CN102684872B - Safety communication method for ultrahigh frequency radio-frequency identification air interface based on symmetrical encryption - Google Patents
Safety communication method for ultrahigh frequency radio-frequency identification air interface based on symmetrical encryption Download PDFInfo
- Publication number
- CN102684872B CN102684872B CN201110155162.9A CN201110155162A CN102684872B CN 102684872 B CN102684872 B CN 102684872B CN 201110155162 A CN201110155162 A CN 201110155162A CN 102684872 B CN102684872 B CN 102684872B
- Authority
- CN
- China
- Prior art keywords
- label
- write line
- read write
- key
- security parameter
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Landscapes
- Storage Device Security (AREA)
Abstract
The invention discloses a safety communication method for an ultrahigh frequency radio-frequency identification air interface based on symmetrical encryption. The safety communication method comprises the following steps of: performing symmetrical encryption one-way identification on a reader-writer by a label of a system; performing symmetrical encryption one-way authentication on the label by the reader-writer of the system; performing symmetrical encryption bidirectional authentication on the label by the reader-writer; and performing safety communication on the reader-writer and the label of the system, wherein authentication key negotiation is firstly performed by the reader-writer and the label during the authentication process; the legality of the identity of the opposite party is judged by verifying the encryption capacity; and a random session key is generated after the authentication is ended, so that a safe channel for the confidential communication between the reader-writer and the label is provided.
Description
Technical field
The invention belongs to technical field of RFID, relate to a kind of security mechanism of radio-frequency recognition system air interface, particularly relate to a kind of safety certification and communication means of the ultrahigh-frequency radio-frequency identification system air interface based on symmetric cryptography.
Background technology
Radio-frequency (RF) identification (Radio Frequency Identification is called for short RFID) technology is a kind of non-contact automatic identification technology, and its general principle utilizes radiofrequency signal and Space Coupling transmission characteristic, realizes being known the automatic identification of object.Hyperfrequency (UHF) rfid system refers to that operating frequency is the rfid system of 800 ~ 900MHz.The simplest rfid system comprises electronic tag (abbreviation label), read write line and antenna.Wherein, the various information of tag storage object correlation, read write line is communicated with label by radiofrequency signal, obtains the identifying information that label stores, and the information after process can be write in label again.
RFID technique has been widely used in the various fields such as industrial automation, business automation, communications and transportation control and management at present.Along with the broad development of RFID technique, the safety problem of the safety problem of rfid system particularly air interface highlights day by day, becomes one of key factor of restriction RFID technique application development.Due to the opening of radio communication channel, the air interface of rfid system also exists great potential safety hazard, be faced with various security risk and threat, attacks such as such as eavesdropping, palm off, reset, follow the tracks of, flow analysis and information are distorted, thus needs the safety measure proposing to be applicable to rfid system hardware condition and application demand badly.
The traffic model of rfid system forms by three layers, is followed successively by from top to bottom: physical layer, communication layers and application layer.Physical layer mainly solves the problems such as electric signal, channel allocation, physical carrier.Communication layers defines exchanges data and the instruction of read write line and label communication.Application layer applies directly related content for solving with the superiors, comprises the expression and processing logic etc. of identification, certification, application layer data.International Industry circle and academia roughly can be divided into two classes to the solution that the safety problem of rfid system air interface proposes: a class is the fail safe by physical means protection label, is mainly positioned at physical layer and the communication layers of traffic model; Another kind of is adopt the security protocol based on cryptographic technique, is positioned at the application layer of traffic model.
Physical method can solve the safety problem of rfid system air interface to a certain extent, but physical method makes the utilance of label low, and fail safe is not very good.Compared with physical method, the security protocol based on cryptographic technique is more and more subject to people and more favors.It mainly uses various certification and cryptographic means to guarantee the data security between label and read write line.Because label resources is limited, many security protocols based on cryptographic technique all with Hash function for core design.But reveal based on the security protocol ubiquity position of Hash function, plaintext transmission id information, the security breaches such as hash value conflict, be not suitable for having certain requirements finance, diplomacy and national defence to fail safe.Use perfect cryptographic algorithm, as symmetric cryptographic algorithm, fundamentally can resist eavesdropping, the attack such as flow analysis, information are distorted, tracking, guaranteeing the security attributes such as the confidentiality of data, integrality, authenticity, availability, is the research main flow in this direction at present.
Summary of the invention
The object of the invention is to, for the deficiency of the security protocol based on Hash function, propose a kind of ultrahigh-frequency radio-frequency identification system air-interface security based on symmetric cryptography mechanism, realize two-way authentication, for the confidential corespondence of read write line and label provides safe lane.
For solving the problems of the technologies described above, the technical solution adopted in the present invention is: provide a kind of super high frequency radio frequency identification air-interface security authentication method based on symmetric cryptography, the method is by following 1), 2), 3) and 4) form:
1) the symmetric cryptography unilateral authentication of system label and read write line;
2) system read-write device is to the symmetric cryptography unilateral authentication of label
3) read write line is to the symmetric cryptography two-way authentication of label;
4) secure communication of system read-write device and label.
Described super high frequency radio frequency identification, hereafter represents with UHF RFID.
UHF rfid system label is to the symmetric cryptography unilateral authentication of read write line, and read write line first carries out unilateral authentication before access tag, can help the access control realizing system level.
UHF rfid system read write line is to the symmetric cryptography one-way authentication method of label, and read write line first carries out unilateral authentication to it before access tag, ensure transfer of data reliable stream to, prevent illegal label malice connecting system.
The symmetric cryptography two-way authentication of UHF rfid system read write line and label, all carries out certification to label and read write line, ensure that the authenticity of communicating pair.
The secure communication of UHF rfid system read write line and label, after read write line and label carry out unilateral authentication or two-way authentication, with the Content of Communication of the session key high level of stochastic generation, effectively ensure the confidentiality of transfer of data, integrality, authenticity and availability.
The invention provides label in UHF rfid system to ensure the unilateral authentication of read write line, read write line and the two-way authentication of label and the secure communication of read write line and label; the major part attack that RFID air interface faces can be resisted; comprise: eavesdropping attacks, Replay Attack, impersonation attack, malice tracking, information distorts, forward direction is attacked and backward attack etc., and the privacy of tag holder can be protected.
The present invention is applicable to passive UHF rfid system, the data security of read write line and label air interface and secret protection in high-grade UHF rfid system in can meeting.
Security Target of the present invention is:
(1) Standard Symmetric Multivariate cryptographic algorithm is adopted to realize two-way authentication between label and read write line;
(2) label sends to the information with data of read write line each all not identical;
(3) read write line a information is sent to cannot to infer other the information content according to label;
(4) cannot know according to the information of transmission mutually between label and read write line the content that label carries;
(5) obtain the information of some labels, the information on other label cannot be gone out by this information inference.
Application claims read write line and label should possess certain calculating and storage capacity.The built-in tandom number generator of read write line and a decipher circuit.Storage security parameter and label key in label, the built-in tandom number generator of label and a decipher circuit.
One, the symmetric cryptography unilateral authentication flow process of label to read write line is as follows:
(1) read write line sends security parameter and obtains order Get_SecPara;
(2) label sends security parameter SecPara;
(3) read write line is according to the safety function in security parameter, produces random number N
r, send request authentication command Req_Auth (N
r);
(4) label produces random number N
t, first use key K
t, N
rand N
tgenerate authenticate key AK, then produce challenge word C
t, send N
tand C
t;
(5) the cipher key index coupling label key K in read write line security parameter
t, first use K
t, N
rand N
tgenerate authenticate key AK, then produce session key SK, then encrypt C with AK
t|| SK, sends unilateral authentication order Auth (E
aK(C
t|| SK));
(6) label AK deciphers E
aK(C
t|| SK) obtain C
t' || SK, if C
t' and C
tequal, label thinks that read write line is by certification, and session key is SK, and label returns mode of operation State; Otherwise label thinks read write line not by certification, label returns mode of operation State.
Two, the symmetric cryptography unilateral authentication flow process of read write line to label is as follows:
(1) read write line sends security parameter and obtains order Get_SecPara;
(2) label sends security parameter SecPara;
(3) read write line is according to the safety function in security parameter, produces random number N
rwith challenge word C
r, transmission obtains authentication command Get_Auth (N
r, C
r);
(4) label produces random number N
t, first use key K
t, N
rand N
tgenerate authenticate key AK, then produce session key SK, encrypt C with AK
r|| SK obtains E
aK(C
r|| SK) send to read write line;
(5) the cipher key index coupling label key K in read write line security parameter
t, first use K
t, N
rand N
tgenerate authenticate key AK, then decipher E with AK
aK(C
r|| SK) obtain C
r' || SK, if C
r' and C
requal, read write line thinks that label is by certification, and session key is SK, otherwise read write line thinks that label does not pass through certification.
Three, the symmetric cryptography two-way authentication flow process of read write line and label is as follows:
(1) read write line sends security parameter and obtains order Get_SecPara;
(2) label sends security parameter SecPara;
(3) read write line is according to the safety function in security parameter, produces random number N
r, send request authentication command Req_Auth (N
r);
(4) label produces random number N
t, first use K
t, N
rand N
tgenerate authenticate key AK, then produce challenge word C
t, send N
tand C
t;
(5) the cipher key index coupling label key K in read write line security parameter
t, first use K
t, N
rand N
tgenerate authenticate key AK, then produce challenge word C
rwith session key SK, then encrypt C with AK
r|| C
t|| SK, sends two-way authentication order Mul_Auth (E
aK(C
r|| C
t|| SK));
(6) label AK deciphers E
aK(C
r|| C
t|| SK) obtain C
r' || C
t' || SK, if C
t' and C
tequal, label thinks that read write line is by certification, and session key is SK, otherwise label thinks that read write line does not pass through certification; If certification is passed through, label sends C
r';
(7) read write line compares C
r' and C
rif equal, read write line thinks that label is by certification, and session key is SK, otherwise read write line thinks that label does not pass through certification.
Four, the secure communication of read write line and label is carried out after certification completes, and secure communication flow process is as follows:
(1) read write line produces random number SN
r, encrypt cmd||SN with SK
r, send secure communication order Sec_Com (E
sK(cmd||SN
r));
(2) label SK deciphers E
sK(cmd||SN
r) obtain cmd||SN
r', label performs the order in cmd, and operating result is result; Then random number SN is produced
t, encrypt result||SN with SK
tobtain E
sK(result||SN
t) send to read write line;
(3) read write line SK deciphering obtains result||SN
t', tag operational result is result.
Order in above-mentioned flow process and symbol description as follows:
Get_SecPara: security parameter obtains order.
Req_Auth (): request authentication order.
Auth (): unilateral authentication order.
Get_Auth (): obtain authentication command.
Mul_Auth (): two-way authentication order.
Sec_Com (): secure communication order.
N
r: the random number that read write line produces, for generating authenticate key.
N
t: the random number that label produces, for generating authenticate key.
C
r: the random number that read write line produces, as the challenge word of authenticating tag.
C
t: the random number that label produces, as the challenge word of certification read write line.
SN
r: the random number that read write line produces, as encrypted random number.
SN
t: the random number that label produces, as encrypted random number.
K
t: label key.
AK: authenticate key.
SK: session key.
SecPara: tag storage to certification and encrypt relevant security parameter.
State: the mode of operation of label response command.
Cmd: not containing the command frame of checking data section.
Result: not containing the response data packet of checking data section.
||: bit is connected.
E
k(X): the ciphertext of X being encrypted by key K.
Accompanying drawing explanation
Fig. 1 is the symmetric cryptography unilateral authentication schematic flow sheet of UHF rfid system label of the present invention to read write line;
Fig. 2 is the symmetric cryptography unilateral authentication schematic flow sheet of UHF rfid system read write line of the present invention to label;
Fig. 3 is the symmetric cryptography two-way authentication schematic flow sheet of UHF rfid system read write line of the present invention and label;
Fig. 4 is the secure communication schematic flow sheet of UHF rfid system read write line of the present invention and label;
Fig. 5 is security parameter format chart.
Embodiment
Below in conjunction with accompanying drawing, specific embodiments of the invention are described in detail.
Fig. 1 is the symmetric cryptography unilateral authentication flow process of UHF rfid system label to read write line, and concrete enforcement comprises:
(1) read write line sends security parameter and obtains order Get_SecPara;
The frame format that security parameter obtains order is as follows:
Wherein:
Command code: security parameter obtains the coding of order.
Label handle: 11 random numbers and CRC-5 sent are signed and issued in inventory procedure acceptance of the bid.The generator polynomial of CRC-5 is x
5+ x
3+ 1.
Verification: CRC-16 calculates and comprises command code and label handle data segment.The generator polynomial of CRC-16 is x
16+ x
12+ x
5+ 1.If the verification comprised in the order that label receives is wrong, label does not respond this order.
(2) label sends security parameter SecPara;
The response data packet format that security parameter obtains order is as follows:
Wherein:
Security parameter: the security parameter in index label memory block, comprise safe mode, safety function, response reference time, random number length, cryptographic algorithm, key length and cipher key index etc., form is as Fig. 5:
Be defined as follows:
A) safe mode: indicating label the need of carrying out safety certification, the need of securely communicating.
B) safety function: the safety function that indicating label is supported, comprises label to the symmetric cryptography unilateral authentication of read write line, read write line to the symmetric cryptography unilateral authentication of label, read write line and the symmetric cryptography two-way authentication of label and the secure communication of read write line and label.
C) reference time is responded: instruction read write line sends request authentication command, unilateral authentication order, obtains the maximum time needing after authentication command, two-way authentication order or secure communication order etc. are ordered to continue to send continuous carrier.
D) random number length: the length of the random number generated in instruction identifying procedure, in units of word.
E) cryptographic algorithm: the symmetric encipherment algorithm that instruction adopts.
F) key length: instruction encryption algorithm key length.
G) cipher key index: be label key K
tone-way hash value, in units of word.Cipher key index for read write line, for mating label key K
t.
Label handle: 11 random numbers and CRC-5 sent are signed and issued in inventory procedure acceptance of the bid.
Verification: CRC-16 calculates and comprises security parameter and label handle data segment.
(3) read write line is according to the safety function in security parameter, produces random number N
r, send request authentication command Req_Auth (N
r);
The frame format of request authentication order is as follows:
Wherein:
Command code: the coding of request authentication order.
Label handle: 11 random numbers and CRC-5 sent are signed and issued in inventory procedure acceptance of the bid.
Verification: CRC-16 calculates and comprises command code and label handle data segment.If the verification comprised in the order that label receives is wrong, label does not respond this order.
(4) label produces random number N
t, first use key K
t, N
rand N
tgenerate authenticate key AK, then produce challenge word C
t, send N
tand C
t;
The response data packet format of request authentication order is as follows:
Wherein:
Random number: the random number for generating authenticate key that label produces, i.e. N
t.
Challenge word: the random number for certification that label produces, i.e. C
t.
Label handle: 11 random numbers and CRC-5 sent are signed and issued in inventory procedure acceptance of the bid.
Verification: CRC-16 calculates and comprises random number, challenge word and label handle data segment.
(5) the cipher key index coupling label key K in read write line security parameter
t, first use K
t, N
rand N
tgenerate authenticate key AK, then produce session key SK, then encrypt C with AK
t|| SK, sends unilateral authentication order Auth (E
aK(C
t|| SK));
The frame format of unilateral authentication order is as follows:
Wherein:
Command code: the coding of unilateral authentication order.
Verify data: read write line to challenge word and the encrypted result of session key, i.e. E
aK(C
t|| SK).
Label handle: 11 random numbers and CRC-5 sent are signed and issued in inventory procedure acceptance of the bid.
Verification: CRC-16 calculates and comprises command code, verify data and label handle data segment.If the verification comprised in the order that label receives is wrong, label does not respond this order.
(6) label AK deciphers E
aK(C
t|| SK) obtain C
t' || SK, if C
t' and C
tequal, label thinks that read write line is by certification, and session key is SK, and label returns mode of operation State; Otherwise label thinks read write line not by certification, label returns mode of operation State.
The response data packet format of unilateral authentication order is as follows:
Wherein:
Mode of operation: the mode of operation after label response command, implication comprises authentication success or operation failure.
Label handle: 11 random numbers and CRC-5 sent are signed and issued in inventory procedure acceptance of the bid.
Verification: CRC-16 calculates and comprises mode of operation and label handle data segment.
Fig. 2 is the symmetric cryptography unilateral authentication flow process of UHF rfid system read write line to label, and concrete enforcement comprises:
(1) read write line sends security parameter and obtains order Get_SecPara;
(2) label sends security parameter SecPara;
(3) read write line is according to the safety function in security parameter, produces random number N
rwith challenge word C
r, transmission obtains authentication command Get_Auth (N
r, C
r);
The frame format obtaining authentication command is as follows:
Wherein:
Command code: the coding obtaining authentication command.
Random number: the random number for generating authenticate key that read write line produces, i.e. N
r.
Challenge word: the random number for certification that read write line produces, i.e. C
r.
Label handle: 11 random numbers and CRC-5 sent are signed and issued in inventory procedure acceptance of the bid.
Verification: CRC-16 calculates and comprises command code, random number, challenge word and label handle data segment.If the verification comprised in the order that label receives is wrong, label does not respond this order.
(4) label produces random number N
t, first use key K
t, N
rand N
tgenerate authenticate key AK, then produce session key SK, encrypt C with AK
r|| SK obtains E
aK(C
r|| SK) send to read write line;
The response data packet format obtaining authentication command is as follows:
Wherein:
Verify data: label to challenge word and the encrypted result of session key, i.e. E
aK(C
r|| SK).
Label handle: 11 random numbers and CRC-5 sent are signed and issued in inventory procedure acceptance of the bid.
Verification: CRC-16 calculates and comprises verify data and label handle data segment.
(5) the cipher key index coupling label key K in read write line security parameter
t, first use K
t, N
rand N
tgenerate authenticate key AK, then decipher E with AK
aK(C
r|| SK) obtain C
r' || SK, if C
r' and C
requal, read write line thinks that label is by certification, and session key is SK, otherwise read write line thinks that label does not pass through certification.
Fig. 3 is the symmetric cryptography two-way authentication flow process of UHF rfid system read write line and label, and concrete enforcement comprises:
(1) read write line sends security parameter and obtains order Get_SecPara;
(2) label sends security parameter SecPara;
(3) read write line is according to the safety function in security parameter, produces random number N
r, send request authentication command Req_Auth (N
r);
(4) label produces random number N
t, first use K
t, N
rand N
tgenerate authenticate key AK, then produce challenge word C
t, send N
tand C
t;
(5) the cipher key index coupling label key K in read write line security parameter
t, first use K
t, N
rand N
tgenerate authenticate key AK, then produce challenge word C
rwith session key SK, then encrypt C with AK
r|| C
t|| SK, sends two-way authentication order Mul_Auth (E
aK(C
r|| C
t|| SK));
The frame format of two-way authentication order is as follows:
Wherein:
Command code: the coding of two-way authentication order.
Verify data: read write line to challenge word and the encrypted result of session key, i.e. E
aK(C
r|| C
t|| SK).
Label handle: 11 random numbers and CRC-5 sent are signed and issued in inventory procedure acceptance of the bid.
Verification: CRC-16 calculates and comprises command code, verify data and label handle data segment.If the verification comprised in the order that label receives is wrong, label does not respond this order.
(6) label AK deciphers E
aK(C
r|| C
t|| SK) obtain C
r' || C
t' || SK, if C
t' and C
tequal, label thinks that read write line is by certification, and session key is SK, otherwise label thinks that read write line does not pass through certification; If certification is passed through, label sends C
r';
The response data packet format of two-way authentication order is as follows:
Wherein:
Challenge word: the challenge word that tag decrypts returns, i.e. C
r'.
Label handle: 11 random numbers and CRC-5 sent are signed and issued in inventory procedure acceptance of the bid.
Verification: CRC-16 calculates and comprises challenge word and label handle data segment.
(7) read write line compares C
r' and C
rif equal, read write line thinks that label is by certification, and session key is SK, otherwise read write line thinks that label does not pass through certification.
Fig. 4 is the secure communication flow process of UHF rfid system read write line and label, and concrete enforcement comprises:
(1) read write line produces random number SN
r, encrypt cmd||SN with SK
r, send secure communication order Sec_Com (E
sK(cmd||SN
r));
The frame format of secure communication order is as follows:
Wherein:
Command code: the coding of secure communication order.
Enciphered data: the order data of read write line encryption.
Label handle: 11 random numbers and CRC-5 sent are signed and issued in inventory procedure acceptance of the bid.
Verification: CRC-16 calculates and comprises command code, enciphered data and label handle data segment.If the verification comprised in the order that label receives is wrong, label does not respond this order.
(2) label SK deciphers E
sK(cmd||SN
r) obtain cmd||SN
r', label performs the order in cmd, and operating result is result; Then label produces random number SN
t, encrypt result||SN with SK
tobtain E
sK(result||SN
t) send to read write line;
The response data packet format of secure communication order is as follows:
Wherein:
Enciphered data: the response data of tag encryption.
Label handle: 11 random numbers and CRC-5 sent are signed and issued in inventory procedure acceptance of the bid.
Verification: CRC-16 calculates and comprises enciphered data and label handle data segment.
(3) read write line SK deciphering obtains result||SN
t', tag operational result is result.
In above flow process, key K used by label (read write line)
t, random number N
rwith N
tthe method generating authenticate key AK is as follows:
First, according to label support cryptographic algorithm by N
r|| N
tbe extended to initial vector IV;
Then, key K is used
tsymmetric cryptography is carried out to IV and obtains authenticate key AK, namely
Claims (1)
1., based on a super high frequency radio frequency identification air-interface security communication means for symmetric cryptography, the method comprises:
1) system label is to the symmetric cryptography unilateral authentication of read write line;
2) system read-write device is to the symmetric cryptography unilateral authentication of label;
3) system read-write device is to the symmetric cryptography two-way authentication of label;
4) secure communication of system read-write device and label;
It is characterized in that, the symmetric cryptography unilateral authentication step of system label to read write line is as follows:
1) read write line sends security parameter and obtains order Get_SecPara;
2) label sends security parameter SecPara;
3) read write line is according to the safety function in security parameter, produces random number N
r, send request authentication command Req_Auth (N
r);
4) label produces random number N
t, first use key K
t, N
rand N
tgenerate authenticate key AK, then produce challenge word C
t, send N
tand C
t;
5) the cipher key index coupling label key K in read write line security parameter
t, first use K
t, N
rand N
tgenerate authenticate key AK, then produce session key SK, then encrypt C with AK
t|| SK, sends unilateral authentication order Auth (E
aK(C
t|| SK)), wherein || represent bit series connection, E
aKthe ciphertext that expression key K is encrypted X;
6) label AK deciphers E
aK(C
t|| SK) obtain C
t' || SK, if C
t' and C
tequal, label thinks that read write line is by certification, and session key is SK, and label returns mode of operation State; Otherwise label thinks read write line not by certification, label returns mode of operation State;
The symmetric cryptography unilateral authentication flow process of system read-write device to label is as follows:
1) read write line sends security parameter and obtains order Get_SecPara;
2) label sends security parameter SecPara;
3) read write line is according to the safety function in security parameter, produces random number N
rwith challenge word C
r, transmission obtains authentication command Get_Auth (N
r, C
r);
4) label produces random number N
t, first use key K
t, N
rand N
tgenerate authenticate key AK, then produce session key SK, encrypt C with AK
r|| SK obtains E
aK(C
r|| SK) send to read write line;
5) the cipher key index coupling label key K in read write line security parameter
t, first use K
t, N
rand N
tgenerate authenticate key AK, then decipher E with AK
aK(C
r|| SK) obtain C
r' || SK, if C
r' and C
requal, read write line thinks that label is by certification, and session key is SK, otherwise read write line thinks that label does not pass through certification;
The symmetric cryptography two-way authentication flow process of system read-write device to label is as follows:
1) read write line sends security parameter and obtains order Get_SecPara;
2) label sends security parameter SecPara;
3) read write line is according to the safety function in security parameter, produces random number N
r, send request authentication command Req_Auth (N
r);
4) label produces random number N
t, first use K
t, N
rand N
tgenerate authenticate key AK, then produce challenge word C
t, send N
tand C
t;
5) the cipher key index coupling label key K in read write line security parameter
t, first use K
t, N
rand N
tgenerate authenticate key AK, then produce challenge word C
rwith session key SK, then encrypt C with AK
r|| C
t|| SK, sends two-way authentication order Mul_Auth (E
aK(C
r|| C
t|| SK));
6) label AK deciphers E
aK(C
r|| C
t|| SK) obtain C
r' || C
t' || SK, if C
t' and C
tequal, label thinks that read write line is by certification, and session key is SK, otherwise label thinks that read write line does not pass through certification; If certification is passed through, label sends C
r';
7) read write line compares C
r' and C
rif equal, read write line thinks that label is by certification, and session key is SK, otherwise read write line thinks that label does not pass through certification;
The secure communication step of system read-write device and label is:
1) read write line produces random number SN
r, encrypt cmd||SN with SK
r, send secure communication order Sec_Com (E
sK(cmd||SN
r));
2) label SK deciphers E
sK(cmd||SN
r) obtain cmd||SN
r', label performs the order in cmd, and operating result is result; Then random number SN is produced
t, encrypt result||SN with SK
tobtain E
sK(result||SN
t) send to read write line;
3) read write line SK deciphering obtains result||SN
t', tag operational result is result.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201110155162.9A CN102684872B (en) | 2011-06-10 | 2011-06-10 | Safety communication method for ultrahigh frequency radio-frequency identification air interface based on symmetrical encryption |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201110155162.9A CN102684872B (en) | 2011-06-10 | 2011-06-10 | Safety communication method for ultrahigh frequency radio-frequency identification air interface based on symmetrical encryption |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN102684872A CN102684872A (en) | 2012-09-19 |
| CN102684872B true CN102684872B (en) | 2015-01-21 |
Family
ID=46816276
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201110155162.9A Active CN102684872B (en) | 2011-06-10 | 2011-06-10 | Safety communication method for ultrahigh frequency radio-frequency identification air interface based on symmetrical encryption |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102684872B (en) |
Families Citing this family (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103051452A (en) * | 2012-12-18 | 2013-04-17 | 惠州市亿能电子有限公司 | BMS (Battery Management System) data read-write verification method |
| CN103854042B (en) * | 2014-03-14 | 2017-01-25 | 智坤(江苏)半导体有限公司 | RFID label reader-writer authentication and label anti-cloning method |
| CN105227308B (en) * | 2014-06-13 | 2019-01-08 | 华为技术有限公司 | A kind of encryption and decryption method and electronic equipment |
| CN104217230B (en) * | 2014-08-29 | 2017-03-15 | 公安部交通管理科学研究所 | The safety certifying method of hiding ultrahigh frequency electronic tag identifier |
| CN106712952B (en) * | 2015-11-13 | 2020-02-18 | 航天信息股份有限公司 | Radio frequency tag security identification method and system |
| CN111343126A (en) * | 2018-12-18 | 2020-06-26 | 武汉信安珞珈科技有限公司 | Method and system for processing digital certificate application |
| CN113905367A (en) * | 2021-09-28 | 2022-01-07 | 国网河南省电力公司桐柏县供电公司 | Wireless communication encryption method |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101038619A (en) * | 2007-02-06 | 2007-09-19 | 中国科学院研究生院 | Radio frequency recognition system privacy identification method |
| CN101847199A (en) * | 2009-03-24 | 2010-09-29 | 复旦大学 | Security authentication method for radio frequency recognition system |
| CN102014386A (en) * | 2010-10-15 | 2011-04-13 | 西安西电捷通无线网络通信股份有限公司 | Entity authentication method and system based on symmetrical code algorithm |
-
2011
- 2011-06-10 CN CN201110155162.9A patent/CN102684872B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101038619A (en) * | 2007-02-06 | 2007-09-19 | 中国科学院研究生院 | Radio frequency recognition system privacy identification method |
| CN101847199A (en) * | 2009-03-24 | 2010-09-29 | 复旦大学 | Security authentication method for radio frequency recognition system |
| CN102014386A (en) * | 2010-10-15 | 2011-04-13 | 西安西电捷通无线网络通信股份有限公司 | Entity authentication method and system based on symmetrical code algorithm |
Non-Patent Citations (3)
| Title |
|---|
| .2010,(第12期),第3.2小节. * |
| 中国博士学位论文全文数据库 信息科技辑> * |
| 白煜.超高频射频识别(UHF RFID)***抗干扰策略的研究.< * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN102684872A (en) | 2012-09-19 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN104217230B (en) | The safety certifying method of hiding ultrahigh frequency electronic tag identifier | |
| CN102684872B (en) | Safety communication method for ultrahigh frequency radio-frequency identification air interface based on symmetrical encryption | |
| CN106712962B (en) | Bidirectional authentication method and system for mobile RFID system | |
| CN100559393C (en) | RFID label and reader thereof, reading system and safety certifying method | |
| JP6417036B2 (en) | Entity authentication method and apparatus based on pre-shared key | |
| CN101847199B (en) | Security authentication method for radio frequency recognition system | |
| CN106845304B (en) | A kind of method and system for realizing reader and smart-tag authentication in RFID system | |
| CN104184733B (en) | A kind of RFID lightweight mutual authentication methods encoded based on CRC | |
| CN102682311B (en) | Passive radio frequency identification (RFID) secutiry authentication method based on cyclic redundancy check (CRC) code operation | |
| CN103279775B (en) | Ensure that secret and the rfid system of data integrity and its implementation | |
| CN101882197B (en) | RFID (Radio Frequency Identification Device) inquiring-response safety certificate method based on grading key | |
| CN110147666B (en) | Lightweight NFC identity authentication method in scene of Internet of things and Internet of things communication platform | |
| CN104115442A (en) | RFID bidirectional authentication method based on asymmetric secret key and Hash function | |
| CN103532718A (en) | Authentication method and authentication system | |
| EP3128696B1 (en) | Entity authentication method and device | |
| CN104333539A (en) | RFID security authentication method based on Chebyshev mapping | |
| CN103218633B (en) | A kind of RFID safety authentication | |
| CN101488179A (en) | Authentication method and apparatus for wireless radio frequency recognition system | |
| CN103227793A (en) | RFID equipment layer information security transfer method and device based on random sequence | |
| CN104579688B (en) | It is a kind of based on Hash function can synchronized update key RFID mutual authentication method | |
| CN101976365A (en) | Safe radio frequency identification system | |
| CN104700125A (en) | AES encryption and verification of ultra high frequency radio identification system | |
| CN110650019B (en) | RFID authentication method and system based on PUF and security sketch | |
| CN109766966B (en) | RFID tag random number synchronous updating method | |
| CN104980280B (en) | A kind of RFID safety authentication based on Cai Shi multi-scroll chaotic sequence |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant |