采用云和PUF的轻量级RFID双标签认证协议

doi:10.19665/j.issn1001-2400.2023.01.020

摘要/Abstract

摘要：

针对医药系统中药品和说明书同时认证的应用需求,提出一种快速双标签身份认证方案。该方案引入云服务器和物理不可克隆函数,确保了射频识别系统的可扩展性和标签的不可克隆性。针对传统射频识别系统逐一认证双标签效率较低的问题,提出一种双标签响应合并流程;针对物理不可克隆函数引发的系统错误认证问题,计算了物理不可克隆函数响应的最佳认证阈值,以降低系统的认证错误率;针对云服务器的不可信问题,提出3种超轻量级位流函数以实现两种加密机制,从而保护前向信道免受云服务器隐私泄露的威胁。安全分析表明,快速双标签身份认证协议可满足标签匿名性和不可追踪性,并能有效地抵抗克隆攻击、去同步化攻击、重放攻击等恶意攻击。此外,使用BAN逻辑分析和AVISPA工具,进一步验证了协议的安全性。与近期的认证协议相比,快速双标签身份认证协议的服务器搜索耗时最短,在满足各项安全属性的同时,以近似单标签的资源开销实现了对双标签的快速认证,适用于资源受限的大规模双标签认证场景。

关键词: 射频识别, 双标签, 云服务器, 物理不可克隆函数, BAN逻辑分析, AVISPA工具

Abstract:

Focusing on the simultaneous authentication of drugs and instructions in the medical system,a rapid dual-tag authentication scheme(CP-LRDP) is proposed,which introduces a cloud server and PUF to ensure the scalability of the RFID system and the unclonability of tags.Aiming at the problem of sequential dual-tag authentication with a low efficiency in a traditional RFID system,a dual-tag response merging process is proposed.For the system error authentication problem caused by the PUF,the optimal authentication threshold of the PUF response is calculated to reduce the authentication error rate of the system.To solve the untrusted problem of the cloud server,three ultra-lightweight bitstream functions are proposed to implement two encryption mechanisms for protecting the forward channel from the threat of cloud server privacy leakage.Security analysis shows that the CP-LRDP not only satisfies the tag anonymity and untraceability,but also can effectively resist cloning attacks,desynchronization attacks,replay attacks and other malicious attacks.In addition,BAN logic analysis and the AVISPA tool are used to further verify the security of the protocol.Compared with recent authentication protocols,the CP-LRDP with the shortest server search time not only meets various security properties,but also realizes achieving rapid dual-tag authentication with resource costs similar to those of single-tag,which is suitable for resource-constrained large-scale dual-tag authentication scenarios.

Key words: radio frequency identification, dual-tag, cloud, physical unclonable function, BAN logic analysis, AVISPA tool

中图分类号:

TP309

艾璐琳, 常正泰, 范文兵, 孔德涵. 采用云和PUF的轻量级RFID双标签认证协议[J]. 西安电子科技大学学报, 2023, 50(1): 177-191.

AI Lulin, CHANG Zhengtai, FAN Wenbing, KONG Dehan. Lightweight RFID dual-tag authentication protocol using cloud and PUF[J]. Journal of Xidian University, 2023, 50(1): 177-191.

图/表 12

图1

表1

图2

图3

表2

协议中的符号定义"

符号	含义
I $D j g$ /RID	第j个标签对的组标识符/阅读器身份标识符
$N t j x$ /N_R/N_c	标签x(x=1,2)/阅读器/云服务器产生的随机数
K_RS	云服务器与阅读器之间的共享密钥
p,q,n	两个大素数和两者的乘积(n至少是512位)
PRNG	伪随机数发生器
APUF	仲裁器物理不可克隆函数
SCR	超轻量级位流加密函数
y	阅读器密钥
$y o l d ’$ /y^’	阅读器密钥前/后轮的加密值
C^g	标签x(x=1,2)存储的激励值
R^gx	标签x(x=1,2)内嵌APUF产生的惟一响应
$R o l d g x ’$ / $R g x ’$	标签x(x=1,2)惟一响应的前/后轮加密值
⊕/mod	异或运算/取余运算
FHD/τ	分数汉明距离运算/认证阈值

表2

表3

图4

表4

BAN的逻辑符号"

符号	说明
P?X	P接收到信息X
P\|~X	P发送过信息X
P\|≡#(X)	P相信X的新鲜性
P\|≡X	P相信X
{X}_K	用密钥K对信息X加密后的密文
P\|?X	P对信息X具有管辖权
(X,Y)	信息X和信息Y的明文信息
P\|≡P $? K$ Q	P相信与Q之间的共享密钥K

表4

图5

表5

表6

图6

参考文献 29

[1]	施虹宇, 邓伦治, 高岩, 等. 物联网中基于云的RFID认证方案[J]. 贵州师范大学学报:自然科学版, 2022, 40(2):88-95.
	SHI Hongyu, DENG Lunzhi, GAO Yan, et al. Cloud-Based RFID Authentication Scheme for Internet of Things[J]. Journal of Guizhou Normal University:Natural Sciences, 2022, 40(2):88-95.
[2]	FAN K, ZHU S, ZHANG K, et al. A Lightweight Authentication Scheme for Cloud-Based RFID Healthcare Systems[J]. IEEE Network, 2019, 33(2):44-49.
[3]	KAI F, QI L, KUAN Z, et al. Cloud-Based Lightweight Secure RFID Mutual Authentication Protocol in IoT[J]. Information Sciences, 2020, 527:329-340. doi: 10.1016/j.ins.2019.08.006
[4]	DEVADAS S, SUH E, PARAL S, et al. Design and Implementation of PUF-Based" Unclonable" RFID ICs for Anti-Counterfeiting and Security Applications[C]// 2008 IEEE International Conference on RFID.Piscataway:IEEE, 2008:58-64.
[5]	RÜHRMAIR U, SEHNKE F, HOLTER J, et al. Modeling Attacks on Physical Unclonable Functions[C]// Proceedings of the 17th ACM Conference on Computer and Communications Security. New York: ACM, 2010:237-249.
[6]	王利, 李二霞, 纪宇晨, 等. 基于PUF的抗物理克隆RFID安全认证协议[J]. 信息网络安全, 2020, 20(8):89-97.
	WANG Li, LI Erxia, JI Yuchen, et al. PUF-Based Anti-Physical Cloning RFID Security Authentication Protocol[J]. Netinfo Security, 2020, 20(8):89-97.
[7]	YE Q, SUN Z. Lightweight RFID Authentication Protocol for Cloud Services Using PUF Encryption[C/OL].[2021-12-20]. https://ieeexplore.ieee.org/document/9602061.
[8]	CHATTERJEE U, GOVINDAN V, SADHUKHAN R, et al. Building PUF Based Authentication and Key Exchange Protocol for IoT without Explicit CRPs in Verifier Database[J]. IEEE Transactions on Dependable and Secure Computing, 2018, 16(3):424-437. doi: 10.1109/TDSC.8858
[9]	SADEGHI A R, VISCONTI I, WACHSMANN C. PUF-Enhanced RFID Security and Privacy[C/OL].[2022-01-20]. https://www.researchgate.net/publication/265986050_PUF-enhanced_RFID_security_and_privac.
[10]	LIM D, LEE J W, GASSEND B, et al. Extracting Secret Keys from Integrated Circuits[J]. IEEE Transactions on Very Large Scale Integration(VLSI) Systems, 2015, 13(10):1200-1205.
[11]	RÜHRMAIR U, SOLTER J, SEHNKE F, et al. PUF Modeling Attacks on Simulated and Silicon Data[J]. IEEE Transactions on Information Forensics and Security, 2013, 8(11):1876-1891. doi: 10.1109/TIFS.2013.2279798
[12]	GU C, CHANG C H, LIU W, et al. A Modeling Attack Resistant Deception Technique for Securing Lightweight-PUF-Based Authentication[J]. IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems, 2020, 40(6):1183-1196. doi: 10.1109/TCAD.2020.3036807
[13]	MAJZOOBI M, ROSTAMI M, KOUSHANFAR F, et al. Slender PUF Protocol:A Lightweight,Robust,and Secure Authentication by Substring Matching[C]// 2012 IEEE Symposium on Security and Privacy Workshops.Piscataway:IEEE, 2012:33-44.
[14]	YU M D, HILLER M, DELVAUX J, et al. A Lockdown Technique to Prevent Machine Learning on PUFs for Lightweight Authentication[J]. IEEE Transactions on Multi-Scale Computing Systems, 2016, 2(3):146-159. doi: 10.1109/TMSCS.6687315
[15]	GOPE P, LEE J, QUEK T Q S. Lightweight and Practical Anonymous Authentication Protocol for RFID Systems Using Physically Unclonable Functions[J]. IEEE Transactions on Information Forensics and Security, 2018, 13(11):2831-2843. doi: 10.1109/TIFS.2018.2832849
[16]	CHATTERJEE U, GOVINDAN V, SADHUKHAN R, et al. Building PUF Based Authentication and Key Exchange Protocol for IoT without Explicit CRPs in Verifier Database[J]. IEEE Transactions on Dependable and Secure Computing, 2018, 16(3):424-437. doi: 10.1109/TDSC.8858
[17]	范美月, 董庆宽, 王蕾, 等. 无 TTP 带权重的多所有者 RFID 标签认证协议[J]. 西安电子科技大学学报, 2021, 48(1):133-140.
	FAN Meiyue, DONG Qingkuan, WANG Lei, et al. TTP-Free Weighted Muti-Owner RFID Tag Authentication Protocol[J]. Journal of Xidian University, 2021, 48(1):133-140.
[18]	XIE W, XIE L, ZHANG Q, et al. Cloud-Based RFID Authentication[C]// 2013 IEEE International Conference on RFID.Piscataway:IEEE, 2013:168-175.
[19]	KUMAR V, AHMAD M, MISHRA D, et al. RSEAP:RFID Based Secure and Efficient Authentication Protocol for Vehicular Cloud Computing[J]. Vehicular Communications, 2019, 11:100213.
[20]	SAFKHANI M, CAMARA C, PERIS-LOPEZ P, et al. RSEAP2:An Enhanced Version of RSEAP,an RFID Based Authentication Protocol for Vehicular Cloud Computing[J]. Vehicular Communications, 2020, 11:100311.
[21]	LIANG W, XIE S, LONG J, et al. A Double PUF-Based RFID Identity Authentication Protocol in Service-Centric Internet of Things Environments[J]. Information Sciences, 2019, 503:129-147. doi: 10.1016/j.ins.2019.06.047
[22]	黄可可, 刘亚丽, 殷新春. 基于位重排变换的超轻量级 RFID双向认证协议[J]. 计算机应用, 2019, 39(1):118-125. doi: 10.11772/j.issn.1001-9081.2018071738
	HUANG Keke, LIU Yali, YIN Xinchun. Ultra-Lightweight RFID Mutual Authentication Protocol Based on Regeneration Transformation[J]. Journal of Computer Applications, 2019, 39(1):118-125. doi: 10.11772/j.issn.1001-9081.2018071738
[23]	MUJAHID U, NAJAMULISLAM M, SHAMI M A. RCIA:A New Ultralightweight RFID Authentication Protocol Using Recursive Hash[J]. International Journal of Distributed Sensor Networks, 2015, 11(1):1-8.
[24]	SAHOO D P, CHAKRABORTY R S, MUKHOPADHYAY D. Towards Ideal Arbiter PUF Design on Xilinx FPGA:A Practitioner's Perspective[C]// 2015 Euromicro Conference on Digital System Design.Piscataway:IEEE, 2015:559-562.
[25]	CAO Y, ZHENG W, ZHAO X, et al. An Energy-Efficient Current-Starved Inverter Based Strong Physical Unclonable Function with Enhanced Temperature Stability[J]. IEEE Access, 2019, 7:105287-105297. doi: 10.1109/Access.6287639
[26]	叶乔. 采用 PUF 的云服务 RFID 系统认证协议的研究[D]. 无锡: 江南大学, 2021.
[27]	VIGANÒ L. Automated Security Protocol Analysis With the AVISPA Tool[J]. Electronic Notes in Theoretical Computer Science, 2006, 155:61-86. doi: 10.1016/j.entcs.2005.11.052
[28]	FAN K, JIANG W, LI H, et al. Lightweight RFID Protocol for Medical Privacy Protection in IoT[J]. IEEE Transactions on Industrial Informatics, 2018, 14(4):1656-1665. doi: 10.1109/TII.2018.2794996
[29]	李涛, 刘亚丽. 一种基于双PUF的RFID认证协议[J]. 计算机研究与发展, 2021, 58(8):1801-1810.
	LI Tao, LIU Yali. A Double PUF-Based RFID Authentication Protocol[J]. Journal of Computer Research and Development, 2021, 58(8):1801-1810.

位流加密函数	运算过程	计算开销
Reg^[22]	13div+13per+1xor	27BO
R_h^[23]	1mod+2xor+1rot	4BO
SCR₁	1per+1re+1xor	3BO
SCR₂	1per+1mod+1xor	3BO
SCR₃	1mod+1xor	2BO

实现方式	硬件平台	惟一性/%	可靠性/%
FPGA^[24]	Xilinx Spartan-3 XC3S400	45.25	97.12
ASIC^[25]	标准65 nm CMOS工艺	46.80	99.20

协议	通信代价	服务器搜索代价	标签存储代价	标签计算代价	阅读器计算代价
文献[2]	17L	O(N)	2L	4x+1d+3p+2rot	1T+13x+1d+5rot+5p+3m+1rm
文献[6]	12L	O(1)	2L	13x+3puf+2h+1c	—
文献[7]	13L	O(1)	2L	2per+3x+1puf+1M+1upa	1T+2pad+2x+1E
文献[28]	16L	O(1)	3L	9x+1p+3cro	1W+9x+1p+3cro
文献[29]	8L	O(N)	L	7x+2puf+4h+2p+1pad+1upa	8x+2puf+4h+2p+1upa+1pad
CP-LRDP	16L	O(1)	2L	1x+2p+2puf+4scr	6x+2p+3m+1rm+4scr+3uns