Matinez et al has proposed a secure RFID protocol which only relies on the use of Elliptic Curve Cryptography and a zero knowledge based authentication scheme. In this paper, we present that the proposed protocol can’t resist desynchronization attack. The attacker only block the last acknowledge message from Back End Server. Then the share key of Tag and Back End Server is different. For this, we propose our revised scheme, and prove that revised scheme can resist desynchronization attack.%Matinez等人已经提出了一种只依赖于椭圆曲线密码和零知识认证模式的无线射频认证协议。本文中,我们指出该协议不能抵抗去同步化攻击。攻击者只需拦截最后服务器发给标签的确认消息,就会导致后台服务器和标签存储的共享秘钥不一致。对此,我们提出了修正方案,并证明了修订后的协议可以抵抗去同步化攻击。
展开▼
