Research On Secure Authentication Scheme Of Mobile RFID

To solve the problems about identity authentication and privacy protection of mobile RFID,the paper researched and designed a complete authentication scheme that consists of a mobile RFID authentication protocol with a backend server,a mobile RFID authentication protocol without a backend server and a server/serverless adaptive mobile RFID authentication scheme.The specific research contents and contributions are summarized as follows:(1)Mobile RFID authentication protocol with a backend server based on random and dynamic shared-keyThe paper presented a mobile RFID authentication protocol with a backend server based on random and dynamic shared-key.By making the pseudorandom number not only as the parameter to keep the randomness of the authentication data,but also as the seed to update the shared-key among backend server,reader and tag,the presented protocol improved the traditional authentication method that using a pseudorandom number and solved the security problem of related dynamic key.Besides,the paper presented a new method that storing current and former shared-key in different tables to achieve the unique storage of the latest share-key and solve the problems of automatic synchronization and denial of authentication under the situation of continual desynchronization attacks.Analyses of securities and performances,BAN logic based logical proofs show that the protocol is a secure and efficient RFID authentication protocol,which can make up for the deficiencies existed in other similar protocols.(2)Serverless mobile RFID authentication protocol resistant to stolen readersDesigned a serverless mobile RFID authentication protocol that can resistant to the risks cause by stolen readers.In the protocol,the paper proposed a non-shared-key distribution method to eliminate information leakage risks that caused by stolen readers.Then presented a tag authentication method based on pseudorandom numbers to achieve constant level of tag's storage capacity,since there is no need to store the authentication information about readers,the presented protocol can broke through the readers' limition of authentication scope and reduced the hardware costs of the tags.The securities and performances analyses and logical proofs based on BAN logic show that the protocol has security performance and constant efficiency,which can make up for the deficiencies of stolen reader and restricted practicability that existed in other similar protocols.(3)Server/serverless adaptive Mobile RFID authentication schemeResearched and designed a new type of server/serverless adaptive RFID authentication scheme.By making full use of the readers' computing and storing capacity,the reader can automatically decide whether or not to connect backend server for tag authentication according to the computing result,therefore the scheme can be switched and struck a balance between a mobile RFID authentication protocol with a backend server and a mobile RFID authentication protocol without a backend server,which provided the scheme with a property of adaptability that other similar protocols doesn't having.Research conclusions show that the designed scheme can meets the security and performance requirements of mobile RFID systems,which can be applied in mobile RFID systems with a large amount of tags as a complete authentication scheme of mobile RFID.