物联网电子标签安全协议的研究与设计
|
摘要
随着物联网(the Internet of things)技术的高速发展,电子标签及RFID (Radio Frequency Identification)系统在信息时代扮演着越来越重要的角色。RFID系统在给我们的生活带来便利以及提高效率的同时,电子标签信息安全及隐私保护方面的问题也随之而来。由于RFID系统一般工作在异构且复杂的物联网环境下,因此低成本且资源受限电子标签易遭受敌手的恶意攻击,目前安全因素已成为制约RFID系统大规模应用的最大问题。
针对物联网日益恶化安全环境,本文利用密码学技术设计适用于物联网环境和RFID系统实际需求的安全协议,并利用适宜的形式化方法对设计的协议进行理论分析,证明协议能够满足RFID系统特定的安全需求,并能保护电子标签的信息安全与隐私。
本文主要研究工作如下:
(1)标准模型下可证明安全RFID系统双向认证协议的研究与设计。针对RFID系统存在的信息安全及隐私保护问题,分析了RFID系统双向认证协议的设计需求,在标准模型下设计了一个RFID系统安全双向认证协议。并利用规约算法证明协议的安全性是构建在伪随机函数与真正随机函数的不可区分性上。另外协议仅使用轻量级的伪随机发生器以及向量点乘运算,具有较高的安全性和效率,因此协议是适用于低成本及资源受限的RFID标签。
(2)通用可组合EPC(Electronic Product Code)系统安全协议的研究与设计。首先对一个最新提出的EPC系统安全协议进行了安全及性能的分析,指出该协议存在数据欺骗以及标签位置信息泄露的问题,并且该协议无法抵抗重放攻击。然后提出了一个改进后的EPC系统协议,以抵抗主要的攻击方式;另外为了保证EPC系统的并发安全,在通用可组合(UC,Universal Composable)匡架下,形式化定义了EPC系统的理想函数,同时在通用可组合模型下设计了一个适用于EPC系统的安全协议,从安全性以及性能两方面对提出的协议进行分析,通过与其它同类型安全协议进行比较,结果表明我们提出的EPC安全协议是通用可组合安全的。
(3)基于串空间模型的RFID系统安全搜索协议的研究与设计。首先对一个最新提出的RFID系统搜索协议进行了安全分析,证明该协议易遭受重放攻击,并且标签及读写器的地理位置信息可能被攻击者锁定;针对RFID系统在海量电子标签中进行精准及安全搜索的问题,对原始串空间模型进行了扩展,引入了“不可重放性”的概念对RFID系统搜索协议中的会话信息脚本进行分析。在扩展的串空间模型的基础上,提出了一个RFID系统安全搜索协议,并在串空间模型下对提出的协议进行安全性分析。通过与其它同类型RFID系统搜索协议进行比较,证明提出的协议消除了原有的安全隐患,并且适用于低成本RFID系统电子标签。
(4)供应链环境下电子标签转让协议隐私性研究。首先分析了电子标签所有权转让协议中普遍存在的安全与隐私性问题;接着结合供应链的实际应用场景,对原始串空间模型进行扩展,提出了电子标签转让协议隐私性的串空间模型,定义了电子标签转让的前向隐私性、后向隐私性以及密钥安全判定定理及规则;并运用这些判定定理及规则对两个典型的供应链环境下的电子标签转让协议进行了安全与隐私性理论分析,结果表明两个协议均存在着后向隐私性问题以及私密密钥遭泄露的风险。
With the rapid development of technology of the IoT (Internet of things), electronic tags and RFID (Radio Frequency IDentification) system have already played an important part in the age of information. RFID system brings much more convenience to our life and improves production efficiency, meanwhile, the problems of electronic tags' security and privacy preserving also burst out. The RFID system operates in the IoT'eniverment which is heterogeneous and complex, so the low cost and resource-constrainted electronic tags are vulnerable to malicious attacks launched by the adversary. Now the security issue has already become the chief obstacle to the large scale application of RFID system.
To deal with the the more and more serious security eniverment of the IoT, this paper design security protocols which are applied to IoT's eniverment and suitable for RFID system's demands in reality by using proper cryptography technology, and give the theory analyses of the designed security protocols with formal methods. As a result, it is proved that the proposed protocols can meet the special safety requirements of RFID system and protect electronic tags'information security and privacy.
The main research work can be summarized as follows:
(1) Research and deign for provable secure mutual authentication protocol of RFID system under standard model. To deal with the problems of RFID system's security and privacy preserving, the security requirement for mutual authentication protocol of RFID system is analyzed firstly, then a mutual authentication protocol is proposed in the standard model. The reduction method is using to prove that the security of new protocol is based on the indistinguishability between pseudo-random function and real random function. The implementation of proposed protocol only requires lightweight pseudo-random generator and vector dot product operation and provides higher security and efficiency. So the proposed protocol is feasible for RFID tags which are low cost and resource-constrained.
(2) Research and deign for secure protocol of EPC (Electronic Product Code) system based on UC (Universal Composable) model. A security and performance anslysis of a lasted security protocol for EPC system is given and the result shows the lasted protocol had no resistance to replay attack and did not resolve the problem of data forge and tag's location privacy. So an improved protocol is then proposed to protect RFID system from all major attacks. In order to guarantee the concurrent security of EPC system, the the ideal functionality of EPC system is formally defined with the UC framework. Then a secure protocol for EPC system under UC model is proposed and the analysis of security and performance of the proposed protocol is given, in comparison with other protocols, the results show that the proposed protocol is UC secure.
(3) Research and deign for secure search protocol of RFID system based on strand space model. A lasted secure search protocol of RFID system is analyzed, and it is proved that the lasted protocol was not resistant to the replay attack, and the locations of tags and reader could be locked by the adversary. In order to solve the RFID system's safe and precise search problem among the mass amounts tags, the basic strand space model is extended and a conception of "unreplayable" also introduced to analyze the session information script in secure search protocol of RFID system. Then a secure search protocol of RFID system is proposed and a security analysis is also given based on the extended strand space model. By comparing to other protocols, the results show that the proposed protocol eliminates the security risks and is quite suitable for low cost tags.
(4) Research on privacy of electronic tag's ownership transfer protocol in the eniverment of supply chain. An anslysis of security and privacy problems exit in the electronic tag's ownership transfer protocol is given fistly; then based on the application environment of supply chain, the basic space model is extended and the space model of privacy of electronic tag's ownership transfer protocol is proposed, and the determinant theorems and rules of forward privacy, backward privacy and key's security are also defined. Then the theorems and rules are introduced to analyze the security and privacy of two representative electronic tag's ownership transfer protocols. The results show that both of the protocols have the backward pricacy problem and risk of key's lekage.
针对物联网日益恶化安全环境,本文利用密码学技术设计适用于物联网环境和RFID系统实际需求的安全协议,并利用适宜的形式化方法对设计的协议进行理论分析,证明协议能够满足RFID系统特定的安全需求,并能保护电子标签的信息安全与隐私。
本文主要研究工作如下:
(1)标准模型下可证明安全RFID系统双向认证协议的研究与设计。针对RFID系统存在的信息安全及隐私保护问题,分析了RFID系统双向认证协议的设计需求,在标准模型下设计了一个RFID系统安全双向认证协议。并利用规约算法证明协议的安全性是构建在伪随机函数与真正随机函数的不可区分性上。另外协议仅使用轻量级的伪随机发生器以及向量点乘运算,具有较高的安全性和效率,因此协议是适用于低成本及资源受限的RFID标签。
(2)通用可组合EPC(Electronic Product Code)系统安全协议的研究与设计。首先对一个最新提出的EPC系统安全协议进行了安全及性能的分析,指出该协议存在数据欺骗以及标签位置信息泄露的问题,并且该协议无法抵抗重放攻击。然后提出了一个改进后的EPC系统协议,以抵抗主要的攻击方式;另外为了保证EPC系统的并发安全,在通用可组合(UC,Universal Composable)匡架下,形式化定义了EPC系统的理想函数,同时在通用可组合模型下设计了一个适用于EPC系统的安全协议,从安全性以及性能两方面对提出的协议进行分析,通过与其它同类型安全协议进行比较,结果表明我们提出的EPC安全协议是通用可组合安全的。
(3)基于串空间模型的RFID系统安全搜索协议的研究与设计。首先对一个最新提出的RFID系统搜索协议进行了安全分析,证明该协议易遭受重放攻击,并且标签及读写器的地理位置信息可能被攻击者锁定;针对RFID系统在海量电子标签中进行精准及安全搜索的问题,对原始串空间模型进行了扩展,引入了“不可重放性”的概念对RFID系统搜索协议中的会话信息脚本进行分析。在扩展的串空间模型的基础上,提出了一个RFID系统安全搜索协议,并在串空间模型下对提出的协议进行安全性分析。通过与其它同类型RFID系统搜索协议进行比较,证明提出的协议消除了原有的安全隐患,并且适用于低成本RFID系统电子标签。
(4)供应链环境下电子标签转让协议隐私性研究。首先分析了电子标签所有权转让协议中普遍存在的安全与隐私性问题;接着结合供应链的实际应用场景,对原始串空间模型进行扩展,提出了电子标签转让协议隐私性的串空间模型,定义了电子标签转让的前向隐私性、后向隐私性以及密钥安全判定定理及规则;并运用这些判定定理及规则对两个典型的供应链环境下的电子标签转让协议进行了安全与隐私性理论分析,结果表明两个协议均存在着后向隐私性问题以及私密密钥遭泄露的风险。
With the rapid development of technology of the IoT (Internet of things), electronic tags and RFID (Radio Frequency IDentification) system have already played an important part in the age of information. RFID system brings much more convenience to our life and improves production efficiency, meanwhile, the problems of electronic tags' security and privacy preserving also burst out. The RFID system operates in the IoT'eniverment which is heterogeneous and complex, so the low cost and resource-constrainted electronic tags are vulnerable to malicious attacks launched by the adversary. Now the security issue has already become the chief obstacle to the large scale application of RFID system.
To deal with the the more and more serious security eniverment of the IoT, this paper design security protocols which are applied to IoT's eniverment and suitable for RFID system's demands in reality by using proper cryptography technology, and give the theory analyses of the designed security protocols with formal methods. As a result, it is proved that the proposed protocols can meet the special safety requirements of RFID system and protect electronic tags'information security and privacy.
The main research work can be summarized as follows:
(1) Research and deign for provable secure mutual authentication protocol of RFID system under standard model. To deal with the problems of RFID system's security and privacy preserving, the security requirement for mutual authentication protocol of RFID system is analyzed firstly, then a mutual authentication protocol is proposed in the standard model. The reduction method is using to prove that the security of new protocol is based on the indistinguishability between pseudo-random function and real random function. The implementation of proposed protocol only requires lightweight pseudo-random generator and vector dot product operation and provides higher security and efficiency. So the proposed protocol is feasible for RFID tags which are low cost and resource-constrained.
(2) Research and deign for secure protocol of EPC (Electronic Product Code) system based on UC (Universal Composable) model. A security and performance anslysis of a lasted security protocol for EPC system is given and the result shows the lasted protocol had no resistance to replay attack and did not resolve the problem of data forge and tag's location privacy. So an improved protocol is then proposed to protect RFID system from all major attacks. In order to guarantee the concurrent security of EPC system, the the ideal functionality of EPC system is formally defined with the UC framework. Then a secure protocol for EPC system under UC model is proposed and the analysis of security and performance of the proposed protocol is given, in comparison with other protocols, the results show that the proposed protocol is UC secure.
(3) Research and deign for secure search protocol of RFID system based on strand space model. A lasted secure search protocol of RFID system is analyzed, and it is proved that the lasted protocol was not resistant to the replay attack, and the locations of tags and reader could be locked by the adversary. In order to solve the RFID system's safe and precise search problem among the mass amounts tags, the basic strand space model is extended and a conception of "unreplayable" also introduced to analyze the session information script in secure search protocol of RFID system. Then a secure search protocol of RFID system is proposed and a security analysis is also given based on the extended strand space model. By comparing to other protocols, the results show that the proposed protocol eliminates the security risks and is quite suitable for low cost tags.
(4) Research on privacy of electronic tag's ownership transfer protocol in the eniverment of supply chain. An anslysis of security and privacy problems exit in the electronic tag's ownership transfer protocol is given fistly; then based on the application environment of supply chain, the basic space model is extended and the space model of privacy of electronic tag's ownership transfer protocol is proposed, and the determinant theorems and rules of forward privacy, backward privacy and key's security are also defined. Then the theorems and rules are introduced to analyze the security and privacy of two representative electronic tag's ownership transfer protocols. The results show that both of the protocols have the backward pricacy problem and risk of key's lekage.
引文
[1]张凯,张雯婷.物联网导论[M].北京:清华大学出版社.2012.
[2]国景熙.物联网概论[M].南京:东南大学出版社.2010.
[3]张铎.物联网大趋势-Internet of things[M].北京:清华大学出版社.2010.
[4]AUTO-ID美国实验室[EB/OL]. http://autoid.mit.edu/cs/.
[5]Wang K, Bao J M, Wu M. Research on Security Management for Internet of Things[C]. 2010 International Conference on Computer Application and System Modeling (ICCASM 2010). Shanxi, Taiyuan, China.2010:15133-15137.
[6]沈苏彬,范曲立,宗平等.物联网的体系结构与相关技术研究[J].南京邮电大学学报(自然科学版).2009,29(6):1-11.
[7]李健.物联网关键技术和标准化分析[J].通信管理技术.2010,6(3):17-20.
[8]Martin P.M. Mohsen D. Architectural Solutions for Mobile RFID Services for the Internet of Things[C]. Proceedings of 2008 IEEE Congress on Services (SERVICES 2008). Honolulu, HI, United states.2008.71-74.
[9]无线龙.无线传感网[M].北京:冶金工业出版社.2011.
[10]Tao Yan, Qiaoyan Wen. A Secure Mobile RFID Architecture for the Internet of Things[C]. Proceedings 2010 IEEE International Conference on Information Theory and Information Security (ICITIS 2010).BeiJing, China.2010:616-619.
[11]孙玉砚,刘卓华,李强等.一种面向3G接入的物联网安全架构[J].计算机研究与发展.2010,47(Z2):327-332.
[12]王保云.物联网技术研究综述[J].电子测量与仪器学报.2009,23(12):1-7.
[13]许晔,孟弘,程家瑜等.IBM"智慧地球”战略与我国的对策[J].中国科技论坛.2010,(4):20-23.
[14]薛刚,徐伟群.《欧盟物联网行动计划》对我国物联网发展的启示[J].江苏通信.2010,26(1):38-41.
[15]NTT Tech. Development of autonomous ubiquitous networks based on the u-Japan initiative[R].2005
[16]Jouhki J. The emotional technology of tomorrow:The visual and textual rhetoric of promot-ing a ubiquitous technology society in Korea[C].IADIS Multi Conference on Computer Science and Information Systems(MCCSIS'08). Amsterdam, Netherlands.2008:173-180.
[17]武传坤.物联网安全架构初探[J].中国科学院院刊.2010,25(4):411-419.
[18]马健.孙长征和他的”唐芯一号”[J].物联网技术.2011,(3):22-23.
[19]UIT. ITU Internet Reports 2005:The Internet of Things[R].2005.
[20]黄玉兰.物联网射频识别(RFID)核心技术详解[M].北京:人民邮电出版社.2010.
[21]米志强.射频识别(RFID)技术与应用[M].北京:电子工业出版社.2012.
[22]Dominikus S, Algner M, Kraxberger S. Passive RFID Technology for the Internet of Things[C].2010 International Conference for Internet Technology and Secured Transactions(ICITST 2010). London, United kingdom.2010.
[23]Melia-Segui J, Garcia-Alfaro J, Herrera-Joancomarti J. RFID EPC-Gen2 for postal applications:A security and privacy survey[C].2010 IEEE International Conference on RFID-Technology and Applications. Guangzhou, China.2010:118-123.
[24]孙其博,刘杰,黎葬.物联网:概念、架构与关键技术研究综述[J].北京邮电大学学报.2010,33(3):1-9.
[25]ISO/IEC 18000:2004 Information technology-AIDC techniques-RFID for item management-Air interface [S].
[26]EPCglobal标准[EB/OL].http://www.epcglobalinc.org.
[27]郎为民,刘德敏,李建军.泛在ID(UID)中心的RFID标准化进展[J].商品储运与养护.2007,29(1):33-36.
[28]彭晓睿.物联网中M2M技术与标准进展[J].信息技术与标准化.2010,(11):33-35.
[29]郎为民.国内物联网标准化组织及工作进展[J].通信管理与技术.2010,(05):3-6.
[30]Feng H L,Fu W X. Study of recent development about privacy and security of the Internet of Things[C].2010 International Conference on Web Information Systems and Mining. Sanya, China.2010.91-95.
[31]Oleshchuk V. Internet of Things and Privacy Preserving Technologies [C].1st International Conference on Wireless Communication Vehicular Technology, Information Theory and Aerospace & Electronic Systems Technology. Aalborg, Denmark.2009:336-340.
[32]张俊伟.密码协议的可组合安全[博士学位论文].西安:西安电子科技大学.2010.
[33]Leinweber L, Wolff F G, Papachristou C. A Minimal Protocol with Public Key Cryptographyfor Identification and Privacy in RFID Tags [C].2009 International Symposium on Signals, Circuits and Systems (ISSCS 2009). Iasi, Romania.2009.
[34]Ahamed S I, Rahman F, Hoque E. ERAP:ECC based RFID Authentication Protocol [C].12th IEEE International Workshop on Future. Trends of Distributed Computing Systems. Kunming, China.2008:219-225.
[35]Toiruul B, Lee K. An Advanced Mutual-Authentication Algorithm Using AES for RFID Systems [J]. International Journal of Computer Science and Network Security.2006,6(9B): 156-162.
[36]Mcloone M, Robshaw M J B. New Architectures for Low-Cost Public Key Cryptography on RFID Tags [C].2007 IEEE International Symposium on Circuits and Systems (ISCAS 2007). New Orleans, LA, United states.2007:1827-1830.
[37]Wu K J, Bai E J, Zhang W. A Hash-Based Authentication Protocol for Secure mobile RFID systems [C].1st International Conference on Information Science and Engineering (ICISE 2009). Nanjing, China.2009:2440-2443.
[38]王育民,刘建伟.通信网的安全——理论与技术[M].西安:西安电子科技大学出版社.1999.
[39]Schneier B. Applied Cryptography (2nd ed) [M].New York:John Wiley & Sons.1996.
[40]Needham E M, Schroeder M D. Using Enrcyption for Authentication in Large Networks of Computers [J]. Communicaitons of the ACM.1978,21(12):993-999.
[41]王亚弟,束妮娜,韩继红等.密码协议形式化分析[M].北京:机械工业出版社.2006.
[42]Dolev D, Yao A. On the security of public key protocols [J]. IEEE Transactions on Information Theory.1983,29(2):198-208.
[43]Clark J, Jacob J. A survey of authentication protocol literature [EB/OL]. http://www.cs.york.ac.uk/-jac/papers/drareviewps.ps.
[44]张焕国,王张宜.密码学引论[M].武汉:武汉大学出版社.2009
[45]Wang J H, Wong E C, Ye T. PGMAP:A Privacy Guaranteed Mutual Authentication ProtocolConforming to EPC Class 1 Gen 2 Standards[C]. IEEE International Conference on e-Business Engineering (ICEBE'08). Xi'an, China.2008:289-296.
[46]周永彬,冯登国.RFID安全协议的设计与分析[J].计算机学报.2006,29(4):581-589.
[47]Yao A. Theory and applications of trapdoor functions[C]. In Proc.23rd Annual Symposium on Foundations of Computer Science. Chicago, Illinois, USA.1982:80-91.
[48]Blum M, Micali S. How to generate cryptographically strong sequences of pseudo-random bits[J]. SIAM Journal on Computing.1984,13(4):850-864.
[49]章照止.现代密码学基础[M].北京:北京邮电大学出版社,2004.
[50]Goldreich O. Foundations of Cryptography, Vol.1:Basic Tools [M]. Cambridge University Press.2001.
[51]Diffie W, Hellman M. New directions in cryptography [J]. IEEE Transactions on Information Theory.1976,22(6):644-654.
[52]谷利泽,郑世慧,杨义先.现代秘密学教程[M].北京:北京邮电大学出版社,2009.
[53]Damgard I. Collision free hash functions and public key signature schemes [J]. In Advances in Cryptology-Eurocrypt'87.1988.Volme 304 of Lecture Notes in Computer Science,1-20.
[54]刘军,吴贵臣,翁亮.安全电子时间戳系统的设计方案[J].通信学报.2003,24(2):64-70.
[55]Denning D E. Sacco G M. Timestamps in key distribution protocols [J]. Communications of the ACM.1981,24(8):533-536.
[56]邓淼磊.几类安全协议的研究与设计[博士学位论文].西安:西安电子科技大学.2010.
[57]冯登国.可证明安全性理论与方法研究[J].软件学报.2005,16(10):1743-1756.
[58]Ikram M, Chowdhury M A H, Redwan H. A lightweight mutual authenticationscheme for mobile radio frequency identification (mRFID) systems [C]. Performance, Computing and Communications Conference (IPCCC 2008). Austin, Texas, USA.2008:289-296.
[59]Won T Y, Chun J Y, Lee D H. Strong authentication protocol for secure rfid tag search without help of central database. Embedded and Ubiquitous Computing,2008 (EUC'08). Shanghai, China.2008:153-158.
[60]Lee K. A Two-Step Mutual Authentication Protocol Based on Randomized Hash-Lock for Small RFID Networks[C].2010 Fourth International Conference on Network and System Security. Melbourne, Victoria Australia.2010:527-533.
[61]Chen Y L, Jue-Sam C, Sun H M. A novel mutual authenticationscheme based on quadratic residues for RFID systemslJl. Computer Networks.2008,52(12):2373-2380.
[62]张恒山,管会生,韩海强.RFID系统中基于公钥加密的相互认证协议[J].计算机工程与应用.2010,46(5):69-72.
[63]Shannon C E. A Mathematical Theory of Communication [J]. Bell System Technical Journal.1948,27:423,623-656.
[64]Shannon C E.Communication Theory of Secrecy System [J]. Bell System Technical Journal.1949,28:656-715.
[65]卡茨,林德尔(著),任伟(译).现代密码学-原理与协议[M].北京:国防工业出版社.2010.
[66]Bellare M, Kilian J, Rogaway P. Random oracles are practical:a paradigm for designing efficient protocols [C]. In 1st ACM Conf. on Computer and Communications Security. Berlin, Germany.1993:62-73.
[67]Cantti R, Goldreich O, Halevi S. The random oracle methodology, revisited [J]. Journal of ACM.2004,51(4):557-594.
[68]Burrows M, Abadi M, Needham R. A logic of authentication [J]. ACM Transactions on Computer Systems.1990,8(1):18-36.
[69]Lowe G. Breaking and Fixing the Needham-Schroeder Public Key Protocol using FDR [J]. In Proceeding of TACHS (Tools and Algorithms for the Construction and Analysis of Systems).Springer Verlag.1996,1055:147-166.
[70]Fabrega F, HerzogJ, Guttman J. Strand Spaces:Why is a security protocol correct[C]. In Proceedings of IEEE Symposium on Security and Privacy. Oakland, California, USA. 1998:160-171.
[71]Lowe G. Casper:A compiler for the analysis of security protocols [C]. In Proceedings of 10th IEEE Computer Security Foundations Workshop. Los Alamitos.1997:18-30.
[72]Canetti R. Universally composable security:a new paradigm for cryptographic protocols[C]. Proc.of the 42nd IEEE Symposium on Foundations of Computer Science. Oakland, California, USA.2001:136-145.
[73]贾洪亮.安全协议的可组合性分析与证明[博士学位论文].北京:北京邮电大学.2009.
[74]曹峥,邓淼磊.通用可组合的RFID搜索协议[J].华中科技大学学报(自然科学版).2011,39(4):56-59.
[75]张忠,徐秋亮.物联网环境下UC安全的组证明RFID协议[J].计算机学报.2011,34(7):1188-1194.
[76]Le T V, Burmester M, Mdeiros B D. Universally Composable and Forward-secure rfid authentication and authenticated key exchange[C]. Proceedings of the 2nd ACM Symposium on Information, Computer and Communications Security (ASIACCS'07). Singapore.2007: 242-252.
[77]PIRAMUTHU S. RFID mutual authentication protocols [J]. Decision Support Systems.2011, 50(2):387-393.
[78]HA J, MOON S, et al. lightweight and resynchronous mutual authentication protocol for RFID system [J]. LNCS.2007,4412:80-89.
[79]Tan C C, Sheng B, Li Q. Secure and serverless RFID authentication and search protocols [J]. IEEE TRANSACTIONS ON WIRELESS COMMUNICATIONS.2008,7 (4):1400-1407.
[80]Chien H Y, Chen C H. Mutual authentication protocol for RFID conforming to EPC class 1 generation 2 standards. Computer Standards and Interfaces.2007,29(2):254-259.
[81]Chen C L, Deng Y Y. Conformation of EPC class 1 and generation 2 standards RFID system with mutual authentication and privacy protection [J]. Engineering Applications of Artificial Intelligence.2009,22 (8):1284-1291.
[82]Peris-Lopez P, Hemandez-Castro J C, Tapiador J E et al. Cryptanalysis of an EPC class-1 generation-2 standard compliant authentication protocol [J]. Engineering Applications of Artificial Intelligence.2011,24(6):1061-1069.
[83]Cai S, Li Y, Li T. Attacks and improvements to an RFID mutual authentication protocol[C]. 2nd ACM Conference on Wireless Network Security.Zurich, Switzerland.2009:51-58
[84]邓淼磊,王玉磊,邱罡.无需后端数据库的RFID认证协议[J].北京邮电大学学报.2009,32(4):59-62.
[85]马昌社.前向隐私安全的低成本RFID认证协议[J].计算机学报.2011,34(8):1387-1398.
[86]Godor G, Giczi N, Sandor I. Elliptic Curve Cryptography Based Mutual Authentication Protocol for Low Computational Complexity Environment[C]. International Symposium on Wireless Pervasive Computing (ISWPC'2010).2010 Modena, Italy:331-336.
[87]蔡庆玲,詹宜巨,余松森,等.基于NTRU公钥密码系统的RFID通信安全协议的研究[J].中山大学学报(自然科学版).2009,48(5):6-11.
[88]Hopper N J, Blum M. Security human identification protocol[C].ASIACRYPT'01. Gold Coast, Australia.2001:52-66.
[89]Juels A, Weis S. Authenticating Pervasive Devices with Human Protocols [J]. Advanced in Cryptology-Crypto2005, Lecture Notes in Computer Science, Springer.2005,3621:293-308.
[90]Gilbert H, Matthew J, Robshaw B et al. HB#:Increasing the Security and Efficiency of HB+[C]. Eurocrypt 2008. Istanbul, Turkey 2008:361-378.
[91]Bringer J, Chabanne H, Dottax E. HB++:a Lightweight Authentication Protocol Secure against Some Attacks [C]. Second International Workshop on Security, Privacy and Trust in Pervasive and Ubiquitous Computing. Lyon, France.2006:28-33.
[92]Leng X, Mayes K, Markantonakis K. HB-MP+ Protocol:An Improvement on the HB-MP Protocol[C].2008 IEEE International Conference on RFID. Las Vegas, NV, USA. 2008:118-124.
[93]Yoon B, Sung M Y, Yeon S J et al. HB-MP++Protocol:An Ultra Light-weight Authentication Protocol for RFID System[C] 2009 IEEE International Conference on RFID. Orlando, FL, USA.2008:186-191.
[94]Goldreich O, Goldwasser S, Micali S. How to construct random functions [J]. Journal of the Association for Computing Machinery.1986,33(4):792-807.
[95]邓淼磊,马剑峰,周利华.RFID匿名认证协议的设计[J].通信学报.2009,30(7):20-26.
[96]EPC-ClG2.Class-1 generation 2 UHF air interface protocol standard[S]. EPCglobal.2004.
[97]张耀中,彭敏君,赵涵捷.EPC网络的跨层架构研究[J].北京交通大学学报.2010, 34(3):2-5.
[98]Karthikeyan S, Nesterenko M. RFID security without extensive cryptography [C]. Proceedings of the 3rd ACM workshop on Security of ad hoc and sensor networks. Alexandria, VA, USA.2005:63-67.
[99]Yeh T C, Wang Y J, Kuo T C et al. Securing RFID systems conforming to EPC Class 1 Generation 2 standard [J]. Expert Systems with Applications.2011,37(12):7678-7683.
[100]Yoon E J. Improvement of the securing RFID systems conforming to EPC class 1 generation standard [J]. Expert Systems with Applications.2012,39(1):1589-1594.
[101]Cai Q L, Zhan Y J, Wang Y H. A minimalist mutual authentication protocol for RFID system and BAN logic analysis[C]. International Colloquium on Computing, Communication, Control, and Management (ISECS2008). Guangzhou, China.2008:449-453.
[102]Kang S Y, Lee I Y. A Study on low-cost RFID system management with mutual authentication scheme in ubiquitous [J]. Proceedings of APNOMS, Lecture Notes in Computer Science.2007,4773:492-502.
[103]Han S, Potgar V, Chang E. Mutual authentication protocol for RFID tags based on synchronized secret information with monitor [J]. Proceedings of ICCSA, Lecture Notes in Computer Science.2007,4707:227-238.
[104]Canetti R. Universally composable signature, certification, and authentication[C]. Proceedings of the 17th Computer Science Foundations Workshop (CSFW).Pacific Grove, California, USA.2004:219-233.
[105]Weis S. Security and privacy in radio-frequency identification devices [M]. Massachusetts, USA:Massachusetts Institute of Technology (MIT).2003.
[106]Yoon H S, Youm H Y. An Anonymous Search Protocol for RFID Systems [J]. Journal of Convergence Information Technology.2011,6(8):44-50.
[107]Kulseng L, Yu Z, Wei Y et al. Lightweight Secure Search Protocols for Low-Cost RFID Systems[C]. International Conference on Distributed Computing Systems (ICDCS'09). Montreal, QC, Canada.2009:40-48.
[108]Huang S L, Shieh S. Authentication and Secret Search Mecha Mechanisms for RFID Aware Wireless Sensor Networks [J]. Int. J. Security and Networks.2010,5:15-25.
[109]Won T Y, Chun J Y, Lee D H. Strong Authentication Protocol for Secure RFID Tag Search Without the Help of Central Database[C].IEEE/IFIP International Conference on Embedded and Ubiquitous Computing.Shanghai, China.2008:153-158.
[110]Zuo Y. Secure and Private Search Protocols for RFID Systems [J]. Information Systems Frontiers.2010,12(5):507-519.
[111]Ahmed S L, Rahman F, Hoque E et al.S3PR:Secure Serverless Search Protocols for RF1D [C]. International Conference on Information Security and Assurance (ISA 2008). Busan, Korea.2008:187-192.
[112]Kim Z, Kim J, Kim K, et al. Untraceable and Serverless RF1D Authentication and Search Protocols [C].2011 Ninth IEEE International Symposium on Parallel and Distributed Processing with Applications Workshops (ISPAW2011). Busan, Korea.2011:278-283.
[113]Sundaresan S, Doss R, Zhou W L. A Serverless Ultra-Lightweight Secure Search Protocol for EPC Class-1 Gen-2 UHF RFID Tags[C].2012 International Conference on Computer & Information Science (ICCIS). Kuala Lumpeu, Malaysia.2012:580-585.
[114]邓淼磊,朱昭,石金娥,等.RIFD标签的不可追踪性[J].北京邮电大学学报.2010,33(2):44-47.
[115]Garcia F D, Hasuo I, PietersW, et al.Provable anymity [C]. FMSE. Virginia:IEEE Press, 2005:63-72.
[116]刘伟华.物流服务供应链能力合作的协调研究[博士学位论文].上海:上海交通大学.2007.
[117]Saito J, Imamoto K, Sakurai K. Reassignment scheme of an RFID tag's key forowner transfer [C]. EUCWorkshops2005. Berlin, Germany.2005:1303-1312.
[118]OSAKA K, TAKAGI T, YAMAZAKI K, et al. An efficient and secure RFID security method with ownership transfer[C]. Computational Intelligenceand Security (CIS). Guangzhou, China.2006:778-787.
[119]SONG B. RFID tag ownership transfer [C].4th Workshop on RFID Security (RFIDSec). Budapest, Hungary,2008:16.
[120]Song B, Mitchell C J. RFID authentication protocol for low-cost tags[C]. in Proceedings of the ACM Conference on Wireless Network Security(WiSec'O8). ACM Press Alexandria.Virginia, USA.2008:140-147.
[121]Peris-Lopez P, Hernandez-Castro J C, Tapiador J E et al. Vulnerability analysis of RFID protocols for tag ownership transfer [J]. Computer Networks.2010,54(9):1502-1508.
[122]陈志德,陈友勤,许立.RFID标签所有权安全转换协议[J].通信学报.2010,31(9A):202-208.
[123]Shamir A. SQUASH-A new MAC with provable security properties for highly constrained devices such as RFID tags [C].15th International Workshop on Fast Software Encryption (FSE 2008). Lausanne, Switzerland.2008:144-157.
[124]金永明,孙惠平,关志,等.RFID标签所有权转换协议研究[J].计算机研究与发展.2011,48(8):1400-1405.
[125]Chen H B, Lee W B, Zhao Y H, et al. Enhancement of the RFID security method with ownership transfer [C].3rd International Conference on Ubiquitous Information Management and Communication (ICUIMC'09). Suwon, Korea.2009:251-254
[126]Lim C H, Kwon T. Strong and robust RFID authentication enabling perfect ownership transfer[C]. Proceeding of international conference on information and communications security. Berlin, Germany.2006:1-20.
[127]Koralalage M, Reza S, Miura J, et al. POP Method:An approach to enhance the security and privacy of RFID systems used in product lifecycle with an anonymous ownership transferring mechanism[C].2007 ACM Symposium on Applied Computing. Seoul, Korea.2007: 270-275.
[128]Van Deursen T, Mauw S, Radomirovic S, et al. Secure ownership and ownership transfer in RFID systems[C].14th European Symposium on Research in Computer Security (ESORICS 2009). Saint-Malo, France.2009:637-654.
[129]Kapoor G, Piramuthu S. Single RFID Tag Ownership Transfer Protocols [J]. IEEE Transactions on Systems, Man and Cybernetics Part C:Applications and Reviews.2012, 42(2):164-173.
[130]中国标准信息网[EB/OL]. http://www.chinaios.com.
[131]孔宁,李晓东,罗万明等.物联网寻址模式[J].软件学报.2010,21(7):1657-1666.
[132]Chang Y C, Chen J L, Lin Y S et al. RFIPv6-A Novel IPv6-EPC Bridge Mechanism [C]. International Conference Consumer Electronics 2008 (ICCE 2008). Las Vegas, NV, USA.2008:1-2.
[133]Gao J, Liu F L, Ning H S et al. RFID Coding, Name and Information Service for Internet of things[C]. IET Conference on Wireless, Mobile and Sensor Networks 2007(CCWMSN'07). Shanghai, China.2007:36-39.
[134]Avoine G, Bingol M, Kardas S et al. Framework for analyzing RFID distance bounding protocols [J]. Journal of Comput Security.2011,19(2):289-317.
[135]Kim C H, Avoine G. RFID Distance Bounding Protocols with Mixed Challenges [J]. IEEE TRANSACTIONS ON WIRELESS COMMUNICATIONS.2011,10(5):1618-1626.
[136]Suh G E, Devadas D. Physical Unclonable Functions for Device Authentication and Secret Key Generation [C]//Proc. of Design Automation Conference. San Diego, California, USA. 2007:9-14.
[2]国景熙.物联网概论[M].南京:东南大学出版社.2010.
[3]张铎.物联网大趋势-Internet of things[M].北京:清华大学出版社.2010.
[4]AUTO-ID美国实验室[EB/OL]. http://autoid.mit.edu/cs/.
[5]Wang K, Bao J M, Wu M. Research on Security Management for Internet of Things[C]. 2010 International Conference on Computer Application and System Modeling (ICCASM 2010). Shanxi, Taiyuan, China.2010:15133-15137.
[6]沈苏彬,范曲立,宗平等.物联网的体系结构与相关技术研究[J].南京邮电大学学报(自然科学版).2009,29(6):1-11.
[7]李健.物联网关键技术和标准化分析[J].通信管理技术.2010,6(3):17-20.
[8]Martin P.M. Mohsen D. Architectural Solutions for Mobile RFID Services for the Internet of Things[C]. Proceedings of 2008 IEEE Congress on Services (SERVICES 2008). Honolulu, HI, United states.2008.71-74.
[9]无线龙.无线传感网[M].北京:冶金工业出版社.2011.
[10]Tao Yan, Qiaoyan Wen. A Secure Mobile RFID Architecture for the Internet of Things[C]. Proceedings 2010 IEEE International Conference on Information Theory and Information Security (ICITIS 2010).BeiJing, China.2010:616-619.
[11]孙玉砚,刘卓华,李强等.一种面向3G接入的物联网安全架构[J].计算机研究与发展.2010,47(Z2):327-332.
[12]王保云.物联网技术研究综述[J].电子测量与仪器学报.2009,23(12):1-7.
[13]许晔,孟弘,程家瑜等.IBM"智慧地球”战略与我国的对策[J].中国科技论坛.2010,(4):20-23.
[14]薛刚,徐伟群.《欧盟物联网行动计划》对我国物联网发展的启示[J].江苏通信.2010,26(1):38-41.
[15]NTT Tech. Development of autonomous ubiquitous networks based on the u-Japan initiative[R].2005
[16]Jouhki J. The emotional technology of tomorrow:The visual and textual rhetoric of promot-ing a ubiquitous technology society in Korea[C].IADIS Multi Conference on Computer Science and Information Systems(MCCSIS'08). Amsterdam, Netherlands.2008:173-180.
[17]武传坤.物联网安全架构初探[J].中国科学院院刊.2010,25(4):411-419.
[18]马健.孙长征和他的”唐芯一号”[J].物联网技术.2011,(3):22-23.
[19]UIT. ITU Internet Reports 2005:The Internet of Things[R].2005.
[20]黄玉兰.物联网射频识别(RFID)核心技术详解[M].北京:人民邮电出版社.2010.
[21]米志强.射频识别(RFID)技术与应用[M].北京:电子工业出版社.2012.
[22]Dominikus S, Algner M, Kraxberger S. Passive RFID Technology for the Internet of Things[C].2010 International Conference for Internet Technology and Secured Transactions(ICITST 2010). London, United kingdom.2010.
[23]Melia-Segui J, Garcia-Alfaro J, Herrera-Joancomarti J. RFID EPC-Gen2 for postal applications:A security and privacy survey[C].2010 IEEE International Conference on RFID-Technology and Applications. Guangzhou, China.2010:118-123.
[24]孙其博,刘杰,黎葬.物联网:概念、架构与关键技术研究综述[J].北京邮电大学学报.2010,33(3):1-9.
[25]ISO/IEC 18000:2004 Information technology-AIDC techniques-RFID for item management-Air interface [S].
[26]EPCglobal标准[EB/OL].http://www.epcglobalinc.org.
[27]郎为民,刘德敏,李建军.泛在ID(UID)中心的RFID标准化进展[J].商品储运与养护.2007,29(1):33-36.
[28]彭晓睿.物联网中M2M技术与标准进展[J].信息技术与标准化.2010,(11):33-35.
[29]郎为民.国内物联网标准化组织及工作进展[J].通信管理与技术.2010,(05):3-6.
[30]Feng H L,Fu W X. Study of recent development about privacy and security of the Internet of Things[C].2010 International Conference on Web Information Systems and Mining. Sanya, China.2010.91-95.
[31]Oleshchuk V. Internet of Things and Privacy Preserving Technologies [C].1st International Conference on Wireless Communication Vehicular Technology, Information Theory and Aerospace & Electronic Systems Technology. Aalborg, Denmark.2009:336-340.
[32]张俊伟.密码协议的可组合安全[博士学位论文].西安:西安电子科技大学.2010.
[33]Leinweber L, Wolff F G, Papachristou C. A Minimal Protocol with Public Key Cryptographyfor Identification and Privacy in RFID Tags [C].2009 International Symposium on Signals, Circuits and Systems (ISSCS 2009). Iasi, Romania.2009.
[34]Ahamed S I, Rahman F, Hoque E. ERAP:ECC based RFID Authentication Protocol [C].12th IEEE International Workshop on Future. Trends of Distributed Computing Systems. Kunming, China.2008:219-225.
[35]Toiruul B, Lee K. An Advanced Mutual-Authentication Algorithm Using AES for RFID Systems [J]. International Journal of Computer Science and Network Security.2006,6(9B): 156-162.
[36]Mcloone M, Robshaw M J B. New Architectures for Low-Cost Public Key Cryptography on RFID Tags [C].2007 IEEE International Symposium on Circuits and Systems (ISCAS 2007). New Orleans, LA, United states.2007:1827-1830.
[37]Wu K J, Bai E J, Zhang W. A Hash-Based Authentication Protocol for Secure mobile RFID systems [C].1st International Conference on Information Science and Engineering (ICISE 2009). Nanjing, China.2009:2440-2443.
[38]王育民,刘建伟.通信网的安全——理论与技术[M].西安:西安电子科技大学出版社.1999.
[39]Schneier B. Applied Cryptography (2nd ed) [M].New York:John Wiley & Sons.1996.
[40]Needham E M, Schroeder M D. Using Enrcyption for Authentication in Large Networks of Computers [J]. Communicaitons of the ACM.1978,21(12):993-999.
[41]王亚弟,束妮娜,韩继红等.密码协议形式化分析[M].北京:机械工业出版社.2006.
[42]Dolev D, Yao A. On the security of public key protocols [J]. IEEE Transactions on Information Theory.1983,29(2):198-208.
[43]Clark J, Jacob J. A survey of authentication protocol literature [EB/OL]. http://www.cs.york.ac.uk/-jac/papers/drareviewps.ps.
[44]张焕国,王张宜.密码学引论[M].武汉:武汉大学出版社.2009
[45]Wang J H, Wong E C, Ye T. PGMAP:A Privacy Guaranteed Mutual Authentication ProtocolConforming to EPC Class 1 Gen 2 Standards[C]. IEEE International Conference on e-Business Engineering (ICEBE'08). Xi'an, China.2008:289-296.
[46]周永彬,冯登国.RFID安全协议的设计与分析[J].计算机学报.2006,29(4):581-589.
[47]Yao A. Theory and applications of trapdoor functions[C]. In Proc.23rd Annual Symposium on Foundations of Computer Science. Chicago, Illinois, USA.1982:80-91.
[48]Blum M, Micali S. How to generate cryptographically strong sequences of pseudo-random bits[J]. SIAM Journal on Computing.1984,13(4):850-864.
[49]章照止.现代密码学基础[M].北京:北京邮电大学出版社,2004.
[50]Goldreich O. Foundations of Cryptography, Vol.1:Basic Tools [M]. Cambridge University Press.2001.
[51]Diffie W, Hellman M. New directions in cryptography [J]. IEEE Transactions on Information Theory.1976,22(6):644-654.
[52]谷利泽,郑世慧,杨义先.现代秘密学教程[M].北京:北京邮电大学出版社,2009.
[53]Damgard I. Collision free hash functions and public key signature schemes [J]. In Advances in Cryptology-Eurocrypt'87.1988.Volme 304 of Lecture Notes in Computer Science,1-20.
[54]刘军,吴贵臣,翁亮.安全电子时间戳系统的设计方案[J].通信学报.2003,24(2):64-70.
[55]Denning D E. Sacco G M. Timestamps in key distribution protocols [J]. Communications of the ACM.1981,24(8):533-536.
[56]邓淼磊.几类安全协议的研究与设计[博士学位论文].西安:西安电子科技大学.2010.
[57]冯登国.可证明安全性理论与方法研究[J].软件学报.2005,16(10):1743-1756.
[58]Ikram M, Chowdhury M A H, Redwan H. A lightweight mutual authenticationscheme for mobile radio frequency identification (mRFID) systems [C]. Performance, Computing and Communications Conference (IPCCC 2008). Austin, Texas, USA.2008:289-296.
[59]Won T Y, Chun J Y, Lee D H. Strong authentication protocol for secure rfid tag search without help of central database. Embedded and Ubiquitous Computing,2008 (EUC'08). Shanghai, China.2008:153-158.
[60]Lee K. A Two-Step Mutual Authentication Protocol Based on Randomized Hash-Lock for Small RFID Networks[C].2010 Fourth International Conference on Network and System Security. Melbourne, Victoria Australia.2010:527-533.
[61]Chen Y L, Jue-Sam C, Sun H M. A novel mutual authenticationscheme based on quadratic residues for RFID systemslJl. Computer Networks.2008,52(12):2373-2380.
[62]张恒山,管会生,韩海强.RFID系统中基于公钥加密的相互认证协议[J].计算机工程与应用.2010,46(5):69-72.
[63]Shannon C E. A Mathematical Theory of Communication [J]. Bell System Technical Journal.1948,27:423,623-656.
[64]Shannon C E.Communication Theory of Secrecy System [J]. Bell System Technical Journal.1949,28:656-715.
[65]卡茨,林德尔(著),任伟(译).现代密码学-原理与协议[M].北京:国防工业出版社.2010.
[66]Bellare M, Kilian J, Rogaway P. Random oracles are practical:a paradigm for designing efficient protocols [C]. In 1st ACM Conf. on Computer and Communications Security. Berlin, Germany.1993:62-73.
[67]Cantti R, Goldreich O, Halevi S. The random oracle methodology, revisited [J]. Journal of ACM.2004,51(4):557-594.
[68]Burrows M, Abadi M, Needham R. A logic of authentication [J]. ACM Transactions on Computer Systems.1990,8(1):18-36.
[69]Lowe G. Breaking and Fixing the Needham-Schroeder Public Key Protocol using FDR [J]. In Proceeding of TACHS (Tools and Algorithms for the Construction and Analysis of Systems).Springer Verlag.1996,1055:147-166.
[70]Fabrega F, HerzogJ, Guttman J. Strand Spaces:Why is a security protocol correct[C]. In Proceedings of IEEE Symposium on Security and Privacy. Oakland, California, USA. 1998:160-171.
[71]Lowe G. Casper:A compiler for the analysis of security protocols [C]. In Proceedings of 10th IEEE Computer Security Foundations Workshop. Los Alamitos.1997:18-30.
[72]Canetti R. Universally composable security:a new paradigm for cryptographic protocols[C]. Proc.of the 42nd IEEE Symposium on Foundations of Computer Science. Oakland, California, USA.2001:136-145.
[73]贾洪亮.安全协议的可组合性分析与证明[博士学位论文].北京:北京邮电大学.2009.
[74]曹峥,邓淼磊.通用可组合的RFID搜索协议[J].华中科技大学学报(自然科学版).2011,39(4):56-59.
[75]张忠,徐秋亮.物联网环境下UC安全的组证明RFID协议[J].计算机学报.2011,34(7):1188-1194.
[76]Le T V, Burmester M, Mdeiros B D. Universally Composable and Forward-secure rfid authentication and authenticated key exchange[C]. Proceedings of the 2nd ACM Symposium on Information, Computer and Communications Security (ASIACCS'07). Singapore.2007: 242-252.
[77]PIRAMUTHU S. RFID mutual authentication protocols [J]. Decision Support Systems.2011, 50(2):387-393.
[78]HA J, MOON S, et al. lightweight and resynchronous mutual authentication protocol for RFID system [J]. LNCS.2007,4412:80-89.
[79]Tan C C, Sheng B, Li Q. Secure and serverless RFID authentication and search protocols [J]. IEEE TRANSACTIONS ON WIRELESS COMMUNICATIONS.2008,7 (4):1400-1407.
[80]Chien H Y, Chen C H. Mutual authentication protocol for RFID conforming to EPC class 1 generation 2 standards. Computer Standards and Interfaces.2007,29(2):254-259.
[81]Chen C L, Deng Y Y. Conformation of EPC class 1 and generation 2 standards RFID system with mutual authentication and privacy protection [J]. Engineering Applications of Artificial Intelligence.2009,22 (8):1284-1291.
[82]Peris-Lopez P, Hemandez-Castro J C, Tapiador J E et al. Cryptanalysis of an EPC class-1 generation-2 standard compliant authentication protocol [J]. Engineering Applications of Artificial Intelligence.2011,24(6):1061-1069.
[83]Cai S, Li Y, Li T. Attacks and improvements to an RFID mutual authentication protocol[C]. 2nd ACM Conference on Wireless Network Security.Zurich, Switzerland.2009:51-58
[84]邓淼磊,王玉磊,邱罡.无需后端数据库的RFID认证协议[J].北京邮电大学学报.2009,32(4):59-62.
[85]马昌社.前向隐私安全的低成本RFID认证协议[J].计算机学报.2011,34(8):1387-1398.
[86]Godor G, Giczi N, Sandor I. Elliptic Curve Cryptography Based Mutual Authentication Protocol for Low Computational Complexity Environment[C]. International Symposium on Wireless Pervasive Computing (ISWPC'2010).2010 Modena, Italy:331-336.
[87]蔡庆玲,詹宜巨,余松森,等.基于NTRU公钥密码系统的RFID通信安全协议的研究[J].中山大学学报(自然科学版).2009,48(5):6-11.
[88]Hopper N J, Blum M. Security human identification protocol[C].ASIACRYPT'01. Gold Coast, Australia.2001:52-66.
[89]Juels A, Weis S. Authenticating Pervasive Devices with Human Protocols [J]. Advanced in Cryptology-Crypto2005, Lecture Notes in Computer Science, Springer.2005,3621:293-308.
[90]Gilbert H, Matthew J, Robshaw B et al. HB#:Increasing the Security and Efficiency of HB+[C]. Eurocrypt 2008. Istanbul, Turkey 2008:361-378.
[91]Bringer J, Chabanne H, Dottax E. HB++:a Lightweight Authentication Protocol Secure against Some Attacks [C]. Second International Workshop on Security, Privacy and Trust in Pervasive and Ubiquitous Computing. Lyon, France.2006:28-33.
[92]Leng X, Mayes K, Markantonakis K. HB-MP+ Protocol:An Improvement on the HB-MP Protocol[C].2008 IEEE International Conference on RFID. Las Vegas, NV, USA. 2008:118-124.
[93]Yoon B, Sung M Y, Yeon S J et al. HB-MP++Protocol:An Ultra Light-weight Authentication Protocol for RFID System[C] 2009 IEEE International Conference on RFID. Orlando, FL, USA.2008:186-191.
[94]Goldreich O, Goldwasser S, Micali S. How to construct random functions [J]. Journal of the Association for Computing Machinery.1986,33(4):792-807.
[95]邓淼磊,马剑峰,周利华.RFID匿名认证协议的设计[J].通信学报.2009,30(7):20-26.
[96]EPC-ClG2.Class-1 generation 2 UHF air interface protocol standard[S]. EPCglobal.2004.
[97]张耀中,彭敏君,赵涵捷.EPC网络的跨层架构研究[J].北京交通大学学报.2010, 34(3):2-5.
[98]Karthikeyan S, Nesterenko M. RFID security without extensive cryptography [C]. Proceedings of the 3rd ACM workshop on Security of ad hoc and sensor networks. Alexandria, VA, USA.2005:63-67.
[99]Yeh T C, Wang Y J, Kuo T C et al. Securing RFID systems conforming to EPC Class 1 Generation 2 standard [J]. Expert Systems with Applications.2011,37(12):7678-7683.
[100]Yoon E J. Improvement of the securing RFID systems conforming to EPC class 1 generation standard [J]. Expert Systems with Applications.2012,39(1):1589-1594.
[101]Cai Q L, Zhan Y J, Wang Y H. A minimalist mutual authentication protocol for RFID system and BAN logic analysis[C]. International Colloquium on Computing, Communication, Control, and Management (ISECS2008). Guangzhou, China.2008:449-453.
[102]Kang S Y, Lee I Y. A Study on low-cost RFID system management with mutual authentication scheme in ubiquitous [J]. Proceedings of APNOMS, Lecture Notes in Computer Science.2007,4773:492-502.
[103]Han S, Potgar V, Chang E. Mutual authentication protocol for RFID tags based on synchronized secret information with monitor [J]. Proceedings of ICCSA, Lecture Notes in Computer Science.2007,4707:227-238.
[104]Canetti R. Universally composable signature, certification, and authentication[C]. Proceedings of the 17th Computer Science Foundations Workshop (CSFW).Pacific Grove, California, USA.2004:219-233.
[105]Weis S. Security and privacy in radio-frequency identification devices [M]. Massachusetts, USA:Massachusetts Institute of Technology (MIT).2003.
[106]Yoon H S, Youm H Y. An Anonymous Search Protocol for RFID Systems [J]. Journal of Convergence Information Technology.2011,6(8):44-50.
[107]Kulseng L, Yu Z, Wei Y et al. Lightweight Secure Search Protocols for Low-Cost RFID Systems[C]. International Conference on Distributed Computing Systems (ICDCS'09). Montreal, QC, Canada.2009:40-48.
[108]Huang S L, Shieh S. Authentication and Secret Search Mecha Mechanisms for RFID Aware Wireless Sensor Networks [J]. Int. J. Security and Networks.2010,5:15-25.
[109]Won T Y, Chun J Y, Lee D H. Strong Authentication Protocol for Secure RFID Tag Search Without the Help of Central Database[C].IEEE/IFIP International Conference on Embedded and Ubiquitous Computing.Shanghai, China.2008:153-158.
[110]Zuo Y. Secure and Private Search Protocols for RFID Systems [J]. Information Systems Frontiers.2010,12(5):507-519.
[111]Ahmed S L, Rahman F, Hoque E et al.S3PR:Secure Serverless Search Protocols for RF1D [C]. International Conference on Information Security and Assurance (ISA 2008). Busan, Korea.2008:187-192.
[112]Kim Z, Kim J, Kim K, et al. Untraceable and Serverless RF1D Authentication and Search Protocols [C].2011 Ninth IEEE International Symposium on Parallel and Distributed Processing with Applications Workshops (ISPAW2011). Busan, Korea.2011:278-283.
[113]Sundaresan S, Doss R, Zhou W L. A Serverless Ultra-Lightweight Secure Search Protocol for EPC Class-1 Gen-2 UHF RFID Tags[C].2012 International Conference on Computer & Information Science (ICCIS). Kuala Lumpeu, Malaysia.2012:580-585.
[114]邓淼磊,朱昭,石金娥,等.RIFD标签的不可追踪性[J].北京邮电大学学报.2010,33(2):44-47.
[115]Garcia F D, Hasuo I, PietersW, et al.Provable anymity [C]. FMSE. Virginia:IEEE Press, 2005:63-72.
[116]刘伟华.物流服务供应链能力合作的协调研究[博士学位论文].上海:上海交通大学.2007.
[117]Saito J, Imamoto K, Sakurai K. Reassignment scheme of an RFID tag's key forowner transfer [C]. EUCWorkshops2005. Berlin, Germany.2005:1303-1312.
[118]OSAKA K, TAKAGI T, YAMAZAKI K, et al. An efficient and secure RFID security method with ownership transfer[C]. Computational Intelligenceand Security (CIS). Guangzhou, China.2006:778-787.
[119]SONG B. RFID tag ownership transfer [C].4th Workshop on RFID Security (RFIDSec). Budapest, Hungary,2008:16.
[120]Song B, Mitchell C J. RFID authentication protocol for low-cost tags[C]. in Proceedings of the ACM Conference on Wireless Network Security(WiSec'O8). ACM Press Alexandria.Virginia, USA.2008:140-147.
[121]Peris-Lopez P, Hernandez-Castro J C, Tapiador J E et al. Vulnerability analysis of RFID protocols for tag ownership transfer [J]. Computer Networks.2010,54(9):1502-1508.
[122]陈志德,陈友勤,许立.RFID标签所有权安全转换协议[J].通信学报.2010,31(9A):202-208.
[123]Shamir A. SQUASH-A new MAC with provable security properties for highly constrained devices such as RFID tags [C].15th International Workshop on Fast Software Encryption (FSE 2008). Lausanne, Switzerland.2008:144-157.
[124]金永明,孙惠平,关志,等.RFID标签所有权转换协议研究[J].计算机研究与发展.2011,48(8):1400-1405.
[125]Chen H B, Lee W B, Zhao Y H, et al. Enhancement of the RFID security method with ownership transfer [C].3rd International Conference on Ubiquitous Information Management and Communication (ICUIMC'09). Suwon, Korea.2009:251-254
[126]Lim C H, Kwon T. Strong and robust RFID authentication enabling perfect ownership transfer[C]. Proceeding of international conference on information and communications security. Berlin, Germany.2006:1-20.
[127]Koralalage M, Reza S, Miura J, et al. POP Method:An approach to enhance the security and privacy of RFID systems used in product lifecycle with an anonymous ownership transferring mechanism[C].2007 ACM Symposium on Applied Computing. Seoul, Korea.2007: 270-275.
[128]Van Deursen T, Mauw S, Radomirovic S, et al. Secure ownership and ownership transfer in RFID systems[C].14th European Symposium on Research in Computer Security (ESORICS 2009). Saint-Malo, France.2009:637-654.
[129]Kapoor G, Piramuthu S. Single RFID Tag Ownership Transfer Protocols [J]. IEEE Transactions on Systems, Man and Cybernetics Part C:Applications and Reviews.2012, 42(2):164-173.
[130]中国标准信息网[EB/OL]. http://www.chinaios.com.
[131]孔宁,李晓东,罗万明等.物联网寻址模式[J].软件学报.2010,21(7):1657-1666.
[132]Chang Y C, Chen J L, Lin Y S et al. RFIPv6-A Novel IPv6-EPC Bridge Mechanism [C]. International Conference Consumer Electronics 2008 (ICCE 2008). Las Vegas, NV, USA.2008:1-2.
[133]Gao J, Liu F L, Ning H S et al. RFID Coding, Name and Information Service for Internet of things[C]. IET Conference on Wireless, Mobile and Sensor Networks 2007(CCWMSN'07). Shanghai, China.2007:36-39.
[134]Avoine G, Bingol M, Kardas S et al. Framework for analyzing RFID distance bounding protocols [J]. Journal of Comput Security.2011,19(2):289-317.
[135]Kim C H, Avoine G. RFID Distance Bounding Protocols with Mixed Challenges [J]. IEEE TRANSACTIONS ON WIRELESS COMMUNICATIONS.2011,10(5):1618-1626.
[136]Suh G E, Devadas D. Physical Unclonable Functions for Device Authentication and Secret Key Generation [C]//Proc. of Design Automation Conference. San Diego, California, USA. 2007:9-14.