CN109190725A - A kind of RFID mutual authentication method - Google Patents

A kind of RFID mutual authentication method Download PDF

Info

Publication number
CN109190725A
CN109190725A CN201810792139.2A CN201810792139A CN109190725A CN 109190725 A CN109190725 A CN 109190725A CN 201810792139 A CN201810792139 A CN 201810792139A CN 109190725 A CN109190725 A CN 109190725A
Authority
CN
China
Prior art keywords
parameter
label
reader
balancebc
random number
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201810792139.2A
Other languages
Chinese (zh)
Other versions
CN109190725B (en
Inventor
王思叶
张艳芳
张珠君
黄伟庆
诸邵忆
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Institute of Information Engineering of CAS
Original Assignee
Institute of Information Engineering of CAS
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Institute of Information Engineering of CAS filed Critical Institute of Information Engineering of CAS
Priority to CN201810792139.2A priority Critical patent/CN109190725B/en
Publication of CN109190725A publication Critical patent/CN109190725A/en
Application granted granted Critical
Publication of CN109190725B publication Critical patent/CN109190725B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06KGRAPHICAL DATA READING; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
    • G06K17/00Methods or arrangements for effecting co-operative working between equipments covered by two or more of main groups G06K1/00 - G06K15/00, e.g. automatic card files incorporating conveying and reading operations
    • G06K17/0022Methods or arrangements for effecting co-operative working between equipments covered by two or more of main groups G06K1/00 - G06K15/00, e.g. automatic card files incorporating conveying and reading operations arrangements or provisious for transferring data to distant stations, e.g. from a sensing device
    • G06K17/0029Methods or arrangements for effecting co-operative working between equipments covered by two or more of main groups G06K1/00 - G06K15/00, e.g. automatic card files incorporating conveying and reading operations arrangements or provisious for transferring data to distant stations, e.g. from a sensing device the arrangement being specially adapted for wireless interrogation of grouped or bundled articles tagged with wireless record carriers
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3271Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response
    • H04L9/3273Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response for mutual authentication

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • General Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

The present invention provides a kind of RFID mutual authentication method.Method includes: the first parameter C1, random number N, label account address TAddress and the reader account address RAddress for receiving reader and sending;It is stored with label account address TAddress in the block chain of self maintained if knowing, according to label account address TAddress, label account balance balanceBC and random number N, generates the second parameter C2;If knowing, the first parameter C1 is equal with the second parameter C2, then determine this reader to smart-tag authentication success, and according to label account balance balanceBC and random number N, it generates third parameter C3 and label is sent to by reader, so that label is based on third parameter C3, label is obtained to the authentication result of reader.Block chain technology is combined with RFID technique, since block chain is substantially by the distributed account book of each node maintenance in network, method provided by the invention can guarantee privacy of each label in the case where no database and trusted third party while completing safety certification.

Description

A kind of RFID mutual authentication method
Technical field
The present embodiments relate to technical field of RFID more particularly to a kind of RFID mutual authentication methods.
Background technique
Radio frequency identification (RFID) technology is quickly grown in recent years, is widely used in stock control, supply chain, tracking of products, Transport, the various applications such as logistics and self-service supermarket.RFID system is usually by one or more RFID readers, large quantities of RFID marks Label and a back-end server composition.Each label is attached on a physical object, reader can by with it is corresponding Label is communicated to identify or track object.Since the communication between label and reader is wirelessly transferred by radiofrequency signal , attacker can be implemented eavesdrop, reset, distorting, the attack of the types such as Dos, with this get sensitive tags information or Influence the normal work of entire RFID system.In order to solve these problems, many certification security protocols are suggested.
Earliest RFID authentication protocol is the Hash-Lock agreement that Sarma et al. is proposed.The verification process of this agreement is as schemed Shown in 1, Fig. 1 is Hash-Lock protocol authentication process figure.Each tag memory stores up { metaID, the ID } field of oneself, wherein MetaID is that hash Function Mapping label key key is obtained.Store n item { metaID, ID, key } note in background server Record, respectively corresponds n label.After verification process starts, reader sends a Request inquiry first and starts to communicate.Label After receiving this message, the metaID that oneself is stored is sent to reader.After reader receives, metaID is continued after sending to Hold server.After server receives, check that metaID therein is consistent with what is received with the presence or absence of a record in database, If it exists, corresponding ID and key are just issued into reader, otherwise authentification failure stops.Reader is sent receiving server { ID, key } after, key is sent to label, after label receives, calculate hash (key) whether with oneself storage metaID mono- It causes, smart-tag authentication reader passes through if consistent, and ID is then sent to reader, and otherwise, authentification failure stops.Reader After receiving the ID that label sends over, compared with the ID that server sends over, it is identical if then reader authenticating tag Success, otherwise authentification failure stops.
It is subsequent that a large amount of RFID protocols have continuously emerged in order to improve every safety of initial RFID protocol.Such as it is random The Hash-Lock agreement of change, Hash chain agreement, the ID variation agreement based on Hash, digital library's RFID protocol of David and Distributed RFID challenge-response authentication protocol etc..These agreements all improve some or certain several aspects on the basis of original Safety, keep the application of RFID more and more mature.For example the Hash-Lock agreement being randomized introduces the concept of random number, The random number that one changes all is added in hash calculating by the interaction of every secondary label and reader, to be further ensured that label The privacy of ID.And digital library's RFID protocol of David not only introduces random number, is also applied to encryption and decryption technology It is a kind of RFID protocol that the pseudo random number based on pre-shared secret is realized in agreement, the design of this agreement does not occur ratio Obvious security breaches.
Original RFID protocol more or less can all have loophole of certain attack, such as in Hash-Lock agreement, random In the Hash-Lock agreement of change, Hash chain agreement, tag ID is with plaintext transmission, cannot resist Replay Attack, personation is attacked Hit, track attack etc..In the ID variation agreement based on Hash, since back-end server updates label information and tag update Time irreversibility causes electronic tag to can not receive partial authentication message so if attacker carries out data jamming or interference If, it will result in server and store the failure that label data is asynchronous with label data, causes authenticate next time.Even safety Property higher agreement, such as digital library's RFID protocol of David, because label must complete generating random number machine encryption and decryption behaviour Make, therefore increase the complexity of label design, improves design cost, be not suitable for the RFID system of small cost.
The common fault of one existing RFID protocol is exactly that the process of authentication needs the concentration of storage in the server Database is supported, therefore this authentication process itself is easy to be attacked by SQL.Once this integrated data store is attacked, Entire RFID system all may paralysis.And the framework of this centralization is suitable for application in distributed system, Wu Fabao The privacy requirement of each subdivision in card system.Even if existing for the RFID protocol of Distributed system design, and uses and draw Enter the mode of trusted third party, this further increases the communications cost of system.
Summary of the invention
The embodiment of the present invention provides a kind of RFID mutual authentication method, to solve the association of RFID two-way authentication in the prior art View safety is insufficient and is not suitable for the defect of distributed system, improves the safety of certification, also, is suitable for distributed system System.
The embodiment of the present invention provides a kind of RFID mutual authentication method, comprising:
With receiving the first parameter C1, random number N, label account address TAddress and the reader account that reader is sent Location RAddress;
Label account address TAddress is stored in the block chain of self maintained if knowing, according to label account address TAddress, label account balance balanceBC and random number N generate the second parameter C2;
If knowing, the first parameter C1 is equal with the second parameter C2, determines that this reader is successful to smart-tag authentication, and root According to label account balance balanceBC and random number N, generates third parameter C3 and label is sent to by reader, so that Label is based on third parameter C3, obtains label to the authentication result of reader;
Wherein, the first parameter C1 is label according to label account address TAddress, label remaining sum balance and reader The random number N of transmission generates, and label account address TAddress is that block chain is generated according to tag ID, reader account address RAddress is that block chain is generated according to reader ID.
The embodiment of the present invention provides a kind of RFID mutual authentication method, comprising:
If the first parameter C1 is equal with the second parameter C2, the third parameter C3 of server transmission is received;
Based on third parameter C3, label is obtained to the authentication result of reader;
Wherein, third parameter C3 is generated according to label account balance balanceBC and random number N, and the first parameter C1 is by reading Write device and be sent to server, the second parameter C2 according to label account address TAddress, label account balance balanceBC and with Machine number N is generated.
A kind of RFID mutual authentication method provided in an embodiment of the present invention, by mutually tying block chain technology with RFID technique It closes, since block chain is substantially by the distributed account book of each node maintenance in network, the embodiment of the present invention is provided Method can guarantee each label in the case where no database and trusted third party while completing safety certification Privacy.
Detailed description of the invention
In order to more clearly explain the embodiment of the invention or the technical proposal in the existing technology, to embodiment or will show below There is attached drawing needed in technical description to be briefly described, it should be apparent that, the accompanying drawings in the following description is this hair Bright some embodiments for those of ordinary skill in the art without creative efforts, can be with root Other attached drawings are obtained according to these attached drawings.
Fig. 1 is Hash-Lock protocol authentication process figure;
Fig. 2 is according to a kind of RFID mutual authentication method flow chart provided in an embodiment of the present invention;
According to Fig. 3 another embodiment of the present invention provides a kind of RFID mutual authentication method flow chart;
Fig. 4 is according to a kind of multi-sector cooperation distributed RFID system tray based on block chain provided in an embodiment of the present invention Composition;
Fig. 5 is to be mutually authenticated RFID protocol figure according to one kind provided in an embodiment of the present invention;
Fig. 6 is according to a kind of structural block diagram of server provided in an embodiment of the present invention;
Fig. 7 is according to a kind of structural block diagram of label provided in an embodiment of the present invention.
Specific embodiment
In order to make the object, technical scheme and advantages of the embodiment of the invention clearer, below in conjunction with the embodiment of the present invention In attached drawing, technical scheme in the embodiment of the invention is clearly and completely described, it is clear that described embodiment is A part of the embodiment of the present invention, instead of all the embodiments.Based on the embodiments of the present invention, those of ordinary skill in the art Every other embodiment obtained without creative efforts, shall fall within the protection scope of the present invention.
Reader in RFID technique can by being communicated with the label being arranged on target object, and then identify or Track object.Reader can be written and read label, since the communication between label and reader is believed by radio frequency Number wireless transmission, attacker can be implemented eavesdrop, reset, distorting, the attack of the types such as Dos, sensitivity is got with this Label information or the normal work for influencing entire RFID system, therefore, many RFID two-way authentication security protocols are suggested.RFID The purpose of two-way authentication is exactly to prevent some or all of storage information in unauthorized reader browsing label, and authorize legal read Read the ability that device distinguishes legitimate tag and illegal label.It should be noted that in following embodiment, RFID mutual authentication method It can be described as RFID bidirectional identification protocol, i.e. method and agreement has same meaning.
Fig. 2 is according to a kind of RFID mutual authentication method flow chart provided in an embodiment of the present invention, the execution master of this method Body is server, as shown in Fig. 2, this method comprises:
Step 201: receiving the first parameter C1, random number N, label account address TAddress and read-write that reader is sent Device account address RAddress.
Step 202: label account address TAddress is stored with if knowing in the block chain of self maintained, according to label Account address TAddress, label account balance balanceBC and random number N generate the second parameter C2.
Step 203: if knowing, the first parameter C1 is equal with the second parameter C2, determine this reader to smart-tag authentication at Function, and according to label account balance balanceBC and random number N, it generates third parameter C3 and label is sent to by reader, So that label is based on third parameter C3, label is obtained to the authentication result of reader.
Wherein, the first parameter C1 is label according to label account address TAddress, label remaining sum balance and reader The random number N of transmission generates, and label account address TAddress is that block chain is generated according to tag ID, reader account address RAddress is that block chain is generated according to reader ID.
It should be noted that the hardware device being related in the embodiment of the present invention are as follows: server, reader and label.Its In, server assists label to obtain for obtaining reader to the authentication result of label, and when authentication result is to authenticate successfully Label is to the authentication result of reader, to complete the two-way authentication of reader and label.
Wherein, the detailed process of step 201 are as follows: server receives reader and sends the first parameter C1, random number N, label Account address TAddress and reader account address RAddress.
The detailed process of step 202 are as follows: the block chain of self maintained is traversed, if being stored with label account address in block chain TAddress then takes out label account balance balanceBC from block chain, and is based on XOR operation and one-way hash function operation, According to label account address TAddress, account balance balanceBC and the random number N received, calculates and generate the second parameter C2, specific formula for calculation are as follows:
C2=H (TAddress ⊕ balanceBC ⊕ N);
Wherein, ⊕ is XOR operation, and H () is one-way hash function operation.
The detailed process of step 203 are as follows: the first parameter C1 and the second parameter C2 are compared by server, if comparison result It is equal for the two, then determine this reader to smart-tag authentication success.And it is based on XOR operation and one-way hash function operation, according to mark Account balance balanceBC and random number N are signed, calculates and generates third parameter C3, and third parameter C3 is sent to reader, with So that third parameter C3 is transmitted to label by reader, and then so that label obtains mark based on the third parameter C3 received Sign the authentication result to reader.Wherein, the specific formula for calculation of third parameter C3 is as follows:
C3=H (balanceBC ⊕ N);
Wherein, ⊕ is XOR operation, and H () is one-way hash function operation.
It should be noted that the embodiment of the present invention combines block chain technology with RFID technique, by the service in RFID Device is run as the node in block chain, and all nodes (namely server) in block chain safeguard block chain jointly.For one The label that can be accessed for a server it comprises all nodes of a batch and the relevant account of reader.
The generating process of label account address TAddress is as follows: using tag ID as password, being generated using block chain public Key address, and using the public key address as label account address.The generating process of reader account address RAddress is as follows: with Reader ID generates public key address as password, using block chain, and using the public key address as reader account address.Each Label stores { TAddress, the balance } of itself, and each reader stores the RAddress of itself.Each mark in block chain The account balance balanceBC of label is initialized to the random number between (0,10), and store remaining sum value in the label namely Label remaining sum balance is initialized to balanceBC+M.Wherein, M is the gold of label account and the every transaction of reader account Volume.
Method provided in an embodiment of the present invention combines block chain technology with RFID technique, substantially due to block chain It is by the distributed account book of each node maintenance in network, therefore method provided in an embodiment of the present invention can complete safety Guarantee privacy of each label in the case where no database and trusted third party while certification.To common attack (such as Replay Attack, active attack, Dos attack, desynchronization attack) fully against, and do not use any Additional Protection technology Under the premise of eradicate all potential database attacks;The communications records of each RFID tag and reader be all it is traceable and It is not revisable;Also, each subsystem in distributed system has the secret label information of oneself, these information do not include In the server.Insensitive label information is shared between subsystem to carry out subsequent operation, is not necessarily to central server or trust Third party.
Based on the above embodiment, method provided in this embodiment further include:
If knowing, the first parameter C1 is equal with the second parameter C2, and it is abnormal to determine last verification process, and is recorded in certainly In the block chain of body maintenance;Wherein, verification process is certification information drop-out or is intercepted extremely.
Specifically, if server knows that the first parameter C1 is equal with the second parameter C2, determine this reader to label It authenticates successfully, also, determines that last verification process is abnormal, and be recorded in the block chain of self maintained.
Based on the above embodiment, method provided in this embodiment further include:
If knowing, the first parameter C1 and the second parameter C2 are unequal, according to label account address TAddress, label account Family remaining sum balanceBC, transaction amount M and random number N generate the 4th parameter C4.
If knowing, the first parameter C1 is equal with the 4th parameter C4, determines that this reader is successful to smart-tag authentication, and on One time verification process is normal, and is updated according to transaction amount M to label account balance balanceBC, and according to update after Label account balance balanceBC and random number N, generate the 5th parameter C5 simultaneously label is sent to by reader so that Label is based on the 5th parameter C5, obtains label to the authentication result of reader.
Specifically, if server knows that the two is unequal by comparing the first parameter C1 and the second parameter C2, the is generated Four parameter C4, and reader is obtained to the authentication result of label result volume based on the 4th parameter C4.Wherein, the meter of the 4th parameter C4 Calculate formula are as follows:
C4=H (TAddress ⊕ (balanceBC ⊕ M) ⊕ N)
Wherein, ⊕ is XOR operation, and H () is one-way hash function operation.
After server generates the 4th parameter C4, the first parameter C1 is compared with the 4th parameter C4, if the two is equal, Determine that reader is sent to reader to smart-tag authentication success, and after generating the 5th parameter C5, so that reader is joined the 5th Number C5 is forwarded to label, and then so that label obtains label to the authentication result of reader based on the 5th parameter C5.Wherein, The calculation formula of five parameter C5 are as follows:
C5=H (balanceBC' ⊕ N)
Wherein, ⊕ is XOR operation, and H () is one-way hash function operation, and balanceBC' is according to transaction amount M to label account The updated label account balance that family remaining sum balanceBC is obtained after being updated.
Based on the above embodiment, method provided in this embodiment further include:
If knowing, the first parameter C1 is equal with the second parameter C2, and label account balance balanceBC is remained unchanged.
If knowing, the first parameter C1 is equal with the 4th parameter C4, according to transaction amount M to account balance balanceBC into Row updates.
Specifically, if server knows that the first parameter C1 is equal with the second parameter C2 or the first parameter C1 and the 4th parameter C4 It is equal, then determine reader to smart-tag authentication success.Wherein, if C1==C2, balanceBC are remained unchanged, if C1== C4, then updating balanceBC is balanceBC'=balanceBC+M.
Based on the above embodiment, method provided in this embodiment further include:
If knowing, the first parameter C1 and the 4th parameter C4 are unequal, determine that reader fails to smart-tag authentication.
Based on the above embodiment, method provided in this embodiment further include:
If know it is not stored in block chain have label account address TAddress, determine reader to smart-tag authentication lose It loses.
According to Fig. 3 another embodiment of the present invention provides a kind of RFID mutual authentication method flow chart, executing subject For label, as shown in figure 3, this method comprises:
301: if the first parameter C1 is equal with the second parameter C2, receiving the third parameter C3 of server transmission.
302: being based on third parameter C3, obtain label to the authentication result of reader.
Wherein, third parameter C3 is generated according to label account balance balanceBC and random number N, and the first parameter C1 is by reading Write device and be sent to server, the second parameter C2 according to label account address TAddress, label account balance balanceBC and with Machine number N is generated.
Specifically, if server sends third parameter C3 to reader, third parameter C3 is transmitted to label by reader. If label receives third parameter C3, label is obtained to the authentication result of reader based on third parameter C3, authentication result is Label is to the certification success of reader or authentification failure.It should be noted that each parameter is in the present embodiment or above-mentioned implementation It is illustrated in example, details are not described herein again.
Based on the above embodiment, method provided in this embodiment further include:
If the first parameter C1 is equal with the 4th parameter C4, the 5th parameter C5 of server transmission is received;
Based on the 5th parameter C5, label is obtained to the authentication result of reader;
Wherein, the 5th parameter C5 is generated according to updated label account balance balanceBC and random number N, the 4th ginseng Number C4 is generated according to label account address TAddress, label account balance balanceBC, transaction amount M and random number N.
Based on the above embodiment, label is obtained to the authentication result of reader, further comprises:
According to label remaining sum balance and random number N, the 6th parameter C6 is obtained;
If knowing, third parameter C3 and the 6th parameter C6 are equal, alternatively, the 5th parameter C5 and the 6th parameter C6 are equal, then sentence Calibration label authenticate successfully reader.Otherwise, it is determined that label is to reader authentification failure, the further communication of label refusal.6th The specific formula for calculation of parameter C6 is as follows:
C6=H (balance ⊕ N);
Wherein, ⊕ is XOR operation, and H () is one-way hash function operation.
Based on the above embodiment, method provided in an embodiment of the present invention further include:
If label authenticates successfully reader, according to transaction amount M, label remaining sum balance is updated.Specifically More new formula are as follows:
Balance'=balance+M
Based on the above embodiment, the third parameter C3 or receive the 5th parameter that server is sent that server is sent are received C5, before further include:
Receive the random number N that reader is sent;According to label account address TAddress, label remaining sum balance and with Machine number N generates the first parameter C1;First parameter C1 and label account address TAddress are sent to reader, so that reading It writes device and the first parameter C1, random number N, label account address TAddress and reader account address RAddress is sent to clothes Business device.
The scheme of embodiment in order to better illustrate the present invention is illustrated below by way of specific citing:
Fig. 4 is according to a kind of multi-sector cooperation distributed RFID system tray based on block chain provided in an embodiment of the present invention Composition, as shown in figure 4, applying method provided in an embodiment of the present invention in following field:
A company has multiple departments or branch, especially some of them to be dispersed in different regions, is even distributed through Different countries, internal network are difficult to be interconnected.By taking personnel's access control system based on RFID as an example, it needs high security, But real-time and throughput require lower.Each department has one, and sensitive<real object --- tag ID>table, cannot be by Other departments know.But some information that the operation and management of company requires department to share label were authenticated with completing RFID Journey.So how while meeting company's actual demand guarantee department privacy be that new RFID system and agreement should be realized It is required that.Moreover, the stationary problem in distributed RFID system is also urgently when adding new label or every wheel updates certification message It solves.
In embodiments of the present invention, a privately owned block chain is sufficient for the requirement of RFID system in above-mentioned company.At this In the case of kind, multiple departments safeguard privately owned block chain together and execute identical authentication protocol process.The system model can To ensure to share non-sensitive label information to be authenticated, while can be believed by the secret label inside protection department arranged below Breath:
(1) each department has several servers as the node operation on block chain, and each node includes a collection of institute The relevant account of label and reader for having node that can access.
(2) using label or reader ID as password, block chain can generate the public key address of 20 bytes as account Identifier (in ether mill).Each department is respective, and<real object --- ID --- account addresses>mapping table are stored remotely from whole The secret location of a system, it is impossible to derive the incidence relation of true ID and account addresses.
Mutually the recognizing each other based on block chain of proposition of the embodiment of the present invention is described below in system architecture diagram based on shown in Fig. 4 RFID protocol is demonstrate,proved, wherein the symbol description used such as table 1, as figure 5 illustrates, table 1 is the symbol description table used in agreement to protocol figure, Fig. 5 is to be mutually authenticated RFID protocol figure according to one kind provided in an embodiment of the present invention.Detailed process is as follows:
(1) initial phase: in initial phase, use label or reader ID as password, block chain generates public key Address is as account identifier.Each label stores tuple { TAddress, balance }, and each reader stores RAddress. Since reader is the initiator of entire agreement, so its account must have primary balance, this can be before agreement starts It is realized by default setting.Each label account real remaining sum (balanceBC) in block chain is initialised in block chain For the random number between (0,10), and the account balance (balance) stored in label is initialized to balanceBC+M.
(2) authentication phase:
(a) reader: reader generates a random number N and sends it to label.
(b) label: label calculates C1=H (TAddress ⊕ balance ⊕ N), and (C1, TAddress) is sent back to reading Write device.
(c) reader: reader sends (C1, N, TAddress, RAddress) and carries out smart-tag authentication to server.
(d) it server: after server receives (C1, N, TAddress, the RAddress) that reader is sent, first checks for TAddress whether there is.If TAddress is not present, smart-tag authentication failure, server stops session.Otherwise, it inquires The remaining sum balanceBC of the corresponding label account of TAddress, then executes following steps.
Judgement: server calculates C2=H (TAddress ⊕ balanceBC ⊕ N).If C1==C2, then it represents that upper one The last item information drop-out of secondary certification is intercepted by attacker;If C1 ≠ C2, server calculates C4=H (TAddress (balanceBC⊕M)⊕N).If C1==C4, then it represents that last time certification is complete.If above-mentioned two situations are not Meet, smart-tag authentication failure, server stops session, and no longer execution following steps are updated, sent, e) and f).
It updates: if comparison result is C1==C2 in previous step, being recorded in block chain related to the label account Interception record, balanceBC remains unchanged (i.e. balanceBC'=balanceBC).Server calculates C3=H (balanceBC ⊕ N), and C3 is sent to reader.If comparison result is C1==C4, server can unlock reader Account, and from reader account to the transmission M of label, and update balanceBC (i.e. balanceBC'=balanceBC+M). Server calculates C5=H (balanceBC' ⊕ N), and C5 is sent to reader.
(e) reader: reader receives C3 (or C5) and is then forwarded to label.
(f) label: label calculates C6=H (balance ⊕ N), and checks whether equation C6==C3 (or C5) is true.Such as Fruit is set up, label success identity reader, and updates balance'=balance+M.If not, authentification failure, label are refused Further communication absolutely.
The symbol description table used in 1 agreement of table
The key point of the embodiment of the present invention is that the embodiment of the present invention proposes a kind of novel point based on block chain Cloth RFID two-way authentication security protocol.Since block chain is substantially by the distributed account of each node maintenance in network This, therefore agreement provided in an embodiment of the present invention can guarantee each department in no database while completing safety certification With the privacy in the case where trusted third party.
The embodiment of the present invention has the beneficial effect that:
This agreement ensure that the privacy of each department: address and remaining sum due to pertaining only to label account in agreement, and each Department<real object --- ID --- account addresses>mapping table can only be stored voluntarily, so sensitivity ID relevant information will not be saturating It crosses information used in agreement to be leaked, it ensure that the privacy of department.
This agreement ensure that following safety: label anonymity, label availability, forward security, resist Replay Attack, Resist active attack, part protection label anonymity controlled.Specifically it is analyzed as follows.
(1) label anonymity: in agreement provided in an embodiment of the present invention, the true ID of label is hidden in initial phase Account addresses (TAddress) on entitled block chain.In verification process, every message is all by the list assisted by random number N Protection to hash hash function, therefore this agreement can protect the anonymity of label.
(2) label availability: label availability generally includes to resist DoS attack and resists desynchronization attack.In the present invention In the agreement that embodiment provides, label does not need to have the function of generation random number, thus will not because random number is depleted and Refusal service.In addition, even if last reader verifying information drop-out or being intercepted by attacker, will not cause label information with Block chain loses synchronization.This is because server will judge C1 it is whether consistent with C2 or C4, in both cases, no matter label The message whether is received before, can verify label.
(3) forward security: protocol realization forward security be because label can before hash by TAddress, N, Balance does XOR operation.Since N and balance can change in each round, so even if attacker knows currently Balance and N, he will not know previous Hash result, it ensure that forward security.
(4) resist Replay Attack: similar with forward secrecy, reader will generate in each round a new random number N, BalanceBC and balance can also change.So he can not also lead to even if attacker has intercepted last round of all message Playback message is crossed to pass through authentication.
(5) resist active attack: consider attacker can with random number N ' actively address inquires to label, then obtain sound from label Answer { C1'=H (TAddress ⊕ balance ⊕ N'), TAddress }.But since hash is one-way function, he can not Balance is exported from C1' reverse push.Therefore, when valid reader is addressed inquires to random number N, he can not construct one just True message returns to reader, also means that he can not pretend to be legitimate tag further to be communicated, i.e., the present invention is real The agreement of example offer is applied fully against active attack.
(6) label anonymity controlled: strictly speaking, agreement provided in an embodiment of the present invention may suffer from tracking attack. Because it uses identical TAddress in each certification.Even if attacker finds identical TAddress twice, he It can not be inferred to the true ID number of the label, it means that this agreement ensure that label untraceable to a certain extent.
Fig. 6 is according to a kind of structural block diagram of server provided in an embodiment of the present invention, as shown in fig. 6, the equipment packet It includes: processor (processor) 601, memory (memory) 602 and bus 603;Wherein, it the processor 601 and described deposits Reservoir 602 completes mutual communication by the bus 603;The processor 601 is for calling in the memory 602 Program instruction, to execute method provided by above-mentioned each method embodiment, for example, receive the first parameter that reader is sent C1, random number N, label account address TAddress and reader account address RAddress;If knowing the block of self maintained Label account address TAddress is stored in chain, then according to label account address TAddress, label account balance BalanceBC and random number N generate the second parameter C2;If knowing, the first parameter C1 is equal with the second parameter C2, determines this Reader generates third parameter C3 and leads to smart-tag authentication success, and according to label account balance balanceBC and random number N It crosses reader and is sent to label, so that label is based on third parameter C3, obtain label to the authentication result of reader.
Fig. 7 is according to a kind of structural block diagram of label provided in an embodiment of the present invention, as shown in fig. 7, the equipment includes: Processor (processor) 701, memory (memory) 702 and bus 703;Wherein, the processor 701 and the storage Device 702 completes mutual communication by the bus 703;The processor 701 is used to call the journey in the memory 702 Sequence instruction, to execute method provided by above-mentioned each method embodiment, for example, if the first parameter C1 and the second parameter C2 phase Deng, then receive server transmission third parameter C3;Based on third parameter C3, label is obtained to the authentication result of reader.
The embodiment of the present invention discloses a kind of computer program product, and the computer program product is non-transient including being stored in Computer program on computer readable storage medium, the computer program include program instruction, when described program instructs quilt When computer executes, computer is able to carry out method provided by above-mentioned each method embodiment, for example, receives reader hair The first parameter C1, random number N, label account address TAddress and the reader account address RAddress sent;If knowing certainly It is stored with label account address TAddress in the block chain of body maintenance, then according to label account address TAddress, label account Family remaining sum balanceBC and random number N generate the second parameter C2;If knowing, the first parameter C1 is equal with the second parameter C2, sentences This fixed reader generates third parameter to smart-tag authentication success, and according to label account balance balanceBC and random number N C3 is simultaneously sent to label by reader, so that label is based on third parameter C3, obtains label to the authentication result of reader.
The embodiment of the present invention discloses a kind of computer program product, and the computer program product is non-transient including being stored in Computer program on computer readable storage medium, the computer program include program instruction, when described program instructs quilt When computer executes, computer is able to carry out method provided by above-mentioned each method embodiment, for example, if the first parameter C1 It is equal with the second parameter C2, then receive the third parameter C3 of server transmission;Based on third parameter C3, label is obtained to reader Authentication result.
The embodiment of the present invention provides a kind of non-transient computer readable storage medium, the non-transient computer readable storage Medium storing computer instruction, the computer instruction make the computer execute side provided by above-mentioned each method embodiment Method, for example, receive the first parameter C1, random number N, label account address TAddress and reader account that reader is sent Family address RAddress;Label account address TAddress is stored in the block chain of self maintained if knowing, according to label Account address TAddress, label account balance balanceBC and random number N generate the second parameter C2;If knowing the first parameter C1 is equal with the second parameter C2, then it is successful to smart-tag authentication to determine this reader, and according to label account balance balanceBC And random number N, it generates third parameter C3 and label is sent to by reader, so that label is based on third parameter C3, obtain Authentication result of the label to reader.
The embodiment of the present invention provides a kind of non-transient computer readable storage medium, the non-transient computer readable storage Medium storing computer instruction, the computer instruction make the computer execute side provided by above-mentioned each method embodiment Method, for example, if the first parameter C1 is equal with the second parameter C2, receive the third parameter C3 of server transmission;Based on Three parameter C3 obtain label to the authentication result of reader.
Those of ordinary skill in the art will appreciate that: realize that all or part of the steps of above method embodiment can pass through The relevant hardware of program instruction is completed, and program above-mentioned can be stored in a computer readable storage medium, the program When being executed, step including the steps of the foregoing method embodiments is executed;And storage medium above-mentioned includes: ROM, RAM, magnetic disk or light The various media that can store program code such as disk.
Through the above description of the embodiments, those skilled in the art can be understood that each embodiment can It realizes by means of software and necessary general hardware platform, naturally it is also possible to pass through hardware.Based on this understanding, on Stating technical solution, substantially the part that contributes to existing technology can be embodied in the form of software products in other words, should Computer software product may be stored in a computer readable storage medium, such as ROM/RAM, magnetic disk, CD, including several fingers It enables and using so that a computer equipment (can be personal computer, server or the network equipment etc.) executes each implementation Method described in certain parts of example or embodiment.
Finally, it should be noted that the above embodiments are merely illustrative of the technical solutions of the present invention, rather than its limitations;Although Present invention has been described in detail with reference to the aforementioned embodiments, those skilled in the art should understand that: it still may be used To modify the technical solutions described in the foregoing embodiments or equivalent replacement of some of the technical features; And these are modified or replaceed, technical solution of various embodiments of the present invention that it does not separate the essence of the corresponding technical solution spirit and Range.

Claims (10)

1. a kind of RFID mutual authentication method characterized by comprising
Receive the first parameter C1, random number N, label account address TAddress and reader account address that reader is sent RAddress;
Label account address TAddress is stored in the block chain of self maintained if knowing, according to label account address TAddress, label account balance balanceBC and random number N generate the second parameter C2;
If knowing, the first parameter C1 is equal with the second parameter C2, it is successful to smart-tag authentication to determine this reader, and according to mark Account balance balanceBC and random number N are signed, third parameter C3 is generated and label is sent to by reader, so that label Based on third parameter C3, label is obtained to the authentication result of reader;
Wherein, the first parameter C1 is that label is sent according to label account address TAddress, label remaining sum balance and reader Random number N generate, label account address TAddress be block chain generated according to tag ID, reader account address RAddress is that block chain is generated according to reader ID.
2. the method according to claim 1, wherein further include:
If knowing, the first parameter C1 is equal with the second parameter C2, and it is abnormal to determine last verification process, and is recorded in itself dimension In the block chain of shield;Wherein, verification process is certification information drop-out or is intercepted extremely.
3. the method according to claim 1, wherein further include:
If knowing, the first parameter C1 and the second parameter C2 are unequal, more than label account address TAddress, label account Volume balanceBC, transaction amount M and random number N generate the 4th parameter C4;
If knowing, the first parameter C1 is equal with the 4th parameter C4, determines that this reader is successful to smart-tag authentication, and last Verification process is normal, and is updated according to transaction amount M to label account balance balanceBC, and according to updated mark Account balance balanceBC and random number N are signed, the 5th parameter C5 is generated and label is sent to by reader, so that label Based on the 5th parameter C5, label is obtained to the authentication result of reader.
4. according to the method described in claim 3, it is characterized by further comprising:
If knowing, the first parameter C1 is equal with the second parameter C2, and label account balance balanceBC is remained unchanged;
If knowing, the first parameter C1 is equal with the 4th parameter C4, is carried out more according to transaction amount M to account balance balanceBC Newly.
5. according to the method described in claim 3, it is characterized by further comprising:
If knowing, the first parameter C1 and the 4th parameter C4 are unequal, determine that reader fails to smart-tag authentication.
6. the method according to claim 1, wherein further include:
If know it is not stored in block chain have label account address TAddress, determine reader to smart-tag authentication fail.
7. a kind of RFID mutual authentication method characterized by comprising
If the first parameter C1 is equal with the second parameter C2, the third parameter C3 of server transmission is received;
Based on third parameter C3, label is obtained to the authentication result of reader;
Wherein, third parameter C3 is generated according to label account balance balanceBC and random number N, and the first parameter C1 is by reader It is sent to server, the second parameter C2 is according to label account address TAddress, label account balance balanceBC and random number N is generated.
8. the method according to the description of claim 7 is characterized in that further include:
If the first parameter C1 is equal with the 4th parameter C4, the 5th parameter C5 of server transmission is received;
Based on the 5th parameter C5, label is obtained to the authentication result of reader;
Wherein, the 5th parameter C5 is generated according to updated label account balance balanceBC and random number N, the 4th parameter C4 It is generated according to label account address TAddress, label account balance balanceBC, transaction amount M and random number N.
9. according to the method described in claim 8, it is characterized in that, obtaining label to the authentication result of reader, further packet It includes:
According to label remaining sum balance and random number N, the 6th parameter C6 is obtained;
If knowing, third parameter C3 and the 6th parameter C6 are equal, alternatively, the 5th parameter C5 and the 6th parameter C6 are equal, then determine to mark Label authenticate successfully reader.
10. the method according to the description of claim 7 is characterized in that further include:
If label authenticates successfully reader, according to transaction amount M, label remaining sum balance is updated.
CN201810792139.2A 2018-07-18 2018-07-18 RFID bidirectional authentication method Active CN109190725B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201810792139.2A CN109190725B (en) 2018-07-18 2018-07-18 RFID bidirectional authentication method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201810792139.2A CN109190725B (en) 2018-07-18 2018-07-18 RFID bidirectional authentication method

Publications (2)

Publication Number Publication Date
CN109190725A true CN109190725A (en) 2019-01-11
CN109190725B CN109190725B (en) 2020-07-07

Family

ID=64936248

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810792139.2A Active CN109190725B (en) 2018-07-18 2018-07-18 RFID bidirectional authentication method

Country Status (1)

Country Link
CN (1) CN109190725B (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109788465A (en) * 2019-01-22 2019-05-21 西安电子科技大学 Based on the Bidirectional identity authentication method of radio frequency identification on block chain
CN111953494A (en) * 2019-05-15 2020-11-17 株式会社日立制作所 Authentication method and device
CN112019336A (en) * 2019-05-30 2020-12-01 中国科学技术大学 RFID authentication method and device

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101165701A (en) * 2006-10-17 2008-04-23 国际商业机器公司 Methods and systems for providing radio frequency identification (RFID) security mutual authentication
CN102510335A (en) * 2011-11-10 2012-06-20 西北工业大学 RFID (Radio Frequency Identification Device) mutual authentication method based on Hash
CN106792686A (en) * 2016-12-13 2017-05-31 广东工业大学 A kind of RFID mutual authentication methods
CN107545501A (en) * 2017-07-17 2018-01-05 招商银行股份有限公司 Assets management method, system and computer-readable recording medium
US20180096175A1 (en) * 2016-10-01 2018-04-05 James L. Schmeling Blockchain Enabled Packaging
CN108053001A (en) * 2017-12-14 2018-05-18 上海密尔克卫化工储存有限公司 The information safety authentication method and system of electronics warehouse receipt

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101165701A (en) * 2006-10-17 2008-04-23 国际商业机器公司 Methods and systems for providing radio frequency identification (RFID) security mutual authentication
CN102510335A (en) * 2011-11-10 2012-06-20 西北工业大学 RFID (Radio Frequency Identification Device) mutual authentication method based on Hash
US20180096175A1 (en) * 2016-10-01 2018-04-05 James L. Schmeling Blockchain Enabled Packaging
CN106792686A (en) * 2016-12-13 2017-05-31 广东工业大学 A kind of RFID mutual authentication methods
CN107545501A (en) * 2017-07-17 2018-01-05 招商银行股份有限公司 Assets management method, system and computer-readable recording medium
CN108053001A (en) * 2017-12-14 2018-05-18 上海密尔克卫化工储存有限公司 The information safety authentication method and system of electronics warehouse receipt

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109788465A (en) * 2019-01-22 2019-05-21 西安电子科技大学 Based on the Bidirectional identity authentication method of radio frequency identification on block chain
CN111953494A (en) * 2019-05-15 2020-11-17 株式会社日立制作所 Authentication method and device
CN112019336A (en) * 2019-05-30 2020-12-01 中国科学技术大学 RFID authentication method and device
CN112019336B (en) * 2019-05-30 2021-12-10 中国科学技术大学 RFID authentication method and device

Also Published As

Publication number Publication date
CN109190725B (en) 2020-07-07

Similar Documents

Publication Publication Date Title
Joshi et al. Unified authentication and access control for future mobile communication‐based lightweight IoT systems using blockchain
Zhong et al. Distributed blockchain‐based authentication and authorization protocol for smart grid
CN111431707B (en) Service data information processing method, device, equipment and readable storage medium
Stapleton Security without obscurity: A guide to confidentiality, authentication, and integrity
Patel et al. DAuth: A decentralized web authentication system using Ethereum based blockchain
CN109190725A (en) A kind of RFID mutual authentication method
CN109447809A (en) A kind of video active identification method of combination block chain
Ahamad et al. A secure NFC mobile payment protocol based on biometrics with formal verification
CN116057554A (en) Method for managing transaction data sets, participant unit, transaction register and payment system
KR20200097773A (en) Blockchain-based identity system
Kim et al. Role‐based Access Control Video Surveillance Mechanism Modeling in Smart Contract Environment
Ahmed et al. A self-sovereign identity architecture based on blockchain and the utilization of customer’s banking cards: The case of bank scam calls prevention
Polleit et al. Defeating the secrets of otp apps
CN108574578A (en) A kind of black box data protection system and method
Nowroozi et al. Cryptocurrency wallets: assessment and security
Kirar et al. An efficient architecture and algorithm to prevent data leakage in Cloud Computing using multi-tier security approach
Yang et al. DOT-M: a dual Offline transaction scheme of central bank digital currency for trusted mobile devices
US20230084651A1 (en) Method, terminal, monitoring entity, and payment system for managing electronic coin datasets
CN112016119B (en) Autonomous identity management method based on block chain
Khan et al. A secure and flexible electronic-ticket system
Wilusz et al. Secure protocols for smart contract based insurance services
Alshehri NFC mobile coupon protocols: developing, formal security modelling and analysis, and addressing relay attack
CN112418867A (en) Distributed token payment method based on block chain
Alshehri et al. A formal framework for security analysis of NFC mobile coupon protocols
Hariharasudan et al. A Review on Blockchain Based Identity Management System

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant