Multi-owner Lightweight RFID Authentication And Ownership Transfer Protocol Design

With the popularization of Internet of Things technology,Radio Frequency Identification(RFID)as its key technology is also more and more widely concerned by people,coupled with RFID technology itself without physical contact,and easy to manufacture and design and other outstanding characteristics,so that it is more and more widely used in the field of application.In order to protect the security and privacy of RFID system,people have done a lot of research and put forward a lot of RFID authentication and ownership transfer schemes.These schemes respectively consider whether there is a backend database,whether the backend database is offline,whether to rent a cloud server and other issues,but also consider the use of different overhead and cost of cryptographic technology to achieve authentication.However,most of these studies are for single-owner tags.In practical application,tags may not only have one owner in their life cycle,but may have two or more owners at the same time,and the weight of ownership owned by different owners may also be different.In this case,the research on multi-owner RFID tag authentication protocol has important value,of course,the complexity of multi-owner tag authentication protocol design will increase exponentially.Based on the above situation,this paper studies the security authentication and ownership transfer of multi-owner RFID system,and obtains the following results:Firstly,a multi-owner RFID tag authentication protocol with no trusted third party and weight is proposed to solve the problem of multi-owner RFID tag authentication.The protocol uses Shamir secret sharing threshold scheme to manage the key and encrypts the message based on the key stream generated by the hash function,which realizes the twoway authentication of each reader and tag.The protocol does not require the participation of a trusted third party,and it can update the key and resist desynchronization attacks,which is more concise and efficient than similar protocols.Meanwhile,the protocol is proved to satisfy the bidirectional authentication according to BAN logic.The security analysis shows that the protocol meets the security characteristics of replay attack,desynchronization attack,forward security,untraceability,confidentiality and denial of service attack.Then,on the basis of multi-owner RFID tag authentication,a multi-owner RFID tag ownership transfer protocol with no trusted third party and weight is proposed.In the ownership transfer process,only the new owner in the tag owner group has not authenticated with the tag,so only the new tag owner in the tag owner group needs to be authenticated,and then the tag updates the key,and generates the sub-key using Lagrange interpolation polynomial,and finally the tag distributes the sub-key according to the weight of the tag owner.At the same time,the security of the protocol is proved according to BAN logic,and the security attributes of the protocol are verified by AVISPA simulation tool.