Research On Zero-knowledge Proofs Protocol Of RFID

The Internet of Things (IOT) can be used to realize the identification, trackingand query of the target that fixed with the RFID tags around the worldwide. Today,IOT has been a major strategy of economic development and technological innovationin many countries. RFID plays an important role in perception layer of IOT and hasbeen widely used in the medical, payment, ticketing, supply chain management andother fields with its excellences such as rapid identification, convenience andflexibility, security, reusability and so on. RFID is one of the foundation technologiesfor the development of IOT.However, the traditional security solutions cannot be directly applied inmulti-server systems like IOT and supply chain, because the existing protocls can notstand the internal attack. To reslove the problem, a zero knowledge proof protocol ofRFID based on the key array is proposed after analyzing the current key arrayarchitecture protocols. The main contributions are as follows:Firstly, the detailed introductions about the cryptographic knowledge of key array,zero-knowledge proof and random generation have been investigated, and based onthis, common attacks and advantages and disadvantages of existing security protocolshave been studied seriously as the basis of protocol proposed in this paper.Secondly, the necessity and feasibility of introducing the theory of zeroknowledge proof into the key array architecture are pointed out, after analyzing therepresentative protocol KAAP.Thirdly, the lightweight protocol KAZK has been put forward by taking theadvantage of zero-knowledge proof scheme and key array architecture, andperformance analysis of KAZK also has been done. Additionaly, several attackmodels are established to analyze the security and privacy of KAZK.Results of performance analysis and attack modles analysis prove that with somecomplexity and tag cost, KAZK can resist major external attacks, such as replay,tracking and denial of service. Especially, it has high security and practicality for theinternal attacks. Therefore, KAZK is a much better and safer protocol to be applied inmulti-server systems, such as IOT and supply chain.