CN109067706A - Lightweight RFID method for secret protection, wireless communication system under scenes of internet of things - Google Patents
Lightweight RFID method for secret protection, wireless communication system under scenes of internet of things Download PDFInfo
- Publication number
- CN109067706A CN109067706A CN201810692784.7A CN201810692784A CN109067706A CN 109067706 A CN109067706 A CN 109067706A CN 201810692784 A CN201810692784 A CN 201810692784A CN 109067706 A CN109067706 A CN 109067706A
- Authority
- CN
- China
- Prior art keywords
- label
- reader
- server
- new
- mark
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0407—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the identity of one or more communicating identities is hidden
- H04L63/0421—Anonymous communication, i.e. the party's identifiers are hidden from the other party or parties, e.g. using an anonymizer
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6245—Protecting personal data, e.g. for financial or medical purposes
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06K—GRAPHICAL DATA READING; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
- G06K17/00—Methods or arrangements for effecting co-operative working between equipments covered by two or more of main groups G06K1/00 - G06K15/00, e.g. automatic card files incorporating conveying and reading operations
- G06K17/0022—Methods or arrangements for effecting co-operative working between equipments covered by two or more of main groups G06K1/00 - G06K15/00, e.g. automatic card files incorporating conveying and reading operations arrangements or provisious for transferring data to distant stations, e.g. from a sensing device
- G06K17/0029—Methods or arrangements for effecting co-operative working between equipments covered by two or more of main groups G06K1/00 - G06K15/00, e.g. automatic card files incorporating conveying and reading operations arrangements or provisious for transferring data to distant stations, e.g. from a sensing device the arrangement being specially adapted for wireless interrogation of grouped or bundled articles tagged with wireless record carriers
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0807—Network architectures or network communication protocols for network security for authentication of entities using tickets, e.g. Kerberos
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- General Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Computer Networks & Wireless Communication (AREA)
- Computing Systems (AREA)
- Signal Processing (AREA)
- Theoretical Computer Science (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Health & Medical Sciences (AREA)
- Medical Informatics (AREA)
- Databases & Information Systems (AREA)
- Software Systems (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
The invention belongs to wireless communication technology field, lightweight RFID method for secret protection, the wireless communication system under a kind of scenes of internet of things are disclosed, reader generates a random number, and issues label together with inquiry request information;Result is fed back into reader, reader receives after information along with random number issues server together;Server is according to the information matches received;Reader solves identity and random number from encryption information, sends encrypted relevant information to label;Label checks the legitimacy of data, calculates updated session key number;Reader realizes the synchronized update of K compared with carrying out after gradually receiving more new information with server;Encrypted new session key number is gradually sent to label by server;The mark of label change record protocol current schedules;So far, agreement is completed.The present invention can realize the function of hash method to a certain extent;The computing cost of system is reduced, the lightweight so that agreement more becomes.
Description
Technical field
The invention belongs to the lightweight RFID privacy guarantors under wireless communication technology field more particularly to a kind of scenes of internet of things
Maintaining method, wireless communication system.
Background technique
Currently, the prior art commonly used in the trade is such that radio frequency identification (RFID) is a kind of novel wireless communication skill
Art is commonly used for identifying specific target and reads data by radio signal automatic remote.It has non-contact, automatic knowledge
Not, rapidly and efficiently the characteristics of, in authentication, access control system, library, traffic, the fields such as logistics management are widely used.
With the fast development of big data and cloud computing technology, Internet of Things (IoT) has gradually come into people's lives, as its name institute
As hint, Internet of Things means " all things on earth interconnection ".The concept of Internet of Things is to be proposed by Massachusetts Polytechnics in 1999,
In this system, all equipment is all connect with Internet, and to realize certain function, these equipment may be intelligence
Mobile phone, vehicle, sensor, wearable device etc..As the core technology of Internet of Things, RFID is during World War II
Existing blank, it is used for the identification of friend or foe on aircraft.This is a kind of contactless automatic identification technology.It passes through wireless
The road electricity Pin identifies object and access associated data in the case where no human intervention.RFID system is usually made of 3 parts,
RFID tag, reader, back-end server.Wherein as the RFID tag of data medium usually together with target object,
RFID reader can be commonly used in the communication data of storage and processing system with read write tag, back-end server.A whole set of RFID frame
Structure possesses that data storage capacity is big, and read-write property is strong, and penetration power is strong, and reading/writing distance is remote, and reading rate is fast, long service life, ring
The features such as border adaptability is good.As a classical scene of Internet of Things, last decade is quite closed in medical field RFID technique
Note.Due to the outstanding information collecting capacity of RFID, it is commonly used for the location tracking of medical assets, newborn and patient identification,
Medical treatment tracking and verifying, the patient information management of medical centre and surgical procedure management.Hospital is attached to by reader collection
Medical Devices instrument and the label information with patient, are then communicated by terminal with server.This is improved
The efficiency of personnel and equipment management under medical scene, while but also process becomes more intelligent.Although RFID technique exists
There are huge potentiality in terms of improving the case control in healthcare supply chain, but be also faced with the huge wind of medical privacy compromise
Danger.Medical privacy is related with the health and privacy information of patient.Once leakage, not only brings to associated mechanisms such as hospitals huge
Economic loss and credibility loss, and potential hazard is caused to patient, or even jeopardize the life of patient, this will seriously damage patient
Healthy growth.Therefore, while improving clinical workflow management using RFID technique, it is also to be ensured that the peace of medical privacy
Quan Xing.RFID system there are two types of typical architecture, one is the connection between server and reader be it is wired, therefore
Reader is fixed from movement, another kind be connection server and reader be it is wireless, reader is portable.First
Special cable connection between reader and server in kind of architecture mode, thus channel be considered as it is safe, and second
A channel is considered unsafe due to the wireless connection between server and card reader.However, with mobile Internet
Fast development, second of RFID system framework have become mainstream, this is also that emphasis is needed to consider under medical scene.In addition,
In both frameworks, the safety for considering front end communication between RFID tag and reader is required.RFID technique is in medical treatment
The management that the application in field means to ensure that the medical information for reliably and securely accessing patient combines sensitive information is very
It is necessary to.Therefore, RFID system needs to meet safety certification and communication between server and label.Simultaneously, it is necessary to ensure that
The privacy-sensitive information of user will not be revealed.In addition, RFID certification is the main method for making RFID system safety and protecting privacy.
It can be seen that authentication protocol is very important in wireless communications.About RFID authentication protocol, researchers at home and abroad are
Research it is very deep, the prior art first is that a kind of bidirectional identification protocol, the agreement ensure synchronous and anti-replay-attack and
Meet 1 Generation of EPC Class, 2 standard, but it lacks the anonymity of RFID tag, this is in medical system to pass
Important, the safety of the anonymity and vital sign of patient identity is closely related;The prior art is second is that a kind of RFID based on cloud
Agreement, it is with good expansibility and storage performance, and the prior art is third is that a kind of authentication techniques are primarily focused in label
On authenticated using less resource, even if but system possesses less performance cost, still can not provide use for label
Family provides label anonymity protection service.In short, these agreements all lack the anonymity protection to label information.Meet RFID in design
When the proper protocol of system architecture demand, the safety communicated between label and card reader is not only considered, it is necessary to consider
Consider the safety between server and reader.In addition, for the ease of future deployment, it is necessary to design an inexpensive RFID
Tag system, and entire framework is also required to lightweight, the use of some shirtsleeve operations is indispensable.Importantly, being
Safety problem under special medical environment, system need to have certain protective capacities, such as anti-interference, label anonymity etc..Cause
This, the design one lightweight RFID protocol being suitable under the especially medical scene of Internet of Things combines the anti-of privacy information
Shield is the research direction for needing to pay close attention to instantly.
In conclusion problem of the existing technology is: existing RFID authentication protocol, which lacks, protects the anonymity of label.
This is because in previous security model, reader and back-end server in system be considered as it is completely believable, but
The participant of agreement and non-fully credible in practice, during completing agreement, they can may also collect label privately
Information is analyzed, and then obtains the user's habit and behavior of label owner, it can be seen that is hidden label information
Name protection is necessary.
Solve the difficulty and meaning of above-mentioned technical problem: how to realize to authenticate under conditions of label is anonymous inherently has
Certain difficulty, realize that such function generally requires unidirectional hash function, but hash function uses and can make system
Performance cost become larger.The lightweight of simultaneity factor often brings safety issue, such as Replay Attack.Therefore how to guarantee
While label anonymity and safety, so that system more becomes, lightweight is the problem of highly research.
Summary of the invention
In view of the problems of the existing technology, the present invention provides the lightweight RFID privacy guarantors under a kind of scenes of internet of things
Maintaining method, wireless communication system.
The invention is realized in this way the lightweight RFID method for secret protection under a kind of scenes of internet of things, the Internet of Things
Lightweight RFID method for secret protection under net scene includes: that the reader of radio frequency identification system generates a random number
Nr, and label is issued together with inquiry request information Query;Label sets the value of Mark " 00 ", presentation protocol session start.
