摘要
针对RFID标签搜索过程中产生的安全与隐私问题,设计了一个轻量级无服务型RFID安全搜索协议.通过严格时间戳的方式对移动读写器的时间权限进行管理,提出松散时间戳和HASH函数相结合的方式对无线信道进行安全防护,其利用HASH函数的单向性保证了协议消息的完整性和保密性,利用碰撞原理实现了可调节的隐私强度及搜索效率.在UC框架下证明了协议满足通用可组合安全性,使得协议可运行在并发环境当中,在标准安全模型下证明了协议满足抵抗重放、去同步、跟踪及匿名性等攻击方式,提出的搜索协议具有强安全性和强隐私性.
To solve the problems of security and privacy caused by RFID tags search process, a light- weight service-less RFID security search protocol was designed. Firstly, through strict timestamp, the time permissions of the mobile reader were managed. Secondly, the method of combining loose timestamp and HASH function for the safety protection of the wireless channel was put forward, the one-way character of HASH function was used to ensure the integrity and confidentiality of interactive messages. Finally, the collision thought was made use of to realize the adjustable intensity of privacy and search efficiency. Under the UC framework, it was proved that the protocol could meet universally cornposable security, enabling the protocol to run in the concurrent environment. Under the standard security model, it was proved that the protocol could effectively resist replay attack, de-synchronization attack, track attack, anonymity attack and so on. It follows that the proposed protocol has strong security and privacy.
出处
《湖南大学学报(自然科学版)》
EI
CAS
CSCD
北大核心
2014年第8期117-124,共8页
Journal of Hunan University:Natural Sciences
基金
国家重大基础研究发展计划(973计划)资助项目(2012CB724400)
国际科技合作专项资助项目(2013DFG72850)