摘要
针对现有RFID安全认证协议可移动性差,以及现有协议密钥更新失败导致的跟踪、数据不同步问题,提出了一种基于动态密钥的移动RFID安全认证协议。采用随机数来动态选取认证密钥,既保证了密钥新鲜性,又避免跟踪与数据不同步问题,并且在服务器上对阅读器进行一个预处理操作,有效地阻止了外部非法阅读器对服务器发起的假冒攻击和拒绝服务攻击。分析了协议的性能和安全性,分析结果表明该协议达到了安全性要求且移动性强,计算复杂度低,适用于大规模移动RFID系统。
In view of the poor mobility of the existing RFID security authentication protocol, as well as the tracking, anddata synchronization problems caused by the failure of the agreements key update, this paper proposes a mobile RFIDsecurity authentication protocol based on dynamic key. Random number is used to select the authentication key dynamically,which can not only keep the freshness of the key, but also avoid tracking and data synchronization problems. A preprocessof reader is taken on the server, which can effectively prevents impersonation and denial of service attacks on the serverfrom the external illegal reader. This paper analyses the performance and security of the protocol. The analysis resultsshow that the protocol meets the security requirements and has good mobility and low computational complexity, which issuitable for large-scale mobile RFID system.
作者
肖红光
陈蓉
巫小蓉
史长琼
严利辉
邹强
XIAO Hongguang;CHEN Rong;WU Xiaorong;SHI Changqiong;YAN Lihui;ZOU Qiang(School of Computer & Communication Engineering, Changsha University of Science & Technology, Changsha 410114, China)
出处
《计算机工程与应用》
CSCD
北大核心
2016年第22期113-117,202,共6页
Computer Engineering and Applications
基金
国家自然科学基金青年项目(No.41201468)
湖南省科技攻关项目(No.2013FJ4034)
关键词
移动RFID
动态密钥
安全
隐私
认证协议
协议分析
mobile RFID
dynamic key
safety
privacy
authentication protocol
protocol analysis
