ISSN 1000-1239 CN 11-1777/TP

Journal of Computer Research and Development ›› 2021, Vol. 58 ›› Issue (8): 1801-1810.doi: 10.7544/issn1000-1239.2021.20200477

Previous Articles     Next Articles

A Double PUF-Based RFID Authentication Protocol

Li Tao Liu Yali   

  1. (College of Computer Science and Technology, Jiangsu Normal University, Xuzhou, Jiangsu 221116) (Guangxi Key Laboratory of Cryptography and Information Security (Guilin University of Electronic Technology), Guilin, Guangxi 541004)
  • Online:2021-08-01
  • Supported by: 
    This work was supported by the National Natural Science Foundation of China (61702237, 61872168), Opening Foundation of Guangxi Key Laboratory of Cryptography and Information Security (Guilin University of Electronic Technology) (GCIS202114), Ministry of Education University-Industry Collaborative Education Program of China (CXHZ-WebRAY-202002-18), the Special Foundation of Promoting Science and Technology Innovation of Xuzhou City (KC18005), Postgraduate Research & Practice Innovation Program of Jiangsu Province (KYCX20_2381), the Natural Science Foundation of Jiangsu Province (BK20150241), the Natural Science Foundation of the Higher Education Institutions of Jiangsu Province (14KJB520010), the Scientific Research Support Project for Teachers with Doctor’s Degree of Jiangsu Normal University (14XLR035), and the Jiangsu Provincial Government Scholarship for Overseas Studies.

Abstract: This paper focuses on analyzing the double PUF-based RFID authentication protocol proposed by Liang et al. and security risks are found in the protocol. The protocol cannot resist replay attack, desynchronization attack, tag impersonation and other malicious attacks. In order to solve the security problems caused by malicious attackers to RFID system, a double PUF-based RFID authentication protocol(DPRAP) is proposed in this paper. In the pseudo-random number generator seed generation phase, the communication value of the seed is not transmitted directly on the insecure channel, and the value of the seed is encrypted and hidden through multiple hashing and xor operations to ensure the confidentiality of the negotiated seed. In the process of pseudo-random number generator seed negotiation between the tag and the server, a time threshold is used to prevent the attacker from blocking the communication channel and causing desynchronization attack, so as to ensure the synchronization of the seed of the pseudo-random number generator between the server and the tag. In the authentication phase, IDS is added to the authentication information to verify the validity of the tag and prevent the tag impersonation attack. By using BAN logic and Vaudenay model to formally analyze and verify the proposed DPRAP protocol, it is proved that DPRAP protocol meets the untraceability and can resist the attacks such as desynsynchronization attack and tag impersonation attack. The results show that the DPRAP protocol has stronger security and privacy and better practicability.

Key words: radio frequency identification, double PUF, pseudo-random number generator, authentication protocol, security and privacy

CLC Number: