In order to solve the problem of malicious tracking attack that exists in RFID security protocols, a formal analysis model of tracking attack was proposed. At first, the model defined the concepts of attacker message element set. Then accroding to the algebraic calculation applied in the message in attacker message element set, the actions of attacker were deduced, and thus the attacker action set was determined. The concepts of attacker message element set and attacker action set regulated the actions and targets of attackers. Then the model introduced the concept of tag characteristic value, which conifrmed the conditions that the tracking attack existed and clariifed the attack target for tracking attack. Finally, using the proposed model, an RFID security protocol was analyzed. Through caculating the tag characteristic value of the protocol, a new tracking attack was found, which exactly proved the reliability of the model.%针对当前RFID安全协议可能存在的恶意追踪问题,文章提出了一个追踪攻击的形式化分析模型.该模型首先定义了攻击者消息元素集合的概念,之后根据攻击者消息元素集合中消息使用的代数运算,推导出攻击者的攻击行为,并由此确定攻击者行为集合.通过攻击者元素集合和攻击者行为集合,规范了攻击者攻击行为和攻击对象.之后通过引入标签特征值的概念,确定了RFID安全协议存在追踪攻击的条件,明确了攻击者发起追踪攻击的目标.最后,使用该模型对一个RFID安全协议进行了分析,计算出了该协议的标签特征值,由此发现了新的追踪攻击,证明了模型的可靠性.
展开▼
