RFID Secure Authentication Protocol For Privacy-Preserving

Radio Frequency Identification(RFID) is a wireless sensor technology allows the communication with passively powered devices, which has revolutionized the automatic identification of objects by the electromagnetic wave and is a major enabler of ubiquitous computing technology. In view of the advantages of the low cost and the convenience in identifying an object without physical contact, RFID systems are increasingly being deployed in a wide variety of application scenarios. However, due to the widespread deployment of RFID tags and the intrinsic insecurity of the open wireless communication environments in RFID systems, there may be various malicious attacks and security omission to threaten the availability of RFID systems, which become the handicap to the development of RFID technology and the bottle neck of their further pervasive usage. Recently, the issues of security and privacy in RFID systems have incured many concerns by many researchers, but most of the proposed RFID authentication protocols have security and/or privacy omission. Providing RFID secure authentication protocols for privacy-preserving is an important part of ensuring the security of RFID systems, which realizes the protection of the data privacy and the location privacy information for user. The challenge in the design of RFID authentication protocols is to strike the right balance between security and cost of RFID systems with respect to memory, power and processing capabilities of RFID tags.This dissertation systematically discusses the issues of security and privacy in RFID systems and RFID authentication technology. The research focuses on the security analysis of the proposed RFID authentication protocols and the construction of RFID secure authentication protocols which are suitable for the different applications according to the respective characteristics of four types of RFID tags, including high cost and low cost. Four principal achievements having obtained are as follows:Firstly, a forward-secure strong blind signature scheme(FSSBS) and a forward-secure weak blind signature scheme(FSWBS) are designed, which are suitable for RFID system authentication. Moreover, based on the proposed FSSBS, a lightweight RFID one-way authentication protocol(FSSB-LAP) is put forward in order to implement lightweight RFID system authentication mechanisms which are authorized by the trusted third party. FSSB-LAP protocol not only has main security and privacy properties, but also can resist a variety of typical malicious attacks. The security of FSSB-LAP protocol is based on the assumption of difficulty in solving the discrete logarithm hard problem in the finite field and the security of pseudo random number generator. FSSB-LAP protocol puts the higher cost operations of public key cryptography over the server end, which ensures the lightweight operation of the tag end. FSSB-LAP protocol is suitable for lightweight RFID one-way authentication systems and lightweight RFID security access control systems which are authorized by the trusted third party, in which low-cost lightweight RFID tags can execute the computation of logic gate and pseudo random number generation operation and meanwhile tags are compatible with EPC Class-1 Gen-2 standard.Secondly, a forward-secure one-way grouping-proof protocol(FSGP) for multiple RFID tags with scalability and order-independent is proposed, which resolves the problem of read-order-dependent and weak scalability in the previous RFID grouping-proof protocols effectively. In consequence, aiming at avoiding the common weaknesses in the previous RFID grouping-proof protocols and the security vulnerabilities of D-K grouping-proof protocol, a forward-secure grouping-proof protocol(FSGP) for multiple RFID tags based on Shamir’s(n, n) secret sharing is proposed, which accomplishes the parallel authentication mechanism for a group of RFID tags effectively. FSGP protocol meets the essential security and privacy requirement of RFID systems and meanwhile enhances the robustness of defending against malicious attacks, data security and privacy preservation of RFID tags. The security of FSGP protocol is based on the security of message authentication code and pseudo random number generator. In comparison with the previous typical RFID grouping-proof protocols, FSGP protocol has the outstanding performance advantages in forward security, order-independence, scalability, efficiency, etc. FSGP protocol is suitable for one-way RFID grouping-proof systems, in which high-cost simple RFID tags can execute the low-cost crypto-operation and meanwhile tags are compatible with ISO 14443 standard.Thirdly, a RFID mutual authentication protocol(LRAP) with low communication based on Elliptic curve cryptography is proposed, which meets the mutual authentication requirement between RFID readers and RFID tags. Aiming at improving the efficiency and reducing overhead in the process of authentication, LRAP protocol achieves the mutual authentication between reader and tag successfully by means of Elliptic curve cryptography(ECC). LRAP protocol can be proven to avoid the security and privacy risks of the existing RFID authentication protocols based on ECC brought by the malicious attacks, including replay attack, counterfeit attack and desynchronization attack, etc. The security of LRAP protocol is based on the assumption of difficulty in solving the non-super singular elliptic curve discrete logarithm problem(ECDLP) over finite field which has no efficient attack method by now. Compared with the existing typical RFID authentication protocols based on ECC, LRAP protocol reduces the communication overhead of the interaction between RFID readers and RFID tags effectively while strengthening robustness, security and reliability, improves the efficiency of mutual authentication, and balances the computational costs, the storage requirements, the communication overhead over the tag end and the security of RFID systems properly. LRAP protocol is suitable for RFID mutual authentication systems, in which high-cost full-fledged RFID tags can execute the relevant operations of ECC and meanwhile tags are compatible with ISO 14443 standard.Finally, an ultralightweight mutual-authentication protocol(URMAP) for low-cost RFID tags based on the simple bitwise operations is proposed, which conforms to the extremely resource-constrained computation and storag requirements of low-cost ultralightweight RFID tags. URMAP protocol avoids the security and/or privacy omission in the previous ultralightweight RFID authentication protocols, such as weak authentication, weak integrity, weak confidentiality and weak privacy, etc. Moreover, URMAP protocol possesses the excellent security and privacy properties of strong authentication, strong confidentiality, strong integrity, synchronization and meanwhile it can withstand active and passive attacks efficiently, including replay attack, tracking attack, counterfeit attack, man-in-the-middle attack and desynchronization attack, etc. The security of URMAP protocol is based on the security of pseudo random number generator and transcendental equation. Compared with the existing typical ultralightweight RFID authentication protocols, URMAP protocol reduces the computational cost and the storage cost over the tag end and equilibrates properly both the security of RFID systems and the extremely resource-constrained requirements of ultralightweight RFID tags. URMAP protocol is suitable for ultralightweight RFID mutual authentication systems, in which low-cost ultralightweight RFID tags can execute the relevant simple bitwise operations and meanwhile tags are compatible with EPC Class-1 Gen-2 standard.