A Double PUF-Based RFID Authentication Protocol

Li Tao; Liu Yali

doi:10.7544/issn1000-1239.2021.20200477

Journal of Computer Research and Development > 2021 > 58(8): 1801-1810. > DOI: 10.7544/issn1000-1239.2021.20200477 CSTR: 32373.14.issn1000-1239.2021.20200477

Li Tao, Liu Yali. A Double PUF-Based RFID Authentication Protocol[J]. Journal of Computer Research and Development, 2021, 58(8): 1801-1810. DOI: 10.7544/issn1000-1239.2021.20200477

Citation:

Li Tao, Liu Yali. A Double PUF-Based RFID Authentication Protocol[J]. Journal of Computer Research and Development, 2021, 58(8): 1801-1810. DOI: 10.7544/issn1000-1239.2021.20200477

Citation:

Li Tao, Liu Yali. A Double PUF-Based RFID Authentication Protocol[J]. Journal of Computer Research and Development, 2021, 58(8): 1801-1810. DOI: 10.7544/issn1000-1239.2021.20200477

PDF (646 KB)

A Double PUF-Based RFID Authentication Protocol

Li Tao,
Liu Yali

(College of Computer Science and Technology, Jiangsu Normal University, Xuzhou, Jiangsu 221116) (Guangxi Key Laboratory of Cryptography and Information Security (Guilin University of Electronic Technology), Guilin, Guangxi 541004)

Funds: This work was supported by the National Natural Science Foundation of China (61702237, 61872168), Opening Foundation of Guangxi Key Laboratory of Cryptography and Information Security (Guilin University of Electronic Technology) (GCIS202114), Ministry of Education University-Industry Collaborative Education Program of China (CXHZ-WebRAY-202002-18), the Special Foundation of Promoting Science and Technology Innovation of Xuzhou City (KC18005), Postgraduate Research & Practice Innovation Program of Jiangsu Province (KYCX20_2381), the Natural Science Foundation of Jiangsu Province (BK20150241), the Natural Science Foundation of the Higher Education Institutions of Jiangsu Province (14KJB520010), the Scientific Research Support Project for Teachers with Doctor’s Degree of Jiangsu Normal University (14XLR035), and the Jiangsu Provincial Government Scholarship for Overseas Studies.

More Information

Published Date: July 31, 2021

Graphical Abstract

Abstract

Abstract

This paper focuses on analyzing the double PUF-based RFID authentication protocol proposed by Liang et al. and security risks are found in the protocol. The protocol cannot resist replay attack, desynchronization attack, tag impersonation and other malicious attacks. In order to solve the security problems caused by malicious attackers to RFID system, a double PUF-based RFID authentication protocol(DPRAP) is proposed in this paper. In the pseudo-random number generator seed generation phase, the communication value of the seed is not transmitted directly on the insecure channel, and the value of the seed is encrypted and hidden through multiple hashing and xor operations to ensure the confidentiality of the negotiated seed. In the process of pseudo-random number generator seed negotiation between the tag and the server, a time threshold is used to prevent the attacker from blocking the communication channel and causing desynchronization attack, so as to ensure the synchronization of the seed of the pseudo-random number generator between the server and the tag. In the authentication phase, IDS is added to the authentication information to verify the validity of the tag and prevent the tag impersonation attack. By using BAN logic and Vaudenay model to formally analyze and verify the proposed DPRAP protocol, it is proved that DPRAP protocol meets the untraceability and can resist the attacks such as desynsynchronization attack and tag impersonation attack. The results show that the DPRAP protocol has stronger security and privacy and better practicability.
- radio frequency identification,
- double PUF,
- pseudo-random number generator,
- authentication protocol,
- security and privacy

FullText(HTML)

References (0)

[1]	Chen Ruoxi, Chen Jinyin, Zheng Haibin, Yang Xueyan, Ji Shouling, Chen Tieming. Security of Deep Neural Network Supply Chains: A Survey[J]. Journal of Computer Research and Development. DOI: 10.7544/issn1000-1239.202440327
[2]	Liu Feng, Yang Jie, Li Zhibin, Qi Jiayin. A Secure Multi-Party Computation Protocol for Universal Data Privacy Protection Based on Blockchain[J]. Journal of Computer Research and Development, 2021, 58(2): 281-290. DOI: 10.7544/issn1000-1239.2021.20200751
[3]	Wei Lifei, Chen Congcong, Zhang Lei, Li Mengsi, Chen Yujiao, Wang Qin. Security Issues and Privacy Preserving in Machine Learning[J]. Journal of Computer Research and Development, 2020, 57(10): 2066-2085. DOI: 10.7544/issn1000-1239.2020.20200426
[4]	Chen Dongdong, Cao Zhenfu, Dong Xiaolei. Online/Offline Ciphertext-Policy Attribute-Based Searchable Encryption[J]. Journal of Computer Research and Development, 2016, 53(10): 2365-2375. DOI: 10.7544/issn1000-1239.2016.20160416
[5]	Lin Hui, Tian Youliang, Xu Li, Hu Jia. A Novel Privacy Aware Secure Routing Protocol for HWMN[J]. Journal of Computer Research and Development, 2015, 52(8): 1883-1892. DOI: 10.7544/issn1000-1239.2015.20140606
[6]	Ma Zhuo, Zhang Junwei, Ma Jianfeng, and Ji Wenjiang. Provably Secure Certificateless Trusted Access Protocol for WLAN Without Pairing[J]. Journal of Computer Research and Development, 2014, 51(2): 325-333.
[7]	Xin Wei, Sun Huiping, Chen Zhong. Analysis and Design of Distance-Bounding Protocols for RFID[J]. Journal of Computer Research and Development, 2013, 50(11): 2358-2366.
[8]	Wang Shaohui, Liu Sujuan, Chen Danwei. Scalable RFID Mutual Authentication Protocol with Backward Privacy[J]. Journal of Computer Research and Development, 2013, 50(6): 1276-1284.
[9]	Zhang Xiaoliang, Tu Yongce, Ma Hengtai, Yang Zhian, Hu Xiaohui. An End-to-End Authentication Protocol for Satellite Communication Network[J]. Journal of Computer Research and Development, 2013, 50(3): 540-547.
[10]	Ding Zhenhua, Li Jintao, Feng Bo. Research on Hash-Based RFID Security Authentication Protocol[J]. Journal of Computer Research and Development, 2009, 46(4): 583-592.