【作者】 李娅莉；

【导师】 谷大武；

【作者基本信息】 上海交通大学 ， 计算机应用技术， 2010， 硕士

【摘要】 射频识别(Radio Frequency Identification,RFID)技术是一种使用射频信号进行目标物非接触式的自动识别技术。由于RFID技术方便的自动识别过程和标签的低廉成本,其已被广泛地应用到物流、制造业和公共信息服务等众多领域,给企业和组织带来了更高的效率和更低的成本。然而该技术存在的安全和隐私问题引起人们越来越多的关注,这些安全问题制约了RFID技术的应用,同时也在使用了该技术的应用领域埋下了安全隐患。RFID系统的安全问题主要体现在安全和隐私威胁两个方面:(1)RFID标签和读写器之间的通信是基于无线信号,通信过程容易遭受窃听、篡改、重放等攻击。(2)标签对读卡器的响应信息中通常携带身份或个人数据,而响应信息是在标签携带者未知的情况下自动发射,若非法读卡器获得这些数据便可能威胁到个人隐私。在多数RFID系统中,标签通常是大量发行且成本较低的电子标签,这些标签仅具备有限的存储、计算和处理能力,这使得代价高昂的传统密码学算法不能在低成本的标签中得到实际应用。本文重点研究RFID标签与读卡器之间无线通信的数据安全,深入分析其面临的安全和隐私威胁,以及攻击者可能采取的攻击手段,并提出对应的安全对策。取得了以下的研究成果:1)针对低成本RFID系统提出了一种双向认证协议MAP。该协议能够抵抗消息重放、异步攻击和标签被跟踪,并具有前向安全性。与相关协议相比,MAP在存储和计算性能上具有较大优势。2)考虑在某些应用中标签所有权需要转移,我们设计了一种轻量级的标签所有权可转移的RFID协议OTLAP。该协议不仅包含MAP所具备的安全特性,而且提供了标签所有权转移和抵抗Tag Killing攻击。通过对OTLAP安全性和性能分析,结果显示,该协议用较低的成本开销换取了较强的安全性。3)提出了一种面向RFID的双向认证和密钥协商协议AKEMAP。该协议在实现了双方身份的认证的基础上,协商出本次会话的会话密钥。AKEMAP同时具备前向安全和后向安全。协议的安全性通过BAN逻辑进行了检验。更多还原

【Abstract】 Radio Frequency Identification (RFID) is a non-contact and automated object identification technology that uses radio signal to identify an object carrying the identification information. Due to the automatic identification process and low-cost tag, RFID has found widespread use in many applications such as supply chain management, manufacturing, public information service industries and so on. It greatly enhances operational efficiency and reduces costs for enterprises and organizations.However, the security and privacy issues have raised people’s concerns. These threats hamper the development of RFID application and also leave security vulnerabilities in existing application areas. The main concerns are security and privacy threats. Firstly, because of the use of wireless channel between tags and readers, communications can be easily attacked by eavesdropping, tampering, replay attack and so on. Secondly, when a tag responds with identification or personal information to an unauthentic reader interrogation without alerting its owner, it threatens information and location privacy of the tag owner. In most RFID systems, tags is typically designed to be inexpensive for mass distribution, thus they have limited memory capacity, computational and processing ability. These inherent limitations of low-cost tags could not afford the use of traditional cryptographic primitives which are costly in such environments.In this thesis, we focus on the wireless channel between a tag and a reader. We provide an in-depth analysis of the security and privacy threatens on communications between tags and readers, as well as the existing attacks. On this basis, we analyze the security requirements and countermeasures. We obtain the following achievements:First, we propose a mutual authentication protocol MAP designed for RFID system. The protocol prevents security and privacy threats in RFID system including replay attack, desynchronize attack and tag location tracking. It also provides forward security. Storage and computational performances are analyzed to prove our protocol provides better performance compared with related scheme.Second, considering requirement of tag ownership transfer in some applications, we design a lightweight RFID protocol OTLAP with ownership transfer. Our protocol not only prevents security and privacy threats in MAP, but also provides tag ownership transfer and resistance to tag killing attack. OTLAP has advantages of security and privacy while not scarifying the efficiency on tag-side, compared to the related works.Third, a mutual authentication and key exchange protocol AKEMAP for RFID system is proposed. The protocol provides secure authentication and authenticated key exchange for tag and reader in each session. It also provides backward and forward security. Security of this protocol is formally analyzed using the BAN logic.更多还原