Research On Secure Authentication For RFID

RFID has been widely used in transportation,medical,logistics and many other fields.Because the process of RFID identification is contactless,the message in the process is easy to be leaked.Thus RFID applications are easy to be threatened by some security problems,such as counterfeiting tags,tracking positions of tags.If these problems can not be resolved,the development of RFID applications will be largely restricted.Therefor,the research on secure authentication for RFID is especially important.Secure authentication scheme for RFID not only realize the mutual authentication between tag and reader,but also generate a temporary session key for the subsequent data transmission.In many authentication schemes,the agreement of session key relys on the key management of public key cryptographic authentication,but it increases the overhead of the system.The chaotic sequences generated by chaotic systems have the characteristics of aperiodic and pseudo-randomness,these features are well suited for the design of secure authentication schemes.In addition,due to the semigroup characteristics of chaotic mapping,the system does not need to carry the key management task of traditional public key authentication,which makes the system overhead lower.The main work and innovation of this paper are as follows:1.Aiming at the affair entrustment scenario in the RFID access control system,a secure RFID authentication scheme is proposed.The two sides use random numbers and Chebyshev chaotic maps to randomize their identity,and then complete the verification of the identity of the other party with the help of a trusted third party and generate a temporary session key.The security of the scheme is provided by the Discrete Logarithm problem and the Diffie-Hellman problem.The scheme includes general authentication and entrustment authentication,not only to meet the needs of ordinary certification,but also can help users to complete the remote affairs entrustment.Compared with other similar authentication schemes,the scheme can provide better security in the case of similar performance.2.An authentication scheme with resilient leakage characteristics is proposed.In order to improve the response speed,some RFID applications need to deploy a number of proxy servers in multiple places.These proxy servers need to store the tag's password to complete the authentication.Once a proxy server is compromised,the attacker gets the password for all the tags,and the maintenance of the application needs to replace all the tags.So the scheme uses the(n,n)threshold scheme to split the tag password into multiple shadow passwords and store them separately inside the individual proxy servers.Even if the proxy server is compromised,the attacker can not refactor the tag password.Then to complete the application maintenance,maintainers only need to replace the shadow password in compromised proxy server.And the scheme has good scalability.