CN104601334A - Identification table stealing resistant RFID (radio frequency identification) bidirectional authentication method - Google Patents

Identification table stealing resistant RFID (radio frequency identification) bidirectional authentication method Download PDF

Info

Publication number
CN104601334A
CN104601334A CN201510091035.5A CN201510091035A CN104601334A CN 104601334 A CN104601334 A CN 104601334A CN 201510091035 A CN201510091035 A CN 201510091035A CN 104601334 A CN104601334 A CN 104601334A
Authority
CN
China
Prior art keywords
rfid
label
tag
identification
old
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201510091035.5A
Other languages
Chinese (zh)
Other versions
CN104601334B (en
Inventor
黎彤亮
黄世中
王怀瑞
周彦萍
王鹏
司晓琨
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Zhejiang Liangjing Network Technology Co.,Ltd.
Original Assignee
SHIJIAZHUANG DEVELOPMENT ZONE JIKE SHANGSHI SCI-TECH Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by SHIJIAZHUANG DEVELOPMENT ZONE JIKE SHANGSHI SCI-TECH Co Ltd filed Critical SHIJIAZHUANG DEVELOPMENT ZONE JIKE SHANGSHI SCI-TECH Co Ltd
Priority to CN201510091035.5A priority Critical patent/CN104601334B/en
Publication of CN104601334A publication Critical patent/CN104601334A/en
Application granted granted Critical
Publication of CN104601334B publication Critical patent/CN104601334B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Landscapes

  • Storage Device Security (AREA)

Abstract

Disclosed is an identification table stealing resistant RFID (radio frequency identification) bidirectional authentication method. The method includes: dividing an RFID system into an RFID tag, an RFID reader and a backend database on an executing logic, and saving a unique identifier ID and a key T of the RFID tag at initial time; besides encrypting and saving a unique identifier ID' and a key T' of the tag with a symmetric cryptographic function by the backend database, enabling ID=/ID' and T=/T', saving information of an identification material corresponding to the tag to form an identification table of the table, when the reader reads the tag, receiving a parameter Ku, and performing bidirectional authentication of the tag through the parameter and a function E(). By the method, potential safety hazard of the system due to the fact that the recognition table is stolen is avoided effectively.

