计算机科学与探索 ›› 2019, Vol. 13 ›› Issue (3): 418-428.DOI: 10.3778/j.issn.1673-9418.1801050

• 网络与信息安全 • 上一篇    下一篇

采用PUF保护位置隐私的轻量级RFID移动认证协议

孙子文1,2+,李  松1   

  1. 1. 江南大学 物联网工程学院,江苏 无锡 214122
    2. 江南大学 物联网技术应用教育部工程研究中心,江苏 无锡 214122
  • 出版日期:2019-03-01 发布日期:2019-03-11

Lightweight Authentication Protocol for Location Privacy Using PUF in Mobile RFID System

SUN Ziwen1,2+, LI Song1   

  1. 1. School of Internet of Things Engineering, Jiangnan University, Wuxi, Jiangsu 214122, China
    2. Engineering Research Center of Internet of Things Technology Applications Ministry of Education, Jiangnan University, Wuxi, Jiangsu 214122, China
  • Online:2019-03-01 Published:2019-03-11

摘要: 将RFID(radio frequency identification)技术应用于供应链管理,可极大提高供应链系统的识别效率和商品信息的追溯能力。EPC C1G2(electronic product code class 1 generation 2)标准凭借远距离识别和低成本标签的价格优势成为供应链中应用最广的协议标准。针对低成本标签的安全和隐私问题,采用PUF(physical unclonable function)作为密钥生成机制以抵御攻击者假冒攻击,实现商品的防伪保护;引入对读写器身份的安全认证,以适应供应链中移动认证的应用环境;采用二次剩余定理和不断更新的共享密钥机制实现标签的前向和后向不可追踪性,保护标签携带者的位置隐私。仿真结果表明,服务器的识别效率为O(1),满足供应链对RFID系统可拓展的应用要求。

关键词: 无线射频识别(RFID), 物理不可克隆函数(PUF), 安全认证, 保护位置隐私, 轻量级

Abstract: The application of RFID (radio frequency identification) technology in the supply chain management can greatly improve the traceability of commodity information and the identification efficiency of the supply chain system. With the advantages of long-distance identification and low-cost tag price, the EPC C1G2 (electronic product code class 1 generation 2) has become the most widely used protocol standard in the supply chain. Aiming at the security and privacy problem of low-cost tag, PUF (physical unclonable function) is adopted to generate the session key to resist impersonation attack and achieve anti-counterfeit protection of commodity. The security authentication of reader identity is introduced to adapt to the application environment of mobile authentication in the supply chain. The location privacy of the tag??s owner can be well protected by using the quadratic residue theorem and the constantly updated share key which achieves the tag??s forward untraceable and backward untraceable properties. Simulation results show that the identification efficiency of server is O(1) which means the proposed methods can meet the scalable requirement of supply chain system.

Key words: radio frequency identification (RFID), physical unclonable function (PUF), security authentication, location privacy protection, lightweight