CN106845304B - A kind of method and system for realizing reader and smart-tag authentication in RFID system - Google Patents
A kind of method and system for realizing reader and smart-tag authentication in RFID system Download PDFInfo
- Publication number
- CN106845304B CN106845304B CN201710053713.8A CN201710053713A CN106845304B CN 106845304 B CN106845304 B CN 106845304B CN 201710053713 A CN201710053713 A CN 201710053713A CN 106845304 B CN106845304 B CN 106845304B
- Authority
- CN
- China
- Prior art keywords
- label
- reader
- ciphertext
- random number
- token information
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 70
- 230000005540 biological transmission Effects 0.000 claims description 35
- 238000003860 storage Methods 0.000 claims description 34
- 230000008569 process Effects 0.000 description 18
- 238000012795 verification Methods 0.000 description 12
- 230000008859 change Effects 0.000 description 6
- 238000004891 communication Methods 0.000 description 6
- 238000010586 diagram Methods 0.000 description 5
- 230000006870 function Effects 0.000 description 5
- 241000209094 Oryza Species 0.000 description 4
- 235000007164 Oryza sativa Nutrition 0.000 description 4
- 235000021186 dishes Nutrition 0.000 description 4
- 238000005516 engineering process Methods 0.000 description 4
- 235000009566 rice Nutrition 0.000 description 4
- 241001269238 Data Species 0.000 description 2
- 238000006073 displacement reaction Methods 0.000 description 2
- 238000004519 manufacturing process Methods 0.000 description 2
- 239000011159 matrix material Substances 0.000 description 2
- 230000002265 prevention Effects 0.000 description 2
- 238000012545 processing Methods 0.000 description 2
- 230000007704 transition Effects 0.000 description 2
- 241000208340 Araliaceae Species 0.000 description 1
- 235000005035 Panax pseudoginseng ssp. pseudoginseng Nutrition 0.000 description 1
- 235000003140 Panax quinquefolius Nutrition 0.000 description 1
- 238000013475 authorization Methods 0.000 description 1
- 230000000903 blocking effect Effects 0.000 description 1
- 230000001413 cellular effect Effects 0.000 description 1
- 238000010276 construction Methods 0.000 description 1
- 235000013399 edible fruits Nutrition 0.000 description 1
- 239000000284 extract Substances 0.000 description 1
- 235000008434 ginseng Nutrition 0.000 description 1
- 239000000203 mixture Substances 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000002360 preparation method Methods 0.000 description 1
- 230000000750 progressive effect Effects 0.000 description 1
- 238000011160 research Methods 0.000 description 1
- 230000004044 response Effects 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06K—GRAPHICAL DATA READING; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
- G06K7/00—Methods or arrangements for sensing record carriers, e.g. for reading patterns
- G06K7/10—Methods or arrangements for sensing record carriers, e.g. for reading patterns by electromagnetic radiation, e.g. optical sensing; by corpuscular radiation
- G06K7/10009—Methods or arrangements for sensing record carriers, e.g. for reading patterns by electromagnetic radiation, e.g. optical sensing; by corpuscular radiation sensing by radiation using wavelengths larger than 0.1 mm, e.g. radio-waves or microwaves
- G06K7/10257—Methods or arrangements for sensing record carriers, e.g. for reading patterns by electromagnetic radiation, e.g. optical sensing; by corpuscular radiation sensing by radiation using wavelengths larger than 0.1 mm, e.g. radio-waves or microwaves arrangements for protecting the interrogation against piracy attacks
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/606—Protecting data by securing the transmission between two devices or processes
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06K—GRAPHICAL DATA READING; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
- G06K19/00—Record carriers for use with machines and with at least a part designed to carry digital markings
- G06K19/06—Record carriers for use with machines and with at least a part designed to carry digital markings characterised by the kind of the digital marking, e.g. shape, nature, code
- G06K19/067—Record carriers with conductive marks, printed circuits or semiconductor circuit elements, e.g. credit or identity cards also with resonating or responding marks without active components
- G06K19/07—Record carriers with conductive marks, printed circuits or semiconductor circuit elements, e.g. credit or identity cards also with resonating or responding marks without active components with integrated circuit chips
- G06K19/073—Special arrangements for circuits, e.g. for protecting identification code in memory
- G06K19/07309—Means for preventing undesired reading or writing from or onto record carriers
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06K—GRAPHICAL DATA READING; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
- G06K7/00—Methods or arrangements for sensing record carriers, e.g. for reading patterns
- G06K7/10—Methods or arrangements for sensing record carriers, e.g. for reading patterns by electromagnetic radiation, e.g. optical sensing; by corpuscular radiation
- G06K7/10009—Methods or arrangements for sensing record carriers, e.g. for reading patterns by electromagnetic radiation, e.g. optical sensing; by corpuscular radiation sensing by radiation using wavelengths larger than 0.1 mm, e.g. radio-waves or microwaves
- G06K7/10297—Methods or arrangements for sensing record carriers, e.g. for reading patterns by electromagnetic radiation, e.g. optical sensing; by corpuscular radiation sensing by radiation using wavelengths larger than 0.1 mm, e.g. radio-waves or microwaves arrangements for handling protocols designed for non-contact record carriers such as RFIDs NFCs, e.g. ISO/IEC 14443 and 18092
Landscapes
- Engineering & Computer Science (AREA)
- Physics & Mathematics (AREA)
- Theoretical Computer Science (AREA)
- Health & Medical Sciences (AREA)
- General Physics & Mathematics (AREA)
- Computer Security & Cryptography (AREA)
- General Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- General Health & Medical Sciences (AREA)
- Toxicology (AREA)
- Software Systems (AREA)
- Bioethics (AREA)
- Electromagnetism (AREA)
- Artificial Intelligence (AREA)
- Computer Vision & Pattern Recognition (AREA)
- Computer Networks & Wireless Communication (AREA)
- Microelectronics & Electronic Packaging (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses a kind of method and system for realizing reader and smart-tag authentication in RFID system, reader and label in the method and system contain minimum Encryption Algorithm, and reader sends the first random number and the second random number and the first ciphertext to label;Label uses minimum Encryption Algorithm, and obtains the second ciphertext to the first random number encryption using shared key, and label compares the first ciphertext and the second ciphertext, and if they are the same, label passes through reader authentication;Label uses minimum Encryption Algorithm, and third ciphertext is obtained to the second random number encryption using shared key, it is sent to reader, reader uses minimum Encryption Algorithm, and the 4th ciphertext is obtained to the second random number encryption using shared key, reader compares third ciphertext and the 4th ciphertext, and if they are the same, reader passes through smart-tag authentication.The embodiment of the present invention realizes the identification to the target object of built-in label by two-way authentication between reader and label, improves the safety that data are transmitted between reader and label.
Description
Technical field
Eat dishes without rice or wine field of security protocols the present invention relates to RFID system, more particularly to one kind based on minimum Encryption Algorithm, adopt
With RFID eat dishes without rice or wine security protocol realize RFID system between reader and label two-way authentication method and system.
