基于位重排变换的超轻量级RFID双向认证协议
|
摘要
针对目前无线射频识别(RFID)系统中阅读器与标签之间开放、不安全的无线信道易遭受恶意攻击的安全问题,提出一种基于位重排变换的超轻量级RFID双向认证协议——RRMAP。首先,位重排变换对两组二进制数组进行第一阶段逆序自组合变换达到自身位混淆效果;其次,将得到结果用于第二阶段奇偶相邻交叉异或操作,这样就完成了整个位重排变换;最后,通过新定义位重排变换操作,并结合左循环移位运算和模2的m次方加运算对认证过程中的秘密通信数据进行加密,可以有效解决目前RFID系统中存在的安全问题。BAN逻辑形式化安全性分析和性能对比分析表明:RRMAP具有比较完备的安全和隐私保护属性,能够抵抗RFID系统所面临的典型恶意攻击方式。
Focusing on the problem that open and insecure wireless channel between reader and tag in Radio Frequency IDentification( RFID) system is vulnerable to multiple malicious attacks, a new ultra-lightweight RFID Mutual Authentication Protocol based on Regeneration( RRMAP) was proposed. Firstly, the regeneration transformation of the first-stage reverse sequence self-combination transformation on two binary arrays was performed to achieve its own bit confusion effect. Secondly,the result of first-stage was used for the second-stage parity adjacent crossover-XOR operation, thus whole regeneration transformation was completed. Finally, through new definition of regeneration transformation, the left circular shift operation and modular 2^m addition operation were combined to construct secret communication messages during authentication process,which could effectively solve security problems existing in RFID system currently. The BAN( Burrows-Abadi-Needham) logic formal proof was given to show the availability of protocol. The security analysis and performance comparison show that RRMAP has strong security and privacy protection attributes which can resist some common malicious attacks.
Focusing on the problem that open and insecure wireless channel between reader and tag in Radio Frequency IDentification( RFID) system is vulnerable to multiple malicious attacks, a new ultra-lightweight RFID Mutual Authentication Protocol based on Regeneration( RRMAP) was proposed. Firstly, the regeneration transformation of the first-stage reverse sequence self-combination transformation on two binary arrays was performed to achieve its own bit confusion effect. Secondly,the result of first-stage was used for the second-stage parity adjacent crossover-XOR operation, thus whole regeneration transformation was completed. Finally, through new definition of regeneration transformation, the left circular shift operation and modular 2^m addition operation were combined to construct secret communication messages during authentication process,which could effectively solve security problems existing in RFID system currently. The BAN( Burrows-Abadi-Needham) logic formal proof was given to show the availability of protocol. The security analysis and performance comparison show that RRMAP has strong security and privacy protection attributes which can resist some common malicious attacks.
引文
[1]黄玉兰.物联网射频识别(RFID)核心技术详解[M].北京:人民邮电出版社,2010:11-12.(HUANG Y L, RFID Core Technology based on Internet of Things[M]. Beijing:Posts&Telecom Press,2010:11-12.)
[2]周永彬,冯登国. RFID安全协议的设计与分析[J].计算机学报,2006,29(4):581-589.(ZHOU Y B, FENG D G. Design and analysis of RFID security protocol[J]. Chinese Journal of Computers,2006, 29(4):581-589.)
[3]BU K, WENG M, ZHENG Y, et al. You can clone but you cannot hide:a survey of clone prevention and detection for RFID[J]. IEEE Communications Surveys&Tutorials, 2017, 19(3):1682-1700.
[4]BU K, LIU X, LUO J, et al. Unreconciled collisions uncover cloning attacks in anonymous RFID systems[J]. IEEE Transactions on Information Forensics&Security, 2013, 8(3):429-439.
[5]CHIEN H Y. SASI:a new ultralightweight RFID authentication protocol providing strong authentication and strong integrity[J]. IEEE Transactions on Dependable&Secure Computing, 2007, 4(4):337-340.
[6]LIU Y L, QIN X L, WANG C, et al. A lightweight RFID authentication protocol based on elliptic curve cryptography[J]. Journal of Computers, 2013, 8(11):2880-2887.
[7]JUELS A, MOLNAR D, WAGNER D. Security and privacy issues in e-passports[C]//Proceedings of the First International Confer-ence on Security and Privacy for Emerging Areas in Communications Networks. Piscataway, NJ:IEEE, 2005:74-88.
[8]KINOSHITA S, OHKUBO M, HOSHINO F, et al. Privacy enhanced active RFID tag[EB/OL].[2018-01-15]. http://www.lbenchindia. com/finalyearprojectdatasheets/RFID%20TAG. pdf.
[9]MOLNAR D, WAGNER D. Privacy and security in library RFID:issues, practices, and architectures[C]//Proceedings of the 11th Association for Computing Machinery Conference on Computer and Communications Security. New York:ACM, 2004:210-219.
[10]WEIS S A, SARMA S E, RIVEST R L, et al. Security and privacy aspects of low-cost radio frequency identification systems[C]//Proceedings of the First International Conference on Security in Pervasive Computing. Berlin:Springer, 2004:201-212.
[11]CHIEN H Y, CHEN C H. Mutual authentication protocol for RFID conforming to EPC Class 1 Generation 2 standards[J]. Computer Standards&Interfaces, 2007, 29(2):254-259.
[12]NGUYEN DUC D, PARK J, LEE H, et al. Enhancing security of EPCglobal Gen2 RFID tag against traceability and cloning[C]//SCIS 2006:Proceedings of the 2006 Symposium on Cryptography and Information Security. Hiroshima:Institute of Electronics, Information and Communication Engineers, 2006:97-97.
[13]GILBERT H, ROBSHAW M, SIBERT H. Active attack against HB+-a provably secure lightweight authentication protocol[J].Electronics Letters, 2005, 41(21):1169-1170.
[14]JUELS A. Strengthening EPC tags against cloning[C]//Proceedings of the 4th ACM Workshop on Wireless security. New York:ACM, 2005:67-76.
[15]PERIS-LOPEZ P, HERNANDEZ-CASTRO J C, TAPIADOR J M E, et al. LMAP:a real lightweight mutual authentication protocol for low-cost RFID tags[C]//Proceedings of the 2nd Workshop on Radio Frequency IDentification Security. Graz:[s. n.], 2006:6.
[16]PERIS-LOPEZ P, HERNANDEZ-CASTRO J C, ESTEVEZ-TAPIADOR J M, et al. EMAP:an efficient mutual-authentication protocol for low-cost RFID tags[C]//Proceedings of the 2006 International Conferences on On the Move to Meaningful Internet Systems:AWe SOMe, CAMS, COMINF, IS, KSinBIT, MIOS-CIAO,MONET. Berlin:Springer, 2006:352-361.
[17]PERIS-LOPEZ P, HERNANDEZ-CASTRO J C, ESTEVEZ-TAPIADOR J M, et al. M2AP:a minimalist mutual-authentication protocol for low-cost RFID tags[C]//Proceedings of the 2006 International Conference on Ubiquitous Intelligence and Computing.Berlin:Springer, 2006:912-923.
[18]PERIS-LOPEZ P, HERNANDEZ-CASTRO J C, ESTEVEZ-TAPIADOR J M, et al. Advances in ultra-lightweight cryptography for low-cost RFID tags:gossamer protocol[C]//Proceedings of 9th International Workshop on Information Security Applications. Berlin:Springer, 2008:56-68.
[19]CHIEN H Y, HUANG C W. Security of ultra-lightweight RFID authentication protocols and its improvements[J]. ACM Operating System Review, 2007, 41(2):83-86.
[20]LI T Y, WANG G L. Security analysis of two ultra-lightweight RFID authentication protocols[J]. IFIP International Federation for Information Processing, 2007, 232(5/6):14-16.
[21]PHAN C W. Cryptanalysis of a new ultralightweight RFID authentication protocol—SASI[J]. IEEE Transactions on Dependable&Secure Computing, 2009, 6(4):316-320.
[22]CAO T, BERTINO E, LEI H. Security analysis of the SASI protocol[J]. IEEE Transactions on Dependable and Secure Computing,2009, 6(1):73-77.
[23]SUN H M, TING W C, WANG K H. On the security of Chien's ultra-lightweight RFID authentication protocol[J]. IEEE Transactions on Dependable and Secure Computing, 2011, 8(2):315-317.
[24]D'ARCO P, DE SANTIS A. On ultralightweight RFID authentication protocols[J]. IEEE Transactions on Dependable&Secure Computing, 2011, 8(4):548-563.
[25]彭朋,赵一鸣,韩伟力,等.一种超轻量级的RFID双向认证协议[J].计算机工程,2011,37(16):140-142.(PENG P, ZHAO Y M, HAN W L, et al. Ultra-lightweight RFID mutual authentication protocol[J]. Computer Engineering, 2011, 37(16):140-142.)
[26]FARZANEH Y, AZIZI M, DEHKORDI M, et al. Vulnerability analysis of two ultra lightweight RFID authentication protocols[J].International Arab Journal of Information Technology, 2015, 12(4):340-345.
[27]TIAN Y, CHEN G, LI J. A new ultralightweight RFID authentication protocol with permutation[J]. IEEE Communications Letters,2012, 16(5):702-705.
[28]LI W, XIAO M, LI Y, et al. Formal analysis and verification for an ultralightweight authentication protocol RAPP of RFID[C]//Proceedings of the 35th National Conference of Theoretical Computer Science. Berlin:Springer, 2017:119-132.
[29]WANG S H, HAN Z J, LIU S J, et al. Security analysis of RAPP:an RFID authentication protocol based on permutation[EB/OL].[2018-01-18]. https://eprint. iacr. org/2012/327. pdf.
[30]杨世平.安全协议及其BAN逻辑分析研究[D].贵阳:贵州大学. 2007:54-73.(YANG S P. Analysis and research of security protocol with BAN logic[D]. Guiyang:Guizhou University, 2007:54-73.)
[31]刘亚丽,秦小麟,王超.一种超轻量级RFID双向认证协议[J].计算机科学,2013,40(12):141-146.(LIU Y L, QIN X L,WANG C. Ultralightweight RFID mutual-authentication protocol[J]. Computer Science, 2013, 40(12):141-146.)
[2]周永彬,冯登国. RFID安全协议的设计与分析[J].计算机学报,2006,29(4):581-589.(ZHOU Y B, FENG D G. Design and analysis of RFID security protocol[J]. Chinese Journal of Computers,2006, 29(4):581-589.)
[3]BU K, WENG M, ZHENG Y, et al. You can clone but you cannot hide:a survey of clone prevention and detection for RFID[J]. IEEE Communications Surveys&Tutorials, 2017, 19(3):1682-1700.
[4]BU K, LIU X, LUO J, et al. Unreconciled collisions uncover cloning attacks in anonymous RFID systems[J]. IEEE Transactions on Information Forensics&Security, 2013, 8(3):429-439.
[5]CHIEN H Y. SASI:a new ultralightweight RFID authentication protocol providing strong authentication and strong integrity[J]. IEEE Transactions on Dependable&Secure Computing, 2007, 4(4):337-340.
[6]LIU Y L, QIN X L, WANG C, et al. A lightweight RFID authentication protocol based on elliptic curve cryptography[J]. Journal of Computers, 2013, 8(11):2880-2887.
[7]JUELS A, MOLNAR D, WAGNER D. Security and privacy issues in e-passports[C]//Proceedings of the First International Confer-ence on Security and Privacy for Emerging Areas in Communications Networks. Piscataway, NJ:IEEE, 2005:74-88.
[8]KINOSHITA S, OHKUBO M, HOSHINO F, et al. Privacy enhanced active RFID tag[EB/OL].[2018-01-15]. http://www.lbenchindia. com/finalyearprojectdatasheets/RFID%20TAG. pdf.
[9]MOLNAR D, WAGNER D. Privacy and security in library RFID:issues, practices, and architectures[C]//Proceedings of the 11th Association for Computing Machinery Conference on Computer and Communications Security. New York:ACM, 2004:210-219.
[10]WEIS S A, SARMA S E, RIVEST R L, et al. Security and privacy aspects of low-cost radio frequency identification systems[C]//Proceedings of the First International Conference on Security in Pervasive Computing. Berlin:Springer, 2004:201-212.
[11]CHIEN H Y, CHEN C H. Mutual authentication protocol for RFID conforming to EPC Class 1 Generation 2 standards[J]. Computer Standards&Interfaces, 2007, 29(2):254-259.
[12]NGUYEN DUC D, PARK J, LEE H, et al. Enhancing security of EPCglobal Gen2 RFID tag against traceability and cloning[C]//SCIS 2006:Proceedings of the 2006 Symposium on Cryptography and Information Security. Hiroshima:Institute of Electronics, Information and Communication Engineers, 2006:97-97.
[13]GILBERT H, ROBSHAW M, SIBERT H. Active attack against HB+-a provably secure lightweight authentication protocol[J].Electronics Letters, 2005, 41(21):1169-1170.
[14]JUELS A. Strengthening EPC tags against cloning[C]//Proceedings of the 4th ACM Workshop on Wireless security. New York:ACM, 2005:67-76.
[15]PERIS-LOPEZ P, HERNANDEZ-CASTRO J C, TAPIADOR J M E, et al. LMAP:a real lightweight mutual authentication protocol for low-cost RFID tags[C]//Proceedings of the 2nd Workshop on Radio Frequency IDentification Security. Graz:[s. n.], 2006:6.
[16]PERIS-LOPEZ P, HERNANDEZ-CASTRO J C, ESTEVEZ-TAPIADOR J M, et al. EMAP:an efficient mutual-authentication protocol for low-cost RFID tags[C]//Proceedings of the 2006 International Conferences on On the Move to Meaningful Internet Systems:AWe SOMe, CAMS, COMINF, IS, KSinBIT, MIOS-CIAO,MONET. Berlin:Springer, 2006:352-361.
[17]PERIS-LOPEZ P, HERNANDEZ-CASTRO J C, ESTEVEZ-TAPIADOR J M, et al. M2AP:a minimalist mutual-authentication protocol for low-cost RFID tags[C]//Proceedings of the 2006 International Conference on Ubiquitous Intelligence and Computing.Berlin:Springer, 2006:912-923.
[18]PERIS-LOPEZ P, HERNANDEZ-CASTRO J C, ESTEVEZ-TAPIADOR J M, et al. Advances in ultra-lightweight cryptography for low-cost RFID tags:gossamer protocol[C]//Proceedings of 9th International Workshop on Information Security Applications. Berlin:Springer, 2008:56-68.
[19]CHIEN H Y, HUANG C W. Security of ultra-lightweight RFID authentication protocols and its improvements[J]. ACM Operating System Review, 2007, 41(2):83-86.
[20]LI T Y, WANG G L. Security analysis of two ultra-lightweight RFID authentication protocols[J]. IFIP International Federation for Information Processing, 2007, 232(5/6):14-16.
[21]PHAN C W. Cryptanalysis of a new ultralightweight RFID authentication protocol—SASI[J]. IEEE Transactions on Dependable&Secure Computing, 2009, 6(4):316-320.
[22]CAO T, BERTINO E, LEI H. Security analysis of the SASI protocol[J]. IEEE Transactions on Dependable and Secure Computing,2009, 6(1):73-77.
[23]SUN H M, TING W C, WANG K H. On the security of Chien's ultra-lightweight RFID authentication protocol[J]. IEEE Transactions on Dependable and Secure Computing, 2011, 8(2):315-317.
[24]D'ARCO P, DE SANTIS A. On ultralightweight RFID authentication protocols[J]. IEEE Transactions on Dependable&Secure Computing, 2011, 8(4):548-563.
[25]彭朋,赵一鸣,韩伟力,等.一种超轻量级的RFID双向认证协议[J].计算机工程,2011,37(16):140-142.(PENG P, ZHAO Y M, HAN W L, et al. Ultra-lightweight RFID mutual authentication protocol[J]. Computer Engineering, 2011, 37(16):140-142.)
[26]FARZANEH Y, AZIZI M, DEHKORDI M, et al. Vulnerability analysis of two ultra lightweight RFID authentication protocols[J].International Arab Journal of Information Technology, 2015, 12(4):340-345.
[27]TIAN Y, CHEN G, LI J. A new ultralightweight RFID authentication protocol with permutation[J]. IEEE Communications Letters,2012, 16(5):702-705.
[28]LI W, XIAO M, LI Y, et al. Formal analysis and verification for an ultralightweight authentication protocol RAPP of RFID[C]//Proceedings of the 35th National Conference of Theoretical Computer Science. Berlin:Springer, 2017:119-132.
[29]WANG S H, HAN Z J, LIU S J, et al. Security analysis of RAPP:an RFID authentication protocol based on permutation[EB/OL].[2018-01-18]. https://eprint. iacr. org/2012/327. pdf.
[30]杨世平.安全协议及其BAN逻辑分析研究[D].贵阳:贵州大学. 2007:54-73.(YANG S P. Analysis and research of security protocol with BAN logic[D]. Guiyang:Guizhou University, 2007:54-73.)
[31]刘亚丽,秦小麟,王超.一种超轻量级RFID双向认证协议[J].计算机科学,2013,40(12):141-146.(LIU Y L, QIN X L,WANG C. Ultralightweight RFID mutual-authentication protocol[J]. Computer Science, 2013, 40(12):141-146.)