Research On Lightweight Mobile RFID Security Authentication Protocol Based On Hash Function

Radio Frequency Identification(RFID)technology is a technology that uses wireless RF signals to realize non-contact automatic identification.It is one of the key technologies of the Internet of Things.Compared with the traditional identification technology,it has many advantages such as non-contact,anti-interference and can adapt to harsh environments,and is therefore widely used in various fields of our lives.In recent years,due to the rapid development of wireless communication technologies,and the advantages of wireless connection methods such as good mobility and ease of use,we no longer just stick to the traditional fixed reader model for RFID systems but gradually pursue an intelligent,fast and portable reader mode.However,the open wireless links in RFID systems are vulnerable to various attacks,such as eavesdropping,forgery,tracking,replay,and de-synchronization,forcing its privacy protection issues to become very serious.In addition,heavyweight cryptographic protocols do not meet the low-cost requirements of RFID tags.Therefore,designing a high-security,high-efficiency,and low-cost authentication protocol has become an important research topic.Aiming at the above problems faced by RFID system,the security authentication protocol for two kinds of mobile RFID systems without back-end database and back-end database is studied in this paper.First,two feasible RFID security authentication protocols based on lightweight hash function SPONGENT algorithm are designed.One of these is a mobile RFID authentication protocol without back-end database,enabling bi-directional authentication between readers and tags.The tags of this protocol are not equipped with a pseudo-random number generation device like most of the previous protocols.Instead,a random number update flag is introduced,and the pseudo-random number generated by the reader is used as a random number of the tag,thereby reducing the storage cost of the tags.Moreover,the use of current and previous keys storage mechanism and update mechanism can effectively prevent de-synchronization attacks that many protocols do not satisfy.The other is a mobile RFID authentication protocol with a back-end database,which enables two-way authentication among the back-end database,readers and tags.The tags of this protocol are not equipped with a pseudo-random number generation device either.Instead,it uses a hash function calculation to generate a random number,which effectively reduces the storage cost of the tags.This protocol adopts current and previous keys storage mechanism and update mechanism when back-end database authenticate readers and tags,having a strong security defense capability.Moreover,the back-end database of this protocol adopts the method of first-inquiry and post-calculation in authentication.Unlike previous protocols,it avoids the issues of inefficiency and denial-of-service attack caused by calculating all data of illegal entities.Second,this paper uses GNY logic to formally prove the designed two protocols.The results show that the designed protocols are correct and reasonable.Finally,the hardware simulation of the SPONGENT algorithm used by RFID tags is performed.It is estimated that the number of logic gates used by the protocol on the tags is 1747,which satisfies only 200 to 2000 logic components can be used to implement security in low-cost tags.Also,the proposed protocols meet the requirements of the lightweight protocol.