Research On Secure Authentication Protocols For Radio Frequency Identification Systems

The radio frequency identification(RFID) system is one of the core technologies for the Internet of things(IoT). It has been widely used in distribution, business trade, manufacturing, logistics and some other fields. This thesis addresses the issues of security and privacy in the application of the RFID technology, which has no the ability to use mature encryption algorithms for security due to the limits on its energy and computing resources. With the consideration of the balance between the security functionality and the cost, we analyze the essential defects of the existing RFID authentication protocols. And based on the analysis, we design novel RFID authentication protocols to achieve the balance between both of the security functionality and the costs to adapt to the applications of low cost RFID tags. Eventually, we prove, evaluate and validate the security functionality of the proposed mutual authentication mechanisms by using mathematical analysis, the model detection theory and the experiments. The solid research work as the major contributions delivered in this thesis can be summarized as follows:An attack model has been constructed to describe three deception desynchronization attacks to the existing security protocols for RFID systems, and a solution has been proposed to resist those attacks. We has analyzed the essential defects of the existing middleweight RFID authentication protocols and explored their vulnerabilities under various malicious attacks by using Coloured Petri Nets(CPN). Based on it, we have designed and proposed an enhanced middleweight RFID protocol to resist intermittent position trace attacks and desynchronization attacks(RIPTA-DA). Finally, we have formally verified the security functionality of the proposed scheme by using mathematical analysis and the model detection theory.Another solution has been proposed to resist GRS and General-GRS attacks. We have analyzed the vulnerabilities of the existing Lightweight RFID authentication protocols by using a formal verification tool, Simple Promela Interpreter(SPIN). Based on the analysis, we have designed a lightweight RFID authentication protocol with a random tuple against desynchronization attacks. The analysis and the experiments have shown that the proposed protocol can prevent the General-GRS and GRS attacks well, which is suitable to be used in the low-cost RFID systems.We have built a bit tampering desynchronization attack model and proposed a new protocol to resist this type of attacks. We have investigated the vulnerabilities of the existing classic ultra-lightweight RFID authentication protocols such as Strong Authentication and Strong Integrity Protocol(SASI), Minimalist Mutual-Authentication Protocol(M2AP), Gossamer and Ultralightweight RFID Authentication Protocol with Permutation(UAPP) by using the tool of SPIN. Based on the analysis, we have proposed an ultralightweight RFID authentication protocol with Cyclic Redundancy Check(CRC) and permutation to resist the malicious attacks. The analysis and experiments have shown that the proposed scheme can prevent most of the existing malicious attacks with the suitability for the low-cost RFID systems.Based on the quadratic residue theorem, the Elliptic Curves Cryptography(ECC) encryption algorithm with discrete logarithm theory and the Advanced Encryption Standard(AES) encryption algorithm, a new hybrid encryption mutual authentication mechanism has been proposed. By this work, a heavy weight RFID authentication scheme based on public key encryption algorithm has been explored.The research results presented in this thesis show that different applications in scenarios may have different cost requirements for the RFID authentication protocols, so that security functionality and the cost efficiency need further research for different RFID authentication protocols.