摘要
针对物联网中标签上数据信息容易泄露的问题,提出了一个新型的双向认证安全强化协议。不同于传统的RFID认证协议,提出的协议通过基于零知识证明的认证方法来认证成员身份,利用证明者与验证者实时的信息交互完成零知识证明,并将参与主体的身份安全规约到其自身身份密钥的安全性上。文中最后对本协议的形式化证明,包括秘密性证明、认证性证明、标签不可追踪性三个方面,表明本协议均满足RFID双向认证要求。
For the problem that the label information data is easily disclosed in LOT(Internet of Things), this paper proposes an improved RFID mutual authentication security hardening protocol. Unlike the traditional RFID authentication protocol, the proposed protocol authenticates the identity of members through authentication methods based on zero-knowledge proof, utilizes real-time information exchange between certifiers and verifiers to complete the zero-knowledge proof, and programs the participants' identity security to their own identity key's security. This protocol'formal proof, including three aspects: secret proof, certification proof and label untraceability, shows that this protocol satisfies mutual authentication requirements of RFID.
引文
[1]侯瑞春,丁香乾,陶冶,等.制造物联及相关技术架构研究[J].计算机集成制造系统,2014, 20(1):11-20.Hou R C, Ding X Q, Tao Y, et al. Internet of manufacturing things and relevant technical architecture[J]. Computer Integrated Manufacturing Systems, 2014,20(1):11-20.
[2]胡韬,魏国珩.基于低成本标签的RFID匿名双向认证协议[J].计算机应用,2012, 32(1):111-114.Hu T, Wei G H. Anonymous bidirectional RFID authentication protocol based on low-cost tags[J]. Computer Application, 2012,32(1):111-114.
[3] Martin Feldhofer, Sandra Dominikus, Johannes Wolkerstorfer. Strong authentication for R FID systems using the AES algorithm[C].Cryptographic Hardware and Embedded Systems-CHES, 2004:357-370.
[4]陈峙屹.基于公钥的RFID认证技术研究与实现[D].陕西西安,西安电子科技大学,2012.Chen Z Y. Research and Implementation of RFID Authentication Technology Based on Public Key[D]. Xi'an Shaanxi, Xidan University, 2012.
[5] Fouladgar S, Afifi H. An efficient delegation and transfer of ownership protocol for RFID tags[C]. Proc of the 1st Int EURASIP Wrokshop on RFID Technology, Piscataway, NJ:IEEE, 2007:10-14.
[6] Kulseng L, Yu Zhen, Wei YaWen, et al. Lighteweight mutual authentication and ownership transfer for RFID systems[C]. Proc of the 29th Conf on Computer Communications—IEEE INFOCOM,2010, Piscataway, NJ:IEEE, 2010:1-5.
[7] Spienkermann S,Evdokimov S. Critical RFID pricacy-enhancing technologies[J]. IEEE Security and Pricacy, 2009,7(2):56-62.
[8] Goldwasser S, Micali S, Rackoff C, The knowledge complexity of interactive proof systems[C]. Proceedings of the 17th ACM Symposium on the Theory of Computing, 1985:291-304.
[9] Blum M, Feldman P, Micali S. Non-interactive zero-knowledge proof systems and applications[C]. In Proc. 20th Annual ACM Symposium on Theory of Computing, Chincago, IL, 1988:103-112.
[10] Feige U, Fioot A, Shamir A. Zero knowledge proofs of identity[C].Proceedings of STOC, 1987:210-217.
[11] Schnorr C P. Efficient signature generation by smart cards[C]. Journal of Cryptology, 1991,4:161-174.
[12] Okamoto T. Provably secure and practical identification schemes and corresponding signature Scheme[C]. Advances in Cryptology-Crypto'92, Springer-Verlog, 1993:31-53.
[13] Feige U, Fiat A, Shamir A. Zero knowledge proofs of identity[C].Proceedings of Symposium on the Theory of Computing(STOC),1987:210-219.
[14]徐小双,关治.基于混沌映射的交互式零知识证明身份认证协议[J].计算机工程与应用,2005,41(4):42-46.Xu X S, Guan Z. An Interactive Zero-knowledge Proof Protocol of Identity Authentication Based on Chaotic Map[J]. Computer Engineering and Applications, 2005,41(4):42-46.
[15] Boyeon Song. RFID tag ownership transfer[D]. Workshop on RFID Security, 2008.