ISSN 1000-1239 CN 11-1777/TP

计算机研究与发展 ›› 2015, Vol. 52 ›› Issue (10): 2323-2331.doi: 10.7544/issn1000-1239.2015.20150555

所属专题: 2015网络安全与隐私保护研究进展

• 信息安全 • 上一篇    下一篇

通用可组合安全的RFID标签组所有权转移协议

原变青,刘吉强   

  1. (北京交通大学计算机与信息技术学院 北京 100044) (yuanbq@bjtu.edu.cn)
  • 出版日期: 2015-10-01
  • 基金资助: 
    基金项目:教育部新世纪优秀人才支持计划基金项目(NCET-11-0565);中央高校基本科研业务费专项资金项目(2012JBZ010);教育部高校创新团队基金项目(IRT201206)

A Universally Composable Secure Group Ownership Transfer Protocol for RFID Tags

Yuan Bianqing, Liu Jiqiang   

  1. (School of Computer and Information Technology, Beijing Jiaotong University, Beijing 100044)
  • Online: 2015-10-01

摘要: 在某些应用中,往往需要在一次会话中同时完成一组RFID标签所有权的转移.然而,现有的标签组所有权转移方案大多需要可信第三方的支持且存在诸多安全和隐私保护问题.在分析安全需求的基础上,设计了一个安全高效的RFID标签组所有权转移协议.该协议在无可信第三方支持的情况下实现了一组标签所有权的同时转移.在通用可组合框架下,定义了RFID标签组所有权转移的理想函数,并证明新协议实现了所定义的理想函数.与已有同类协议相比,新协议不仅具备匿名性、不可追踪性、授权访问、抗异步攻击、前向隐私保护、后向隐私保护等安全和隐私属性,还具有通用可组合安全性.在性能方面,新方案的计算复杂度相对较低,且交互次数和标签端存储量也较少.

关键词: 无线射频识别, 通用可组合, 所有权转移, 协议, 物联网

Abstract: In some applications, it is often needed to simultaneously transfer the ownership of a group of RFID (radio frequency identification) tags in a session. However, most of the existing group ownership transfer schemes for RFID tags generally require the support of a trusted third party, and they often have many security and privacy protection issues. Based on the analysis of security requirements, a secure and efficient group ownership transfer protocol for RFID tags is designed. The new protocol supports simultaneous ownership transfer of a group of RFID tags without a trusted third party. Then, in the UC(universally composable) framework, an ideal functionality capturing the secure group ownership transfer for RFID tags is formally defined, and it is proved that the new protocol realizes the above defined ideal functionality. Compared with the existing group ownership transfer protocols for RFID tags, the new protocol provides the security and privacy properties such as anonymity, untraceability, mutual authentication, authorized access, resistance to de-synchronization attack, forward privacy protection and backward privacy protection. Meanwhile, it satisfies UC security. Furthermore, the new protocol has low computational complexity. In addition, the number of storage on the tag and the number of interaction among the entities are small.

Key words: radio frequency identification (RFID), universally composable (UC), ownership transfer, protocol, Internet of things

中图分类号: