| Radio frequency identification is a kind of automatic identification technology,which uses radio frequency signal to achieve information interaction.It is widely used in logistics management,medical device management,traffic control and so on.In these applications,it is required that the RFID tag and the reader authenticate each other,the security and privacy of the data also need to be guaranteed.Moreover,the RFID system is in wireless communication environment,which is easy to suffer from eavesdropping,data tampering,privacy leakage and other security threats,the design of secure and efficient authentication protocol to protect RFID system security and privacy has important significance.With the rapid development of the Internet of things,a large number of objects access to the Internet through radio frequency identification technology,which makes the maintenance costs of the RFID back-end database server continue to rise,traditional RFID system is no longer applicable to such an application environment.Cloud-based RFID system adopts the way of renting cloud storage service on demand,which can save expenses of enterprises and reduce the costs of system maintenance,it is better adapted to the needs of small and medium-sized enterprises,therefore,it gets more wide attention.However,the security and privacy issues of the cloud-based RFID system are more serious than those of the traditional RFID systems.The RFID reader and the cloud database server are connected through the Internet,usually using the wireless channels.The reader can move freely.The communication channel between the reader and the cloud database server is no longer secure,which faces the threats such as eavesdropping,tampering and forging.Meanwhile,the cloud service provider is not trusted,both the location privacy of the reader and the data privacy of the RFID system are not able to be directly exposed to the cloud service provider.In view of these issues,in this thesis the low-cost cloud-based RFID authentication and privacy protection protocol is researched,and the obtained results are as follows.Firstly,a low-cost cloud-based RFID authentication protocol is proposed without considering the location privacy problem of the reader,which focuses on the conciseness and efficiency.The protocol is designed mainly based on hash function,it meets the requirement of low cost,and provides the mutual authentication between the reader and the tag,moreover,the protocol satisfies the security requirements of untraceability,forward security,resisting replay attack,anti-de-synchronization attack and resisting denial of service attack,etc.The protocol is formally analyzed by BAN logic,which proves that the proposed protocol is secure,the protocol is verified experimentally by AVISPA tool,which further proves the designed protocol is secure and feasible.Secondly,an MIPv6-based RFID authentication protocol with the protection of the reader's location privacy in the cloud environment is proposed.The protocol considers not only the mutual authentication between the reader and the tag,but also the security of information transmission on communication channel.In particular,in order to solve the problem that the reader's location information is easy to expose,the RFID system of this scheme is designed based on MIPv6 network framework without adding additional infrastructure.The protocol meets the RFID security requirement,the formally analysis with BAN logic and the experimental verification with AVISPA tool show that the protocol is secure.Compared with similar cloud-based schemes,the proposed protocol has obvious advantages in deployment cost,scalability,real-time authentication,and the tag's computational complexity. |
PDF Full Text Request