Aiming at the problem that the complex security primitives in the existing RFID authentication protocols are not applicable to resource-constrained RFID tags, an authentication protocol using ultra-lightweight displacement XOR operation and physical non-clonable function (PUF) is proposed: The substitution XOR operation ensures that there are more than two variables unknown to the attacker every time the information is encrypted, replacing the traditional hash function for message authentication. Using random number and response value generated by PUF to update IDS, untraceable tag is realized. The response value is sent in ciphertext, and because of the untraceable characteristics of the tag, the attacker cannot determine which tag the excitation value belongs to, effectively resisting physical cloning attacks and modeling attacks. By using BAN logic and Scyther verification tool, experiments show that this protocol can effectively resist a variety of malicious attacks such as tracing, replay, desynchronization, physical cloning and modeling attacks. Compared with other protocols, this protocol meets the requirements of security attributes while reducing the cost of computing and storage, and is suitable for resource-limited scenarios.

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

Ultra-Lightweight RFID Two-Way Authentication Protocol Based on PUF and Substitution

  • Shuai Wang,
  • Rong Chen,
  • Xiaotian Zhang,
  • Sen Xu

摘要

Aiming at the problem that the complex security primitives in the existing RFID authentication protocols are not applicable to resource-constrained RFID tags, an authentication protocol using ultra-lightweight displacement XOR operation and physical non-clonable function (PUF) is proposed: The substitution XOR operation ensures that there are more than two variables unknown to the attacker every time the information is encrypted, replacing the traditional hash function for message authentication. Using random number and response value generated by PUF to update IDS, untraceable tag is realized. The response value is sent in ciphertext, and because of the untraceable characteristics of the tag, the attacker cannot determine which tag the excitation value belongs to, effectively resisting physical cloning attacks and modeling attacks. By using BAN logic and Scyther verification tool, experiments show that this protocol can effectively resist a variety of malicious attacks such as tracing, replay, desynchronization, physical cloning and modeling attacks. Compared with other protocols, this protocol meets the requirements of security attributes while reducing the cost of computing and storage, and is suitable for resource-limited scenarios.