被动电子标签身份识别中的若干问题的研究
|
摘要
物联网已成为当前世界新一轮经济和科技发展的战略制高点之一,射频识别(RadioFrequency Identification, RFID)技术是物联网中的关键技术,通过无线射频方式传输和获取相关数据,并对物体加以识别。RFID系统主要由电子标签、阅读器和后端服务器三部分组成。被动电子标签通常被贴附在物品上或嵌入物品中,对该物品或者持有者进行标识。标签作为信息的载体,在RFID系统中具有非常重要的地位,阅读器通过对标签进行身份识别,即可以知道该物品的相关特征或者持有者的个人信息。
在被动电子标签的身份识别中存在一些问题,包括碰撞问题、安全问题以及搜索问题等,这些问题从一定程度上制约了电子标签的大规模应用。本课题通过对这些问题的研究,从理论上给出计算证明和相关数据,并结合被动电子标签的实际硬件和RFID标准要求,使这些理论成果可以直接在实际应用中发挥作用,解决被动电子标签在身份识别中存在的问题,促进RFID技术的应用和物联网的发展。本文针对被动电子标签身份识别中的问题进行了比较深入的研究,并取得了一系列的成果,主要研究内容和成果如下:
1.对被动电子标签身份识别中涉及到的碰撞问题、安全问题以及搜索问题进行统一的描述,其中,搜索问题可以看作碰撞问题和安全问题的结合。这些问题的描述包括问题存在的场景、所要达到的目标、存在的阻碍和达到目标应该满足的要求等;
2.在对电子标签防碰撞算法的研究现状进行详细的回顾及分析的基础上,提出基于临时ID的查询树电子标签防碰撞算法,从标签ID中选取字符串作为临时ID,当多个标签由于具有相同的临时ID而不可区分时,将重新选取字符串作为临时ID,给出仿真实验结果,表明该算法比查询树及其变型算法在标签平均传输比特数方面具有优势,从而提高标签识别的效率。提出带堆栈的双时隙二进制树电子标签防碰撞算法,该算法采用曼彻斯特编码,利用双时隙机制为标签预留响应时隙,减少标签发送的比特数和碰撞次数,采用堆栈的方法记录碰撞发生的位置,减少阅读器的查询次数和无用信息的重复查询,并分别从数学推导和实验结果证明所提出的算法比原始的二进制树算法在时间复杂度和通信复杂度方面都有所降低,提供了更高的标签识别性能;
3.研究分析轻量级序列密码Trivium的设计,定义Trivium型移位寄存器并将其推广到k轮,证明k轮的Trivium型移位寄存器的特征多项式形如(1+x)kf(x),定义k阶本原多项式,并给出Trivium型密码的设计准则,要求其每轮的特征多项式都为k阶本原多项式。根据该准则对Trivium算法进行改进,提出面向电子标签的轻量级序列密码Quavium,Quavium的设计基于4轮的Trivium型移位寄存器结构和k阶本原多项式,由于每轮都保持特征多项式的本原性,因此可以根据不同的应用需求采用不同寄存器长度的密码算法,实验结果表明,Quavium在硬件和软件上的性能几乎和Trivium相当,3轮甚至更少轮数的Quavium具有更佳的性能,更适用于被动电子标签的通信保密;
4.分别对简单级、轻量级和超轻量级RFID身份认证协议进行研究。在简单级的RFID认证协议方面,分析典型的匿名RFID认证协议ARAP协议,对该协议进行假冒攻击,针对简单级协议对计算复杂度的要求,提出置换操作及相应的改进措施,使其可以在原协议的基础上抵抗假冒攻击;在轻量级的RFID认证协议方面,给出一个广义的3轮轻量级RFID双向认证协议框架,证明如果该框架无法抵抗假冒攻击,那么还可以对该框架进行非同步攻击,根据此定理实现对两个符合EPC C1G2标准的轻量级双向认证协议的非同步攻击,并提出相应的修正方法,改变标签响应信息的计算;在超轻量级的RFID认证协议方面,对带置换的超轻量级RFID身份认证协议RAPP协议进行分析,给出与置换运算和循环左移运算相关的性质,指出超轻量级协议中存在的漏洞,原因是标签不具有产生伪随机数的能力,因此,引入初始值机制,设计增强型带置换的超轻量级协议,并分析协议的安全性和性能;
5.提出轻量级电子标签搜索协议的设计准则,并根据该准则设计了一个无需服务器的符合EPC C1G2标准的轻量级电子标签搜索协议,与其他搜索协议相比,该协议需要更少的操作类型和更低的计算复杂度,适用于被动电子标签,安全分析表明,该搜索协议满足数据完整性、实体认证性、实体匿名性和不可跟踪性。
The Internet of Things has become one of the strategic commanding heights in theeconomy and technology development of the current world. Radio frequency identification isa key technology in IOT. It transmits and obtains information via radio to identify objects. AnRFID system mainly consists of RFID tags, RFID readers and a back-end server. PassiveRFID tags are usually attached to or embedded in objects so that the object or the carrier canbe identified. Being the carrier of information, tags play a very important role in RFIDsystems. By identifying the tag, the reader can obtain the features of the object or theinformation of the owner.
There are several problems in the identification of the passive RFID tags, includingcollision problems, security problems and search problems. These problems restrict thelarge-scale use of RFID tags. So we study these problems in this dissertation, presentcomputation, proof and data in theory, make these theoretical results directly work in thepractical use by integrating the actual RFID tag hardware and RFID standards, and solve theproblems in the identification of passive RFID tags to promote the application of RFIDtechnology and the development of IOT.
This dissertation makes a relatively thorough research on the identification of passiveRFID tags and obtains several achievements. The main research content and results in thisdissertation are as follows:
1. Make unified description of the problems in the identification of passive RFID tags, i.e. collision problems, security problems and search problems. Search problems can beregarded as the combination of collision problems and security problems. The descriptionincludes the situation of the problem, the objective to be achieved, the existing obstacles andthe requirements to be satisfied to reach the goal.
2. Make a detailed review and analysis of the state of the art of RFID tag anti-collision algorithms. Propose a temporary ID based query tree RFID tag anti-collision algorithm. Eachtag in this algorithm selects a sequence from its ID as its temporary ID. When several tags areundistinguishable because of the same temporary ID, they will select other sequences in ID.The simulation results show that the algorithm has advantage over the query tree algorithmand its variants in terms of average number of transmitted bits for one tag identification. Sothe algorithm improves the identification efficiency. Propose a bi-slotted binary tree RFID taganti-collision algorithm with stack. Manchester code is used in this algorithm. Bi-slottedmechanism is adopted to reserve slots for the tag responses so that the average number oftransmitted bits by the tag and the number of collisions will be reduced. The reader maintainsa stack to record the position of collisions so that the number of queries sent by the reader isreduced and the useless repeated queries are dimished. Mathematical derivation andsimulation results both prove that the proposed algorithm outperforms the original binary treealgorithm in terms of time complexity and communication complexity and provide betterperformance on tag identification.
3. Analyze the design of a lightweight stream cipher named Trivium, destruct it toTrivium-model shift registers and generalize the structure to k rounds. Prove that thecharacteristic polynomial of a k-round Trivium-model shift register has the format of (1+x)kf(x) and define k-order primitive polynomials. Give the design criteria of Trivium-modelstream ciphers, requiring the characteristic polynomials of each round to be k-order primitivepolynomials. Based on the criteria, an improved version of Trivium is presented. Moreover, anew RFID tag oriented lightweight stream cipher, Quavium, is proposed. Quavium iscomposed of4-round Trivium-model shift registers and each round satisfies the k-orderprimitive polynomial so that the stream cipher can be used in a shorter version or in thecomplete version according to different application requirements. Experimental results showthat Quavium performs nearly the same as Trivium in both hardware and software. Quaviumof fewer rounds have better performance and is more suitable for the communication securityof passive RFID tags.
4. Study the simple RFID authentication protocols, the lightweight RFID authenticationprotocols and the ultralightweight RFID authentication protocols respectively. In the simpleRFID authentication protocols aspect, a typical anonymous RFID authentication protocolARAP is analyzed and impersonation attack is launched against this protocol. According tothe computation complexity requirements of simple protocols, a new operation named permutation is introduced and corresponding remedies are presented to improve the originalversion and resist impersonation attacks. In the lightweight RFID authentication protocolsaspect, a generalized3-round lightweight RFID mutual authentication protocol framework ispresented. It is proved that if the protocol framework is vulnerable to impersonation attacks,desynchronization attacks can also be launched against it. Based on this theorem,desynchronization attacks are launched against two lightweight RFID mutual authenticationprotocols in conformity with EPC C1G2standards. In addition, corresponding suggestions areproposed to change the computation of the messages sent by tags so as to resistdesynchronization attacks. In the ultralightweight RFID authentication protocols aspect, anultralightweight RFID authentication protocol with permutation is analyzed. Some theoremsrelated to the permutation and left rotation operations are proposed. It is pointed out thatultralightweight protocols have vulnerabilities due to the fact that tags cannot generaterandom numbers. Therefore, initial value mechanism is introduced to provide freshness in thetag end. An enhanced ultralightweight RFID authentication protocol is proposed and securityanalysis and performance evaluation are given.
5. Propose the design criteria for lightweight RFID search protocols and design aserverless lightweight RFID tag search protocol conforming to EPC C1G2standards.Compared with other search protocols, the proposed protocol requires fewer operation typesand less computation complexity. So it is more suitable for passive RFID tag search. Securityanalysis shows that the protocol achieves data integrity, entity authentication, entityanonymity and untraceability.
在被动电子标签的身份识别中存在一些问题,包括碰撞问题、安全问题以及搜索问题等,这些问题从一定程度上制约了电子标签的大规模应用。本课题通过对这些问题的研究,从理论上给出计算证明和相关数据,并结合被动电子标签的实际硬件和RFID标准要求,使这些理论成果可以直接在实际应用中发挥作用,解决被动电子标签在身份识别中存在的问题,促进RFID技术的应用和物联网的发展。本文针对被动电子标签身份识别中的问题进行了比较深入的研究,并取得了一系列的成果,主要研究内容和成果如下:
1.对被动电子标签身份识别中涉及到的碰撞问题、安全问题以及搜索问题进行统一的描述,其中,搜索问题可以看作碰撞问题和安全问题的结合。这些问题的描述包括问题存在的场景、所要达到的目标、存在的阻碍和达到目标应该满足的要求等;
2.在对电子标签防碰撞算法的研究现状进行详细的回顾及分析的基础上,提出基于临时ID的查询树电子标签防碰撞算法,从标签ID中选取字符串作为临时ID,当多个标签由于具有相同的临时ID而不可区分时,将重新选取字符串作为临时ID,给出仿真实验结果,表明该算法比查询树及其变型算法在标签平均传输比特数方面具有优势,从而提高标签识别的效率。提出带堆栈的双时隙二进制树电子标签防碰撞算法,该算法采用曼彻斯特编码,利用双时隙机制为标签预留响应时隙,减少标签发送的比特数和碰撞次数,采用堆栈的方法记录碰撞发生的位置,减少阅读器的查询次数和无用信息的重复查询,并分别从数学推导和实验结果证明所提出的算法比原始的二进制树算法在时间复杂度和通信复杂度方面都有所降低,提供了更高的标签识别性能;
3.研究分析轻量级序列密码Trivium的设计,定义Trivium型移位寄存器并将其推广到k轮,证明k轮的Trivium型移位寄存器的特征多项式形如(1+x)kf(x),定义k阶本原多项式,并给出Trivium型密码的设计准则,要求其每轮的特征多项式都为k阶本原多项式。根据该准则对Trivium算法进行改进,提出面向电子标签的轻量级序列密码Quavium,Quavium的设计基于4轮的Trivium型移位寄存器结构和k阶本原多项式,由于每轮都保持特征多项式的本原性,因此可以根据不同的应用需求采用不同寄存器长度的密码算法,实验结果表明,Quavium在硬件和软件上的性能几乎和Trivium相当,3轮甚至更少轮数的Quavium具有更佳的性能,更适用于被动电子标签的通信保密;
4.分别对简单级、轻量级和超轻量级RFID身份认证协议进行研究。在简单级的RFID认证协议方面,分析典型的匿名RFID认证协议ARAP协议,对该协议进行假冒攻击,针对简单级协议对计算复杂度的要求,提出置换操作及相应的改进措施,使其可以在原协议的基础上抵抗假冒攻击;在轻量级的RFID认证协议方面,给出一个广义的3轮轻量级RFID双向认证协议框架,证明如果该框架无法抵抗假冒攻击,那么还可以对该框架进行非同步攻击,根据此定理实现对两个符合EPC C1G2标准的轻量级双向认证协议的非同步攻击,并提出相应的修正方法,改变标签响应信息的计算;在超轻量级的RFID认证协议方面,对带置换的超轻量级RFID身份认证协议RAPP协议进行分析,给出与置换运算和循环左移运算相关的性质,指出超轻量级协议中存在的漏洞,原因是标签不具有产生伪随机数的能力,因此,引入初始值机制,设计增强型带置换的超轻量级协议,并分析协议的安全性和性能;
5.提出轻量级电子标签搜索协议的设计准则,并根据该准则设计了一个无需服务器的符合EPC C1G2标准的轻量级电子标签搜索协议,与其他搜索协议相比,该协议需要更少的操作类型和更低的计算复杂度,适用于被动电子标签,安全分析表明,该搜索协议满足数据完整性、实体认证性、实体匿名性和不可跟踪性。
The Internet of Things has become one of the strategic commanding heights in theeconomy and technology development of the current world. Radio frequency identification isa key technology in IOT. It transmits and obtains information via radio to identify objects. AnRFID system mainly consists of RFID tags, RFID readers and a back-end server. PassiveRFID tags are usually attached to or embedded in objects so that the object or the carrier canbe identified. Being the carrier of information, tags play a very important role in RFIDsystems. By identifying the tag, the reader can obtain the features of the object or theinformation of the owner.
There are several problems in the identification of the passive RFID tags, includingcollision problems, security problems and search problems. These problems restrict thelarge-scale use of RFID tags. So we study these problems in this dissertation, presentcomputation, proof and data in theory, make these theoretical results directly work in thepractical use by integrating the actual RFID tag hardware and RFID standards, and solve theproblems in the identification of passive RFID tags to promote the application of RFIDtechnology and the development of IOT.
This dissertation makes a relatively thorough research on the identification of passiveRFID tags and obtains several achievements. The main research content and results in thisdissertation are as follows:
1. Make unified description of the problems in the identification of passive RFID tags, i.e. collision problems, security problems and search problems. Search problems can beregarded as the combination of collision problems and security problems. The descriptionincludes the situation of the problem, the objective to be achieved, the existing obstacles andthe requirements to be satisfied to reach the goal.
2. Make a detailed review and analysis of the state of the art of RFID tag anti-collision algorithms. Propose a temporary ID based query tree RFID tag anti-collision algorithm. Eachtag in this algorithm selects a sequence from its ID as its temporary ID. When several tags areundistinguishable because of the same temporary ID, they will select other sequences in ID.The simulation results show that the algorithm has advantage over the query tree algorithmand its variants in terms of average number of transmitted bits for one tag identification. Sothe algorithm improves the identification efficiency. Propose a bi-slotted binary tree RFID taganti-collision algorithm with stack. Manchester code is used in this algorithm. Bi-slottedmechanism is adopted to reserve slots for the tag responses so that the average number oftransmitted bits by the tag and the number of collisions will be reduced. The reader maintainsa stack to record the position of collisions so that the number of queries sent by the reader isreduced and the useless repeated queries are dimished. Mathematical derivation andsimulation results both prove that the proposed algorithm outperforms the original binary treealgorithm in terms of time complexity and communication complexity and provide betterperformance on tag identification.
3. Analyze the design of a lightweight stream cipher named Trivium, destruct it toTrivium-model shift registers and generalize the structure to k rounds. Prove that thecharacteristic polynomial of a k-round Trivium-model shift register has the format of (1+x)kf(x) and define k-order primitive polynomials. Give the design criteria of Trivium-modelstream ciphers, requiring the characteristic polynomials of each round to be k-order primitivepolynomials. Based on the criteria, an improved version of Trivium is presented. Moreover, anew RFID tag oriented lightweight stream cipher, Quavium, is proposed. Quavium iscomposed of4-round Trivium-model shift registers and each round satisfies the k-orderprimitive polynomial so that the stream cipher can be used in a shorter version or in thecomplete version according to different application requirements. Experimental results showthat Quavium performs nearly the same as Trivium in both hardware and software. Quaviumof fewer rounds have better performance and is more suitable for the communication securityof passive RFID tags.
4. Study the simple RFID authentication protocols, the lightweight RFID authenticationprotocols and the ultralightweight RFID authentication protocols respectively. In the simpleRFID authentication protocols aspect, a typical anonymous RFID authentication protocolARAP is analyzed and impersonation attack is launched against this protocol. According tothe computation complexity requirements of simple protocols, a new operation named permutation is introduced and corresponding remedies are presented to improve the originalversion and resist impersonation attacks. In the lightweight RFID authentication protocolsaspect, a generalized3-round lightweight RFID mutual authentication protocol framework ispresented. It is proved that if the protocol framework is vulnerable to impersonation attacks,desynchronization attacks can also be launched against it. Based on this theorem,desynchronization attacks are launched against two lightweight RFID mutual authenticationprotocols in conformity with EPC C1G2standards. In addition, corresponding suggestions areproposed to change the computation of the messages sent by tags so as to resistdesynchronization attacks. In the ultralightweight RFID authentication protocols aspect, anultralightweight RFID authentication protocol with permutation is analyzed. Some theoremsrelated to the permutation and left rotation operations are proposed. It is pointed out thatultralightweight protocols have vulnerabilities due to the fact that tags cannot generaterandom numbers. Therefore, initial value mechanism is introduced to provide freshness in thetag end. An enhanced ultralightweight RFID authentication protocol is proposed and securityanalysis and performance evaluation are given.
5. Propose the design criteria for lightweight RFID search protocols and design aserverless lightweight RFID tag search protocol conforming to EPC C1G2standards.Compared with other search protocols, the proposed protocol requires fewer operation typesand less computation complexity. So it is more suitable for passive RFID tag search. Securityanalysis shows that the protocol achieves data integrity, entity authentication, entityanonymity and untraceability.
引文
[1] Juels A. RFID security and privacy: a research survey. IEEE Journal on Selected Areas inCommunications,2006,24(2):381-394.
[2] Finkenzeller K. RFID handbook: fundamentals and applications in contactless smartcards and identification (second edition). New York: John Wiley&Sons,2003.
[3] Shih D. H., Sun P. L., Yen D. C., etc. Taxonomy and survey of RFID anti-collisionprotocols. Computer Communications,2006,29(11):2150-2166.
[4] Klair D. K., Chin K. W., Raad R. A survey and tutorial of RFID anti-collision protocols.IEEE Communications Surveys&Tutorials,2010,12(3):400-421.
[5] Zhu L., Yum T. S. P. A critical survey and analysis of RFID anti-collision mechanisms.IEEE Communications Magazine,2011,49(5):214-221.
[6] Bueno-Delgado M. V., Vales-Alonso J. On the optimal frame-length configuration on realpassive RFID systems. Journal of Network and Computer Applications,2011,34(3):864-876.
[7] Kim C. S., Park K. L., Kim H. C., etc. An efficient stochastic anti-collision algorithmusing bit-slot mechanism. In Proceedings of the International Conference on Parallel andDistributed Processing Techniques and Applications,2004, pp.652-656.
[8] Wong C. P., Feng Q.. Grouping based bit-slot ALOHA protocol for tag anti-collision inRFID systems. IEEE Communications Letters,2007,11(12):946-948.
[9] Vogt H. Efficient object identification with passive RFID tags. In Proceedings of1stInternational Conference on Pervasive Computing,2002, pp.98-113.
[10]Cha J. R., Kim J. H. Novel anti-collision algorithms for fast object identification in RFIDsystem. In Proceedings of the11th International Conference on Parallel and DistributedSystems,2005, pp.63-67.
[11]Floerkemeier C. Transmission control scheme for fast RFID object identification. InProceedings of the4th Annual IEEE International Conference on Pervasive Computingand Communications Workshops,2006, pp.1-6.
[12]Kodialam M., Nandagopao T. Fast and reliable estimation schemes in RFID systems. InProceedings of12th Annual International Conference on Mobile Computing andNetworking,2006, pp.322-333.
[13]ISO/IEC. ISO/IEC15693. Identification cards–contactless integrated circuit(s) cards–vicinity cards–part3: anticollision and transmission protocol (version1.0). ISO/IEC,1999.
[14]EPCglobal. EPCTMradio-frequency identity protocols class-1generation-2UHF RFIDprotocol for communications at860MHz-960MHz version1.2.0. EPCglobal,2008.
[15]Lee D., Choi J., Lee W., etc. A time-optimal anti-collision algorithm for FSA-based RFIDsystems. ETRI Journal,2011,33(3):458-461.
[16]Zhu L., Yum T. S. P. The optimal reading strategy for EPC gen-2RFID anti-collisionsystems. IEEE Transactions on Communications,2010,58(9):2725-2733.
[17]Zhu L., Yum T. S. P. Optimal framed ALOHA based anti-collision algorithms for RFIDsystems. IEEE Transactions on Communications,2010,58(12):3583-3592.
[18]Myung J., Lee W., Srivastava J., etc. Tag-Splitting: adaptive collision arbitrationprotocols for RFID tag identification. IEEE Transactions on Parallel and DistributedSystems,2007,18(6):763-775.
[19]Cui Y., Zhao Y. Performance evaluation of a multi-branch tree algorithm in RFID. IEEETransactions on Communications,2010,58(5):1356-1364.
[20]Zhou F., Jin D., Huang C., etc. Optimize the power consumption of passive electronictags for anti-collision schemes. In Proceedings of5th International Conference on ASIC,2003, pp.1213-1217.
[21]Zhou F., Chen C., Jin D., etc. Evaluating and optimizing power consumption ofanti-collision protocols for applications in RFID systems. In Proceedings of InternationalSymposium on Low Power Electronics and Design,2004, pp.357-362.
[22]Law C., Lee K., Siu K. Y. Efficient memoryless protocol for tag identification (extendedabstract). In Proceedings of the4th International Workshop on Discrete Algorithms andMethods for Mobile Computing and Communications,2000, pp.75-84.
[23]Yeh K. H., Lo N. W., Winata E. CE-TIP: a code expansion based tag identificationprotocol for RFID systems. Journal of Information Science and Engineering,2011,27(2):777-788.
[24]Choi S. Y., Kim S. H., Tchah K. H. Hybrid anti-collision method based on maximumthroughput for RFID system. Electronics Letters,2010,46(19):1346-1348.
[25]Weis S. A., Saram S. E., Rivest R. L., etc. Security and privacy aspects of low-cost radiofrequency identification systems. In Proceedings of the1st International Conference onSecurity in Pervasive Computing,2003, pp.201-212.
[26]Shen J., Choi D., Moh S., etc. A novel anonymous RFID authentication protocolproviding strong privacy and security. In Proceedings of2010International Conferenceon Multimedia Information Networking and Security,2010, pp.548-588.
[27]Chen C.-L., Deng Y.-Y. Conformation of EPC class1generation2standards RFIDsystem with mutual authentication and privacy protection. Engineering Applications ofArtificial Intelligence,2009,22(8):1284-1291.
[28]Peris-Lopez P., Hernandez-Castro J. C., Tapiador J. M. E., etc. Cryptanalysis of an EPCclass-1generation-2standard compliant authentication protocol. EngineeringApplications of Artificial Intelligence,2011,24(6):1061-1069.
[29]Kapoor G., Piramuthu S. Vulnerabilities in Chen and Deng’s RFID mutual authenticationand privacy protection protocol. Engineering Applications of Artificial Intelligence,2011,24(7):1300-1302.
[30]Chien H.-Y., Chen C.-H. Mutual authentication protocol for RFID conforming to EPCclass1generation2standards. Computer Standards and Interfaces,2007,29(2):254-259.
[31]Karthikeyan S., Nesterenko M. RFID security without extensive cryptography. InProceedings of the3rd ACM Workshop on Security of Ad Hoc and Sensor Networks(SASN’05),2005, pp.63-67.
[32]Duc D. N., Park J., Lee H., etc. Enhancing security of EPCglobal Gen-2RFID tag againsttraceability and cloning. In Proceedings of the2006Symposium on Cryptography andInformation Security (SCIS’06),2006, pp.17-20.
[33]Peris-Lopez P., Hernandez-Castro J. C., Tapiador J. M. E., etc. Advances inultralightweight cryptography for low cost RFID tags: Gossamer protocol. In Proceedingsof WISA2008, LNCS5379,2009, pp.56-68.
[34]Yeh T.-C., Wang Y.-J., Kuo T.-C., etc. Securing RFID systems conforming to EPC class1generation2standard. Expert Systems with Applications,2010,37(12):7678-7683.
[35]Peris-Lopez P., Hernandez-Castro J. C., Tapiador J. M. E., etc. LMAP: a real lightweightmutual authentication protocol for low-cost RFID tags. In Proceedings of the2006Workshop RFID Security,2006.
[36]Peris-Lopez P., Hernandez-Castro J. C., Tapiador J. M. E., etc. M2AP: a minimalistmutual-authentication protocol for low cost RFID tags. In Proceedings of the2006International Conference on Ubiquitous Intelligence and Computing,2006, pp.912-923.
[37]Li T., Wang G. Security analysis of two ultra-lightweight RFID authentication protocols.In Proceedings of2007IFIP RC-11International Information Security Conference,2007,pp.109-120.
[38]Chien H.-Y. SASI: a new ultralightweight RFID authentication protocol providing strongauthentication and strong integrity. IEEE Transactions on Dependable and SecureComputing,2007,4(4):337-340.
[39]Cao T., Bertino E., Lei H. Security analysis of the SASI protocol. IEEE Transactions onDependable and Secure Computing,2009,6(1):73-77.
[40]Phan R. C.-W. Cryptanalysis of a new ultralightweight RFID authentication protocol–SASI. IEEE Transactions on Dependable and Secure Computing,2009,6(4):316-320.
[41]Sun H.-M., Ting W.-C., Wang K.-H. On the security of Chien’s ultralightweight RFIDauthentication protocol. IEEE Transactions on Dependable and Secure Computing,2011,8(2):315-317.
[42]D’Arco P., De Santis A. On ultralightweight RFID authentication protocols. IEEETransactions on Dependable and Secure Computing,2011,8(4):548-563.
[43]Hernandez-Castro J. C., Peris-Lopez P., Phan R. C.-W., etc. Cryptanalysis of theDavid-Prasad RFID ultralightweight authentication protocol. In Proceedings of2010International Workshop on Radio Frequency Identification: Security and Privacy Issues,2010, pp.22-34.
[44]汪浩.物联网的触点——RFID技术及专利的案例应用.北京:科学出版社,2010.
[45]董丽华. RFID技术与应用.北京:电子工业出版社,2008.
[46]黄玉兰.射频识别(RFID)核心技术详解.北京:人民邮电出版社,2010.
[47]贺才兴,童品苗,王纪林等.概率论与数理统计.北京:科学出版社,2004.
[48]李建华,张爱新,马春波等.现代密码技术.北京:机械工业出版社,2007.
[49]eSTREAM. http://www.ecrypt.eu.org/stream.
[50]范红,冯登国.安全协议理论与方法.北京:科学出版社,2003.
[51]Abadi M., Needham R. Prudent engineering practice for cryptographic protocols. IEEETransactions on Software Engineering,1996,22(1):6-15.
[52]Eom J. B., Yim S. B., Lee T. J. An efficient reader anticollision algorithm in dense RFIDnetworks with mobile RFID readers. IEEE Transactions on Industrial Electronics,2009,56(7):2326-2336.
[53]Mohsenian-Rad A. H., Shah-Mansouri V., Wong V. W. S., etc. Distributed channelselection and randomized interrogation algorithms for large-scale and dense RFIDsystems. IEEE Transactions on Wireless Communications,2010,9(4):1402-1413.
[54]Lai Y. C., Lin C. C. Two blocking algorithms on adaptive binary splitting: single andpaire resolutions for RFID tag identification. IEEE/ACM Transactions on Networking,2009,17(3):962-975.
[55]Shin J.-D., Yeo S.-S., Kim T.-H., etc. Hybrid tag anti-collision algorithms in RFIDsystems. In Proceedings of ICCS2007, LNCS4490,2007, pp.693-700.
[56]Namboodiri V., Gao L. Energy-aware tag anticollision protocols for RFID systems. IEEETransactions on Mobile Computing,2010,9(1):44-59.
[57]Eom J.-B., Lee T.-J., Rietman R., etc. An efficient framed-slotted ALOHA algorithm withpilot frame and binary selection for anti-collision of RFID tags. IEEE CommunicationsLetters,2008,12(11):861-863.
[58]Vales-Alonso J., Bueno-Delgado M. V., Egea-López E., etc. On the optimal identificationof tag sets in time-constrained RFID configurations. Sensors,2011,11(3):2946-2960.
[59]Zhen B., Kobayashi M., Shimizu M. Framed ALOHA for multiple RFID objectsidentification. IEICE Transactions on Communications,2005, E88-B(3):991-999.
[60]Lee S. R., Joo S. D., Lee C. W. An enhanced dynamic framed slotted ALOHA algorithmfor RFID tag identification. In: Proceedings of the2nd Annual International Conferenceon Mobile and Ubiquitous Systems: Networking and Services.2005, pp.166-172.
[61]Lee S. R., Lee C. W. An enhanced dynamic framed slotted ALOHA anti-collisionalgorithm. In: Proceedings of EUC2006Workshops.2006, pp.403-412.
[62]Kim J. G. A divide-and-conquer technique for throughput enhancement of RFIDanti-collision protocol. IEEE Communications Letters,2008,12(6):474-476.
[63]Klair D. K., Chin K. W. A novel anti-collision protocol for energy efficient identificationand monitoring in RFID-enhanced WSNs. In: Proceedings of17th InternationalConference on Computer Communications and Networks.2008, pp.22-29.
[64]Sarangan V., Devarapalli M. R., Radhakrishnan S. A framework for fast tag reading instatic and mobile environments. Computer Networks,2008,52(5):1058-1073.
[65]Wasikon S. M., Deris M. M. Hasten dynamic frame slotted ALOHA algorithm for fastidentification in RFID system. In: Proceedings of Infoscale2009,2009, pp.162-174.
[66]Chen W. T. An accurate tag estimate method for improving the performance of an RFIDanticollision algorithm based on dynamic frame length ALOHA. IEEE Transactions onAutomation Science and Engineering,2009,6(1):9-15.
[67]Wu H., Zeng Y. Bayesian tag estimate and optimal frame length for anti-collision AlohaRFID system. IEEE Transactions on Automation Science and Engineering,2010,7(4):963-969.
[68]Deng D. J., Tsao H. W. Optimal dynamic framed slotted ALOHA based anti-collisionalgorithm for RFID systems. Wireless Personal Communications,2011,59(1):109-122.
[69]Lee D., Kim K., Lee W. Q+-algorithm: an enhanced RFID tag collision arbitrationalgorithm. In: Proceedings of4thInternational Conference on Ubiquitous Intelligence andComputing, LNCS4611,2007, pp.23-32.
[70]Floerkemeier C. Bayesian transmission strategy for framed ALOHA based RFIDprotocols. In Proceedings of2007IEEE International Conference on RFID,2007, pp.228-235.
[71]Myung J., Lee W. Adaptive binary splitting: a RFID tag collision arbitration protocol fortag identification. In Proceedings of2ndInternational Conference on Broadband Networks,2005, pp.375-383.
[72]Myung J., Lee W. An adaptive memoryless tag anti-collision protocol for RFID networks.In Proceedings of IEEE INFOCOM,2005.
[73]Choi J., Lee I., Du D. Z., etc. FTTP: a fast tree traversal protocol for efficient tagidentification in RFID networks. IEEE Communications Letters,2010,14(8):713-715.
[74]Chen Y. H., Horng S. J., Run R. S., etc. A novel anti-collision algorithm in RFID systemsfor identifying passive tags. IEEE Transactions on Industrial Infromatics,2010,6(1):105-121.
[75]He M., Horng S. J., Fan P., etc. A fast RFID tag identification algorithm based on counterand stack. Expert Systems with Applications,2011,38(6):6829-6838.
[76]Wang T. P. Enhanced binary search with cut-through operation for anti-collision in RFIDsystems. IEEE Communications Letters,2006,10(4):236-238.
[77]Wu V. K. Y., Campbell R. H. Using generalized query tree to cope with the capture effectin RFID singulation. In Proceedings of6thIEEE Consumer Communications andNetworking Conference,2009, pp.1-5.
[78]Lai Y. C., H L. Y. General binary tree protocol for coping with the capture effect in RFIDtag identification. IEEE Communications Letters,2010,14(3):208-210.
[79]Choi J.H., Lee D., Lee H. Query tree-based reservation for efficient RFID taganti-collision. IEEE Communications Letters,2007,11(1),85-87.
[80]Jia X., Feng Q., Ma C. An efficient anti-collision protocol for RFID tag identification.IEEE Communications Letters,2010,14(11):1014-1016.
[81]Yang, C.-N., He, J.-Y. An effective16-bit random number aided query tree algorithm forRFID tag anti-collision[J]. IEEE Communications Letters,2011,15(5):539-541.
[82]常振华.一种RFID隐私保护认证协议及其应用研究.[硕士论文].河南:解放军信息工程大学.2008.
[83]Feldhofer M., Dominikus S., Wolkerstorfer J. Strong authentication for RFID systemsusing the AES algorithm. In Proceedings of Cryptographic Hardware and EmbeddedSystems, LNCS3156,2004, pp.357-370.
[84]Feldhofer M., Rechberger C. A case against currently used hash functions in RFIDprotocols. Presented at the1stInternational Workshop on Information Security,Montpellier, France,2006.
[85]O’Neil M. Low-cost SHA-1hash function architecture for RFID tags. Presented at theWorkshop on RFID Security, Budapest, Hungary,2008.
[86]Israsena P., Wongnamkum S. Hardware implementation of a TEA-based lightweightencryption for RFID security. In RFID Security,2009, pp.417-433.
[87]Batina L., Guajardo J., Kerins T., etc. An elliptic curve processor suitable for RFID-tags.IEEE Transactions on Compuers,2008,57(11):1514-1527.
[88]Tuyls P., Batina L. RFID-tags for anti-counterfeiting. Presented at the TopicsCryptography–CT-RSA2006, San Jose, CA,2006.
[89]Juels A., Molner D., Wagner D. Security and privacy issues in E-passports. InProceedings of1stInternational Conference on Security and Privacy for Emerging Areasin Communications Networks,2005, pp.74-88.
[90]Chien H.-Y. Secure access control schemes for RFID systems with anonymity. InProceedings of2006International Workshop on Future Mobile and UbiquitousInformation Technologies,2006, pp.96.
[91]Henrici A. D., M uller P. Hash-based enhancement of location privacy forradio-frequency identification devices using varying identifiers. In Proceedings of2ndIEEE Annual Conference on Pervasive Computing and Communications Workshops,2004, pp.149-153.
[92]Molnar D., Wagner D. Privacy and security in library RFID: issues, practices, andarchitectures. In Proceedings of Conference on Computer and Communications Security,2004, pp.210-219.
[93]Rhee K., Kwak J., Kim S., etc. Challenge-response based RFID authentication protocolfor distributed database environment. In Proceedings of International Conference onSecurity in Pervasive Computing,2005, pp.70-84.
[94]Juels A. Strengthening EPC tag against cloning. In Proceedings of ACM Workshop onWireless Security,2005, pp.67-76.
[95]Karthikeyan S., Nesterenko M. RFID security without extensive cryptography. InProceedings of3rdACM Workshop on Security of Ad Hoc and Sensor Networks,2005,pp.63-67.
[96]Hopper N. J., Blum M. Secure human identification protocols. In Proceedings of7thInternational Conference on Theory and Application of Cryptology and InformationSecurity,2001, pp.52-66.
[97]Juels A., Weis S. A. Authenticating pervasive devices with human protocols. InProceedings of25thAnnual International Cryptology Conference,2005, pp.293-308.
[98]Gilbert H., Robshaw M., Sibert H. An active attack against HB+-a provably securelightweight authentication protocol. Cryptology ePrint Archive, Report2005/237,2005,http://eprint.iacr.org/.
[99]Bringer J., Chabanne H., Dottax E. HB++: a lightweight authentication protocol secureagainst some attacks. In Proceedings of IEEE International Conference on PervasiveService, Workshop on Security, Privacy and Trust in Pervasive and UbiquitousComputing,2006, pp.28-33.
[100] Piramuthu S. HB and related lightweight authentication protocols for secure RFIDtag/reader authentication. In Proceedings of CollECTeR Europ Conference,2006.
[101] Munilla J., Peinado A. HB-MP: a further step in the HB-family of lightweightauthentication protocols. Computer Networks,2007,51(9):2262-2267.
[102] Avoine G. Adversarial model for radio frequency identification. Cryptology ePrintArchieve, Report2005/049,2005, http://eprint.iacr.org/.
[103] Juels A., Weis S. A. Defining strong privacy for RFID. In Proceedings of the IEEEPervasive Computing and Communication Conference,2007, pp.342-347.
[104] Damg rd I., Pedersen M. O. RFID security: tradeoffs between security and efficiency.In Proceedings of the Cryptographers’ Track of the RSA Conference,2008, pp.318-332.
[105] Vaudenay S. On privacy models for RFID. In Proceedings of the Annual CryptologyConference, LNCS4833,2007, pp.68-87.
[106] Ha J., Moon S.-J., Zhou J., etc. A new formal proof model for RFID location privacy.In Proceedings of the European Symposium on Research in Computer Security,2008, pp.267-281.
[107] Ma C., Li Y., Deng R. H., etc. RFID privacy: relation between two notions, minimalcondition, and efficient construction. In Proceedings of the ACM Conference onComputer and Communications Security,2009, pp.54-65.
[108] Li Y., Deng R. H., Lai J., etc. On two RFID privacy notions and their relations. ACMTransactions on Information and System Security,2011,14(4):1-23.
[109] ECRYPT network of excellence in cryptology.http://www.isg.rhul.ac.uk/research/projects/ecrypt/stvl/sasc.html.
[110] De Cannière C., Preneel B. TRIVIUM specification.http://www.ecrypt.eu.org/stream/p3ciphers/trivium/trivium_p3.pdf,2007.
[111] De Cannière C. Trivium: a stream cipher construction inspired by block cipherdesign principles. In Information Security, LNCS4176,2006, pp.171-186.
[112] Maximov A., Biryukov A. Two trivial attacks on TRIVIUM. In SASC2007: The stateof the art of stream ciphers,2007, pp.1-16.
[113] Eibach T., Pilz E., and Steck S. Comparing and optimizing two generic attacks onBivium. In Workshop on The state of the art of stream ciphers,2008, pp.57-68.
[114] Turan M. S., Kara O. Linear approximations for2-round Trivium. In Workshop onThe state of the art of stream ciphers,2007, pp.22-32.
[115] Turan M. S., Do anaksoy A., alik. Statistical analysis of synchronous streamciphers. In Workshop on Stream ciphers revisited,2006.
[116] Fischer S., Khazaei S., Meier W. Chosen IV statistical analysis for key recoveryattacks on stream ciphers. In Workshop on The state of the art of Stream ciphers,2008, pp.33-42.
[117] Dinur I., Shamir A. Cube attacks on tweakable black box polynomials. CryptologyePrint Archieve, Report2008/385,2008, http://eprint.icar.org/2008/385.
[118] Feldhofer M. Comparison of low-power implementations of Trivium and Grain. InWorkshop on The state of the art of stream ciphers,2007, pp.236-246.
[119] Gaj K., Southern G., Bachimanchi R. Comparison of hardware performance ofselected phase II eSTREAM candidates. In Workshop on the state of the art of streamciphers,2007, pp.225-235.
[120] Good T, Chelton W., Benaissa M. Review of stream cipher candidates from a lowresource hardware perspective. In Workshop on stream ciphers revisited,2006.
[121] Gürkaynak F. K., Luethi P., Bernold N., etc. Hardware evaluation of eSTREAMcandidates. In Workshop on stream ciphers revisited,2006.
[122] Rogawski M. Hardware evaluation of eSTREAM candidates. In Workshop on thestate of the art of stream ciphers,2007, pp.215-224.
[123] Lano, L., Mentens, N., Preneel, B., etc. Power analysis of synchronous streamciphers with resynchronization mechanism. In ECRYPT Workshop, SASC-The State ofthe Art of Stream Ciphers,2004, pp.327-333.
[124] Courtois, N.T., Meier, W. Algebraice attacks on stream ciphers with linear feedback.In Proceedings of the22ndInternational Conference on Theory and Applications ofCryptographic Techniques, LNCS, vol.2656,2003, pp.345-359.
[125] Knellwolf, S., Meier, W., Naya-Plasencia, M. Conditional differential cryptanalysisof NLFSR-based cryptosystems. In Proceedings of ASIACRYPT2010, LNCS6477,2010, pp.130-145.
[126] Mitrokotsa A., Rieback M. R., Tanenbaum A. S. Classifying RFID Attacks andDefenses. Information Systems Frontiers,2010,12(5):491-505.
[127] Langheinrich M. A Survey of RFID Privacy Approaches. Personal and UbiquitousComputing,2009,13(6):413-421.
[128] Li J., Song D., Guo X., etc. ID Updating-Based RFID Mutual AuthenticationProtocol for Low-Cost Tags. China Communications,2011,8(7):122-127.
[129] Qi Y., Yao Q., Chen Y., etc. Study on RFID Authentication Protocol Theory. ChinaCommunications,2011,8(1):65-71.
[130] Yoon E. J. Improvement of the Securing RFID Systems Conforming to EPC Class1Generation2Standard. Expert Systems with Applications,2012,39(1):1589-1594.
[131] Piramuthu S. Lightweight Cryptographic Authentication in Passive RFID-taggedSystems. IEEE Transactions on Systems, Man and Cybernetics-Part C: Applications andReviews,2008,38(3):360-376.
[132] Piramuthu S. Vulnerabilities of RFID protocols proposed in ISF. InformationSystems Frontiers,2012,14(3):647-651.
[133] Piramuthu S. RFID Mutual Authentication Protocols. Decision Support Systems,2011,50(2):387-393.
[134] Lv C., Li H., Ma J., etc. Security analysis of two recently proposed RFIDauthentication protocols. Frontiers of Computer Science in China,2011,5(3):335-340.
[135] Safkhani M., Bagheri N., Naderi M. Cryptanalysis of AZUMI: An EPC Class-1Generation-2Standard Compliant RFID Authentication Protocol. Cryptology ePrintArchieve, Report2011/424,2011, http://eprint.iacr.org//2011/424.
[136] Safkhani M., Bagheri N., Sanadhya S. K., etc. Cryptanalysis of Improved Yeh et al.'sAuthentication Protocol: An EPC Class-1Generation-2Standard Compliant Protocol.Cryptology ePrint Archieve, Report2011/426,2011, http://eprint.iacr.org//2011/426.
[137] Tian Y., Chen G., Li J. A new ultralightweight RFID authentication protocol withpermutation. IEEE Communications Letters,2012,16(5):702-705.
[138] Wang S., Han Z., Liu S., etc. Security analysis of RAPP: an RFID authenticationprotocol based on permutation.Cryptology ePrint Archieve, Report2012/327,2012,http://eprint.iacr.org//2012/327.
[139] Ahdian Z., Salmasizadeh M., Aref M. R. Desynchronization attack on RAPPultralightweight authentication protocol. Information Processing Letters,2013,113(7):205-209.
[140] Tan C. C., Sheng B., Li Q. Secure and serverless RFID authentication and searchprotocols. IEEE Transactions on Wireless Communications,2008,7(4):1400-1407.
[141] Tan C. C., Sheng B., Li Q. Serverless search and authentication protocols for RFID.In Proceedings of the5thAnnual IEEE International Conference on Pervasive Computingand Communications (PerCom’07),2007, pp.3-12.
[142] Won T. Y., Chun J. Y., Lee D. H. Strong authentication protocol for secure RFID tagsearch without help of central database. In Proceedings of IEEE/IFIP InternationalConference on Embedded and Ubiquitous Computing,2008, pp.153-158.
[143] Hoque M. E., Rahman F., Ahamed S. I., etc. Enhancing privacy and security of RFIDsystems with serverless authentication and search protocols in pervasive environments.Wireless Personal Communications,2010,55(1):65-79.
[144] Zuo Y. Secure and private search protocols for RFID systems. Information SystemsFrontiers,2010,12(5):507-519.
[145] Piramuthu S. Vulnerabilities of RFID protocols proposed in ISF. InformationSystems Frontiers,2012,14(3):647-651.
[146] Ahamed S. I., Rahman F., Hoque E., etc. Secure and efficient tag searching in RFIDsystems using serverless search protocol. International Journal of Security and itsApplications,2008,2(4):57-66.
[2] Finkenzeller K. RFID handbook: fundamentals and applications in contactless smartcards and identification (second edition). New York: John Wiley&Sons,2003.
[3] Shih D. H., Sun P. L., Yen D. C., etc. Taxonomy and survey of RFID anti-collisionprotocols. Computer Communications,2006,29(11):2150-2166.
[4] Klair D. K., Chin K. W., Raad R. A survey and tutorial of RFID anti-collision protocols.IEEE Communications Surveys&Tutorials,2010,12(3):400-421.
[5] Zhu L., Yum T. S. P. A critical survey and analysis of RFID anti-collision mechanisms.IEEE Communications Magazine,2011,49(5):214-221.
[6] Bueno-Delgado M. V., Vales-Alonso J. On the optimal frame-length configuration on realpassive RFID systems. Journal of Network and Computer Applications,2011,34(3):864-876.
[7] Kim C. S., Park K. L., Kim H. C., etc. An efficient stochastic anti-collision algorithmusing bit-slot mechanism. In Proceedings of the International Conference on Parallel andDistributed Processing Techniques and Applications,2004, pp.652-656.
[8] Wong C. P., Feng Q.. Grouping based bit-slot ALOHA protocol for tag anti-collision inRFID systems. IEEE Communications Letters,2007,11(12):946-948.
[9] Vogt H. Efficient object identification with passive RFID tags. In Proceedings of1stInternational Conference on Pervasive Computing,2002, pp.98-113.
[10]Cha J. R., Kim J. H. Novel anti-collision algorithms for fast object identification in RFIDsystem. In Proceedings of the11th International Conference on Parallel and DistributedSystems,2005, pp.63-67.
[11]Floerkemeier C. Transmission control scheme for fast RFID object identification. InProceedings of the4th Annual IEEE International Conference on Pervasive Computingand Communications Workshops,2006, pp.1-6.
[12]Kodialam M., Nandagopao T. Fast and reliable estimation schemes in RFID systems. InProceedings of12th Annual International Conference on Mobile Computing andNetworking,2006, pp.322-333.
[13]ISO/IEC. ISO/IEC15693. Identification cards–contactless integrated circuit(s) cards–vicinity cards–part3: anticollision and transmission protocol (version1.0). ISO/IEC,1999.
[14]EPCglobal. EPCTMradio-frequency identity protocols class-1generation-2UHF RFIDprotocol for communications at860MHz-960MHz version1.2.0. EPCglobal,2008.
[15]Lee D., Choi J., Lee W., etc. A time-optimal anti-collision algorithm for FSA-based RFIDsystems. ETRI Journal,2011,33(3):458-461.
[16]Zhu L., Yum T. S. P. The optimal reading strategy for EPC gen-2RFID anti-collisionsystems. IEEE Transactions on Communications,2010,58(9):2725-2733.
[17]Zhu L., Yum T. S. P. Optimal framed ALOHA based anti-collision algorithms for RFIDsystems. IEEE Transactions on Communications,2010,58(12):3583-3592.
[18]Myung J., Lee W., Srivastava J., etc. Tag-Splitting: adaptive collision arbitrationprotocols for RFID tag identification. IEEE Transactions on Parallel and DistributedSystems,2007,18(6):763-775.
[19]Cui Y., Zhao Y. Performance evaluation of a multi-branch tree algorithm in RFID. IEEETransactions on Communications,2010,58(5):1356-1364.
[20]Zhou F., Jin D., Huang C., etc. Optimize the power consumption of passive electronictags for anti-collision schemes. In Proceedings of5th International Conference on ASIC,2003, pp.1213-1217.
[21]Zhou F., Chen C., Jin D., etc. Evaluating and optimizing power consumption ofanti-collision protocols for applications in RFID systems. In Proceedings of InternationalSymposium on Low Power Electronics and Design,2004, pp.357-362.
[22]Law C., Lee K., Siu K. Y. Efficient memoryless protocol for tag identification (extendedabstract). In Proceedings of the4th International Workshop on Discrete Algorithms andMethods for Mobile Computing and Communications,2000, pp.75-84.
[23]Yeh K. H., Lo N. W., Winata E. CE-TIP: a code expansion based tag identificationprotocol for RFID systems. Journal of Information Science and Engineering,2011,27(2):777-788.
[24]Choi S. Y., Kim S. H., Tchah K. H. Hybrid anti-collision method based on maximumthroughput for RFID system. Electronics Letters,2010,46(19):1346-1348.
[25]Weis S. A., Saram S. E., Rivest R. L., etc. Security and privacy aspects of low-cost radiofrequency identification systems. In Proceedings of the1st International Conference onSecurity in Pervasive Computing,2003, pp.201-212.
[26]Shen J., Choi D., Moh S., etc. A novel anonymous RFID authentication protocolproviding strong privacy and security. In Proceedings of2010International Conferenceon Multimedia Information Networking and Security,2010, pp.548-588.
[27]Chen C.-L., Deng Y.-Y. Conformation of EPC class1generation2standards RFIDsystem with mutual authentication and privacy protection. Engineering Applications ofArtificial Intelligence,2009,22(8):1284-1291.
[28]Peris-Lopez P., Hernandez-Castro J. C., Tapiador J. M. E., etc. Cryptanalysis of an EPCclass-1generation-2standard compliant authentication protocol. EngineeringApplications of Artificial Intelligence,2011,24(6):1061-1069.
[29]Kapoor G., Piramuthu S. Vulnerabilities in Chen and Deng’s RFID mutual authenticationand privacy protection protocol. Engineering Applications of Artificial Intelligence,2011,24(7):1300-1302.
[30]Chien H.-Y., Chen C.-H. Mutual authentication protocol for RFID conforming to EPCclass1generation2standards. Computer Standards and Interfaces,2007,29(2):254-259.
[31]Karthikeyan S., Nesterenko M. RFID security without extensive cryptography. InProceedings of the3rd ACM Workshop on Security of Ad Hoc and Sensor Networks(SASN’05),2005, pp.63-67.
[32]Duc D. N., Park J., Lee H., etc. Enhancing security of EPCglobal Gen-2RFID tag againsttraceability and cloning. In Proceedings of the2006Symposium on Cryptography andInformation Security (SCIS’06),2006, pp.17-20.
[33]Peris-Lopez P., Hernandez-Castro J. C., Tapiador J. M. E., etc. Advances inultralightweight cryptography for low cost RFID tags: Gossamer protocol. In Proceedingsof WISA2008, LNCS5379,2009, pp.56-68.
[34]Yeh T.-C., Wang Y.-J., Kuo T.-C., etc. Securing RFID systems conforming to EPC class1generation2standard. Expert Systems with Applications,2010,37(12):7678-7683.
[35]Peris-Lopez P., Hernandez-Castro J. C., Tapiador J. M. E., etc. LMAP: a real lightweightmutual authentication protocol for low-cost RFID tags. In Proceedings of the2006Workshop RFID Security,2006.
[36]Peris-Lopez P., Hernandez-Castro J. C., Tapiador J. M. E., etc. M2AP: a minimalistmutual-authentication protocol for low cost RFID tags. In Proceedings of the2006International Conference on Ubiquitous Intelligence and Computing,2006, pp.912-923.
[37]Li T., Wang G. Security analysis of two ultra-lightweight RFID authentication protocols.In Proceedings of2007IFIP RC-11International Information Security Conference,2007,pp.109-120.
[38]Chien H.-Y. SASI: a new ultralightweight RFID authentication protocol providing strongauthentication and strong integrity. IEEE Transactions on Dependable and SecureComputing,2007,4(4):337-340.
[39]Cao T., Bertino E., Lei H. Security analysis of the SASI protocol. IEEE Transactions onDependable and Secure Computing,2009,6(1):73-77.
[40]Phan R. C.-W. Cryptanalysis of a new ultralightweight RFID authentication protocol–SASI. IEEE Transactions on Dependable and Secure Computing,2009,6(4):316-320.
[41]Sun H.-M., Ting W.-C., Wang K.-H. On the security of Chien’s ultralightweight RFIDauthentication protocol. IEEE Transactions on Dependable and Secure Computing,2011,8(2):315-317.
[42]D’Arco P., De Santis A. On ultralightweight RFID authentication protocols. IEEETransactions on Dependable and Secure Computing,2011,8(4):548-563.
[43]Hernandez-Castro J. C., Peris-Lopez P., Phan R. C.-W., etc. Cryptanalysis of theDavid-Prasad RFID ultralightweight authentication protocol. In Proceedings of2010International Workshop on Radio Frequency Identification: Security and Privacy Issues,2010, pp.22-34.
[44]汪浩.物联网的触点——RFID技术及专利的案例应用.北京:科学出版社,2010.
[45]董丽华. RFID技术与应用.北京:电子工业出版社,2008.
[46]黄玉兰.射频识别(RFID)核心技术详解.北京:人民邮电出版社,2010.
[47]贺才兴,童品苗,王纪林等.概率论与数理统计.北京:科学出版社,2004.
[48]李建华,张爱新,马春波等.现代密码技术.北京:机械工业出版社,2007.
[49]eSTREAM. http://www.ecrypt.eu.org/stream.
[50]范红,冯登国.安全协议理论与方法.北京:科学出版社,2003.
[51]Abadi M., Needham R. Prudent engineering practice for cryptographic protocols. IEEETransactions on Software Engineering,1996,22(1):6-15.
[52]Eom J. B., Yim S. B., Lee T. J. An efficient reader anticollision algorithm in dense RFIDnetworks with mobile RFID readers. IEEE Transactions on Industrial Electronics,2009,56(7):2326-2336.
[53]Mohsenian-Rad A. H., Shah-Mansouri V., Wong V. W. S., etc. Distributed channelselection and randomized interrogation algorithms for large-scale and dense RFIDsystems. IEEE Transactions on Wireless Communications,2010,9(4):1402-1413.
[54]Lai Y. C., Lin C. C. Two blocking algorithms on adaptive binary splitting: single andpaire resolutions for RFID tag identification. IEEE/ACM Transactions on Networking,2009,17(3):962-975.
[55]Shin J.-D., Yeo S.-S., Kim T.-H., etc. Hybrid tag anti-collision algorithms in RFIDsystems. In Proceedings of ICCS2007, LNCS4490,2007, pp.693-700.
[56]Namboodiri V., Gao L. Energy-aware tag anticollision protocols for RFID systems. IEEETransactions on Mobile Computing,2010,9(1):44-59.
[57]Eom J.-B., Lee T.-J., Rietman R., etc. An efficient framed-slotted ALOHA algorithm withpilot frame and binary selection for anti-collision of RFID tags. IEEE CommunicationsLetters,2008,12(11):861-863.
[58]Vales-Alonso J., Bueno-Delgado M. V., Egea-López E., etc. On the optimal identificationof tag sets in time-constrained RFID configurations. Sensors,2011,11(3):2946-2960.
[59]Zhen B., Kobayashi M., Shimizu M. Framed ALOHA for multiple RFID objectsidentification. IEICE Transactions on Communications,2005, E88-B(3):991-999.
[60]Lee S. R., Joo S. D., Lee C. W. An enhanced dynamic framed slotted ALOHA algorithmfor RFID tag identification. In: Proceedings of the2nd Annual International Conferenceon Mobile and Ubiquitous Systems: Networking and Services.2005, pp.166-172.
[61]Lee S. R., Lee C. W. An enhanced dynamic framed slotted ALOHA anti-collisionalgorithm. In: Proceedings of EUC2006Workshops.2006, pp.403-412.
[62]Kim J. G. A divide-and-conquer technique for throughput enhancement of RFIDanti-collision protocol. IEEE Communications Letters,2008,12(6):474-476.
[63]Klair D. K., Chin K. W. A novel anti-collision protocol for energy efficient identificationand monitoring in RFID-enhanced WSNs. In: Proceedings of17th InternationalConference on Computer Communications and Networks.2008, pp.22-29.
[64]Sarangan V., Devarapalli M. R., Radhakrishnan S. A framework for fast tag reading instatic and mobile environments. Computer Networks,2008,52(5):1058-1073.
[65]Wasikon S. M., Deris M. M. Hasten dynamic frame slotted ALOHA algorithm for fastidentification in RFID system. In: Proceedings of Infoscale2009,2009, pp.162-174.
[66]Chen W. T. An accurate tag estimate method for improving the performance of an RFIDanticollision algorithm based on dynamic frame length ALOHA. IEEE Transactions onAutomation Science and Engineering,2009,6(1):9-15.
[67]Wu H., Zeng Y. Bayesian tag estimate and optimal frame length for anti-collision AlohaRFID system. IEEE Transactions on Automation Science and Engineering,2010,7(4):963-969.
[68]Deng D. J., Tsao H. W. Optimal dynamic framed slotted ALOHA based anti-collisionalgorithm for RFID systems. Wireless Personal Communications,2011,59(1):109-122.
[69]Lee D., Kim K., Lee W. Q+-algorithm: an enhanced RFID tag collision arbitrationalgorithm. In: Proceedings of4thInternational Conference on Ubiquitous Intelligence andComputing, LNCS4611,2007, pp.23-32.
[70]Floerkemeier C. Bayesian transmission strategy for framed ALOHA based RFIDprotocols. In Proceedings of2007IEEE International Conference on RFID,2007, pp.228-235.
[71]Myung J., Lee W. Adaptive binary splitting: a RFID tag collision arbitration protocol fortag identification. In Proceedings of2ndInternational Conference on Broadband Networks,2005, pp.375-383.
[72]Myung J., Lee W. An adaptive memoryless tag anti-collision protocol for RFID networks.In Proceedings of IEEE INFOCOM,2005.
[73]Choi J., Lee I., Du D. Z., etc. FTTP: a fast tree traversal protocol for efficient tagidentification in RFID networks. IEEE Communications Letters,2010,14(8):713-715.
[74]Chen Y. H., Horng S. J., Run R. S., etc. A novel anti-collision algorithm in RFID systemsfor identifying passive tags. IEEE Transactions on Industrial Infromatics,2010,6(1):105-121.
[75]He M., Horng S. J., Fan P., etc. A fast RFID tag identification algorithm based on counterand stack. Expert Systems with Applications,2011,38(6):6829-6838.
[76]Wang T. P. Enhanced binary search with cut-through operation for anti-collision in RFIDsystems. IEEE Communications Letters,2006,10(4):236-238.
[77]Wu V. K. Y., Campbell R. H. Using generalized query tree to cope with the capture effectin RFID singulation. In Proceedings of6thIEEE Consumer Communications andNetworking Conference,2009, pp.1-5.
[78]Lai Y. C., H L. Y. General binary tree protocol for coping with the capture effect in RFIDtag identification. IEEE Communications Letters,2010,14(3):208-210.
[79]Choi J.H., Lee D., Lee H. Query tree-based reservation for efficient RFID taganti-collision. IEEE Communications Letters,2007,11(1),85-87.
[80]Jia X., Feng Q., Ma C. An efficient anti-collision protocol for RFID tag identification.IEEE Communications Letters,2010,14(11):1014-1016.
[81]Yang, C.-N., He, J.-Y. An effective16-bit random number aided query tree algorithm forRFID tag anti-collision[J]. IEEE Communications Letters,2011,15(5):539-541.
[82]常振华.一种RFID隐私保护认证协议及其应用研究.[硕士论文].河南:解放军信息工程大学.2008.
[83]Feldhofer M., Dominikus S., Wolkerstorfer J. Strong authentication for RFID systemsusing the AES algorithm. In Proceedings of Cryptographic Hardware and EmbeddedSystems, LNCS3156,2004, pp.357-370.
[84]Feldhofer M., Rechberger C. A case against currently used hash functions in RFIDprotocols. Presented at the1stInternational Workshop on Information Security,Montpellier, France,2006.
[85]O’Neil M. Low-cost SHA-1hash function architecture for RFID tags. Presented at theWorkshop on RFID Security, Budapest, Hungary,2008.
[86]Israsena P., Wongnamkum S. Hardware implementation of a TEA-based lightweightencryption for RFID security. In RFID Security,2009, pp.417-433.
[87]Batina L., Guajardo J., Kerins T., etc. An elliptic curve processor suitable for RFID-tags.IEEE Transactions on Compuers,2008,57(11):1514-1527.
[88]Tuyls P., Batina L. RFID-tags for anti-counterfeiting. Presented at the TopicsCryptography–CT-RSA2006, San Jose, CA,2006.
[89]Juels A., Molner D., Wagner D. Security and privacy issues in E-passports. InProceedings of1stInternational Conference on Security and Privacy for Emerging Areasin Communications Networks,2005, pp.74-88.
[90]Chien H.-Y. Secure access control schemes for RFID systems with anonymity. InProceedings of2006International Workshop on Future Mobile and UbiquitousInformation Technologies,2006, pp.96.
[91]Henrici A. D., M uller P. Hash-based enhancement of location privacy forradio-frequency identification devices using varying identifiers. In Proceedings of2ndIEEE Annual Conference on Pervasive Computing and Communications Workshops,2004, pp.149-153.
[92]Molnar D., Wagner D. Privacy and security in library RFID: issues, practices, andarchitectures. In Proceedings of Conference on Computer and Communications Security,2004, pp.210-219.
[93]Rhee K., Kwak J., Kim S., etc. Challenge-response based RFID authentication protocolfor distributed database environment. In Proceedings of International Conference onSecurity in Pervasive Computing,2005, pp.70-84.
[94]Juels A. Strengthening EPC tag against cloning. In Proceedings of ACM Workshop onWireless Security,2005, pp.67-76.
[95]Karthikeyan S., Nesterenko M. RFID security without extensive cryptography. InProceedings of3rdACM Workshop on Security of Ad Hoc and Sensor Networks,2005,pp.63-67.
[96]Hopper N. J., Blum M. Secure human identification protocols. In Proceedings of7thInternational Conference on Theory and Application of Cryptology and InformationSecurity,2001, pp.52-66.
[97]Juels A., Weis S. A. Authenticating pervasive devices with human protocols. InProceedings of25thAnnual International Cryptology Conference,2005, pp.293-308.
[98]Gilbert H., Robshaw M., Sibert H. An active attack against HB+-a provably securelightweight authentication protocol. Cryptology ePrint Archive, Report2005/237,2005,http://eprint.iacr.org/.
[99]Bringer J., Chabanne H., Dottax E. HB++: a lightweight authentication protocol secureagainst some attacks. In Proceedings of IEEE International Conference on PervasiveService, Workshop on Security, Privacy and Trust in Pervasive and UbiquitousComputing,2006, pp.28-33.
[100] Piramuthu S. HB and related lightweight authentication protocols for secure RFIDtag/reader authentication. In Proceedings of CollECTeR Europ Conference,2006.
[101] Munilla J., Peinado A. HB-MP: a further step in the HB-family of lightweightauthentication protocols. Computer Networks,2007,51(9):2262-2267.
[102] Avoine G. Adversarial model for radio frequency identification. Cryptology ePrintArchieve, Report2005/049,2005, http://eprint.iacr.org/.
[103] Juels A., Weis S. A. Defining strong privacy for RFID. In Proceedings of the IEEEPervasive Computing and Communication Conference,2007, pp.342-347.
[104] Damg rd I., Pedersen M. O. RFID security: tradeoffs between security and efficiency.In Proceedings of the Cryptographers’ Track of the RSA Conference,2008, pp.318-332.
[105] Vaudenay S. On privacy models for RFID. In Proceedings of the Annual CryptologyConference, LNCS4833,2007, pp.68-87.
[106] Ha J., Moon S.-J., Zhou J., etc. A new formal proof model for RFID location privacy.In Proceedings of the European Symposium on Research in Computer Security,2008, pp.267-281.
[107] Ma C., Li Y., Deng R. H., etc. RFID privacy: relation between two notions, minimalcondition, and efficient construction. In Proceedings of the ACM Conference onComputer and Communications Security,2009, pp.54-65.
[108] Li Y., Deng R. H., Lai J., etc. On two RFID privacy notions and their relations. ACMTransactions on Information and System Security,2011,14(4):1-23.
[109] ECRYPT network of excellence in cryptology.http://www.isg.rhul.ac.uk/research/projects/ecrypt/stvl/sasc.html.
[110] De Cannière C., Preneel B. TRIVIUM specification.http://www.ecrypt.eu.org/stream/p3ciphers/trivium/trivium_p3.pdf,2007.
[111] De Cannière C. Trivium: a stream cipher construction inspired by block cipherdesign principles. In Information Security, LNCS4176,2006, pp.171-186.
[112] Maximov A., Biryukov A. Two trivial attacks on TRIVIUM. In SASC2007: The stateof the art of stream ciphers,2007, pp.1-16.
[113] Eibach T., Pilz E., and Steck S. Comparing and optimizing two generic attacks onBivium. In Workshop on The state of the art of stream ciphers,2008, pp.57-68.
[114] Turan M. S., Kara O. Linear approximations for2-round Trivium. In Workshop onThe state of the art of stream ciphers,2007, pp.22-32.
[115] Turan M. S., Do anaksoy A., alik. Statistical analysis of synchronous streamciphers. In Workshop on Stream ciphers revisited,2006.
[116] Fischer S., Khazaei S., Meier W. Chosen IV statistical analysis for key recoveryattacks on stream ciphers. In Workshop on The state of the art of Stream ciphers,2008, pp.33-42.
[117] Dinur I., Shamir A. Cube attacks on tweakable black box polynomials. CryptologyePrint Archieve, Report2008/385,2008, http://eprint.icar.org/2008/385.
[118] Feldhofer M. Comparison of low-power implementations of Trivium and Grain. InWorkshop on The state of the art of stream ciphers,2007, pp.236-246.
[119] Gaj K., Southern G., Bachimanchi R. Comparison of hardware performance ofselected phase II eSTREAM candidates. In Workshop on the state of the art of streamciphers,2007, pp.225-235.
[120] Good T, Chelton W., Benaissa M. Review of stream cipher candidates from a lowresource hardware perspective. In Workshop on stream ciphers revisited,2006.
[121] Gürkaynak F. K., Luethi P., Bernold N., etc. Hardware evaluation of eSTREAMcandidates. In Workshop on stream ciphers revisited,2006.
[122] Rogawski M. Hardware evaluation of eSTREAM candidates. In Workshop on thestate of the art of stream ciphers,2007, pp.215-224.
[123] Lano, L., Mentens, N., Preneel, B., etc. Power analysis of synchronous streamciphers with resynchronization mechanism. In ECRYPT Workshop, SASC-The State ofthe Art of Stream Ciphers,2004, pp.327-333.
[124] Courtois, N.T., Meier, W. Algebraice attacks on stream ciphers with linear feedback.In Proceedings of the22ndInternational Conference on Theory and Applications ofCryptographic Techniques, LNCS, vol.2656,2003, pp.345-359.
[125] Knellwolf, S., Meier, W., Naya-Plasencia, M. Conditional differential cryptanalysisof NLFSR-based cryptosystems. In Proceedings of ASIACRYPT2010, LNCS6477,2010, pp.130-145.
[126] Mitrokotsa A., Rieback M. R., Tanenbaum A. S. Classifying RFID Attacks andDefenses. Information Systems Frontiers,2010,12(5):491-505.
[127] Langheinrich M. A Survey of RFID Privacy Approaches. Personal and UbiquitousComputing,2009,13(6):413-421.
[128] Li J., Song D., Guo X., etc. ID Updating-Based RFID Mutual AuthenticationProtocol for Low-Cost Tags. China Communications,2011,8(7):122-127.
[129] Qi Y., Yao Q., Chen Y., etc. Study on RFID Authentication Protocol Theory. ChinaCommunications,2011,8(1):65-71.
[130] Yoon E. J. Improvement of the Securing RFID Systems Conforming to EPC Class1Generation2Standard. Expert Systems with Applications,2012,39(1):1589-1594.
[131] Piramuthu S. Lightweight Cryptographic Authentication in Passive RFID-taggedSystems. IEEE Transactions on Systems, Man and Cybernetics-Part C: Applications andReviews,2008,38(3):360-376.
[132] Piramuthu S. Vulnerabilities of RFID protocols proposed in ISF. InformationSystems Frontiers,2012,14(3):647-651.
[133] Piramuthu S. RFID Mutual Authentication Protocols. Decision Support Systems,2011,50(2):387-393.
[134] Lv C., Li H., Ma J., etc. Security analysis of two recently proposed RFIDauthentication protocols. Frontiers of Computer Science in China,2011,5(3):335-340.
[135] Safkhani M., Bagheri N., Naderi M. Cryptanalysis of AZUMI: An EPC Class-1Generation-2Standard Compliant RFID Authentication Protocol. Cryptology ePrintArchieve, Report2011/424,2011, http://eprint.iacr.org//2011/424.
[136] Safkhani M., Bagheri N., Sanadhya S. K., etc. Cryptanalysis of Improved Yeh et al.'sAuthentication Protocol: An EPC Class-1Generation-2Standard Compliant Protocol.Cryptology ePrint Archieve, Report2011/426,2011, http://eprint.iacr.org//2011/426.
[137] Tian Y., Chen G., Li J. A new ultralightweight RFID authentication protocol withpermutation. IEEE Communications Letters,2012,16(5):702-705.
[138] Wang S., Han Z., Liu S., etc. Security analysis of RAPP: an RFID authenticationprotocol based on permutation.Cryptology ePrint Archieve, Report2012/327,2012,http://eprint.iacr.org//2012/327.
[139] Ahdian Z., Salmasizadeh M., Aref M. R. Desynchronization attack on RAPPultralightweight authentication protocol. Information Processing Letters,2013,113(7):205-209.
[140] Tan C. C., Sheng B., Li Q. Secure and serverless RFID authentication and searchprotocols. IEEE Transactions on Wireless Communications,2008,7(4):1400-1407.
[141] Tan C. C., Sheng B., Li Q. Serverless search and authentication protocols for RFID.In Proceedings of the5thAnnual IEEE International Conference on Pervasive Computingand Communications (PerCom’07),2007, pp.3-12.
[142] Won T. Y., Chun J. Y., Lee D. H. Strong authentication protocol for secure RFID tagsearch without help of central database. In Proceedings of IEEE/IFIP InternationalConference on Embedded and Ubiquitous Computing,2008, pp.153-158.
[143] Hoque M. E., Rahman F., Ahamed S. I., etc. Enhancing privacy and security of RFIDsystems with serverless authentication and search protocols in pervasive environments.Wireless Personal Communications,2010,55(1):65-79.
[144] Zuo Y. Secure and private search protocols for RFID systems. Information SystemsFrontiers,2010,12(5):507-519.
[145] Piramuthu S. Vulnerabilities of RFID protocols proposed in ISF. InformationSystems Frontiers,2012,14(3):647-651.
[146] Ahamed S. I., Rahman F., Hoque E., etc. Secure and efficient tag searching in RFIDsystems using serverless search protocol. International Journal of Security and itsApplications,2008,2(4):57-66.