Cro () is a kind of our customized One-Way Encryption operations, this operation has a novelty, and K is that 3 sides are total to when agreement starts
Code key is enjoyed, we encrypt tag identity informationAnd result is fed back into reader, reader receives letter
N is added after breathRServer is issued together;Server carries out match query according to the encryption information received in the database,
If it is successful, generating NSEncryption information is sent simultaneouslyAnd
To reader;Reader can solve TID and N from encryption informationS, and pass through calculatingWith connect
Whether safely the value received is compared verifying communication, finally sends encrypted TID and NSRelevant information is to label;Label inspection
The legitimacy for looking into data, calculates Knew, and the message for updating shared code key K is sent to reader;Reader update is shared secret
Key K is KnewAfterwards, the message of update is also sent to server, final three realizes the synchronized update of K;Server later
By encrypted KnewIt is gradually sent to label, if KnewIdentical, it is " 01 " that label, which sets Mark, and expression K consistent updates are Knew;
Label sends encrypted informationThe K for notifying server new is consistent, and server, which is recorded in time and returned, successfully to be believed
Breath;It is " 10 " that label, which changes Mark, and presentation protocol is completed.
Further, the lightweight RFID method for secret protection under the scenes of internet of things the following steps are included:
(1) reader generates a random number NR, initialization requests information Query, and by itself and NRIt is sent to mark together
Label;
(2) label receives NRAfterwards, the value of Mark is set into " 00 ";Label calculatesAnd by it and NT
Send jointly to reader;Reader receives them and N after messageRIt is sent collectively to server;
(3) server receives NRAnd NT, then according to the index value receivedIt is corresponding in Searching I DT
Index content;If be not matched to, then it represents that index value is problematic, and agreement stops;If being matched to content, then it represents that on
Secondary session is correctly completed, and agreement continues;Server end generates NS, after completing operation, server is sent simultaneouslyAndTo reader;
(4) reader checks TID and obtains NS, according to Hamming weightWithIt can calculate
TII, while passing through progressXOR operation obtain NS;Local computingIt will receive
To value be compared with it;If it is identical, then calculateWithAnd it is sent to label;
(5) label receives NSAfterwards, it can incite somebody to actionAnd NRXOR operation is carried out, checks whether TID is legal;Label is gathered around at this time
There are three random number NsT, NR, NS.More new session key K later, is recorded as Knew, by
In first time session, K is the default value shared by label, reader and server;Label will
It is sent to reader;
(6) it after reader receives message, calculatesAnd by itself and reception
It arrivesCompare;If they are equal, K is updated to Knew;Then reader willIt is sent to server, server updates K in the same way;The K of last three is updated to
Knew;
(7) server update KnewAfterwards, it can incite somebody to actionIt is sent to reader, reader can be also forwarded
To label;It willObtained KnewIt is compared with original value, if identical, Mark can be set
For " 01 ", synchronously completing about K is recorded;
(8) it after the Mark of label is set to " 01 ", can be incited somebody to action by readerIt is transmitted to server, server solution
It Mark and is checked out;If its value is " 01 ", server knows that new K is consistent, and generates one newly
Record, be added to IDT, send label for the notice being successfully updated later, the Mark value marked is set " 10 " by label,
Realize certification with it is synchronous.
Further, reader includes pseudo-random number generator, cross-mixing logic fortune in the step (1) and step (2)
Module, cycle shift unit are calculated, while storing current session key K and the identity RID of itself;Wherein read
Device, label, the K of server are identical
Further, the label cross-mixing logical operation module in the step (2), has recorded the operation progress of agreement:
(1) label calculatesAnd by it and NTSend jointly to reader;
(2) label carrys out the progress of record protocol using 2 Mark marks.
Further, the server in the step (3), include pseudo-random number generator, cross-mixing logical operation module,
Cycle shift unit, while storing current session key K;Server also maintains an IDT index data table;Service
Device receive first close information after, inquire IDT in index whether have corresponding data, if being matched to data, send encryption data to
Reader.Specific step is as follows:
(1) server receives NRAnd NT, while according to receivingSearch whether exist in IDT
Corresponding index content;
(2) pseudo-random number generator generates NS, the calculating of cross-mixing logical operation moduleWith
AndIt is sent to reader.
Further, the label in the step (5) utilizes label, reader, 3 random numbers that server generates, label
The K of storage is updated and is denoted as Knew, wherein
Communication tripartite in the step (6), passes through calculatingWhether withThe equal synchronized update to realize three K.
Further, the label in the step (8), come record protocol progress and notifies server sync by the value of Mark
Completion specifically includes:
(1) label willObtained KnewIt is compared with original value, if identical,
Mark can be set to " 01 ";
(2) label willReader is issued, reader forwards messages to server again;
(3) server solves Mark and is checked, if its value is " 01 ", server is known about Knew's
Synchronization has succeeded;
(4) relevant information is added in IDT concordance list by server, later sends out the notice being successfully updated by reader
It is sent to label;
(5) label receives the information being successfully updated, and sets the Mark value marked to " 10 ", agreement is completed.
Another object of the present invention is to provide a kind of lightweight RFID secret protections realized under the scenes of internet of things
Lightweight RFID intimacy protection system under the scenes of internet of things of method, the lightweight RFID privacy under the scenes of internet of things are protected
Protecting system includes:
Label: label includes transceiver module, power supply module, control module, memory module, antenna;Label is sent out by antenna
The radio frequency signal penetrated is communicated with reader;
Reader: including transceiver module, control module, interface module, antenna;Reader can be by wireless network with after
End server is communicated, and can also carry out relevant operation to label using wireless channel by antenna;
Server: storing the identity information and all data of label, and the communication with label can be also completed by reader.
Another object of the present invention is to provide a kind of lightweight RFID secret protections using under the scenes of internet of things
The wireless communication system of method.
In conclusion advantages of the present invention and good effect are as follows: the present invention not only allows between label and server
Two-way authentication, while certification also is realized in reader and server, it ensure that the legitimacy and communication of system each side identity
The reliability of information.It is of the invention that anonymous processing carried out to label, the not id information of plaintext transmission label in conversation procedure,
Anonymity can help label to realize privacy of identities protection.For attacker, even if they illegally obtain relevant information,
They can not also determine the identity of label.
Session key K is updated in an orderly manner in the present invention, and ensures consistency by verifying validity.Furthermore I
Be provided with can store 2 information Mark mark, for recording the synchronous regime of current system, be simple and efficient;Solves mistake
Stationary problem.Label generates N in the present inventionT, reader generation NR, server generation NS, these numbers all can be in new communication
It changes, the K that K is communicated by the last timenewIt determines.It can not be to system even if attacker obtains these information in some way
Safety impact, it can be seen that system have preventing playback attack ability.
Changes will occur for session code key number after legitimate conversation each time of the invention, while the random number in session every time
It is irregular, even if attacker obtains the N in current sessions in some wayT, NR, NS, still can not be to can next time
Words are made prediction and are attacked, it may be said that method of the invention is forward secrecy.Server uses a kind of simple in the present invention
Novel data storage method again, is matched using a group index value with index content.This can substantially reduce opening of communicating every time
Pin, so that system will not be easily by DoS attack
Server uses a kind of simple and novel data ciphering method cross in the present invention, is a kind of lightweight
Cross-mixing logical operation can realize the function of hash method to a certain extent;The computing cost of system is reduced, so that
Agreement more becomes lightweight.
Detailed description of the invention
Fig. 1 is the lightweight RFID method for secret protection flow chart under scenes of internet of things provided in an embodiment of the present invention.
Fig. 2 is the illustraton of model of radio frequency identification system provided in an embodiment of the present invention.
Fig. 3 is the lightweight RFID method for secret protection implementation process under scenes of internet of things provided in an embodiment of the present invention
Figure.
Fig. 4 is the application architecture figure provided in an embodiment of the present invention in medical intimacy protection system.
Specific embodiment
In order to make the objectives, technical solutions, and advantages of the present invention clearer, with reference to embodiments, to the present invention
It is further elaborated.It should be appreciated that the specific embodiments described herein are merely illustrative of the present invention, it is not used to
Limit the present invention.
The present invention according to the safety issue for requirement and existing RFID protocol under scenes of internet of things to secret protection,
It is proposed a kind of lightweight method for secret protection of low overhead;By taking specific medical secret protection scene as an example, medical treatment is realized
The anonymity of tag identity, synchronous consistency under RFID system;The attack that common type can be resisted is met to anonymous privacy
Current demand.
Application principle of the invention is explained in detail with reference to the accompanying drawing.
As shown in Figure 1, the lightweight RFID method for secret protection under scenes of internet of things provided in an embodiment of the present invention includes
Following steps:
S101: the reader of radio frequency identification system generates a random number, and issues together with inquiry request information
Label;
S102: label sets the value of random number, then calculates and result is fed back to reader, after reader receives information
Along with random number issues server together;
S103: server is according to the information matches received, if it is successful, generating random number and sending encryption information to readding
Read device;
S104: reader can solve identity and random number from encryption information, and verified and led to by relevant calculation
Whether letter is safe, finally sends encrypted relevant information to label;
S105: label checks the legitimacy of data, calculates updated session key number, and update is communicated each time
The message for the session key that can all change afterwards is sent to reader and is further sent to server;
S106: compared with reader carries out after gradually receiving more new information with server, final three realizes the synchronization of K
It updates;
S107: encrypted new session key number is gradually sent to label by server, if new session key number
Identical, label sets the mark of record protocol current schedules;
S108: the new session key for indicating all change after communicating each time of label notice server is consistent, server
It records and returns success in time;The mark of label change record protocol current schedules;So far, agreement is completed.
Application principle of the invention is further described with reference to the accompanying drawing.
As shown in Fig. 2, the RFID intimacy protection system for the lightweight that the present invention uses is taken by RFID tag, reader and cloud
Business device composition.Wherein have:
Label: label is mainly by transceiver module, power supply module, control module, memory modules, a few part compositions such as antenna.
Label is communicated by the radio frequency signal that antenna emits with reader.
Reader: mainly by transceiver module, control module, interface module, a few part compositions of antenna.Reader can pass through
Wireless network is communicated with back-end server, can also carry out relevant operation to label using wireless channel by antenna.
Server: storing the identity information and all data of label, and the communication with label can be also completed by reader.
The present invention is the simple authentication method between reader and server, between label and server, and only communication is each
Side can just carry out efficient communication by identification safety authentication.
Primary condition:
Comprising pseudo-random number generator, cross-mixing logical operation module in label, while it is close to store current session
The key K and identity TID of itself.
Reader includes pseudo-random number generator, cross-mixing logical operation module, and cycle shift unit stores simultaneously
Current session key K and the identity RID of itself.
In Cloud Server include pseudo-random number generator, cross-mixing logical operation module, cycle shift unit, simultaneously
Store current session key K.Server also maintains an IDT index data table.
Method for secret protection in the present invention reduces while the anonymous privacy information protection for solving the problems, such as system and is
The performance cost of system, and number of communications have ensured under medical system fast and safely efficient demand.
As shown in figure 3, specific implementation step of the invention is as follows:
Step 1, reader generates a random number NR, and initialization requests information Query, and by itself and NRIt sends together
To label.
Step 2, label receives NRAfterwards, the value of Mar is set " 00.Then label calculatesAnd it will
It and NTSend jointly to reader.Reader receives them and N after messageRIt is sent collectively to server.
Step 3, server responds the message of reader:
3a) server receives NRAnd NT, then according to the index value receivedIt is corresponding in Searching I DT
Index content.If being not matched to indicates that index value is problematic, agreement stops, if content can be matched to, then it represents that
Last session is correctly completed, and is continued in next step;
3b) server generates NS, server calculates and sendsAnd
To reader.
Step 4, reader handles the information received:
4a) reader is according to Hamming weightWithTID can be calculated, whether checks TID
Correctly, pass through simultaneouslyXOR operation solve NS;
4b) local computingThe value received is compared with it.If it is identical, then count
It calculatesWithFinally they are sent to label.
Step 5, label receives NSAfterwards, it can incite somebody to actionAnd NRXOR operation is carried out, checks whether TID is legal.Label at this time
Random number there are three gathering around, NT, NR, NS.Then more new session key K, is recorded as Knew, wherein
It is worth noting that, K is the default value shared by label, reader and server in first time session.Last label willIt is sent to reader.
Step 6, it after reader receives message, calculatesAnd by its with connect
It receivesCompare.If they are equal, K is updated to Knew.Then reader willIt is sent to server, server updates K in the same way.The K of last three is updated to
Knew。
Step 7, server update KnewAfterwards, it can incite somebody to actionIt is sent to reader, reader also can be by it
It is transmitted to label.They can be incited somebody to action in this courseObtained KnewWith original value into
Row compares, if identical, Mark can be set to " 01 ", records synchronously completing about K.
Step 8, the work after K is synchronized:
8a) Mark is set to " 01 " by label, then will by readerIt is transmitted to server;
8b) server solves Mark after receiving message and is checked.If its value is " 01 ", server is known
New K is consistent, and generates a new record, is added to IDT.The message being successfully updated is sent out by reader later
It is sent to label;
8c) label receives and sets " 10 " for the value of Mark label after the message being successfully updated.So far, system realizes
It authenticates and synchronous, conversation end.
Symbol description:
RID: the identification information of reader.
TID: the identification information of label.
PRNG (): pseudo-random number generator, for generating random number.
NR: the random number generated in communication process by pseudo-random number generator in reader.
NT: the random number generated in communication process by pseudo-random number generator in label.
NS: the random number generated in communication process by pseudo-random number generator in server.
: it indicates xor operation symbol, executes xor operation for the Bit String to symbol both sides.
Cro (): indicating cross operation, this is a kind of cross-mixing logical operation, for encrypting to data.
Rot (): the cryptographic operation of cyclic shift is indicated.
Mark: the mark of record protocol current schedules is indicated.
K: the key K that this session uses is indicated.
Knew: the key that next session uses.
The Hamming weight of result after indicating K and TID exclusive or.
As shown in figure 4, mainly including label, reader, computing terminal in this general practice system based on RFID
With four parts of Cloud Server.
Label: label can be attached on different types of target object, for perceiving corresponding information, for example be attached to patient
Body surface is attached in medical assets with monitoring its sign data to realize visualized management, is attached on drug packages to reduce medical treatment
Risk, or be attached on medical supplies with Optimized Diagnosis efficiency.
Portable reader and terminal: portable reader can acquire the information perceived on label and be transferred to doctor
The terminal device of institute, is then forwarded to background server.
Server: server is responsible for processing and storage to label acquisition data, can be carried out by reader to label
Management and information collection, while data are provided for the legitimate authorized user on medical system cloud platform and network.
The foregoing is merely illustrative of the preferred embodiments of the present invention, is not intended to limit the invention, all in essence of the invention
Made any modifications, equivalent replacements, and improvements etc., should all be included in the protection scope of the present invention within mind and principle.
Claims (9)
1. the lightweight RFID method for secret protection under a kind of scenes of internet of things, which is characterized in that under the scenes of internet of things
Lightweight RFID method for secret protection includes: that the reader of radio frequency identification system generates a random number N r, and and inquiry
Solicited message Query issues label together;The value of Mark is set " 00 " by label, is then calculatedAnd it will
As a result reader is fed back to, reader adds N after receiving informationRServer is issued together;Server is according to the letter received
Breath matching, if it is successful, generating NSAnd encryption information is sent to reader;Reader can be solved from encryption information TID and
NS, and it is whether safe by relevant calculation verifying communication, encrypted relevant information is finally sent to label;Label checks data
Legitimacy, calculate Knew, and the message for updating K is sent to reader and is further sent to server;Reader and clothes
Business device is compared after gradually receiving more new information, and final three realizes the synchronized update of K;Server will be encrypted
KnewIt is gradually sent to label, if KnewIdentical, it is " 01 " that label, which sets Mark,;The K that label notifies server new is consistent, server
It records and returns success in time;It is " 10 " that label, which changes Mark,;Agreement is completed.
2. the lightweight RFID method for secret protection under scenes of internet of things as described in claim 1, which is characterized in that the object
Lightweight RFID method for secret protection under networking scenario the following steps are included:
(1) reader generates a random number NR, initialization requests information Query, and by itself and NRIt is sent to label together;
(2) label receives NRAfterwards, the value of Mark is set into " 00 ";Label calculatesAnd by it and NTTogether
It is sent to reader;Reader receives them and N after messageRIt is sent collectively to server;
(3) server receives NRAnd NT, then according to the index value receivedCorresponding rope in Searching I DT
Draw content;If be not matched to, then it represents that index value is problematic, and agreement stops;If being matched to content, then it represents that last session
It is correctly completed, agreement continues;Server end generates NS, after completing operation, server is sent simultaneously
AndTo reader;
(4) reader checks TID and obtains NS, according to Hamming weightWithTID can be calculated, together
When pass through progressXOR operation obtain NS;Local computingThe value that will be received
It is compared with it;If it is identical, then calculateWithAnd it is sent to label;
(5) label receives NSAfterwards, it can incite somebody to actionAnd NRXOR operation is carried out, checks whether TID is legal;Label possesses three at this time
A random number NT,NR,NS;More new session key K later, is recorded as Knew, wherein?
In first time session, K is the default value shared by label, reader and server;Label willHair
Give reader;
(6) it after reader receives message, calculatesAnd by its with receiveCompare;If they are equal, K is updated to Knew;Then reader will
It is sent to server, server updates K in the same way;The K of last three is updated to Knew;
(7) server update KnewAfterwards, it can incite somebody to actionIt is sent to reader, reader can also forward it to mark
Label;It willObtained KnewIt is compared with original value, if identical, Mark can be set to "
01 ", synchronously completing about K is recorded;
(8) it after the Mark of label is set to " 01 ", can be incited somebody to action by readerIt is transmitted to server, server solves Mark
And it is checked;If its value is " 01 ", server knows that new K is consistent, and generates a new record,
It is added to IDT, sends label for the notice being successfully updated later, label sets " 10 " for the Mark value marked, realizes
Certification with it is synchronous.
3. the lightweight RFID method for secret protection under scenes of internet of things as claimed in claim 2, which is characterized in that the step
Suddenly reader includes pseudo-random number generator in (1) and step (2), cross-mixing logical operation module, cycle shift unit, together
When store current session key K and the identity RID of itself;Wherein reader, label, the K of server are identical
's.
4. the lightweight RFID method for secret protection under scenes of internet of things as claimed in claim 2, which is characterized in that the step
Suddenly the label cross-mixing logical operation module in (2), has recorded the operation progress of agreement:
(1) label calculatesAnd by it and NTSend jointly to reader;
(2) label carrys out the progress of record protocol using 2 Mark marks.
5. the lightweight RFID method for secret protection under scenes of internet of things as claimed in claim 2, which is characterized in that the step
Suddenly the server in (3), comprising pseudo-random number generator, cross-mixing logical operation module, cycle shift unit stores simultaneously
Current session key K;Server also maintains an IDT index data table;After server receives first pass information, look into
It askes in IDT and indexes whether have corresponding data, if being matched to data, send encryption data to reader.Specific step is as follows:
(1) server receives NRAnd NT, while according to receivingIt searches whether to exist in IDT and correspond to
Index content;
(2) pseudo-random number generator generates NS, cross-mixing logical operation module calculatesAndIt is sent to reader.
6. the lightweight RFID method for secret protection under scenes of internet of things as claimed in claim 2, which is characterized in that the step
Suddenly the label in (5), using label, reader, 3 random numbers that server generates, label is updated the K of storage and is denoted as
Knew, wherein
Communication tripartite in the step (6), passes through calculatingWhether withThe equal synchronized update to realize three K.
7. the lightweight RFID method for secret protection under scenes of internet of things as claimed in claim 2, which is characterized in that the step
Suddenly the label in (8) come record protocol progress and notifies server sync completion to specifically include by the value of Mark:
(1) label willObtained KnewIt is compared with original value, if identical, Mark
" 01 " can be set to;
(2) label willReader is issued, reader forwards messages to server again;
(3) server solves Mark and is checked, if its value is " 01 ", server is known about KnewSynchronization
Succeed;
(4) relevant information is added in IDT concordance list by server, later sends the notice being successfully updated to by reader
Label;
(5) label receives the information being successfully updated, and sets the Mark value marked to " 10 ", agreement is completed.
8. under a kind of scenes of internet of things for the lightweight RFID method for secret protection realized under scenes of internet of things described in claim 1
Lightweight RFID intimacy protection system, which is characterized in that the lightweight RFID intimacy protection system under the scenes of internet of things
Include:
Label: label includes transceiver module, power supply module, control module, memory modules, antenna;Label is emitted by antenna
Radio frequency signal is communicated with reader;
Reader: including transceiver module, control module, interface module, antenna;Reader can be taken by wireless network and rear end
Business device is communicated, and can also carry out relevant operation to label using wireless channel by antenna;
Server: storing the identity information and all data of label, and the communication with label can be also completed by reader.
9. a kind of lightweight RFID method for secret protection using under scenes of internet of things described in claim 1~7 any one
Wireless communication system.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810692784.7A CN109067706A (en) | 2018-06-29 | 2018-06-29 | Lightweight RFID method for secret protection, wireless communication system under scenes of internet of things |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810692784.7A CN109067706A (en) | 2018-06-29 | 2018-06-29 | Lightweight RFID method for secret protection, wireless communication system under scenes of internet of things |
Publications (1)
Publication Number | Publication Date |
---|---|
CN109067706A true CN109067706A (en) | 2018-12-21 |
Family
ID=64817905
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201810692784.7A Pending CN109067706A (en) | 2018-06-29 | 2018-06-29 | Lightweight RFID method for secret protection, wireless communication system under scenes of internet of things |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN109067706A (en) |
Cited By (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110121159A (en) * | 2019-03-29 | 2019-08-13 | 西安电子科技大学 | Lightweight RFID safety authentication, car networking communication system under car networking scene |
CN110381055A (en) * | 2019-07-16 | 2019-10-25 | 徐州医科大学 | RFID system privacy-protection certification protocol method in healthcare supply chain |
CN113014383A (en) * | 2021-03-10 | 2021-06-22 | 四川九洲空管科技有限责任公司 | Encryption and decryption algorithm test verification device and system for friend or foe identification system |
CN113256199A (en) * | 2021-04-02 | 2021-08-13 | 王国富 | Unmanned storehouse article inventory settlement information processing system, method and terminal |
CN115310109A (en) * | 2022-08-16 | 2022-11-08 | 安徽人和智能制造有限公司 | File secure storage secrecy system and method based on Internet of things technology |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20140108286A1 (en) * | 2011-03-10 | 2014-04-17 | Hong Kong R&D Centre for Logistics and Supply Chain Management Enabling Technologies | Lightweight Privacy Protection Protocol, Methods, and Systems for RFID and Sensor Based Logistics Track and Trace Data Sharing over Business Subcontracting Relationships |
CN103905202A (en) * | 2014-03-28 | 2014-07-02 | 广东工业大学 | RFID lightweight class bidirectional authentication method based on PUF |
US20150193627A1 (en) * | 2014-01-08 | 2015-07-09 | Chiun Mai Communication Systems, Inc. | Method and system of protecting files |
CN107171811A (en) * | 2017-07-17 | 2017-09-15 | 北京邮电大学 | A kind of lightweight RFID safety authentication based on Present algorithms |
-
2018
- 2018-06-29 CN CN201810692784.7A patent/CN109067706A/en active Pending
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20140108286A1 (en) * | 2011-03-10 | 2014-04-17 | Hong Kong R&D Centre for Logistics and Supply Chain Management Enabling Technologies | Lightweight Privacy Protection Protocol, Methods, and Systems for RFID and Sensor Based Logistics Track and Trace Data Sharing over Business Subcontracting Relationships |
US20150193627A1 (en) * | 2014-01-08 | 2015-07-09 | Chiun Mai Communication Systems, Inc. | Method and system of protecting files |
CN103905202A (en) * | 2014-03-28 | 2014-07-02 | 广东工业大学 | RFID lightweight class bidirectional authentication method based on PUF |
CN107171811A (en) * | 2017-07-17 | 2017-09-15 | 北京邮电大学 | A kind of lightweight RFID safety authentication based on Present algorithms |
Non-Patent Citations (1)
Title |
---|
KAI FAN等: ""Lightweight RFID Protocol for Medical Privacy Protection in IoT"", 《IEEE TRANSACTIONS ON INDUSTRIAL INFORMATICS》 * |
Cited By (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110121159A (en) * | 2019-03-29 | 2019-08-13 | 西安电子科技大学 | Lightweight RFID safety authentication, car networking communication system under car networking scene |
CN110121159B (en) * | 2019-03-29 | 2021-08-06 | 西安电子科技大学 | Lightweight RFID security authentication method and Internet of vehicles communication system in Internet of vehicles scene |
CN110381055A (en) * | 2019-07-16 | 2019-10-25 | 徐州医科大学 | RFID system privacy-protection certification protocol method in healthcare supply chain |
CN110381055B (en) * | 2019-07-16 | 2021-06-11 | 徐州医科大学 | RFID system privacy protection authentication protocol method in medical supply chain |
CN113014383A (en) * | 2021-03-10 | 2021-06-22 | 四川九洲空管科技有限责任公司 | Encryption and decryption algorithm test verification device and system for friend or foe identification system |
CN113256199A (en) * | 2021-04-02 | 2021-08-13 | 王国富 | Unmanned storehouse article inventory settlement information processing system, method and terminal |
CN115310109A (en) * | 2022-08-16 | 2022-11-08 | 安徽人和智能制造有限公司 | File secure storage secrecy system and method based on Internet of things technology |
CN115310109B (en) * | 2022-08-16 | 2024-01-26 | 安徽人和智能制造有限公司 | File secure storage confidentiality system and method based on Internet of things technology |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN109067706A (en) | Lightweight RFID method for secret protection, wireless communication system under scenes of internet of things | |
Rahman et al. | A privacy preserving framework for RFID based healthcare systems | |
Althobaiti et al. | An efficient biometric authentication protocol for wireless sensor networks | |
CN105491077B (en) | A kind of system of authentication | |
Bu et al. | You can clone but you cannot hide: A survey of clone prevention and detection for RFID | |
Kaul et al. | RFID authentication protocol to enhance patient medication safety | |
Özcanhan et al. | Cryptographically supported NFC tags in medication for better inpatient safety | |
Gharooni et al. | A confidential RFID model to prevent unauthorized access | |
Xu et al. | A data privacy protective mechanism for wireless body area networks | |
CN107040363B (en) | Lightweight RFID ownership transfer method and system based on chaotic encryption | |
Kumar et al. | An efficient and reliable ultralightweight RFID authentication scheme for healthcare systems | |
CN103218633A (en) | Radio frequency identification (RFID) safety authentication method | |
Stajano | Security issues in ubiquitous computing | |
Soni et al. | New directions for security attacks, privacy, and malware detection in WBAN | |
Khalid et al. | Cryptanalysis of ultralightweight mutual authentication protocol for radio frequency identification enabled Internet of Things networks | |
Xiao et al. | Security Protocol for RFID System Conforming to EPC-C1G2 Standard. | |
Xu et al. | A novel security authentication protocol based on physical unclonable function for RFID healthcare systems | |
KR101522845B1 (en) | U-Health Service User Identification System and Method Using RFID tag | |
Bhagyoday et al. | Comprehensive study of E-Health security in cloud computing | |
Yang et al. | A privacy model for RFID tag ownership transfer | |
Makina et al. | Survey on security and privacy in Internet of Things‐based eHealth applications: Challenges, architectures, and future directions | |
Khor et al. | Prevention and detection methods for enhancing security in an RFID system | |
Chuang et al. | Constructing effective lightweight privacy protection in RFID-based systems | |
KR100951527B1 (en) | Encrypting method for id of rfid tag, authenticating method of rfid tag and rfid authenticating system using the same | |
JP2007188375A (en) | Privacy protection type authentication system and device for retrieving id in database |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20181221 |
|
RJ01 | Rejection of invention patent application after publication |