| Along with the irse of the Internet of Things technology, radio frequencyidentification (RFID) technology is taken more attentions, while its security andpirvacy features limit its useage. In order to solve the problems, scholars study theRFID privacy model and propose physics-based and cryptographic techniques-basedsolutions. At the same time, they also study the ownership transfer problem and givethe security protocols. Those protocols can provide a more flexible solution for RFID,however, mature technologies can not be applied due to the restrictions on the cost ofRFID tags, which makes resolving security and pirvacy restricted.To face with the security and pirvacy issues, this thesis studies three interrelatedaspects:.First, in the privacy model part, we analysis the character of RFID protocols,point out why the schemes are vulnerable to attacks. Then we give a privacy modeland prove the random numbers are necessary in protocols to provide pirvacy, also weprove the indistinguishability and unpredictability are isovalent in specifiedconditions based on our shadow experiment. After that we give some rules about howto use the random numbers safely in protocols, and propose an analysis method ofusing random numbers to construct messages, also we give some examples to show itsavailability. This part is the theoretical basis for protocols design and analysis.Second, in the protocol design part, after classifying the security requirementsand the attack’ers ability, we propose2types of RFID protocols, static ID class anddynamic ID class; those protocols can resist not only the common attacks but also thestolen-veriifer attacks which most previous studies did not take it seriously. Thedifferent class has its different cost and ability, and can endure different attack, andthey can be selected for different scene. Next, to deal with the ownership transferissue, we also give protocols. Consideirng the transporter in supply chain, we proposethe ownership shairng question, and give our solution. The solution is based on ourNon-equal shared secret protocol structure, and it can take us some benefits. Whenabnormal occurs, we can use the "attack,,sto uncover the real owner.Finally, first we use Trusted Computing Technologies to give a secure model forthe back-end system, and focusing on the establishment of the trust chain, credibilitydisplay; we give corresponding schemes for trace back supported goal. Our schemescan avoid the the bottleneck of Privacy CA and the non-accountability of DAA.Second, we give a design of trace back supported design with pirvacy protection, the key feature of the solution is that it can not only guarantee the trace back of goods butalso not reveal the transaction details.The protocol analysis study part gives the normative to protocols design; trustedcomputing based model guarantees the secure environment for the protocols and thetrace back supported design. |
PDF Full Text Request