents Hash functional operation, " | | " represent before and after character string connection, displacement etc. Computing.
Step 2007:Label receives the first random number R1Afterwards, calculate the second hash function value H2=H (num | | R1) and Two hash function values H2It is sent to reader.
Step 2008:Reader receives the second hash function value H2Afterwards, judge the second hash function value H2With the first Hash letter Numerical value H1Whether equal, if the second hash function value H2With the first hash function value H1Unequal, then judge that label is marked as illegal Sign;If the second hash function value H2With the first hash function value H1Equal, then label is legitimate tag.
Step 2009:Reader produces the second random number R2, calculate numeric string Nnum=num R2, calculate the 3rd Hash letter Numerical value H3=H (Nnum | | R2).
Step 2010:Reader sends and comprises the 3rd hash function value H3, the second random number R2The second data with computing Frame is to label;Wherein, computing represent add, subtract, the computing such as multiplication and division or XOR.
Step 2011:After label receives described second Frame, according to the second random number R2Calculate numeric string with computing Nnum'=num R2, and calculate the 4th hash function value H4=H (Nnum'| | R2), compare the 3rd hash function value H3With the 4th Hash function value H4If, the 3rd hash function value H3With the 4th hash function value H4Unequal, then terminate verification process;If 3rd hash function value H3With the 4th hash function value H4Equal, then execution step 2012.
Step 2012:Label replaces numeric string num with numeric string Nnum', and produces the 3rd random number R3, calculate the 5th Kazakhstan Uncommon functional value H5=H (Nnum'| | R3).
Step 2013:Label sends and comprises the 3rd random number R3, the 5th hash function value H5With the information that is updated successfully the 3rd Frame is to reader.
Step 2014:Reader receives described 3rd Frame, calculates the 6th hash function value H6=H (Nnum | | R3), will 6th hash function value H6With the 5th hash function value H5It is compared, if the 6th hash function value H6With the 5th hash function Value H5Equal, then tag update success, with public key, DNnum is obtained to numeric string Nnum encryption.
Step 2015:Send the numeric string Dnnum after public key encryption to database, with the numeric string after public key encryption Dnnum updates the numeric string Dnum after public key encryption.
The invention has the advantages that:
(1) identifier ID of label is not as the foundation of certification, and is used to inquire about the data in EPC-IS data.Assume There is N number of label, in each verification process, Tag only need to carry out 1 calculating, and database only need to carry out 1 time searching in rfid system Rope.Reader only need to produce and calculate it is determined that the legitimacy of label, suitable EPC-IS environment twice.The methods such as Hash chain need to count Calculate 2N Hash function to be simultaneously compared, EPC-IS data N value thousands of more than one hundred million it is impossible to complete.The load of this programme system is low, peace Full property is higher, and avoids Hash conflict.
(2) asymmetric-key encryption deciphering product information M and character string num are used, public and private key has been written into readding in advance Read in device, even if packet DID (label identifier with after public key P encryption) is trapped, if attacker does not know private key L, Cannot decryption information, effectively prevent privacy leakage.Efficiency high compared with the two-way authentication in current document, easily realizes.
(3) can resist multi-sending attack, avoid tracked.Numeric string num is updated, with random number R carry out irreversible Hash operation, certification and update when unpredictable using different random numbers, updated value, prevent tracked;Even if last time closes The packet of method is trapped, next time communication when retransmitted, also cannot authenticate successfully because numeric string num with random number R It is updated computing.Random number R is different every time, and result of calculation has randomness, can resist Replay Attack.
(4) solve the nonsynchronous problem of tag update, the character string after the completion of each tag update, after needs renewal Nnum and random number R carry out Hash operation, are updated confirming by reader.
(5) existing a lot of certificate scheme is only suitable for local data base, is not suitable for EPC-IS environment, and this programme be The Internet of Things Net-based Design of general significance, in the system if used in internal closing, EPC-IS data is substituted by local data base, Scheme is equally applicable feasible, and practicality is high.
Following table (table 1) is to using Hash lock agreement, Random Hash lock agreement, Hash chain agreement, ID change agreement and this paper The self refresh RFID protocol proposing, compares analysis with regard to various safety problems such as the anti-tracking, anti-eavesdrops of rfid system.
In table 1, √ represents and can resist this safety problem, × represent and can not resist this safety problem, represent not This problem is discussed.
As seen from Table 1, scheme presented herein can more preferably resist the various safety problems of rfid system it is ensured that safety Property ability be far above other agreements, an and good rfid system certificate scheme not only safety problem to be solved, it is also contemplated that The consumption of resource.This point is even more important for inexpensive label.
Table 1, security performance comparison sheet
Table 2 below is counted with regard to the required Hash in verification process of label to the agreement making existing various agreements and this paper Calculate number of times and compare analysis.
There is n label in hypothesis system.In all labels, data length is M, THRepresent the time used by the calculating of Hash function, TRProduce the time needed for random number, TDDecipher required time with unsymmetrical key.
Agreement Tag calculates the time Tag EMS memory occupation amount
Hash locks agreement 1TH 2M
Random Hash lock agreement 1TH,1TR 1M
Hash chain agreement 2TH 1M
Agreement presented herein 3TH, 1TR 2M
Table 2, efficiency comparison table
As seen from Table 1, not needing in EPC-IS calculates, and only need to once be searched for, improve authentication rate and letter The reading rate of breath.Label (Tag) although needing to carry out 3 Hash computings, after be that security obtains in order to be updated twice To raising.Regular hour delay is had by internet access EPC-IS, but is necessary in EPC-IS environment.
The above, the only present invention preferably specific embodiment, but protection scope of the present invention is not limited thereto, Any those familiar with the art the invention discloses technical scope in, the change or replacement that can readily occur in, All should be included within the scope of the present invention.Therefore, protection scope of the present invention should be with scope of the claims It is defined.

Claims (4)

1. a kind of RFID mutual authentication method based on unsymmetrical key and Hash function, is characterized in that methods described includes:
Step 1:Reader transmits request information to label;
Step 2:After label receives solicited message, label identifier DID of transmission public key encryption is to reader;
Step 3:Reader receives label identifier DID of public key encryption and with private key deciphering, obtains label identifier ID;
Step 4:Reader according to label identifier ID, with to search label identifier ID in the database that reader connects corresponding Numeric string num, and judge whether label is legitimate tag, if label is legitimate tag, execution step 5;Otherwise, label It is illegal label, terminate verification process;
Step 5:Update numeric string num;
Described step 4 includes:
Step 101:Reader is transmitted to database label identifier ID, and database root searches its correspondence according to label identifier ID Public key encryption after numeric string Dnum and the Item Information DM after public key encryption, and by the numeric string after described public key encryption Item Information DM after Dnum and public key encryption sends to reader;
Step 102:Reader private key is respectively to the numeric string Dnum after the public key encryption and Item Information DM after public key encryption Deciphering, obtains numeric string num and Item Information M;
Step 103:Reader produces the first random number R1And calculate the first hash function value H1=H (num | | R1), then by first Random number R1It is sent to label;Wherein, H () represents Hash functional operation, and before and after " | | " represents, character string connects or displacement fortune Calculate;
Step 104:Label receives the first random number R1Afterwards, calculate the second hash function value H2=H (num | | R1) and the second Kazakhstan Uncommon functional value H2It is sent to reader;
Step 105:Reader receives the second hash function value H2Afterwards, judge the second hash function value H2With the first hash function value H1Whether equal, if the second hash function value H2With the first hash function value H1Unequal, then judge label as illegal label; If the second hash function value H2With the first hash function value H1Equal, then label is legitimate tag.
2. method according to claim 1, is characterized in that described renewal numeric string num includes:
Step 201:Reader produces the second random number R2And calculate the 3rd hash function value H3=H (num | | R2);
Step 202:Reader sends and comprises the 3rd hash function value H3, the second random number R2With update the of numeric string num order One Frame is to label;
Step 203:Label receives described first Frame, calculates the 4th hash function value H4=H (num | | R2);By the 4th Hash Functional value H4With the 3rd hash function value H3It is compared, if the 4th hash function value H4With the 3rd hash function value H3Not phase Deng then terminating verification process;If the 4th hash function value H4With the 3rd hash function value H3Equal, then execution step 204;
Step 204:Label produces the 3rd random number R3, calculate numeric string Nnum=num R3, update numeral with numeric string Nnum String num, and calculate the 5th hash function value H5=H (Nnum | | R3);Wherein represent add, subtract, multiplication and division or XOR;
Step 205:Label sends and comprises computing, the 3rd random number R3With the 5th hash function value H5The second Frame give read Read device;
Step 206:Reader receives described second Frame, according to the 3rd random number R3Calculate numeric string Nnum'=with computing num⊕R3, and calculate the 6th hash function value H6=H (Nnum'| | R3);By the 5th hash function value H5With the 6th hash function Value H6It is compared, if the 5th hash function value H5With the 6th hash function value H6Equal, then tag update success, uses public key Numeric string Nnum' is encrypted with the numeric string Dnnum after being encrypted;
Step 207:Send the numeric string Dnnum after described public key encryption to database, with the numeric string after described public key encryption Dnnum updates the numeric string Dnum after public key encryption.
3. method according to claim 1, is characterized in that described renewal numeric string num includes:
Step 301:Reader produces the second random number R2, calculate numeric string Nnum=num R2, calculate the 3rd hash function value H3=H (Nnum | | R2);
Step 302:Reader sends and comprises the 3rd hash function value H3, the second random number R2Give with the second Frame of computing Label;Wherein, computing represent add, subtract, multiplication and division or XOR;
Step 303:After label receives described second Frame, according to the second random number R2Calculate numeric string Nnum'=with computing num⊕R2, and calculate the 4th hash function value H4=H (Nnum'| | R2), compare the 3rd hash function value H3With the 4th Hash letter Numerical value H4If, the 3rd hash function value H3With the 4th hash function value H4Unequal, then terminate verification process;If the 3rd Kazakhstan Uncommon functional value H3With the 4th hash function value H4Equal, then execution step 304;
Step 304:Label replaces numeric string num with numeric string Nnum', and produces the 3rd random number R3, calculate the 5th hash function Value H5=H (Nnum'| | R3);
Step 305:Label sends and comprises the 3rd random number R3, the 5th hash function value H5The 3rd data with the information that is updated successfully Frame is to reader;
Step 306:Reader receives described 3rd Frame, calculates the 6th hash function value H6=H (Nnum | | R3), by the 6th Hash function value H6With the 5th hash function value H5It is compared, if the 6th hash function value H6With the 5th hash function value H5 Equal, then tag update success, with public key, Dnnum is obtained to numeric string Nnum encryption;
Step 307:Send the numeric string Dnnum after described public key encryption to database, with the numeric string after described public key encryption Dnnum updates the numeric string Dnum after public key encryption.
4. the method according to claim 1-3 any one claim, is characterized in that described database includes locally counting According to storehouse, also include the Internet of Things web information system EPC-IS data environment being built on internet.
CN201380003846.4A 2013-06-20 2013-06-20 RFID bidirectional authentication method based on asymmetric secret key and Hash function Active CN104115442B (en)

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/CN2013/000716 WO2014201585A1 (en) 2013-06-20 2013-06-20 Rfid bidirectional authentication method based on asymmetric key and hash function

Publications (2)

Publication Number Publication Date
CN104115442A CN104115442A (en) 2014-10-22
CN104115442B true CN104115442B (en) 2017-02-08

Family

ID=51710608

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201380003846.4A Active CN104115442B (en) 2013-06-20 2013-06-20 RFID bidirectional authentication method based on asymmetric secret key and Hash function

Country Status (2)

Country Link
CN (1) CN104115442B (en)
WO (1) WO2014201585A1 (en)

Families Citing this family (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104683108B (en) * 2015-03-05 2018-03-06 西安电子科技大学 Cancel the safety certifying method of one card for multiple uses RFID tag application
CN105447430B (en) * 2015-11-19 2017-10-03 中南大学 A kind of label and the method using the HARN protocol identifications label
CN105357015B (en) * 2015-12-02 2018-11-30 华北电力大学(保定) A kind of Internet of Things safety certifying method
CN106712962B (en) * 2016-12-23 2019-12-24 西安电子科技大学 Bidirectional authentication method and system for mobile RFID system
CN110366441B (en) 2017-03-06 2022-06-28 康明斯滤清系统知识产权公司 Genuine filter identification with filter monitoring system
KR101809974B1 (en) * 2017-05-22 2017-12-19 주식회사 에프엔에스벨류 A system for security certification generating authentication key combinating multi-user element and a method thereof
CN108199851B (en) * 2018-02-01 2022-03-04 北京华大智宝电子系统有限公司 Data secure transmission method, device and system
CN108900293B (en) * 2018-05-08 2021-05-25 西安理工大学 RFID (radio frequency identification) security authentication protocol based on hash function and elliptic curve
CN110245534B (en) * 2019-06-15 2024-03-19 吴新胜 High-security radio frequency identification method, device and system based on mutual authentication
CN110492992A (en) * 2019-07-22 2019-11-22 哈尔滨工程大学 A kind of data encryption and transmission method based on radio RF recognition technology
CN112364339B (en) * 2020-08-21 2022-07-12 中国科学院信息工程研究所 Improved safe lightweight RFID authentication method

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1565002A (en) * 2001-09-04 2005-01-12 Ip和创新控股有限公司 System and method of authenticating an article
CN101217362A (en) * 2007-12-29 2008-07-09 中山大学 RFID communication security mechanism established based on dynamic randomization DRNTRU public key encryption system

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20080001752A1 (en) * 2005-04-21 2008-01-03 Skyetek, Inc. System and method for securing rfid tags
TWI340917B (en) * 2005-09-13 2011-04-21 Nec China Co Ltd Radio frequency identification system and method
CN101847199B (en) * 2009-03-24 2012-06-06 复旦大学 Security authentication method for radio frequency recognition system

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1565002A (en) * 2001-09-04 2005-01-12 Ip和创新控股有限公司 System and method of authenticating an article
CN101217362A (en) * 2007-12-29 2008-07-09 中山大学 RFID communication security mechanism established based on dynamic randomization DRNTRU public key encryption system

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
Harsh Kapoor;Dijiang Huang.Secret-Sharing Based Secure Communication Protocols for Passive RFIDs.《Global Telecommunications Conference, 2009. GLOBECOM 2009. IEEE》.2009,第1-6页. *
射频识别系统及其认证协议的研究;章轶;《中国优秀硕士学位论文全文数据库(信息科技辑)》;20080715(第7期);全文 *

Also Published As

Publication number Publication date
WO2014201585A1 (en) 2014-12-24
CN104115442A (en) 2014-10-22

Similar Documents

Publication Publication Date Title
CN104115442B (en) RFID bidirectional authentication method based on asymmetric secret key and Hash function
CN103413109B (en) A kind of mutual authentication method of radio frequency identification system
CN105100112B (en) RFID cluster label ownership transfer methods based on cloud storage
Sun et al. A hash-based RFID security protocol for strong privacy protection
CN104184733B (en) A kind of RFID lightweight mutual authentication methods encoded based on CRC
Kardaş et al. Cryptanalysis of lightweight mutual authentication and ownership transfer for RFID systems
CN101882197B (en) RFID (Radio Frequency Identification Device) inquiring-response safety certificate method based on grading key
CN101847199A (en) Security authentication method for radio frequency recognition system
CN103795543A (en) Bidirectional security authentication method for RFIP system
CN103532718A (en) Authentication method and authentication system
Sadeghi et al. User privacy in transport systems based on RFID e-tickets
CN104883681A (en) Mobile RFID mutual authentication method based on dynamic shared secret key
CN110147666A (en) Lightweight NFC identity identifying method, Internet of Things communications platform under scenes of internet of things
Lee et al. Mutual authentication protocol for enhanced RFID security and anti-counterfeiting
CN104333539A (en) RFID security authentication method based on Chebyshev mapping
CN104579688B (en) It is a kind of based on Hash function can synchronized update key RFID mutual authentication method
Peng et al. Privacy protection based on key-changed mutual authentication protocol in internet of things
CN106027237B (en) Cipher key matrix safety certifying method based on group in a kind of RFID system
Yi et al. An gen2 based security authentication protocol for RFID system
Jin et al. PUF-based RFID authentication protocol against secret key leakage
Yang et al. A privacy model for RFID tag ownership transfer
Kardaş et al. Providing resistance against server information leakage in RFID systems
CN105406971B (en) RFID (radio frequency identification) safety authentication method for intelligent power consumption information acquisition system terminal
Li et al. PUF-based RFID ownership transfer protocol in an open environment
Abyaneh On the privacy of two tag ownership transfer protocols for RFIDs

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant