CN102750561B - A kind of method of efficient active safety radio frequency identification authentication - Google Patents
A kind of method of efficient active safety radio frequency identification authentication Download PDFInfo
- Publication number
- CN102750561B CN102750561B CN201210186740.XA CN201210186740A CN102750561B CN 102750561 B CN102750561 B CN 102750561B CN 201210186740 A CN201210186740 A CN 201210186740A CN 102750561 B CN102750561 B CN 102750561B
- Authority
- CN
- China
- Prior art keywords
- label
- write line
- read
- read write
- mark
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Landscapes
- Mobile Radio Communication Systems (AREA)
- Storage Device Security (AREA)
Abstract
The embodiment of the invention discloses a kind of method of efficient active safety radio frequency identification authentication.First read write line initiates read-write requests to label; Described label is by the mark of self identification, current the stored read write line of this label, and the safety value shared with this read write line, and through adding random number after making confidential treatment, responsively information feed back gives described read write line; After described read write line receives response message, the mark of described label is inquired about, the mark of current the stored read write line of label described in first round query search, the safety value that second read write line of taking turns label described in query search and current storage is shared, and then obtain the mark of described label, realize radio frequency identification authentication.Just while the anti-trace ability of active is provided for label, the query cost that system is total can be reduced, and shared the burden of database by said method.
Description
Technical field
The present invention relates to technical field of RFID, particularly relate to a kind of method of efficient active safety radio frequency identification authentication.
Background technology
At present, radio-frequency (RF) identification (Radio Frequency Identification, RFID) uses wireless radio-frequency to identify object in a non-contact manner.Because this technology in identifying without any need for contact physically, and simple and convenient, so be widely adopted in real life.Such as: identity document identification, library, retail trade, the aspects such as logistics management can find relevant application.Rfid system mainly comprises background data base (database), read write line (reader) and label (tag) three part, wherein tentation data storehouse has powerful storage and computing power usually, namely database has the ability the mark of all read write lines and label and some supplementarys to be stored on corresponding hardware platform, and can run some relevant functions of cryptography and calculate; Read write line is in the centre position of three, and read write line is the wireless transmitter of a band antenna, and primary responsibility carries out read-write operation to the content of tag storage, and usual read write line can have certain storage capacity and be weaker than the computing power of database; Label is a mini-plant with antenna and integrated circuit with extremely limited storage capacity and computing power, stores unique identification and some the auxiliary information of corresponding article inside label.
It has been generally acknowledged that, the channel between label and read write line is unsafe, and the channel between read write line and database is safe, therefore needs the problem of the RFID certification solved in label and read write line insecure channels.RFID authentication protocol is typically challenge a--answering, first initiates read/write requests by read write line to label; Label returns response message, and this response message needs the unique identification comprising label.Because RFID scanning is untouchable, after illegal read write line initiates to ask to label, label can when not informing label user, automatically the unique identification of label is sent to illegal read write line, sensitive information in label just may be obtained by illegal read write line in this process, thus cause the leakage of privacy, therefore label returns to read write line after unique ID should being processed, thus realize the certification to read write line legitimacy.But, even if label does not return ID with plaintext version, also label possessor can be caused easily to be followed the trail of by illegal read write line because the ID of the process of every secondary response is consistent, therefore there is secret protection characteristic, but the tag read process of tracking can not be resisted to be called the RFID authentication protocol of passive security; And there is secret protection characteristic and the tag read process of tracking can be resisted to be called the RFID authentication protocol of active safety.
In prior art, for designing the RFID authentication mode of effective active safety, the response that label feeds back at every turn all should be different.Wherein propose in a kind of scheme, the unique identification of label is connected same random number through hash function process, then obtained the unique identification of label by database by the mode calculating and search.But in this method of prior art, smart-tag authentication all needs to carry out once to the calculating of the label information that all databases are preserved each time, query cost and number of labels linear, so along with the increase of label amount, query cost becomes the heavy burden of database.As can be seen here, it is low to there is search efficiency in above-mentioned prior art, and queries is large, the database burden shortcoming such as heavily.
Summary of the invention
The object of this invention is to provide a kind of method of efficient active safety radio frequency identification authentication, while the anti-trace ability of active is provided for label, the query cost that system is total can be reduced, and shared the burden of database.
The object of the invention is to be achieved through the following technical solutions, a kind of method of efficient active safety radio frequency identification authentication, described method comprises:
Read write line initiates read-write requests to label;
Described label is by the mark of the mark of label and current the stored read write line of this label, and the safety value that described label and current the stored read write line of this label are shared, through adding random number after making confidential treatment, responsively information feed back gives the read write line of initiating read-write requests to described label;
After the described read write line to label initiation read-write requests receives response message, the mark of described label is inquired about, the mark of current the stored read write line of label described in first round query search, second takes turns the safety value that label described in query search and current the stored read write line of this label share, and then obtain the mark of described label, realize radio frequency identification authentication.
Described method also comprises: when label is inquired about by read write line first, the mark of the valid reader set when the mark of current the stored read write line of this label and shared safety value are system initialization respectively and initializing secure value.
The mark of current the stored read write line of label described in described first round query search, specifically comprises:
In first round query script, the identification information of the system valid reader that described read write line of initiating read-write requests to label utilizes it to preserve, search obtains current the stored read write line mark of described label.
Described method also comprises: according to the Different Results of first round inquiry, and the described read write line to label initiation read-write requests is taken turns in inquiry second and made different disposal, is specially:
If the mark of current the stored read write line of described label that the first round inquires is the mark of the initial read write line of system, then this read write line of initiating read-write requests to label calculates by the initializing secure value oneself stored the mark obtaining described label;
If the mark of current the stored read write line of described label that the first round inquires is the mark of this read write line, then this read write line of initiating read-write requests to label calculates by the safety value of oneself mark obtaining described label;
If the mark of current the stored read write line of described label that the first round inquires is the mark of other valid reader, then this read write line of initiating read-write requests to label sends inquiry request to database, the safety value that on described database lookup to described label and this label, the read write line of an association store is shared, and then calculate the mark obtaining described label, and return to this initiates read write line from read-write requests to label;
If the mark of current the stored read write line of described label that the first round inquires is not in the store list of this read write line, then this read write line to label initiation read-write requests abandons the read-write operation to described label.
After the mark obtaining described label, described method upgrades the information of described label further, specifically comprises:
Described read write line of initiating read-write requests to label initiates an association process of establishing to described label, send and initiate the unique identification of the read write line of read-write requests and a certain safety value to label through the described of confidential treatment, and described a certain safety value adopts the safety value associated with the described read write line ID initiating read-write requests to label;
Described label get described initiate the unique identification of read write line from read-write requests to label and a certain safety value after, carry out completeness check;
And in verification by rear, the original data stored of described label erasing, are updated to the unique identification of the described read write line to label initiation read-write requests and a certain safety value.
As seen from the above technical solution provided by the invention, first read write line initiates read-write requests to label; Described label is by the mark of self identification, current the stored read write line of this label, and the safety value shared with this read write line, and through adding random number after making confidential treatment, responsively information feed back gives described read write line; After described read write line receives response message, the mark of described label is inquired about, the mark of current the stored read write line of label described in first round query search, the safety value that second read write line of taking turns label described in query search and current storage is shared, and then obtain the mark of described label, realize radio frequency identification authentication.Just while the anti-trace ability of active is provided for label, the query cost that system is total can be reduced, and shared the burden of database by said method.
Accompanying drawing explanation
In order to be illustrated more clearly in the technical scheme of the embodiment of the present invention, below the accompanying drawing used required in describing embodiment is briefly described, apparently, accompanying drawing in the following describes is only some embodiments of the present invention, for those of ordinary skill in the art, under the prerequisite not paying creative work, other accompanying drawings can also be obtained according to these accompanying drawings.
The system architecture structural representation that Fig. 1 provides for the embodiment of the present invention;
Fig. 2 provides the method flow schematic diagram of efficient active safety radio frequency identification authentication for the embodiment of the present invention;
The mutual schematic diagram of the specific embodiment that Fig. 3 enumerates for the embodiment of the present invention.
Embodiment
Below in conjunction with the accompanying drawing in the embodiment of the present invention, be clearly and completely described the technical scheme in the embodiment of the present invention, obviously, described embodiment is only the present invention's part embodiment, instead of whole embodiments.Based on embodiments of the invention, those of ordinary skill in the art, not making the every other embodiment obtained under creative work prerequisite, belong to protection scope of the present invention.
First be described the system architecture of the embodiment of the present invention, the system architecture of the embodiment of the present invention as shown in Figure 1, comprises in Fig. 1: background data base, N
tindividual legitimate tag and N
rindividual valid reader.N random security value is had when wherein each valid reader is initial.Here the channel between database and read write line is safe, and the channel between read write line and label is unsafe.
Be illustrated in figure 2 the method flow schematic diagram that the embodiment of the present invention provides efficient active safety radio frequency identification authentication, described method comprises:
Step 11: first read write line initiates read-write requests to label.
Step 12: label is by the mark of self identification, current the stored read write line of this label, and the safety value shared with this read write line, and through adding random number after making confidential treatment, responsively information feed back gives described read write line.
In this step, when label is inquired about by read write line first, the mark of valid reader set when the mark of current the stored read write line of this label and shared safety value are system initialization respectively and initializing secure value.
Step 13: after read write line receives response message, the mark of described label is inquired about, obtain the mark of described label, realize radio frequency identification authentication.
In this step, the process that the mark of described read write line to described label is inquired about is divided into two-wheeled, the mark of current the stored read write line of label described in first round query search, the safety value that second read write line of taking turns label described in query search and current storage is shared, and then obtain the mark of described label, realize radio frequency identification authentication.
Here, the mark of current the stored read write line of label described in described first round query search, specifically comprises:
In first round query script, the identification information of the system valid reader that described read write line utilizes it to preserve, search obtains read write line mark current stored in described label.
In addition, according to the Different Results of first round inquiry, described read write line is taken turns in inquiry second and is made different disposal, is specially:
If the mark of current the stored read write line of described label that the first round inquires is the mark of the initial read write line of system, then this read write line calculates by the initializing secure value oneself stored the mark obtaining described label;
If the mark of current the stored read write line of described label that the first round inquires is the mark of this read write line, then this read write line calculates by the safety value of oneself mark obtaining described label;
If the mark of current the stored read write line of described label that the first round inquires is the mark of other valid reader, then this read write line sends inquiry request to database, described database lookup to described label with on it one associate read write line share safety value, and then calculate the mark obtaining described label, and return to this read write line;
If the mark of current the stored read write line of described label that the first round inquires is not in the store list of this read write line, then this read write line abandons the read-write operation to described label.
In addition, after completing aforesaid operations and obtaining the mark of described label, described method upgrades the information of described label further, specifically comprises:
Read write line initiates an association process of establishing to described label, sends the unique identification through the described read write line of confidential treatment and safety value; After the unique identification that described label gets described read write line and safety value, carry out completeness check; And in verification by rear, the original data stored of described label erasing, are updated to unique identification and the safety value of described read write line.
By the enforcement of technique scheme, just under the prerequisite ensureing security, the query cost that system is total can be reduced, and shared the burden of database.
With concrete detailed agreement flow process, the embodiment of the present invention is described below, in the method, the mark ID of read write line and safety value are used to the inquiry of the mark ID of assisted tag, be illustrated in figure 3 the mutual schematic diagram of the specific embodiment that the embodiment of the present invention is enumerated, the symbol involved by this embodiment comprises:
: label T
kunique identification;
: read write line R
iunique identification and associated safety value;
: read write line R
i+1unique identification and associated safety value;
and v
0: the unique identification of read write line and initializing secure value during system initialization;
: the hash function in cryptography meaning;
: the XOR in scale-of-two.
In this embodiment, read write line R
ifor label T
kcurrent stored read write line, read write line R
i+1for sending the read write line of read-write operation at present.
First, system can carry out initialization operation, and system initialization is related to database, and the initialization procedure of read write line and label tripartite information, specifically comprises:
Step 11: database preserves the unique identification of all labels
(k=1,2 ... N
t, N
tnumber for label), all read write line unique identifications
(j=1,2 ..., N
r, N
rnumber for read write line), and each read write line R
iall safety values
(i=1,2 ..., N
r, j=1,2 ..., n, N
rfor the number of read write line, n is read write line R
icorresponding safety value number).
Step 12: read write line preserves the unique identification of all read write lines, the whole safety value of self and an initialization read write line ID, the i.e. unique identification of read write line during system initialization
with initializing secure value v
0.
Step 13: in system initialisation phase, label preserves self unique identification and initialization read write line ID and initializing secure value.
After above-mentioned initialization operation, just can carry out the process of radio frequency identification authentication, this radio frequency identification authentication process divides three parts: request, response, inquiry.Specifically comprise:
Step 21: request stage, read write line R
i+1generate a random number r
0together with read/write requests to label T
kinitiate request.
Step 22: response phase, label have received read write line R
i+1after the message of sending, be utilized as random number generator and generate a random number r
1, to utilize simultaneously and preserved
with
calculate following three values:
together with r
1responsively be sent to read write line R
i+1end.
Step 23: inquiry phase, the corresponding information that read write line and database root send according to label carries out tag identifier inquiry, obtains label T
kunique identification
realize radio frequency identification authentication.
Query script is divided into two-wheeled to inquire about, and is specifically implemented as follows:
The first round inquires about, read write line R
i+1by the r in response message
0, r
1with stored safe read-write device mark as the input of hash function, find make Output rusults with
match
and be divided into following several situation according to Query Result:
First round Query Result 1: if do not match, then not think it is native system interior label, stop identifying.
First round Query Result 2: if find match options, and obtain
be initial read write line ID, then utilize the initial safe value, the r that store
0and r
1as the input of hash function, by Output rusults and response message
xOR, obtains label T
kunique identification
First round Query Result 3: if find match options, and obtain
himself
then utilize the safety value of self to carry out second and take turns inquiry, be specially:
A): respectively by all safety values of storage and r
0and r
1as the input of hash function, calculate the hashed value exported.
B): utilize the hashed value that previous step obtains, calculated accordingly by xor operation
C): utilization is calculated
value and r
1as the input of hash function, if the Output rusults calculated with
equal, then can think that the ID of this label is exactly
now, query script terminates.
First round Query Result 4: if find match options, and obtain
not itself
then carry out following query steps:
A): read write line is by r
0, r
1,
message sends to database, and requested database carries out second and takes turns inquiry.
B): data base manipulation stores
safety value, r
0and r
1as the input of hash function, by Output rusults and response message
xOR obtains a label ID.
C): label ID and the r that database will calculate
1as the input of hash function, find Output rusults with
corresponding label ID, this label ID is
By above-mentioned radio frequency identification authentication process, just under the prerequisite ensureing security, the query cost that system is total can be reduced, and shared the burden of database.
In addition, in order to certification is next time convenient, under same read write line, when certification, reduce the pressure of data base read-write at a large amount of same label, the embodiment of the present invention have also been devised the process that a label information upgrades, and specifically comprises the following steps:
Step 31: read write line can carry out read write line R
i+1stochastic choice safety value associated with self ID
(j'=1,2 ..., n), utilize hash function to calculate and generate
send label to.
Step 32: after label have received above information, with r
0with
as the input of hash function, by Output rusults respectively with response message
xOR, obtains respectively
with
label uses
checking
with
integrality.
Step 33: verify by rear, the original data stored of label erasing:
with
be updated to new value
with
In sum, the method validation efficiency that the embodiment of the present invention provides is high, and system queries expense is little.Meeting equal demand for security (after label is captured some, affecting other situations of not capturing label is small probability event) prerequisite under, the efficiency of certification is significantly improved compared with existing RFID authentication protocol, in the query cost that system is total and system, the number of all read write line safety values is linear, compared to query cost and huge number of labels is linear or logarithmic relationship scheme, the present invention significantly improves search efficiency; Meanwhile, read write line has shared query cost, thus reduces the burden of database.
The above; be only the present invention's preferably embodiment, but protection scope of the present invention is not limited thereto, is anyly familiar with those skilled in the art in the technical scope that the present invention discloses; the change that can expect easily or replacement, all should be encompassed within protection scope of the present invention.Therefore, protection scope of the present invention should be as the criterion with the protection domain of claims.
Claims (5)
1. a method for efficient active safety radio frequency identification authentication, is characterized in that, described method comprises:
Read write line initiates read-write requests to label;
Described label is by the mark of the mark of label and current the stored read write line of this label, and the safety value that described label and current the stored read write line of this label are shared, through adding random number after making confidential treatment, responsively information feed back gives the read write line of initiating read-write requests to described label;
After the described read write line to label initiation read-write requests receives response message, the mark of described label is inquired about, the mark of current the stored read write line of label described in first round query search, second takes turns the safety value that label described in query search and current the stored read write line of this label share, and then obtain the mark of described label, realize radio frequency identification authentication.
2. the method for efficient active safety radio frequency identification authentication according to claim 1, it is characterized in that, described method also comprises:
When label is inquired about by read write line first, the mark of the valid reader set when the mark of current the stored read write line of this label and shared safety value are system initialization respectively and initializing secure value.
3. the method for efficient active safety radio frequency identification authentication according to claim 1, it is characterized in that, the mark of current the stored read write line of label described in described first round query search, specifically comprises:
In first round query script, the identification information of the system valid reader that described read write line of initiating read-write requests to label utilizes it to preserve, search obtains current the stored read write line mark of described label.
4. the method for efficient active safety radio frequency identification authentication according to claim 1, it is characterized in that, described method also comprises:
According to the Different Results of first round inquiry, the described read write line to label initiation read-write requests is taken turns in inquiry second and is made different disposal, is specially:
If the mark of current the stored read write line of described label that the first round inquires is the mark of the initial read write line of system, then this read write line of initiating read-write requests to label calculates by the initializing secure value oneself stored the mark obtaining described label;
If the mark of current the stored read write line of described label that the first round inquires is the mark of this read write line, then this read write line of initiating read-write requests to label calculates by the safety value of oneself mark obtaining described label;
If the mark of current the stored read write line of described label that the first round inquires is the mark of other valid reader, then this read write line of initiating read-write requests to label sends inquiry request to database, the safety value that on described database lookup to described label and this label, the read write line of an association store is shared, and then calculate the mark obtaining described label, and return to this initiates read write line from read-write requests to label;
If the mark of current the stored read write line of described label that the first round inquires is not in the store list of this read write line, then this read write line to label initiation read-write requests abandons the read-write operation to described label.
5. the method for efficient active safety radio frequency identification authentication according to claim 1, it is characterized in that, after the mark obtaining described label, described method upgrades the information of described label further, specifically comprises:
Described read write line of initiating read-write requests to label initiates an association process of establishing to described label, send and initiate the unique identification of the read write line of read-write requests and a certain safety value to label through the described of confidential treatment, and described a certain safety value adopts the safety value associated with the described read write line ID initiating read-write requests to label;
Described label get described initiate the unique identification of read write line from read-write requests to label and a certain safety value after, carry out completeness check;
And in verification by rear, the original data stored of described label erasing, are updated to the unique identification of the described read write line to label initiation read-write requests and a certain safety value.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201210186740.XA CN102750561B (en) | 2012-06-07 | 2012-06-07 | A kind of method of efficient active safety radio frequency identification authentication |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201210186740.XA CN102750561B (en) | 2012-06-07 | 2012-06-07 | A kind of method of efficient active safety radio frequency identification authentication |
Publications (2)
Publication Number | Publication Date |
---|---|
CN102750561A CN102750561A (en) | 2012-10-24 |
CN102750561B true CN102750561B (en) | 2015-08-12 |
Family
ID=47030724
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201210186740.XA Expired - Fee Related CN102750561B (en) | 2012-06-07 | 2012-06-07 | A kind of method of efficient active safety radio frequency identification authentication |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN102750561B (en) |
Families Citing this family (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104299015B (en) * | 2014-09-25 | 2018-07-06 | 小米科技有限责任公司 | Information processing method and device |
CN108521646B (en) * | 2018-03-30 | 2021-09-03 | 珠海极海半导体有限公司 | Near field communication method, device and computer readable storage medium |
CN112364339B (en) * | 2020-08-21 | 2022-07-12 | 中国科学院信息工程研究所 | Improved safe lightweight RFID authentication method |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1932835A (en) * | 2006-09-30 | 2007-03-21 | 华中科技大学 | Safety identification method in radio frequency distinguishing system |
CN101645138A (en) * | 2009-09-14 | 2010-02-10 | 西安交通大学 | Radio frequency identification (RFID) privacy authenticating method |
CN102437915A (en) * | 2011-10-31 | 2012-05-02 | 任洪娥 | RFID security certification system based on ID change and cipher key array |
-
2012
- 2012-06-07 CN CN201210186740.XA patent/CN102750561B/en not_active Expired - Fee Related
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1932835A (en) * | 2006-09-30 | 2007-03-21 | 华中科技大学 | Safety identification method in radio frequency distinguishing system |
CN101645138A (en) * | 2009-09-14 | 2010-02-10 | 西安交通大学 | Radio frequency identification (RFID) privacy authenticating method |
CN102437915A (en) * | 2011-10-31 | 2012-05-02 | 任洪娥 | RFID security certification system based on ID change and cipher key array |
Also Published As
Publication number | Publication date |
---|---|
CN102750561A (en) | 2012-10-24 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US10979231B2 (en) | Cross-chain authentication method, system, server, and computer-readable storage medium | |
US9171191B2 (en) | Method for dynamic authentication between reader and tag, and device therefor | |
Cho et al. | Consideration on the brute-force attack cost and retrieval cost: A hash-based radio-frequency identification (RFID) tag mutual authentication protocol | |
KR101404673B1 (en) | System for authenticating radio frequency identification tag | |
CN101847199B (en) | Security authentication method for radio frequency recognition system | |
US8607043B2 (en) | Use of application identifier and encrypted password for application service access | |
CN102510335A (en) | RFID (Radio Frequency Identification Device) mutual authentication method based on Hash | |
CN103795543A (en) | Bidirectional security authentication method for RFIP system | |
CN101645138B (en) | Radio frequency identification (RFID) privacy authenticating method | |
CN104885404A (en) | Method of mutual authentication between a radio tag and a reader | |
Chen et al. | An ownership transfer scheme using mobile RFIDs | |
CN104112106A (en) | Physical unclonability-based RFID lightweight class authentication method | |
CN104115442A (en) | RFID bidirectional authentication method based on asymmetric secret key and Hash function | |
KR100737181B1 (en) | Apparatus and method for lightweight and resynchronous mutual authentication protocol for secure rfid system | |
CN101950367A (en) | RFID system introducing agent device and two-way authentification method thereof | |
CN103716164A (en) | Ultra-lightweight RFID mutual authentication method | |
CN104579688B (en) | It is a kind of based on Hash function can synchronized update key RFID mutual authentication method | |
Chen et al. | A secure ownership transfer protocol using EPCglobal Gen-2 RFID | |
US20120166801A1 (en) | Mutual authentication system and method for mobile terminals | |
CN102750561B (en) | A kind of method of efficient active safety radio frequency identification authentication | |
CN102693438A (en) | Privacy protection radio frequency identification password protocol method and system | |
CN103560881A (en) | Radio frequency identification system safety certification and key agreement method | |
Chang et al. | A secure RFID mutual authentication protocol conforming to EPC class 1 generation 2 standard | |
KR100931213B1 (en) | Low cost RFID authentication protocol method suitable for distributed environment | |
Huang et al. | An ultralightweight mutual authentication protocol for EPC C1G2 RFID tags |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
C14 | Grant of patent or utility model | ||
GR01 | Patent grant | ||
CF01 | Termination of patent right due to non-payment of annual fee | ||
CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20150812 Termination date: 20210607 |