RFID系统的安全性和隐私保护方法

doi:10.16180/j.cnki.issn1007-7820.2025.02.010

电子科技 ›› 2025, Vol. 38 ›› Issue (2): 78-83.doi: 10.16180/j.cnki.issn1007-7820.2025.02.010

RFID系统的安全性和隐私保护方法

史志才¹^,²()

1.上海工程技术大学电子电气工程学院,上海 201620
2.上海中侨职业技术大学信息工程学院,上海 201514

收稿日期:2023-08-04 修回日期:2023-09-04 出版日期:2025-02-15 发布日期:2025-01-16
通讯作者: 史志才(1964-),男, E-mail:szc1964@163.com,博士,教授。研究方向:网络安全、隐私计算等。
基金资助:
科技部科技创新2030-新一代人工智能重大项目(2020AAA0109300)

Research on the Security and Privacy Preserving Method of RFID Systems

SHI Zhicai¹^,²()

1. School of Electronic and Electrical Engineering,Shanghai University of Engineering Science, Shanghai 201620,China
2. School of Information Engineering,Shanghai Zhongqiao Vocational and Technical University,Shanghai 201514,China

Received:2023-08-04 Revised:2023-09-04 Online:2025-02-15 Published:2025-01-16
Supported by:
The Scientific and Technological Innovation 2030-Major Project of New Generation Artificial Intelligence(2020AAA0109300)

摘要/Abstract

摘要：

RFID(Radio Frequency IDentification)系统射频标签结构简单,且与阅读器间采用无线方式传输数据,易产生隐私泄露和受到安全攻击。针对该问题,文中提出通过双向轻权认证协议来保护RFID系统的安全性和隐私。该协议通过随机化标签的秘密信息再哈希的方法生成会话消息,标签与阅读器间采用二次相互认证,提升了协议的安全性。该协议通过哈希运算确保认证过程中会话信息的保密传输和完整性,通过对标签端每次发出会话消息的随机化确保了消息的新鲜性,系统秘密信息的更新确保协议满足前向安全性。RFID认证协议不仅能抵抗窃听、追踪、重放、去同步化等攻击,还能满足RFID系统的安全性和隐私保护需要。

关键词: RFID系统, 认证协议, 安全, 隐私, 哈希函数, 射频标签, 保密性, 完整性, 伪随机数

Abstract:

In view of the problems of privacy leakage and security attack in RFID(Radio Frequency IDentification) system due to the simple structure of radio frequency tag and the wireless transmission of data between reader and RFID system, this study proposes to protect the security and privacy of RFID system through two-way lightweight authentication protocol. The protocol generates session messages by randomizing the secret information of tags and then Hashing them, and adopts secondary mutual authentication between tags and readers, which improves the security of the protocol.The protocol ensures the confidential transmission and integrity of session information in the authentication process through Hash operation. The randomization of each session message sent by the tag side ensures the freshness of the message, and the update of the system secret information ensures the forward security of the protocol. RFID authentication protocol can not only resist attacks such as eavesdropping, tracking, replay, and de-synchronization, but also meet the security and privacy protection needs of RFID systems.

Key words: RFID system, authentication protocol, security, privacy, Hash function, radio frequency tag, confidentiality, integrity, pseudo random number

中图分类号:

TP393.08

史志才. RFID系统的安全性和隐私保护方法[J]. 电子科技, 2025, 38(2): 78-83.

SHI Zhicai. Research on the Security and Privacy Preserving Method of RFID Systems[J]. Electronic Science and Technology, 2025, 38(2): 78-83.

图/表 5

图1

表1

认证协议使用的各种符号"

符号	含义
ID	标签的唯一标识符
curID	当前轮认证过程中阅读器使用的标签标识符
oldID	上一轮认证过程中阅读器使用的标签标识符
k	阅读器和标签的共享密钥
curk	当前轮认证过程中阅读器和标签的共享密钥
oldk	上一轮认证过程中阅读器和标签的共享密钥
d	标签标识、密钥等秘密信息的长度
hash(·)	哈希函数
prng(·)	随机数生成函数
r,s	阅读器和标签生成的随机数
$\|$	连接运算符
$\oplus$	异或运算符

表1

图2

表2

表3

参考文献 18

[1]	王鸽, 惠维, 丁菡. 一种基于无源射频技术的用户步态识别及认证方法[J]. 电子科技, 2020, 33(6):1-7.
	Wang Ge, Xi Wei, Ding Han. Human gait recognition and identification with passive RFID[J]. Electronic Science and Technology, 2020, 33(6):1-7.
[2]	苏庆, 李倩, 彭家进, 等. 基于假名标识的加密RFID系统无线密钥生成协议[J]. 计算机工程, 2017, 43(8):173-177. doi: 10.3969/j.issn.1000-3428.2017.08.029
	Su Qing, Li Qian, Peng Jiajin, et al. Wireless key generation protocol for encrypted RFID system based on pseudonym logo[J]. Computer Engineering, 2017, 43(8):173-177. doi: 10.3969/j.issn.1000-3428.2017.08.029
[3]	Alaauldin I, Gokhan D. Review of different classes of RFID authentication protocols[J]. Wireless Neworks, 2019, 25(3):961-974.
[4]	Seyed F A, Hamid M. SecLAP:Secure and lightweight RFID authentication protocol for medical IoT[J]. Future Generation Computer Systems, 2019, 101(12):621-634.
[5]	Masoumeh S, Samad R, Ygal B. IoT in medical and pharmaceutical:Designing lightweight RFID security protocols for ensuring supply chain integrity[J]. Computer Networks, 2020, 181(11):1-18.
[6]	赵太飞, 尹航, 赵思婷. 抗去同步化的高效RFID双向认证协议[J]. 计算机工程与应用, 2019, 55(12):90-96. doi: 10.3778/j.issn.1002-8331.1804-0343
	Zhao Taifei, Yin Hang, Zhao Siting. Anti-desynchronization and efficient RFID mutual authentication protocol[J]. Computer Engineering and Applications, 2019, 55(12):90-96. doi: 10.3778/j.issn.1002-8331.1804-0343
[7]	邹同浩. 一种新型的射频识别系统双向认证协议[J]. 控制工程, 2020, 27(11):2044-2049.
	Zou Tonghao. A new mutual authentication protocol for RFID system[J]. Control Engineering of China, 2020, 27(11):2044-2049.
[8]	Hoorin P, Heejun R, Wonjun L, et al. A collision-exploitative RFID authentication protocol based on cross-layer approach[J]. IEEE Internet of Things Journal, 2020, 7(4):3571-3585. doi: 10.1109/JIOT.2020.2972915
[9]	Kai FA, Qi L A. Cloud-based lightweight secure RFID mutual authentication protocol in IoT[J]. Information Sciences, 2020, 527(7):329-340.
[10]	柳毅, 陈添笑, 洪洲. 抗同步化攻击的轻量级RFID双向认证协议[J]. 计算机应用研究, 2020, 37(4):1136-1139.
	Liu Yi, Chen Tianxiao, Hong Zhou. Lightweight RFID mutual authentication protocol with anti-synchronization attack[J]. Application Research of Computers, 2020, 37(4):1136-1139.
[11]	陈惠红, 陈志刚. 基于伪ID的改进的双向认证协议[J]. 控制工程, 2021, 28(10):2038-2044.
	Chen Huihong, Chen Zhigang. An improved pseudo ID-based mutual authentication protocol[J]. Control Engineering of China, 2021, 28(10):2038-2044.
[12]	王国伟, 贾宗璞, 彭维平. 基于动态共享密钥的移动RFID 双向认证协议[J]. 电子学报, 2017, 45(3):612-618. doi: 10.3969/j.issn.0372-2112.2017.03.016
	Wang Guowei, Jia Zongpu, Peng Weiping. A mutual authentication protocol of mobile RFID based on dynamic shared-key[J]. Aata Eletronica Sinica, 2017, 45(3):612-618.
[13]	王艳, 雷雪梅, 高通. 基于变模与自更新密钥矩阵的高效RFID安全认证协议[J]. 密码学报, 2022, 9(2):210-222.
	Wang Yan, Lei Xuemei, Gao Tong. Efficient RFID security authentication protocol based on variable modulus and self-updating key matrix[J]. Journal of Cryptologic Research, 2022, 9(2):210-222.
[14]	郝伟伟, 吕磊. 基于伪随机数发生器的移动RFID双向认证算法[J]. 计算机技术与发展, 2022, 32(5):93-98.
	Hao Weiwei, Lü Lei. Mobile RFID bidirectional authentication algorithm based on pseudo random number generator[J]. Computer Technology and Development, 2022, 32(5):93-98.
[15]	Luo H G, Wen G G, Su J, et al. Slap:Succinct and lightweight authentication protocol for low-cost RFID system[J]. Wireless Network, 2018, 24(1):69-78.
[16]	Bhatia K, Pandey S, Singh V, et al. Hash and physical unclonable function based mutual authentication mechanism[J]. Sensors, 2023, 23(14):1-15.
[17]	Alireza A K, Mahdi S, Mohammad R Y. Reconstructing a lightweight security protocol in the radio-frequency identification systems[J]. IET Computers and Digital Techniques, 2023, 17(6):209-223.
[18]	GaoM, Lu Y B. URAP:A new ultra-lightweight RFID authentication protocol in passive RFID system[J]. Journal of Supercomputing, 2022, 78(8):10893-10905.

协议	匿名性	假冒	跟踪	重放攻击	去同步攻击	前向安全性
文献[6]	×	√	×	√	×	√
文献[7]	×	√	×	√	×	√
文献[10]	×	√	×	√	√	√
文献[11]	×	√	×	√	√	√
文献[12]	×	×	×	√	×	√
文献[14]	√	√	×	√	√	×
文献[16]	√	√	√	√	×	×
本文	√	√	√	√	√	√

协议	标签端调用函数	标签端计算量	标签端存储量	标签-阅读器间通信量
文献[6]	hash(·)	3hash(·)	3d	7d
文献[7]	prng(·)	3prng(·)	3d	7d
文献[10]	CRC(·)+PUF(·)	11CRC(·)+2PUF(·)	5d	5d
文献[11]	hash(·)+prng(·)	5hash(·)+1prng(·)	3d	7d
文献[12]	hash(·)+prng(·)	1hash(·)+4prng(·)	3d	5d
文献[14]	prng(·)	1prng(·)	2d	7d
文献[16]	E(·)+F(·)+PUF(·)	5E(·)+3F(·)+2PUF(·)	4d	10d
本文	hash(·)+prng(·)	4hash(·)+3prng(·)	2d	6d

RFID系统的安全性和隐私保护方法

Research on the Security and Privacy Preserving Method of RFID Systems

RichHTML

PDF (PC)

赞

可视化

摘要/Abstract

引用本文

使用本文

图/表 5

参考文献 18

相关文章 15

Metrics

本文评价

推荐阅读 0

[1]	卢臻阳. 网络安全态势预测技术研究综述[J]. 电子科技, 2024, 37(8): 92-96.
[2]	李静, 彭涛. 基于基音延迟隐写的移动语音信道数据传输[J]. 电子科技, 2024, 37(7): 66-71.
[3]	方翔. 网络安全态势感知模型的研究进展[J]. 电子科技, 2024, 37(6): 98-102.
[4]	李婷婷, 娄柯, 王园, 徐华超. 基于多目标粒子群的电动汽车优化充电策略[J]. 电子科技, 2024, 37(3): 51-56.
[5]	龚智,刘超,付强. 基于红黑隔离架构的网络安全设备设计[J]. 电子科技, 2024, 37(2): 76-86.
[6]	邱磊磊, 徐向华, 王然. 基于消息序列归属优化的网络协议灰盒模糊测试方法[J]. 电子科技, 2024, 37(11): 39-46.
[7]	程锦科, 李高磊. 支持隐私保护的智能物联网数据风格转换[J]. 电子科技, 2024, 37(10): 1-5.
[8]	张地, 李运发. 基于区块链的物联网多域数据共享机制[J]. 电子科技, 2024, 37(10): 55-63.
[9]	刘伟,曾祥义,肖昊. 基于轻量级分组密码算法的SoC安全存储器设计[J]. 电子科技, 2023, 36(9): 15-20.
[10]	方应李,方玉明. GF(2^m)域双参数ECDSA算法优化设计[J]. 电子科技, 2023, 36(9): 73-78.
[11]	曾祥义,刘伟,肖昊. 一种嵌入式设备固件安全更新方案[J]. 电子科技, 2023, 36(8): 14-18.
[12]	王丽华,程翔,杨宁彬,宫碧瑶,黄泽宇,陈美燕. 基于分布式存储框架的无中心联邦学习[J]. 电子科技, 2023, 36(8): 29-34.
[13]	崔卓栋,陈玮,尹钟. 基于增强特征融合网络的安全帽佩戴检测[J]. 电子科技, 2023, 36(4): 44-51.
[14]	应杰耀. 基于物联网技术的智能电网数据安全问题研究进展[J]. 电子科技, 2023, 36(3): 76-80.
[15]	林宇红,肖昊. 基于AES算法的eFlash控制器安全设计[J]. 电子科技, 2023, 36(10): 62-67.