Background technique
Radio frequency identification (Radio Frequency Identification, RFID) technology passes through radiofrequency signal automatic identification
Target object simultaneously obtains related data, is a kind of contactless automatic identification technology.Since RFID technique is known with multiple target
The advantages that other and contactless identification, currently, RFID technique is widely used to the neck such as manufacturing industry, business, military affairs and daily life
Domain.
RFID system generally comprises three parts: reader, label and background data base.Wherein, reader is one and has
The wireless transmission and receiving equipment of antenna, has biggish memory space and microprocessor, and microprocessor has stronger processing
Ability;Label is the microcircuit equipped with antenna, is made of thousands of logic gates, usually not microprocessor;Number of units afterwards
It is the Database Systems that can be run with any hardware platform according to library, with powerful memory space and there is microprocessor,
With stronger logic processing capability.
Generally, when RFID system identifies target object in practice, reader is to separate with label, and label is integrated in
In identified target object, between reader and label, correlation is authenticated and obtained by sending radio frequency signal
Data.Due to transmitting data by radio frequency signal between reader and label, the transmission medium of signal is air, is easy to meet with
To the influence of the insecurity factors such as various malicious attacks.
Summary of the invention
Inventor has found that, in order to overcome the influence of the insecurity factors such as various malicious attacks, raising is read in the course of the research
The safety for reading traffic channel data between device and label, can be by a variety of security protocol applications based on standard-key cryptography
Between reader and label, still, these agreements using reader to label or label to the unilateral authentication of reader,
When the data of transmission encounter the insecurity factors such as various malicious attacks between reader and label, the safety of data is transmitted
It is low.Meanwhile Encryption Algorithm employed in these security protocols based on standard-key cryptography, it is desirable that label has biggish deposit
Space is stored up, so this method for improving safety may not apply to low cost RFID system label.
In view of this, the main object of the present invention is provided in a kind of realization RFID system for low cost RFID label
The method and system of reader and label two-way authentication, the method and system are that the RFID based on minimum Encryption Algorithm eats dishes without rice or wine safety
The two-way authentication of protocol realization, because minimum Encryption Algorithm is smaller to the memory space requirement of label, the present invention is based on poles
The mutual authentication method and system that small Encryption Algorithm is realized, not only can be suitably used for low cost RFID system label, but also can overcome various
The influence of the insecurity factors such as malicious attack, and then improve the safety of certification.Further, it is based on two-way authentication side above-mentioned
Method, moreover it is possible to realize the safety for transmitting data in low cost RFID system between reader and label.
For this purpose, technical proposal that the invention solves the above-mentioned problems is:
A kind of method for realizing reader and smart-tag authentication in RFID system, which is characterized in that the method for the certification is answered
For RFID system, the RFID system includes reader, label and database, and the database and the label have shared
Key, this method are as follows:
The label calculates label identifier and smart-tag authentication code using hash algorithm, obtains token information;Its
In, the token information is that the label is calculated after receiving the querying command that the reader is sent;
Token information is sent to the reader by the label;
The database root obtains the corresponding shared key of the label according to the token information that the reader is sent;
The shared key, the first random number and the second random number are sent to the reader by the database, described
First random number is generated with second random number by the database;
The reader uses minimum Encryption Algorithm, and is obtained using the shared key to first random number encryption
First ciphertext;
First random number, second random number and first ciphertext are sent to the mark by the reader
Label;
Label first ciphertext and the second ciphertext, second ciphertext is by the label using described minimum
Encryption Algorithm, and first random number encryption is obtained using the shared key, if first ciphertext and described second
Ciphertext is identical, then the label passes through the reader authentication;
Third ciphertext is sent to the reader by the label, and the third ciphertext uses minimum encryption by the label
Algorithm, and second random number encryption is obtained using the shared key;
The reader third ciphertext and the 4th ciphertext, the 4th ciphertext is as described in reader use
Minimum Encryption Algorithm, and second random number encryption being obtained using the shared key, if the third ciphertext with it is described
4th ciphertext is identical, then reader passes through the smart-tag authentication.
Preferably, the label calculates label identifier and smart-tag authentication code using hash algorithm, obtains token information
Method, specifically include:
The label is accorded with using string-concatenation, is spliced to the label identifier and the smart-tag authentication code, is obtained
To splicing character;
The label calculates the splicing character using the hash algorithm, obtains the token information.
Preferably, the database root is sent according to the reader token information obtain the label it is corresponding share it is close
Key specifically includes:
The database receives the token information that reader is sent;
The database searches call number corresponding with the token information from storage table, and the storage table is each mark
Reserved two pairs of call numbers and token information are signed, includes the token information that label is sent in two pairs of call numbers and token information,
The storage table saves in the database;
The database obtains the corresponding call number of the token information;
Call number described in the data base manipulation obtains shared key corresponding with the call number.
Preferably, the database root is sent according to the reader token information obtain the label it is corresponding share it is close
After key, further includes:
The database calculates the exclusive or of the call number and the first random number as a result, first random number is by database
It generates;
Exclusive or result described in the data base manipulation updates storage another pair call number and token information in table.
Preferably, a kind of method for realizing reader and smart-tag authentication in RFID system, further includes:
The reader sends radio frequency signal to the label, and the label is integrated in target object;
The reader obtains the data of the target object according to the feedback signal of the label;
The present invention also provides a kind of system for realizing reader and smart-tag authentication in RFID system, the system comprises: it reads
Device, label and database are read, the database and the label have shared key.
Label in the system specifically includes:
Computing unit obtains token letter for calculating using hash algorithm label identifier and smart-tag authentication code
Breath;Wherein, the token information is that the label is calculated after receiving the querying command that the reader is sent;
First transmission unit, for token information to be sent the reader;The comparing unit is for more described the
One ciphertext and the second ciphertext, second ciphertext use the minimum Encryption Algorithm by the label, and using it is described share it is close
Key obtains first random number encryption, if first ciphertext is identical as second ciphertext, the label is to described
Reader authentication passes through;
Second transmission unit, for third ciphertext to be sent the reader, the third ciphertext is used by the label
Minimum Encryption Algorithm, and second random number encryption is obtained using the shared key.
Preferably, the computing unit includes:
Splicing module spells the label identifier and the smart-tag authentication code for being accorded with using string-concatenation
It connects, obtains splicing character;
Computing module obtains the token information for calculating the splicing character using the hash algorithm.
Database in the system specifically includes:
Acquiring unit, the token information for being sent according to the reader obtain the label it is corresponding share it is close
Key;
Transmission unit, it is described for the shared key, the first random number and the second random number to be sent the reader
First random number is generated with second random number by the database.
Preferably, the acquiring unit specifically includes:
Receiving module, for receiving the token information of reader transmission;
Searching module, for searching call number corresponding with the token information from storage table, the storage table is every
A label reserves two pairs of call numbers and token information, believes in two pairs of call numbers and token information comprising the token that label is sent
Breath, the storage table save in the database;
Call number module is obtained, for obtaining the corresponding call number of the token information;
Shared key module is obtained, for obtaining shared key corresponding with the call number using the call number.
Preferably, the database further include:
Computing unit, for calculating the exclusive or of the call number and the first random number as a result, first random number is by counting
It is generated according to library;
Updating unit, for updating storage another pair call number and token information in table using the exclusive or result.
Reader in the Verification System specifically includes:
Encryption unit, for using minimum Encryption Algorithm, and using the shared key to first random number encryption
Obtain the first ciphertext;
Transmission unit, for first random number, second random number and first ciphertext to be sent the mark
Label;
Comparing unit, for the third ciphertext and the 4th ciphertext, the 4th ciphertext is used by the reader
The minimum Encryption Algorithm, and second random number encryption being obtained using the shared key, if the third ciphertext with
4th ciphertext is identical, then reader passes through the smart-tag authentication.
Preferably, the reader in the Verification System further include:
Radio frequency signal unit is sent, for sending radio frequency signal to the label, the label is integrated in mesh
It marks in object;
It obtains target object data unit and obtains the number of the target object for the feedback signal according to the label
According to.
Compared with prior art, the invention has the following advantages:
For the RFID system of low cost, the easy incident of data is transmitted in RFID system between reader and label in order to overcome
It is influenced by insecurity factors such as various malicious attacks, guarantees the safety for transmitting data between reader and label, the present invention mentions
RFID out based on minimum Encryption Algorithm eats dishes without rice or wine security protocol, and the symmetric key encryption algorithm that wherein security protocol uses is minimum
Encryption Algorithm (Tiny Encryption Algorithm, TEA), this algorithm for encryption decrypt speed is fast, it is simple to realize, have compared with
Good resisting differential performance, also, this algorithm does not use transition matrix is suitable for low the of less demanding of the memory space of label
Cost RFID system label.Meanwhile this security protocol only works as reader by the way of two-way authentication between reader and label
Smart-tag authentication is passed through, at the same label reader authentication is passed through after just can be carried out between reader and label data transmission;And
And label is updated label identifier during each certification, database carries out more the call number in storage table
Newly, so that in each verification process, the call number in label identifier and database is dynamic change, overcomes existing skill
The unidirectional authentication disadvantage low to the blocking statutes of the insecurity factors such as various malicious attacks between reader and label in art, thus
So that the safety for transmitting data between reader and label is higher.
Detailed description of the invention
In order to more clearly explain the embodiment of the invention or the technical proposal in the existing technology, to embodiment or will show below
There is attached drawing needed in technical description to be briefly described, it should be apparent that, the accompanying drawings in the following description is only this
The embodiment of invention for those of ordinary skill in the art without creative efforts, can also basis
The attached drawing of offer obtains other attached drawings.
Fig. 1 is the composed structure schematic diagram of RFID system in the present invention;
Fig. 2 is the flow chart that reader and label carry out two-way authentication using minimum Encryption Algorithm in the present invention;
Fig. 3 is the flow chart of charge station's pickup vehicle expense in the present invention;
Fig. 4 is the corresponding structural schematic diagram of label in a kind of system of certification in the present invention;
Fig. 5 is the corresponding structural schematic diagram of database in a kind of system of certification in the present invention;
Fig. 6 is the corresponding structural schematic diagram of reader in a kind of system of certification in the present invention;
Fig. 7 is the also included cellular construction schematic diagram of reader in a kind of application authorization system in the present invention.
Specific embodiment
Following will be combined with the drawings in the embodiments of the present invention, and technical solution in the embodiment of the present invention carries out clear, complete
Site preparation description, it is clear that described embodiments are only a part of the embodiments of the present invention, instead of all the embodiments.It is based on
Embodiment in the present invention, it is obtained by those of ordinary skill in the art without making creative efforts every other
Embodiment shall fall within the protection scope of the present invention.
The present invention provides the method and system of reader and smart-tag authentication in a kind of RFID system, this reader and label
Certification is the two-way authentication realized based on minimum Encryption Algorithm.During reader and label carry out two-way authentication, firstly,
Reader obtains the corresponding shared key of this label according to label identifier ID from database, and reader is obtained from database
Take the first random number and the second random number;Then, reader will use this shared key to encrypt the first random number obtains first
Ciphertext, the first random number and the second random number are sent to label, and the shared key that label is possessed using it is by the first random number
Encryption obtains the second ciphertext, and label compares the first ciphertext and the second ciphertext, if the two is identical, label is logical to the certification of reader
It crosses;Finally, label obtains third ciphertext to the second random number encryption using shared key, and third ciphertext is sent to reading
Device, reader obtain the 4th ciphertext to the second random number encryption with owned shared key, and reader compares third ciphertext
With the 4th ciphertext, if the two is identical, reader passes through the certification of label.When in RFID system reader and label it is two-way
After certification passes through, the information that reader needs to obtain label can be by being encrypted in safe transmission in communication channel.
Reader obtains the information of label in RFID system in order to guarantee inexpensive label, can pacify in communication channel
Full transmission, proposes a kind of method and system of two-way authentication based on minimum Encryption Algorithm.In order to make those skilled in the art
Methods of this invention will be better understood and system, first describes in detail below to RFID system and minimum Encryption Algorithm.
The composition figure of RFID system, as shown in Figure 1, as shown in Figure 1, RFID system include background data base, reader with
Label three parts.When usual RFID system identifies target object in practical applications, target object have it is multiple, in RFID system
Label and target object be it is one-to-one, a label, and reader and label are integrated on each target object
Between be it is separated, related data is mutually authenticated and obtained between reader and label by radiofrequency signal.
When reader and label carry out transmission data by radiofrequency signal, reader is usually sent into radio frequency letter to label
Number channel be known as " forward channel ", label to reader send radiofrequency signal channel be known as " backward channel ".Due to reading
The wireless power difference of device and label is very big, and the wireless power of reader is greater than the wireless power of label, therefore forward channel
Communication range be far longer than the communication range of backward channel.
In RFID system, reader is to separate with label, by radio frequency signal in forward channel and reversed letter
It is transmitted in road, and reader and background data base are connected to connect, reader can obtain data from background data base.This
Outside, reader and database all have microprocessor, have biggish computing capability and memory space.But inexpensive label
Do not have microprocessor usually, is only made of thousands of logic gates, calculating speed, communication capacity and memory space are all non-
It is often limited.
Therefore, for the RFID system of inexpensive label, the present invention propose the mutual authentication method of reader and label with
System is realized based on minimum Encryption Algorithm.Minimum Encryption Algorithm (Tiny Encryption Algorithm, TEA) is one
Kind symmetric key encryption algorithm has occupancy memory space small, meanwhile, this algorithm does not use transition matrix, does not need label tool
There is biggish memory space, is suitable for and inexpensive label.In addition, TEA algorithm using 128 data keys in plain text at least into
Row 32 takes turns iteration (recommending to carry out 64 wheel iteration), has the characteristics that calculating speed is fast and resisting differential performance is good.
By taking TEA obtains 64 ciphertexts into 32 wheel iterative cryptographics using 128 key pairs, 64 clear datas as an example, introduce
The process of TEA encryption, process are as follows:
(1) parameter initialization
64 clear datas are divided into x and y two parts, respectively account for 32;
128 keys are divided into 4 parts, respectively a, b, c, d, every part accounts for 32;
Parameter δ=0x9E3779B9, Sum=0.
(2) 32 wheel interative computation processes are carried out to clear data are as follows:
Sum=Sum+ δ;
Wherein, " < < " indicates to press bitwise shift left, and " > > " indicates to press bitwise shift right,Indicate xor operation.
By in (2) step x and y merge to obtain 64 ciphertexts.
In order to enable those skilled in the art to better understand the solution of the present invention, with reference to the accompanying drawings and detailed description
The present invention is described in further detail.
Embodiment 1
In order to make those skilled in the art in RFID system between reader and label based on minimum Encryption Algorithm into
Row two-way authentication is best understood from, and is described in detail below in RFID system between reader and label based on minimum Encryption Algorithm
The step of carrying out two-way authentication.
Referring to Fig. 2, being that reader and label use minimum Encryption Algorithm to carry out two-way authentication in the embodiment of the present invention
Flow chart, specific steps may include:
Step S200: firstly, reader sends querying command to label, this querying command is that the present invention carries out two-way authentication
The first step.When reader needs to carry out two-way authentication with label, reader sends querying command to label first.
For example, reader in RFID system proposed by the present invention and label to be carried out to the method and system application of two-way authentication
In the management of statistics company's fixed assets, the assets of all companies are all distinguished to the label of built-in RFID system, RFID system
Reader be connected with database, have the relevant information of all fixed assets of company in the database.When company needs
When counting all fixed assets of present company, reader sends querying command to all labels, prompts to carry out with label two-way
Certification to realize the identification to label, and then realizes the statistics to existing fixed assets.
There are multiple labels in RFID system, is situated between below in the method that reader carries out two-way authentication with a label
It continues, reader and the mutual authentication method of remaining label are similar with the method.
Step S201: the label calculates label identifier and smart-tag authentication code using hash algorithm, is enabled
Board information;Wherein, the token information is that the label is calculated after receiving the querying command that the reader is sent;
After label receives this querying command, " ‖ " is accorded with for label identifier " ID " and smart-tag authentication code using string-concatenation
" P " is spliced, and splicing character " ID ‖ P " is obtained.Wherein each label is respectively ID there are two optional label identifier0With
ID1.Wherein, ID0With ID1Can by label generate mosaic symbol, if selecting one of them, afterwards every time and reader into
When row certification, this label identifier is all used.For example, selecting ID during label is authenticated with reader for the first time0Make
To generate " ID " that splices character, then using ID always in later verification process every time0, and ID0With ID1Each
It can be all updated in verification process;
Smart-tag authentication code is the present invention to realize the two-way authentication of reader and label, in label and background data base
In increased content, smart-tag authentication code generates token information for label, this smart-tag authentication code will not be updated, and be and label one
One is corresponding.Then, label calculates splicing character " ID ‖ P " using hash algorithm, obtains token information.
Step S202: the token information is sent to the reader by label.
Reader receives the token information that label is sent, this token information is sent to database so as to subsequent.
Step S203: the database root is corresponding according to the token information acquisition label that the reader is sent
Shared key.
Specifically, reader receives the token information that label is sent, and this token information is sent to database.
Database root accordingly token information obtain the corresponding shared key of the label specific steps include: step A1~
A4。
Step A1: database receives the token information that reader is sent.
Step A2: database searches call number corresponding with the token information from storage table, wraps in the storage table
The corresponding token information of all labels and call number are included, the storage table saves in the database.
Storage table is preserved in the database, includes the information of all labels, the corresponding storage of each label in this storage table
A record in table, this record content contain: (ID0, H (ID0//P), ID1, H (ID1//P), data).
Wherein, ID0With ID1Respectively indicate H (ID0//P) and H (ID1//P) call number, be each label in storage table
ID is reserved respectively0With ID1, database from storage table by searching received token information, to determine using reserved ID0Or
ID1, the ID in each verification process0With ID1It is updated;" data " indicate label private information data, as price of goods,
The data of the need for confidentiality such as the cargo place of production;In initialization, ID0=ID, ID1=0.
The token information that database root is sent according to reader is received obtains the token information from storage table record and corresponds to
Call number.
Step A3: call number described in data base manipulation obtains the shared key.
Database using obtained call number according to obtaining shared key by the way of appointing with label, this shared key
Acquisition modes are label and database convention, and the mode of shared key is obtained between label and database:
Mode one: reader is with before label two-way authentication in carrying out RFID system, and label manufacturer is by shared key
It is written in label, each label has multiple shared keys, and shared key has been completed to sort, when being authenticated every time in sequence
The second ciphertext and third ciphertext are generated using shared key, and the shared key of multiple sequences of this label is stored in backstage
In database, database root is found after call number according to the token information that label is sent according to the number of certification and shared key
Sequentially, the shared key of this certification is determined, at this point, database is chosen in each reader and during smart-tag authentication
Shared key and label used in shared key be identical.
Mode two: label generates shared key while generating token information in each certification, label is using asymmetric
Encryption Algorithm is simultaneously close by sharing of being encrypted of this shared key using public key;The private key of database root label accordingly is to adding
Close shared key decrypts to obtain the shared key,.
It should be noted that in such a way that such key is shared, before needing reader and label to carry out two-way authentication,
There is the private key of asymmetric key algorithm corresponding with all labels in database, the data base manipulation private key is to received
Encryption shared key decrypts to obtain the shared key of the label, and the call number of each label and label institute are right in database
The private key for the asymmetric cryptographic algorithm answered is corresponding.
Between label and database in such a way that such key is shared, reader is needed to send token information to database
Meanwhile the shared key of tag encryption is also sent to database.Database root is corresponding in the database according to the token information
Call number, finds private key corresponding to the label, and the shared key of this private key of data base manipulation decryption encryption is shared to obtain
Key.
It should be noted that the mode that above label obtains shared key with database is that the embodiment of the present invention provides
Two ways, there is also other modes, in practical application, should according to the performances such as the memory space of label and computing capability come
Determine that label and database obtain the mode of shared key.
After the label that database obtains corresponds to shared key, database is random with first by the corresponding call number of the label
Number carries out exclusive or, and obtained exclusive or result is replaced another call number in storage table.
For example, preserving the information (ID of label in the storage table of database0, H (ID0//P), ID1, H (ID1//P),
data)。ID0With ID1It is two call numbers reserved for the label, database token information based on the received obtains in storage table
H (ID0//P) it is identical as the token information, then data are according to H (ID0//P) corresponding call number ID0Obtain being total to for the label
After enjoying key, using formulaTo update ID1With H (ID1//P)。
Step S204: the shared key, the first random number and the second random number are sent the reading by the database
Device, first random number are generated with second random number by the database;
Database generates the first random number and the second random number, and by this first random number and the second random number and step
The shared key that S203 is obtained is sent to reader.Specifically, database can generate two not using randomizer
Same random number is respectively as the first random number and the second random number, it should be noted that the first random number and the second random number
Length is identical as the length of call number for needing to update.
Step S205: the reader uses minimum Encryption Algorithm, and random to described first using the shared key
Number encryption obtains the first ciphertext;
Reader receives the first random number, the second random number and the shared key that database is sent.In reader uses
The minimum Encryption Algorithm set, and the first ciphertext is obtained to the first random number encryption using shared key.Specifically, art technology
Personnel are without creative efforts, it is easy to according to the minimum Encryption Algorithm use 128 key pairs 64 for
For 32 wheel iterative cryptographics of clear data progress obtain the encryption method of 64 ciphertexts, obtains reader and adopted with minimum Encryption Algorithm
The first ciphertext is obtained to the first random number encryption with shared key, the first ciphertext is generated to reader herein and is not being repeated.
Step 206: first random number, second random number and first ciphertext are sent institute by the reader
State label;
The first ciphertext, the first random number and the second random number that step S205 is encrypted are sent to mark by reader
Label.
Step S207: label first ciphertext and the second ciphertext, second ciphertext are adopted by the label
With the minimum Encryption Algorithm, and first random number encryption is obtained using the shared key, if first ciphertext
Identical as second ciphertext, then the label passes through the reader authentication;
Label receives the first ciphertext, the first random number and the second random number that reader is sent;Label is using built in it
Minimum Encryption Algorithm, and received first random number is encrypted to obtain the second ciphertext using shared key, specifically, mark
The method that the first random number of label encryption obtains the second ciphertext encrypts the first random number with reader and obtains the method phase of the first ciphertext
Together.
Label compares the first ciphertext and the second ciphertext, if the two is identical, label passes through the certification of reader, if the two
Difference then terminates identifying procedure.
It should be noted that label to the first ciphertext compared with the second ciphertext it is complete after, using formula
Carry out two optional label identifier ID in refreshed tag0With ID1, in formula, the value of X is 1 or 0, RAFor described first with
Machine number.For example, label uses ID during label and reader authentication0Token information is generated, at this point, according to formulaUpdate two alternative label identifiers of label, afterwards label and reader
During being authenticated, label is using the ID updated0To generate token information.
Step S208: third ciphertext is sent the reader by the label, and the third ciphertext is used by the label
Minimum Encryption Algorithm, and second random number encryption is obtained using the shared key;
Label uses built-in minimum Encryption Algorithm, and it is close using shared key to obtain third to the second random number encryption
This third ciphertext is sent to reader by text.Wherein, label obtains the method and reading of third ciphertext to the second random number encryption
The method that device obtains the first ciphertext to the first random number encryption is similar, and which is not described herein again.
Step S208: the reader third ciphertext and the 4th ciphertext, the 4th ciphertext is by the reading
Device uses the minimum Encryption Algorithm, and is obtained using the shared key to second random number encryption, if the third
Ciphertext is identical as the 4th ciphertext, then reader passes through the smart-tag authentication.
Reader receives the third ciphertext that label is sent, using minimum Encryption Algorithm and random to second using shared key
Number encryption obtains the 4th ciphertext, and shared key herein is the shared key that database is sent to reader in step S204.
Wherein, reader the method for the 4th ciphertext obtained to the second random number encryption and label to obtain third to the second random number encryption close
The method of text is similar, and which is not described herein again.
Then, reader compares third ciphertext and the 4th ciphertext, if the two is identical, reader is logical to the certification of label
It crosses, if the two is different, terminates the verification process between reader and label.
As can be seen that being passed between reader and label by after this two-way authentication from the step of above-mentioned realization two-way authentication
Defeated data can be through the encrypted data of minimum Encryption Algorithm, according to the characteristic of minimum Encryption Algorithm, not share
In the case where key, it is impossible to data, therefore, attacker are obtained if it is intended to obtaining this data must have shared key, and
Shared key is only present in database and label, if it is desired to obtaining this shared key from database, needs to obtain token
Call number in information, also can not be according to token information according to the characteristic of hash function even if attacker steals token informations
The corresponding call number of the label is recovered, and then shared key can not be obtained, so reader and label are through the invention
After two-way authentication, it is ensured that transmit the secret of data.
Meanwhile the above-mentioned realization two-way authentication the step of in, label calculates clear data using hash function and obtains token
Information, according to the characteristic of hash function, if clear data changes 1bit, obtained hash function value will generate huge change
Change, equally, in turn, if changing 1bit to hash function value, can not learn that corresponding clear data is.Equally, such as
Fruit change TEA encrypts to obtain ciphertext 1bit, and will lead to the data decrypted and original data has very big difference.Therefore, originally
The method that inventive embodiments provide can guarantee the integrality for transmitting data in mutual authentication process between reader and label, if
Data are distorted by attacker in verification process, then label and reader will not realize two-way authentication.
Also, between reader and label carry out two-way authentication during, only reader know with label share it is close
Key, when label receives the first ciphertext that reader is sent, through the second ciphertext compared with the first ciphertext, it is possible to determine that go out this
First ciphertext is that true reader is sent;Similarly, reader receive label send third ciphertext, general third ciphertext with
The comparison of 4th ciphertext, reader can be determined that this third ciphertext is that true label is sent, it was demonstrated that reader and label it
Between reply data be to another party inquiry response, after the certification of the two, it is ensured that the authenticity of data.
Further, due to during certification, after label is compared the first ciphertext with the second ciphertext, to the mark
Label generate identifier used in token information and are updated, so that the token information signed and issued out in the acceptance of the bid of each verification process
It is different from the previous case, and be not in contact between token information.Therefore, it can protect by the method that label refreshes identifier
The privacy of user.It is that each label reserves two call numbers meanwhile during certification, in database purchase table, each
Verification process in connection receive token information corresponding to call number do not update, only update it is not corresponding with token information
Call number, so that no matter whether label is updated to generating identifier used in token information in this verification process,
Next time in verification process, the corresponding call number of the token information, and then database can be found in database purchase table
Shared key is obtained, realizes the process of two-way authentication.Therefore the embodiment of the present invention is solved due to database update call number mark
The problem of signing more new identifier brought step-out.
Even if also, attacker is communicated in reader with label, and label can be pretended to be to think highly of to reading next time
It is new to send the token information intercepted before, so that subsequent tag can pass through reader authentication, still, due to this certification
In the process, database has occurred that change to the random number that reader is sent, and during reader is to smart-tag authentication, attacks
Random number that the person of hitting sends to reader or last time communication intercept to random number, sent with this database to reader
Random number is different, and therefore, reader will not pass through the certification of label, so that the two-way authentication between this reader and label is lost
It loses, and then attacker cannot obtain the data transmitted between subsequent tag and reader, it is seen then that two-way authentication of the invention realizes
Prevention to attacker's Replay Attack.
Further, because it is variation that label, which generates the identifier of token information, in the embodiment of the present invention, even if attacking
The person of hitting can exchange the identifier of two legitimate tags, form displacement attack, still, authentication code corresponding to two labels is not
It can change with the identifier of two labels of displacement, therefore, label is generated according to displaced label identifier and authentication code
Token information is not present in the storage table of database, and then will not realize the two-way authentication between label and reader, is realized
The prevention of attack is replaced to attacker.
To sum up, the embodiment of the present invention realizes the two-way authentication of reader and label by above step, may be implemented to read
The precaution of secret, integrality, authenticity and raising to various malicious attacks of data is transmitted between device and label.
Embodiment 2
The data of acquisition target object are wanted for reader, and the label of RFID system is built-in in this target object, than
If RFID system is applied in highway (road and bridge) non-stopping toll administration, RFID system is installed in freeway toll station
Reader and database in system, are built-in with the label of RFID system in the car, when vehicle passes through this charge station, reader
Two-way authentication is carried out first with label, and after two-way authentication, not parking receipts are may be implemented in the expense of charge station's pickup vehicle
Take.
Referring to Fig. 3, being the flow chart of charge station's pickup vehicle expense in the embodiment of the present invention, specific steps be can wrap
It includes:
Step S301: the reader sends radio frequency signal to the label, and the label is integrated in target object
In.
It is integrated with the label of RFID system in vehicle, the reader and data of RFID system are installed in charge station.Work as vehicle
When by charge station, label of the reader of charge into vehicle sends the radio frequency signal for carrying out two-way authentication.
Step S302: the reader obtains the data of the target object according to the feedback signal of the label;
After label receives the radio frequency signal that reader sends progress two-way authentication, according to the method for embodiment 1, read
Device and label carry out two-way authentication.After if the two-way authentication between label in the reader and vehicle of charge station passes through, vehicle
Label to the corresponding name on account of reader feedback vehicle, charge station automatically extracts the expense that vehicle is dealt in the account of vehicle
With to realize highway (road and bridge) non-stopping toll administration.
In the embodiment of the present invention, the toll station reader and database that are equipped with RFID system first passes through charge
The label of RFID system is installed in the vehicle stood.Then, when vehicle passes through charge station, reader and label two-way recognize
Card.Finally, reader obtains the name on account of vehicle, and then obtains the vehicle and answer after reader and label two-way authentication pass through
The expense of payment.Realize highway (road and bridge) non-stopping toll administration.
Embodiment 3
The embodiment of the invention discloses a kind of system of certification, which includes: reader, label and database, described
Database and the label have shared key.
The label of the system includes: computing unit, the first transmission unit, comparing unit and the second transmission unit, is referred to
Fig. 4, comprising:
Computing unit 401: for calculating using hash algorithm label identifier and smart-tag authentication code, token is obtained
Information;Wherein, the token information is that the label is calculated after receiving the querying command that the reader is sent;
First transmission unit 402: being used for, and the token information is sent the reader;
Comparing unit 403: being used for, and first ciphertext and the second ciphertext, second ciphertext are adopted by the label
With the minimum Encryption Algorithm, and first random number encryption is obtained using the shared key, if first ciphertext
Identical as second ciphertext, then the label passes through the reader authentication;
Second transmission unit 404: for third ciphertext to be sent the reader, the third ciphertext is adopted by the label
With minimum Encryption Algorithm, and second random number encryption is obtained using the shared key;
Database in the system includes acquiring unit and transmission unit, refers to Fig. 5, is specifically included:
Acquiring unit 501, it is corresponding total that the token information for being sent according to the reader obtains the label
Enjoy key;
Transmission unit 502, for the shared key, the first random number and the second random number to be sent the reader,
First random number is generated with second random number by the database;
Reader in the system includes that encryption unit, transmission unit and comparing unit are specifically included referring to Fig. 6:
Encryption unit 601 for using minimum Encryption Algorithm, and adds first random number using the shared key
It is close to obtain the first ciphertext;
Transmission unit 602, described in sending first random number, second random number and first ciphertext
Label;
Comparing unit 603, for the third ciphertext and the 4th ciphertext, the 4th ciphertext is adopted by the reader
With the minimum Encryption Algorithm, and second random number encryption is obtained using the shared key, if the third ciphertext
Identical as the 4th ciphertext, then reader passes through the smart-tag authentication.
Optionally, in the embodiment of the present invention, the computing unit 401 in the system label is using hash algorithm to label mark
Know symbol to be calculated with smart-tag authentication code, when obtaining token information, specifically include:
Splicing module spells the label identifier and the smart-tag authentication code for being accorded with using string-concatenation
It connects, obtains splicing character;
Computing module obtains the token information for calculating the splicing character using the hash algorithm.
Optionally, in the embodiment of the present invention, the acquiring unit 501 is believed according to the token that the reader is sent
When breath obtains the label corresponding shared key, specifically include:
Receiving module, for receiving the token information of reader transmission;
Searching module, for searching call number corresponding with the token information from storage table, the storage table is every
A label reserves two pairs of call numbers and token information, believes in two pairs of call numbers and token information comprising the token that label is sent
Breath, the storage table save in the database;Call number module is obtained, for obtaining the corresponding index of the token information
Number;
Shared key module is obtained, for obtaining shared key corresponding with the call number using the call number.
Optionally, in the embodiment of the present invention, the database further include:
Computing unit, for calculating the exclusive or of the call number and the first random number as a result, first random number is by counting
It is generated according to library;
Updating unit, for updating storage another pair call number and token information in table using the exclusive or result.
Present system embodiment discloses a kind of system of two-way authentication between reader and label in RFID system, this is
System passes through the acquisition in database by computing unit, the first transmission unit, comparing unit and the second transmission unit in label
Unit and transmission unit and encryption unit, transmission unit and comparing unit in reader realize pair of reader and label
To certification.
Embodiment 4
The embodiment of the invention discloses it is a kind of using RFID system realize reader obtain label data system, referring to
Fig. 7, the reader in the system further include:
Radio frequency signal unit 701 is sent, for sending radio frequency signal to the label, the label is integrated in
In target object;
It obtains target object data unit 702 and obtains the target object for the feedback signal according to the label
Data.
Present system embodiment discloses a kind of system for realizing that reader obtains label data using RFID system, should
System realizes the two-way authentication between reader and label first;Then, after by two-way authentication, reader obtains the number in label
According to.
It should be noted that all the embodiments in this specification are described in a progressive manner, each embodiment weight
Point explanation is the difference from other embodiments, and the same or similar parts between the embodiments can be referred to each other.
For device class embodiment, since it is basically similar to the method embodiment, so being described relatively simple, related place ginseng
See the part explanation of embodiment of the method.
Finally, it is to be noted that, herein, relational terms such as first and second and the like be used merely to by
One entity or operation are distinguished with another entity or operation, without necessarily requiring or implying these entities or operation
Between there are any actual relationship or orders.Moreover, the terms "include", "comprise" or its any other variant meaning
Covering non-exclusive inclusion, so that the process, method, article or equipment for including a series of elements not only includes that
A little elements, but also including other elements that are not explicitly listed, or further include for this process, method, article or
The intrinsic element of equipment.In the absence of more restrictions, the element limited by sentence "including a ...", is not arranged
Except there is also other identical elements in the process, method, article or apparatus that includes the element.
The foregoing description of the disclosed embodiments enables those skilled in the art to implement or use the present invention.
Various modifications to these embodiments will be readily apparent to those skilled in the art, as defined herein
General Principle can be realized in other embodiments without departing from the spirit or scope of the present invention.Therefore, of the invention
It is not intended to be limited to the embodiments shown herein, and is to fit to and the principles and novel features disclosed herein phase one
The widest scope of cause.
Claims (10)
1. a kind of method for realizing reader and smart-tag authentication in RFID system, which is characterized in that the method application of the certification
In RFID system, the RFID system includes reader, label and database, and the database is close with sharing with the label
Key, this method comprises:
The label calculates label identifier and smart-tag authentication code using hash algorithm, obtains token information;Wherein, institute
Stating token information is that the label is calculated after receiving the querying command that the reader is sent;
Token information is sent to the reader by the label;
The database root obtains the corresponding shared key of the label according to the token information that the reader is sent;
The shared key, the first random number and the second random number are sent to the reader by the database, and described first
Random number is generated with second random number by the database;
The reader uses minimum Encryption Algorithm, and obtains first to first random number encryption using the shared key
Ciphertext;
First random number, second random number and first ciphertext are sent to the label by the reader;
Label first ciphertext and the second ciphertext, second ciphertext use the minimum encryption by the label
Algorithm, and first random number encryption is obtained using the shared key, if first ciphertext and second ciphertext
Identical, then the label passes through the reader authentication;
Third ciphertext is sent to the reader by the label, and the third ciphertext is calculated by the label using minimum encryption
Method, and second random number encryption is obtained using the shared key;
The reader third ciphertext and the 4th ciphertext, the 4th ciphertext is by the reader using described minimum
Encryption Algorithm, and second random number encryption is obtained using the shared key, if the third ciphertext and the described 4th
Ciphertext is identical, then reader passes through the smart-tag authentication.
2. the method according to claim 1, wherein the label is using hash algorithm to label identifier and mark
It signs authentication code to calculate, obtains token information, comprising:
The label is accorded with using string-concatenation, is spliced to the label identifier and the smart-tag authentication code, is spelled
Connect character;
The label calculates the splicing character using the hash algorithm, obtains the token information.
3. the method according to claim 1, wherein the database root is believed according to the token that the reader is sent
Breath obtains the corresponding shared key of the label, comprising:
The database receives the token information that reader is sent;
The database searches call number corresponding with the token information from storage table, and the storage table is that each label is pre-
Two pairs of call numbers and token information are stayed, the token information sent in two pairs of call numbers and token information comprising label is described
Storage table saves in the database;
The database obtains the corresponding call number of the token information;
Call number described in the data base manipulation obtains shared key corresponding with the call number.
4. the method according to claim 1, wherein further include:
The exclusive or of the database computation index number and the first random number is as a result, first random number is generated by database;
Exclusive or result described in the data base manipulation updates storage another pair call number and token information in table.
5. the method according to claim 1, wherein further include:
The reader sends radio frequency signal to the label, and the label is integrated in target object;
The reader obtains the data of the target object according to the feedback signal of the label.
6. a kind of system for realizing reader and smart-tag authentication in RFID system, which is characterized in that the system comprises: it reads
Device, label and database, the database and the label have shared key, and the label includes computing unit, the first hair
Unit, comparing unit and the second transmission unit are sent, the computing unit is used for using hash algorithm to label identifier and label
Authentication code is calculated, and token information is obtained;Wherein, the token information is that the label is receiving the reader transmission
It is calculated after querying command;First transmission unit is used to token information being sent to the reader;The comparison
For unit for comparing the first ciphertext and the second ciphertext, second ciphertext uses minimum Encryption Algorithm by the label, and uses
The shared key obtains the first random number encryption, if first ciphertext is identical as second ciphertext, the label
The reader authentication is passed through;Second transmission unit is used to third ciphertext being sent to the reader, the third
Ciphertext uses minimum Encryption Algorithm by the label, and is obtained using the shared key to the second random number encryption;
The database includes acquiring unit and transmission unit, and the acquiring unit is used for according to reader transmission
Token information obtains the corresponding shared key of the label;The transmission unit is used for the shared key, the first random number
It is sent to the reader with the second random number, first random number is generated with second random number by the database;
The reader includes encryption unit, transmission unit and comparing unit, and the encryption unit is used to calculate using minimum encryption
Method, and the first ciphertext is obtained to first random number encryption using the shared key;The transmission unit is used for will be described
First random number, second random number and first ciphertext are sent to the label;The comparing unit is for comparing institute
Third ciphertext and the 4th ciphertext are stated, the 4th ciphertext uses the minimum Encryption Algorithm by the reader, and described in use
Shared key obtains second random number encryption, if the third ciphertext is identical as the 4th ciphertext, reader pair
The smart-tag authentication passes through.
7. system according to claim 6, which is characterized in that the computing unit specifically includes:
Splicing module is spliced the label identifier and the smart-tag authentication code, is obtained for being accorded with using string-concatenation
To splicing character;
Computing module obtains the token information for calculating the splicing character using the hash algorithm.
8. system according to claim 6, which is characterized in that the acquiring unit specifically includes:
Receiving module, for receiving the token information of reader transmission;
Searching module, for searching call number corresponding with the token information from storage table, the storage table is each mark
Reserved two pairs of call numbers and token information are signed, includes the token information that label is sent in two pairs of call numbers and token information,
The storage table saves in the database;
Call number module is obtained, for obtaining the corresponding call number of the token information;
Shared key module is obtained, for obtaining shared key corresponding with the call number using the call number.
9. system according to claim 6, which is characterized in that database further includes computing unit and updating unit, specifically
For:
Computing unit, the exclusive or for computation index number and the first random number is as a result, first random number is generated by database;
Updating unit, for updating storage another pair call number and token information in table using the exclusive or result.
10. system according to claim 6, which is characterized in that reader further include send radio frequency signal unit with
Target object data unit is obtained, is specifically used for:
Radio frequency signal unit is sent, for sending radio frequency signal to the label, the label is integrated in target pair
As in;
It obtains target object data unit and obtains the data of the target object for the feedback signal according to the label.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710053713.8A CN106845304B (en) | 2017-01-22 | 2017-01-22 | A kind of method and system for realizing reader and smart-tag authentication in RFID system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710053713.8A CN106845304B (en) | 2017-01-22 | 2017-01-22 | A kind of method and system for realizing reader and smart-tag authentication in RFID system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN106845304A CN106845304A (en) | 2017-06-13 |
| CN106845304B true CN106845304B (en) | 2019-03-19 |
Family
ID=59120472
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201710053713.8A Active CN106845304B (en) | 2017-01-22 | 2017-01-22 | A kind of method and system for realizing reader and smart-tag authentication in RFID system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN106845304B (en) |
Families Citing this family (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108520189B (en) * | 2018-03-28 | 2020-01-31 | 西安电子科技大学 | Elliptic curve radio frequency identification authentication method based on resource limited label |
| CN109040120A (en) * | 2018-09-13 | 2018-12-18 | 南京工程学院 | A kind of SV message encryption and decryption method based on IEC61850 standard |
| CN109981264B (en) * | 2019-03-11 | 2020-08-04 | 北京纬百科技有限公司 | Application key generation method and cipher machine equipment assembly |
| CN111064577A (en) * | 2019-12-03 | 2020-04-24 | 支付宝(杭州)信息技术有限公司 | Security authentication method and device and electronic equipment |
| CN111046413B (en) * | 2019-12-28 | 2023-09-12 | 芯动微电子科技(珠海)有限公司 | RFID communication method and system |
| CN112437101B (en) * | 2021-01-28 | 2021-04-09 | 北京电信易通信息技术股份有限公司 | Method for safely logging in computer |
| CN113184647B (en) * | 2021-04-27 | 2022-11-22 | 安徽师范大学 | Contactless elevator system based on RFID |
| CN114024750B (en) * | 2021-11-05 | 2023-11-28 | 北京天融信网络安全技术有限公司 | Gateway access authentication method and device |
| CN114039727A (en) * | 2021-12-09 | 2022-02-11 | 施耐德电气(中国)有限公司 | Data transmission method and device, intelligent terminal and gateway equipment |
| CN113992445B (en) * | 2021-12-28 | 2022-04-19 | 广东曜芯科技有限公司 | Authentication apparatus and method |
| CN115118527B (en) * | 2022-08-26 | 2022-11-25 | 深圳市成为信息股份有限公司 | Bidirectional authentication method for ultrahigh frequency module and PDA and related equipment |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101488854A (en) * | 2008-01-18 | 2009-07-22 | 华为技术有限公司 | Wireless RFID system authentication method and apparatus |
| CN101667255A (en) * | 2008-09-04 | 2010-03-10 | 华为技术有限公司 | Security authentication method, device and system for radio frequency identification |
| CN102510335A (en) * | 2011-11-10 | 2012-06-20 | 西北工业大学 | RFID (Radio Frequency Identification Device) mutual authentication method based on Hash |
| KR20120100434A (en) * | 2011-03-04 | 2012-09-12 | 한양대학교 산학협력단 | Method and apparatus for lightweight mutual authentification of rfid using group id |
| CN102945379A (en) * | 2012-06-27 | 2013-02-27 | 无锡北邮感知技术产业研究院有限公司 | Offline type bidirectional authentication method for card reader and label in RFID (radio frequency identification device) system |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US9773133B2 (en) * | 2014-08-01 | 2017-09-26 | Impinj, Inc. | RFID tag and reader characteristic determination using group keys |
-
2017
- 2017-01-22 CN CN201710053713.8A patent/CN106845304B/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101488854A (en) * | 2008-01-18 | 2009-07-22 | 华为技术有限公司 | Wireless RFID system authentication method and apparatus |
| CN101667255A (en) * | 2008-09-04 | 2010-03-10 | 华为技术有限公司 | Security authentication method, device and system for radio frequency identification |
| KR20120100434A (en) * | 2011-03-04 | 2012-09-12 | 한양대학교 산학협력단 | Method and apparatus for lightweight mutual authentification of rfid using group id |
| CN102510335A (en) * | 2011-11-10 | 2012-06-20 | 西北工业大学 | RFID (Radio Frequency Identification Device) mutual authentication method based on Hash |
| CN102945379A (en) * | 2012-06-27 | 2013-02-27 | 无锡北邮感知技术产业研究院有限公司 | Offline type bidirectional authentication method for card reader and label in RFID (radio frequency identification device) system |
Non-Patent Citations (2)
| Title |
|---|
| 低成本RFID安全协议研究;欧阳常青;《中国优秀硕士学位论文全文数据库 信息科技辑》;20120215;第30-44页 |
| 基于Hash函数和对称算法的RFID安全协议研究;刘永科;《中国优秀硕士学位论文全文数据库 信息科技辑》;20161215;第21-40页 |
Also Published As
| Publication number | Publication date |
|---|---|
| CN106845304A (en) | 2017-06-13 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN106845304B (en) | A kind of method and system for realizing reader and smart-tag authentication in RFID system | |
| CN103795543B (en) | A kind of secure two-way authentication method for rfid system | |
| CN101847199B (en) | Security authentication method for radio frequency recognition system | |
| CN103065168B (en) | A kind of electronic tag method for anti-counterfeit and system | |
| CN103413109B (en) | A kind of mutual authentication method of radio frequency identification system | |
| CN102034123B (en) | RFID (Radio Frequency Identification) triple safety certification method based on label ID (Identification) random division | |
| CN103279775B (en) | Ensure that secret and the rfid system of data integrity and its implementation | |
| CN101645899B (en) | Bidirectional authentication method and system based on symmetric encipherment algorithm | |
| CN104184733B (en) | A kind of RFID lightweight mutual authentication methods encoded based on CRC | |
| CN104115442B (en) | RFID bidirectional authentication method based on asymmetric secret key and Hash function | |
| CN101882197B (en) | RFID (Radio Frequency Identification Device) inquiring-response safety certificate method based on grading key | |
| CN103957186B (en) | Method for effectively transferring label ownership in RFID system | |
| CN110147666B (en) | Lightweight NFC identity authentication method in scene of Internet of things and Internet of things communication platform | |
| CN101923654B (en) | Ultrahigh frequency reader-writer suitable for remote security control by different users | |
| CN103532718A (en) | Authentication method and authentication system | |
| CN110381055A (en) | RFID system privacy-protection certification protocol method in healthcare supply chain | |
| Alagheband et al. | Unified privacy analysis of new‐found RFID authentication protocols | |
| CN110190966A (en) | A kind of wireless radio frequency identification mark ownership transfer method based on cloud storage | |
| Jäppinen et al. | Enhanced RFID security method with ownership transfer | |
| CN101488179A (en) | Authentication method and apparatus for wireless radio frequency recognition system | |
| CN103218633B (en) | A kind of RFID safety authentication | |
| CN104579688B (en) | It is a kind of based on Hash function can synchronized update key RFID mutual authentication method | |
| CN107040363B (en) | Lightweight RFID ownership transfer method and system based on chaotic encryption | |
| CN102684872A (en) | Safety communication method for ultrahigh frequency radio-frequency identification air interface based on symmetrical encryption | |
| CN103152181A (en) | RFID (radio frequency identification devices) data encryption method |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |