轻量级RFID双向认证协议设计与分析

针对低成本RFID系统常用的基于Hash运算认证协议的安全性进行研究，分析了该类协议存在的安全缺陷和不足，给出设计低成本RFID认证协议满足安全需求的思路，提出了一种轻量级的RFID双向认证协议，运用BAN逻辑的形式化分析方法，对该协议的安全性进行证明。结果显示，该认证协议能满足RFID应用中面临的机密性、完整性和可追踪性的安全需求，可抵制跟踪、标签假冒、重放等攻击，弥补已有基于Hash运算的认证协议中存在的安全缺陷，更适合低成本RFID系统对应用安全的需求。

Design and Analysis of a Lightweight Mutual Authentication Protocol for RFID

The security of Hash-based operation authentication protocol, which is usually used by the low-cost RFID system, is researched. Based on the analysis of security shortcomings and flows of this protocol, a thesis of low-cost RFID authentication protocol to meet the security requirements is formulized and a light-weight RFID bi-directional authentication protocol is proposed. The security of the proposed protocol is proved by using the formal analysis method of BAN logic. The results show that the proposed protocol can meet the security requirements of confidentiality, integrity, and traceability in RFID applications. Besides, the protocol can resist attacks of tracking, label counterfeit, and replay, improve the security flaws existing in the current Hash-based operation authentication protocol, and better meets the security requirements of the low-cost RFID system.