Description

A kind ofly resist identification and show stolen RFID mutual authentication method
Technical field
The present invention relates to a kind of secure two-way authentication method for RFID automatic recognition system, the stolen huge potential safety hazard caused to system of identification table can be prevented, belong to communication technical field.
Background technology
Radio-frequency (RF) identification (Radio Frequency Identification – RFID) is that one utilizes radiofrequency signal and Space Coupling (inductance or electromagnetic coupled) transmission characteristic, realizes contactless automatic identification destination object and obtains the technology of related data.RFID technique can improve the efficiency of management of product, reduce management cost, but RFID initial application design be wide-open, this technology also makes the information wirelessly transmitted be exposed in public providing to system data acquisition flexibly and easily while, and this is undoubtedly the significant threat of information security.
A rfid system comprises three major parts usually: RFID label tag, rfid interrogator and back-end data base.RFID label tag comprises unique identifier---ID, key and some parameters, the information of the usual in store label of back-end data base and the information of label institute marker.Assailant's attacking system is not merely the ID obtaining label, and the information such as key, the more important thing is the corresponding relation obtaining label and marker.Therefore this corresponding relation is protected to be the important content ensured information security.
At present, the settlement mechanism of rfid system information security can be divided into two large classes: a class is Physics Security Tragedy, this security mechanism mainly relies on additional equipment or hardware capability to solve the safety problem of rfid system, as electrostatic screen, active interference, clip tag etc.; Equations of The Second Kind is cipher mechanism, mainly solves rfid system safety problem by the security protocol based on cryptographic technique.
Compared with the hardware security mechanism of physically based deformation method, realize cryptographic algorithm in circuit more flexible, and advantage of lower cost, therefore receive people based on the software safety mechanism of cryptographic technique more to favor, domestic and international many scholars are adopting based on the security protocol of cryptographic technique having been done a lot of work, propose a lot of scheme, but what existing scheme was more focused on protecting is message between label and read write line, and pay close attention to less to the protection of back-end server data, once the identification table in order to identification label that back-end server is preserved is lost, the whole label tape that will grasp to system carry out risk, this risk is globality.Read while write device and only act as the bridge beam action communicated between back-end server with label, control to lack necessary measure to the use of read write line.Therefore, existing agreement can not eliminate stolen the brought risk of the information of label information that back-end server preserves and label institute marker, also needs research further and improves.
Summary of the invention
The object of the invention is to the drawback for prior art, provide a kind of and resist identification and show stolen RFID mutual authentication method, to solve the information security issue of rfid system.
Problem of the present invention realizes with following technical proposals:
Resist identification and show a stolen RFID mutual authentication method, rfid system is divided into RFID label tag, rfid interrogator and back-end data base by an actuating logic and runs in such a system, time initial, RFID label tag preserves its unique identifier ID and cipher key T; Back-end data base except use symmetric cryptography function encrypting preserve the unique identifier ID ' of label and cipher key T ', make ID ≠ ID', T ≠ T ', preserve the information of the corresponding recognizate of label in addition, form the identification table to label, described symmetric cryptography function E () meets: ID '=E (ID) XOR Ku, T=E (T) XOR Ku, Ku is the parameter that user holds, during read write line read write tag, need receiving parameter Ku, realize the two-way authentication to label by this parameter sum functions E ().
The RFID mutual authentication method that above-mentioned opposing identification table is stolen, specifically carries out according to the following steps:
A. initialization
The label data < EID that Back end data library storage manages i, ET i, ET oldi, Info i>, i=1,2 ... the label number that n, n manage for back-end data base, ET old, be the data that the RFID label tag last time uses, Info is the information of RFID label tag institute marking articles;
<ID is stored in label i i, T i>, i ∈ 1,2 ... n}
ID i, T iwith EID i, ET ipass be:
EID i = E (ID i) Ku, ID i= E -1(EID i) Ku
ET i= E (T i) , T i= E -1(ET i)
Wherein E () is a kind of cryptographic algorithm, E -1() is decipherment algorithm, and the key used is dk, and in back-end server, safety is preserved; Ku is the parameter that user holds; for XOR (XOR) computing;
B. the identification of RFID label tag
1. user's input parameter Ku is to rfid interrogator;
2. rfid interrogator is by an Arbitrary Digit R rsend to RFID label tag;
3., after RFID label tag receives the read-write requests of rfid interrogator, oneself produces a random number R t, be calculated as follows response message M afterwards 1, M 2and they are sent:
M 1=T R t
M 2=f (T R r, R t) ID ,
Wherein, f () is another symmetric cryptography function;
4., after rfid interrogator receives the response message of RFID label tag, operation parameter Ku is to M 2do following computing:
M 2= M 2 Ku
Afterwards by M 1, M 2together with R rback-end data base is sent to judge;
5. back-end data base does following calculating for each stored label information:
ID'=E -1(EID )
T'=E -1(ET)
R t'=M 1 T
Checking:
M 2=f (T' R r, R' t) ID (1a)
Whether set up;
If be false, calculate:
T' old=E -1(ET old)
R t'=M 1 T old
Checking:
M 2 =f (T' old R r, R' t) ID (1b)
Whether set up;
If (1a) be all false with (1b), then RFID label tag is not by certification, and verification process stops;
If there is (1a) or (1b) to set up, then represent that back-end data base finds the information of mark Echo Tag, prepare a message M afterwards 3:
M 3 = f (T', R' t R r) ID'
Back-end data base performs renewal rewards theory subsequently, if (1a) sets up, then upgrades:
ET old=ET
No matter (1a) sets up or (1b) establishment, all upgrades:
T new= f (ID R r, T' R' t)
ET new=E(T new)
Wherein T new, ET newfor the data that label certification next time uses.
Then back-end data base is by M 3send to read write line;
6. read write line calculates
M 3 = M 3 Ku
By M 3send to RFID label tag;
7. label checking
M 3 = f (T, R t R r) ID
If set up, then upgrade
T new=f (ID r r, T r t) and complete verification process,
Otherwise verification process stops.
The present invention is provided with double shielding to identification table, and one is be encrypted identification table; Two be by parameters cut off the data of preserving in identification table and label preserve the direct corresponding relation of data, so just effectively prevent because of the stolen huge potential potential safety hazard to system generation of identification table.
Accompanying drawing explanation
Below in conjunction with accompanying drawing, the invention will be further described.
Fig. 1 is flow chart of data processing figure of the present invention.
In figure, each symbol is: M 1, M 2, M 3for message, for believable message, for incredible message, for XOR.
In literary composition, each symbol is: Ku is the parameter that user holds, and ID is the unique identifier of RFID label tag, and T is the key of RFID label tag, ID ibe the unique identifier of i-th RFID label tag, T ibe the key of i-th RFID label tag, Info is the information of label institute marking articles, and E () is a kind of cryptographic algorithm, E -1() is decipherment algorithm, and its key is dk, and in back-end server, safety is preserved and uses, R rfor the number of initiating to inquire about to label that rfid interrogator produces, R tfor RFID label tag produces a random number, f () is a symmetric cryptography function.
Embodiment
The present invention proposes the mutual authentication method between a kind of RFID label tag and read write line, relative to additive method, and the risk that this method can prevent the information of the label information because back-end server keeps and label institute marker stolen brought.
Concrete steps are:
1. initialization
The label data < EID that Back end data library storage manages i, ET i, ET oldi, Info i>, i=1,2 ... the label number that n, n manage for back-end data base, ET old, be the data that the label last time uses, Info is the information of label institute marking articles.
<ID is stored in label i i, T i>, i ∈ 1,2 ... n}
ID i, T iand EID i, ET ipass is:
EID i= E (ID i) Ku, ID i= E -1(EID i) Ku
ET i= E (T i) , T i= E -1(ET i)
Read write line needs to carry out the work such as safety certification when connecting back-end server, sets up the escape way of believable Message Transmission.
2. identify
Step 0: prepare before running.User's input parameter Ku is to read write line.
Step 1:RFID read write line is by an Arbitrary Digit R rsend to RFID label tag.
Step 2: after label receives the read-write requests of read write line, oneself produces a random number R t, calculate response message M afterwards 1, M 2and they are sent:
M 1=T R t
M 2=f (T R r, R t) ID
Step 3: after read write line receives the message of the response of label, operation parameter Ku is to M 2do following computing:
M 2= M 2 Ku
Afterwards by M 1, M 2together with R rback-end data base is sent to judge.
Step 4: back-end data base does following calculating for each stored label information:
ID'=E -1(EID )
T'=E -1(ET)
R t'=M 1 T
Checking:
M 2=f(T' R r,R' t) ID (1a)
Whether set up.
If be false, calculate:
T' old=E -1(ET old)
R t'=M 1 T old
Checking:
M 2=f (T' old R r, R' t) ID (1b)
Whether set up.
If (1a) be all false with (1b), then RFID label tag is not by certification, and verification process stops;
If there is (1a) or (1b) to set up, then represent that back-end data base finds the information of mark Echo Tag, prepare a message M afterwards 3:
M 3= f (T', R' t R r) ID'
Back-end data base performs renewal rewards theory subsequently, if (1a) sets up, then upgrades:
ET old=ET
No matter (1a) sets up or (1b) establishment, all upgrades:
T new= f (ID R r, T' R' t)
ET new=E(T new)
Then back-end data base is by M 3send to read write line.
Step 5: read write line calculates
M 3 = M 3 Ku
By M 3send to label.
Step 6: label is verified
M 3 = f (T, R t R r) ID
If set up, then upgrade
T new = f (ID R r, T R t)
And complete process; Else process stops.

Claims (2)

1. resist identification and show stolen RFID mutual authentication method for one kind, it is characterized in that, rfid system is divided into RFID label tag, rfid interrogator and back-end data base and runs in such a system by described method on an actuating logic, and time initial, RFID label tag preserves its unique identifier ID and cipher key T; Back-end data base except use symmetric cryptography function encrypting preserve the unique identifier ID ' of label and cipher key T ', make ID ≠ ID', T ≠ T ', preserve the information of the corresponding recognizate of label in addition, form the identification table to label, described symmetric cryptography function E () meets: ID '=E (ID) XOR Ku, T=E (T) XOR Ku, Ku is the parameter that user holds, during read write line read write tag, need receiving parameter Ku, realize the two-way authentication to label by this parameter sum functions E ().
2. according to claim 1ly a kind ofly resist identification and show stolen RFID mutual authentication method, it is characterized in that, operation is carried out according to the following steps:
A. initialization
The label data < EID that Back end data library storage manages i, ET i, ET oldi, Info i>, i=1,2 ... the label number that n, n manage for back-end data base, ET old, be the data that the RFID label tag last time uses, Info is the information of RFID label tag institute marking articles;
<ID is stored in label i i, T i>, i ∈ 1,2 ... n}
ID i, T iwith EID i, ET ipass be:
EID i= E (ID i) Ku, ID i= E -1(EID i) Ku
ET i= E (T i) , T i= E -1(ET i)
Wherein E () is a kind of cryptographic algorithm, E -1() is decipherment algorithm, and the key used is dk; Ku is the parameter that user holds; for XOR (XOR) computing;
B. the identification of RFID label tag
1. user's input parameter Ku is to rfid interrogator;
2. rfid interrogator produces a random number R r, and this random number is sent to RFID label tag;
3., after RFID label tag receives the read-write requests of rfid interrogator, oneself produces a random number R t, be calculated as follows response message M afterwards 1, M 2and they are sent:
M 1=T R t
M 2 =f (T R r, R t) ID
Wherein, f () is another symmetric cryptography function;
4., after rfid interrogator receives the response message of RFID label tag, use the parameter Ku of the old owner (or claiming current owner, the seller) to M 2do following computing:
M 2= M 2 Ku
Afterwards by M 1, M 2together with R rback-end data base is sent to judge;
5. back-end data base does following calculating for each stored label information:
ID'=E -1(EID )
T'=E -1(ET)
R t'=M 1 T
Checking:
M 2=f (T' R r, R' t) ID (1a)
Whether set up;
If be false, calculate:
T' old=E -1(ET old)
R t'=M 1 T old
Checking:
M 2=f (T' old R r, R' t) ID (1b)
Whether set up;
If (1a) be all false with (1b), then RFID label tag is not by certification, and verification process stops;
If there is (1a) or (1b) to set up, then find the information of mark Echo Tag, prepare a message M afterwards 3:
M 3 = f (T', R' t R r) ID'
Back-end data base performs renewal rewards theory subsequently, if (1a) sets up, then upgrades:
ET old=ET
No matter (1a) sets up or (1b) establishment, all upgrades:
T new= f (ID R r, T' R' t)
ET new=E(T new)
Wherein T new, ET newfor the data that label certification next time uses;
Then, back-end data base is by M 3send to read write line;
6. read write line calculates
M 3 = M 3 Ku
By M 3send to RFID label tag;
7. label checking
M 3 = f (T, R t R r) ID
If set up, then upgrade
T new=f (ID r r, T r t) and complete certification,
Otherwise certification stops.
CN201510091035.5A 2015-03-01 2015-03-01 It is a kind of to resist the stolen RFID mutual authentication methods of identification table Active CN104601334B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201510091035.5A CN104601334B (en) 2015-03-01 2015-03-01 It is a kind of to resist the stolen RFID mutual authentication methods of identification table

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201510091035.5A CN104601334B (en) 2015-03-01 2015-03-01 It is a kind of to resist the stolen RFID mutual authentication methods of identification table

Publications (2)

Publication Number Publication Date
CN104601334A true CN104601334A (en) 2015-05-06
CN104601334B CN104601334B (en) 2018-09-11

Family

ID=53126864

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201510091035.5A Active CN104601334B (en) 2015-03-01 2015-03-01 It is a kind of to resist the stolen RFID mutual authentication methods of identification table

Country Status (1)

Country Link
CN (1) CN104601334B (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106485292A (en) * 2015-08-28 2017-03-08 重庆品胜科技有限公司 The method and system of the carbon tape box true and false on a kind of checking heat-transfer printing device

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2001054083A1 (en) * 2000-01-18 2001-07-26 Infineon Technologies Ag Microprocessor system with encoding
CN102111758A (en) * 2009-12-28 2011-06-29 北京安码科技有限公司 Method for solving end-to-end problem in mobile communication based on encryption system
CN102737260A (en) * 2011-04-15 2012-10-17 深联致远(北京)科技有限公司 Method and apparatus for identifying and verifying RFID privacy protection

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2001054083A1 (en) * 2000-01-18 2001-07-26 Infineon Technologies Ag Microprocessor system with encoding
CN102111758A (en) * 2009-12-28 2011-06-29 北京安码科技有限公司 Method for solving end-to-end problem in mobile communication based on encryption system
CN102737260A (en) * 2011-04-15 2012-10-17 深联致远(北京)科技有限公司 Method and apparatus for identifying and verifying RFID privacy protection

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106485292A (en) * 2015-08-28 2017-03-08 重庆品胜科技有限公司 The method and system of the carbon tape box true and false on a kind of checking heat-transfer printing device
CN106485292B (en) * 2015-08-28 2020-01-14 重庆品胜科技有限公司 Method and system for verifying authenticity of carbon ribbon cartridge on thermal transfer printing equipment

Also Published As

Publication number Publication date
CN104601334B (en) 2018-09-11

Similar Documents

Publication Publication Date Title
CN104217230B (en) The safety certifying method of hiding ultrahigh frequency electronic tag identifier
KR100805273B1 (en) Method and system for identfying information of product in display or in buy with radio frequency identification system and recording medium thereof
CN102882683B (en) Synchronizable RFID (radio-frequency identification) security authentication method
CN104184733B (en) A kind of RFID lightweight mutual authentication methods encoded based on CRC
CN100504908C (en) Method and system for protecting radio frequency identification tag and reader data safety
CN104115442B (en) RFID bidirectional authentication method based on asymmetric secret key and Hash function
MX2010011809A (en) System of providing a fixed identification of a transponder while keeping privacy and avoiding tracking.
CN102043973B (en) RFID ownership transfer method based on partially trusted centre
CN101980241B (en) Method, system and device for authenticating radio frequency tag
CN103338110B (en) RFID safety authentication based on dynamic I D band search key
US20150256524A1 (en) Information processing apparatus, ic chip, and information processing method
CN103532718A (en) Authentication method and authentication system
CN205140033U (en) Electron password privilege management system of intelligence lock
CN104243164A (en) Dynamic encryption non-contact type anti-counterfeit label and control method
CN104700125A (en) AES encryption and verification of ultra high frequency radio identification system
CN104579688A (en) RFID two-way authentication method based on Hash function and capable of updating keys synchronously
CN103793742B (en) A kind of system of electronic label safety identification and the information encryption of electronic traffic car plate
CN104579673B (en) Interactive authentication method between RFID card and card reader
CN108694344A (en) A kind of cryptography electronic label
CN103077414A (en) Passive RFID (Radio Frequency Identification Devices) electronic tag reader-writer with high reliability and UHF (Ultra High Frequency) and read write control method
CN104680106A (en) Method and device for controlling safety command-based electronic seal
CN104601334A (en) Identification table stealing resistant RFID (radio frequency identification) bidirectional authentication method
CN104618118B (en) A kind of RFID ownership changes support method
CN103763106A (en) Position privacy protection method in Internet-of-Things authentication
CN103324970A (en) Efficient and safe RFID (radio frequency identification device) receiving and transmitting method and system

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
TA01 Transfer of patent application right
TA01 Transfer of patent application right

Effective date of registration: 20161221

Address after: 050081 friendship Street, Shijiazhuang, Hebei, No. 46

Applicant after: APPLICATION MATHEMATICS INSTITUTE, HEBEI ACADEMY OF SCIENCES

Address before: 050081 Hebei, Shijiazhuang friendship south street, building 46, No. 1

Applicant before: Shijiazhuang Development Zone Jike Shangshi Sci-Tech Co., Ltd.

GR01 Patent grant
GR01 Patent grant
TR01 Transfer of patent right
TR01 Transfer of patent right

Effective date of registration: 20210106

Address after: 315000 8-3-13, 227 Tongji Road, Jiangbei District, Ningbo City, Zhejiang Province

Patentee after: Zhejiang Liangjing Network Technology Co.,Ltd.

Address before: 050081 No. 46 friendship south street, Hebei, Shijiazhuang

Patentee before: INSTITUTE OF APPLIED MATHEMATICS, HEBEI ACADEMY OF SCIENCES