In order to solve the problems about identity authentication,privacy protection,dynamic shared-key updating and de-synchronization that emerged in mobile radio frequency identification (RFID) authentication protocols,the paper proposes a mutual authentication protocol of mobile RFID whose shared-key can be updated dynamically.Based on Hash cryptography,the proposed protocol uses pseudo-random number to perform simultaneous operations on secure shared-key updating and identity authenticating,then uses a method of dynamic deletion and addition of shared-key that respectively stored in current data table and historic data table to reserve the coherency of shared-key among backend server,reader and tag after the latest legal authentication.The securities and efficiencies analysis show that the protocol can achieve secure updates of dynamic shared-key,identity authentication and shared-key synchronization after being attacked,and in addition,the proposed protocol has strong computation and storage abilities.Compared with other similar mobile RFID protocols,the proposed protocol can make up for the deficiency of these protocols,which is suitable for RFID systems with a large number of passive tags.%针对移动无线射频识别认证协议面临的身份认证和隐私保护、动态密钥安全更新和去同步化攻击问题,提出一种可动态更新共享密钥的移动RFID双向认证协议.协议基于Hash密码机制,利用随机数同时进行密钥安全更新和身份认证,并采用对分表存储的当前和历史共享密钥进行动态添加和删除的方法,保留最后一次合法认证后的一致共享密钥.安全性能分析与效率分析表明,该协议能够实现动态密钥安全更新和身份认证、能够在遭受去同步化攻击后保证密钥同步,且具有较强的计算和存储性能.通过和同类RFID认证协议比较,协议弥补了同类RFID协议存在的不足,适用于被动式标签数量庞大的RFID系统.
展开▼
