Research On RFID Security Authentication Protocol For Internet Of Things

Radio frequency identification technology is a technology that uses radio frequency technology to automatically identify objects such as objects and people in an open environment.With the development of the Internet of Things.RFID technology has been widely used in various industries.The open wireless communication channel is vulnerable to a variety of malicious attacks and security risks in RFID systems.So.it has become a major obstacle to the deployment of RFID technology in many applications fields.The security and privacy protection of RFID authentication protocols have been concerned by more and more researchers,but most of the existing RFID authentication protocols have security and privacy risks.Therefore,designing RFID security authentication protocols for the Internet of Things is an important way to ensure user security authentication and privacy protection.This thesis focuses on the security and privacy hazards existing in RF1D authentication communication between reader and tag and also in tag ownership transfer process of RFID systems.The research results in the following three areas have been achieved:1.An ultra-lightweight RFID mutual authentication protocol based on regeneration transformation(RRMAP)is proposed,which implements the ultra-lightweight authentication mechanism on low-cost passive RFID tags.The definition of regeneration transformation(Reg(X,Y))is proposed:The regeneration transformation perform reverse sequence self-combination transformation on the two binary arrays and then perform parity adjacent crossover-xor operation.The mutual authentication between the reader and the tag has been achieved by the defined regeneration transformation,combining with the left cyclic shift operation(Rot(X,Y))and the modular 2m addition operation(mod 2m(+)).The formal security analysis results of BAN(Burrows-Abadi-Needham)logic and Scyther individually indicate that RRMAP protocol has the properties of security and privacy protection and can resist typical malicious attacks faced by RFID systems.Compared with some typical ultra-lightweight RFID authentication protocols,RRMAP protocol reduces the storage consumption and computational cost at the tag's end and meanwhile meets the resource-constrained computational and storage requirements of low-cost passive RFID tags effectively.The proposed RRMAP protocol is suitable for RFID mutual authentication system for low-cost passive RFID tag in the Internet of things environment.2.An ultra-lightweight tag ownership transfer protocol based on PUF(PUROTP)for RFID tags is proposed,which solves many malicious attacks faced by RFID tag ownership transfer protocol,such as data integrity breach,physical cloning attack,desynchronization attack etc,and also can effectively guarantee the data privacy of the tag owner.PUROTP protocol constructs the direct communication process between the tag and the current owner,the tag and the new owner by the left cyclic shift transformation(Rot(X,Y))and XOR operation(?)as well as the physical unclonable function opration(P(·))built into the tag.PUROTP protocol achieves double mutual authentication between the tag and the current owner.the tag and the new owner,avoiding the trusted third party in the process of RFID ownership transfer.The formal security analysis results of BAN logic and Scyther individually show that PUROTP protocol can effectively protect the data privacy of interactive information in the communication process of label ownership transfer.Results of a comparison with the security attributes and performance aspects of existing typical RFID ownership transfer protocols indicate that PUROTP protocol not only has the security attributes in the process of tag ownership transfer,such as data integrity,forward security and mutual authentication,etc,but also can resist a variety of malicious attacks such as physical clone attack,replay attack,man-in-the-middle attack,desynchronization attack and so on.PUROTP protocol overcomes the security and privacy risks of the existing schemes without additional computational cost and storage overhead,which is suitable for commodity management systems with continuous security transfer of product ownership.3.An ultra-lightweight RFID mutual authentication protocol based on BlockChain and PUF(BPURMAP)is proposed,which solves the single point failure problem of data storage in traditional centralized RFID systems.BPURMAP protocol constructs a mutual authentication process between the reader and the tag by the challenge-response pairs of Physical Unclonable Function and the shared key between the reader and the tag stored on the BlockChain.The security of BPURMAP protocol is verified by GNY(Li Gong-Roger Needhamm-Raphael Yahalom)logic and the formal security analysis tools Scyther,which indicates that BPURMAP protocol has the security attributes of interactive information during the communication process,such as data confidentiality,data integrity,forward security,etc.At the same time.BPURMAP protocol can resist many kinds of malicious attacks,such as replay attack.desynchronization attack.physical clone attack and so on.BPURMAP protocol reduces the computational overhead and storage cost at the tag's end and does not increase the communication overhead,which is suitable for the blockchain-based supply chain management systems.