【作者】 郭虎；

【导师】 王尚平；

【作者基本信息】 西安理工大学 ， 应用数学， 2008， 硕士

【摘要】 无线射频识别(Radio Frequency Identification简称RFID)技术是一种非接触式的数据采集与自动识别技术,利用它可以快速地对目标进行远距离信息采集与自动识别。RFID技术目前被逐步地应用于工业生产和日常生活的各个方面,但其在应用中还存在着不可忽视的隐患—缺乏完善的安全机制,其广泛地应用也将给消费者带来隐私威胁问题。隐私问题是由RFID标签的基本功能引起的,每个标签的ID都能在远程被任意扫描,标签自动回复阅读器并且不加区分地发送自己的信息。这个性质可以被用来远距离追踪特定的用户或者物体。当前,RFID的安全性问题己经成为制约其大规模应用的重要因素。本文首先介绍了RFID技术在国内外的发展及现状,进而对RFID的组成、分类、原理、优势及典型应用进行了概述,接着对RFID系统存在的安全问题和隐私问题进行了详细阐述,然后对无线射频系统现有的安全和隐私保护方案进行了评估分析,指出其不足之处。在全面了解RFID标签面临的隐私问题和已有的隐私保护技术的基础上,利用Hash链构造了新的RFID隐私保护方案,新方案在标签中引入了数据库标识符字段,与原Hash链方法相比,新方案在阅读器认证RFID标签时,首先根据标签的数据库标识符字段快速判断标签是否属于本数据库系统,如果不属于则不需要进一步的处理,并且避免了拒绝服务攻击和中间人攻击。新方案在大规模使用RFID标签的情况下,在确保安全的同时可以降低计算负载。最后针对本文构造的方案,在VC++环境下对阅读器与标签相互认证、标签自动更新以及后端数据库更新过程进行了程序模拟。更多还原

【Abstract】 Radio frequency identification (RFID) is a kind of non-contact data acquisition and automatic identification technology, which is used to remotely and quickly collect data of objects and automatically identify them. Now RFID technology is gradually used in various fields of industry production and daily life, but there still exist hidden troubles in applications, which can’t be ignored—the lack of security mechanism, where widespread application of RFID tag may violate user privacy. The core problem derives from the basic function of RFID tag, each tag ED can be scanned remotely by anyone, tag automatically responds to any reader and transmits its data without identification. This feature can be used to track a specific user or object remotely. Currently security of RFID has become an important factor which prevents RFID from being adopted in large scale.At first, this thesis briefly introduces the development and current status of RFID domestically and abroad, then gives an overview of constitution, classification, principles, advantages and typical applications of RFID, illustrates security and privacy problems existing in RFID system in detail, and finally evaluates and analyzes existing security and privacy protection scheme for Radio Frequency system and specifies its shortages. Based on comprehensive understanding to privacy problem faced by RFID and existing privacy protection technology, a new scheme to protect the privacy of RFID is proposed, in which a database identifier field in RFID tag was introduced based on Hash-chain method. Compared with the original hash-chain method, during the RFID tag is identified by a reader, the tag will be quickly authenticated by the new scheme whether it belongs to the database system that the reader associated or not. A further treatment is not required if the RFID tag doesn’t belong to database system. The new scheme avoids DoS attack and MITM attack. In case of widespread application of RFID tag, calculation load can be reduced while RFID security is guaranteed by the new scheme.Finally, mutual authenticate between reader and tag, automatic update of tag and update of back-end database pro grammatically in VC++ environment are simulated according to schemeintroduced in this thesis.更多还原