部分RFID安全技术

Namie Park 等提出的用于移动电话的 UHF RFID 隐私增强保护方案

摘自:物联网安全技术 施荣华
原论文:A Security and Privacy Enhanced Protection Scheme for Secure 900MHz UHF RFID Reader on Mobile Phone

EPC memory bank
EPC Memory: This memory bank stores the EPC code, or the Electronic Product Code. It has a minimum of 96 bits of writable memory. The EPC memory is what is typically used in most applications if they only need 96 bits of memory. There are some tags that have the capability of allocating more bits to the EPC memory from the user memory. EPC memory is your first writable memory bank.
Types of Memory in RFID Tags - atlasRFIDstore

Unless the EPC memory area is locked, EPC values can be read and rewritten as many times as necessary.
17 Things You Might Not Know About Gen 2 RFID Tag Memory Banks - atlasRFIDstore

The purpose of this document is to outline a common process for write-protecting the EPC memory bank of UHF RFID tags while avoiding technical details that may become antiquated or vary between RFID chip supplier. While some RFID applications (such as those in a closed-loop environment) may not opt to write-protect RFID tags, many RFID solutions rely on tag data to be write protected. The EPC memory bank (MB01) contains serialized identification keys (EPC) that allow the unique identification of items to which the RFID tag is attached to. If the desire is to possibly change the EPC tag data after it is encoded, then the approach of “Locking” the tag (and readprotecting the password) may be used. If the desire is to not allow any changes to the EPC-enabled RFID tags, then Permalocking the EPC memory bank may be used.
GS1 US EPC Write Protection Recommendation

从上面直到EPC memory bank就是标签里放信息的位置,但它有权限,所有有lock和unlock。

passive tag, mobile phone provides write lock and write unlock feature against EPC memory bank.

Figure 4 shows the modification process and restoration process of RFID tag ID.

The original tag I D ( I D O ) ID(ID_O) ID(IDO) at figure 4 applies the specific code standard. Generally, it is the initial tag ID written by manufacturer or retailer.

Mobile phone makes the temporal tag I D ( I D E ) ID(ID_E) ID(IDE) by using cryptographic algorithm.

As shown at figure 4, the procedure of modification applies the following steps.

  1. Mobile phone identifies the original Tag I D ( I D O ) ID (ID_O) ID(IDO).
  2. Mobile phone makes the temporal tag I D ( I D E ) ID(ID_E) ID(IDE).
  3. Mobile phone unlocks EPC memory bank using Access password in order to change the tag ID.
  4. Mobile phone rewrites the temporal tag I D ( I D E ) ID(ID_E) ID(IDE) into EPC memory bank.
  5. Mobile phone locks EPC memory bank using Access password in order not to allow the attacker to write the EPC memory bank on malicious purpose.

Figure 4 shows how to restore the original tag ID from encrypted tag ID, in order to connect the ODS server and application server located at the backend. The following steps are for it.

  1. Mobile phone identifies the temporal Tag I D ( I D E ) ID(ID_E) ID(IDE). 和图中略有不同
  2. Mobile phone restore the original tag I D ( I D O ) ID (ID_O) ID(IDO).
  3. Mobile phone does ODS Query in order to get the URL of application server.
  4. Phone get the service or contents from application server
  5. Mobile phone makes the new temporal tag I D ( n e w    I D E ) ID(new\;ID_E) ID(newIDE).
  6. Mobile phone unlocks EPC memory bank using Access password in order to change the tag ID.
  7. Mobile phone rewrites the temporal tag I D ( n e w    I D E ) ID(new\;ID_E) ID(newIDE) into EPC memory bank.
  8. Mobile phone locks EPC memory bank using Access password in order not to allow the attacker to write the EPC memory bank on malicious purpose.

步骤中也明显显示了是new id

Hun-Wook 等提出的认证协议

摘自:物联网安全技术 施荣华
原论文:Symmetric Encryption in RFID Authentication Protocol for Strong Location Privacy and Forward-Security
示意图如下所示,这个示意图有点不一样,稍微改了下,可以看原论文:

S S S | A nonce generated by pseudorandom number generator

E I D E_{ID} EID | Encrypted tag ID using current key, an operation done in tag.

E I D ′ E'_{ID} EID | Encrypted tag ID using current key, an operation done in database.

R R R | Random bit streams generated in tag

R ′ R' R | Random bit streams generated in database

这里主要有几点可以辅助理解,具体的流程还是看论文中3.3 Authentication Process

  1. 上图中database下的 X 其实就是没有,这样表示,是为了对齐,便于理解,如 R 2 ′ R'_2 R2下是 L R 2 LR_2 LR2,CKey下是LKey;
  2. 这是双向认证, R 1 R_1 R1是database认证tag, R 2 R_2 R2是tag认证database。 R 3 R_3 R3则是为了同步;
  3. 失步的意思就是失去同步,失步的原因是第圈5步 R 2 ′ R'_2 R2被阻断,没有到tag,这样tag就无法验证和更新,而此时database已经更新,所以产生失步;
  4. 在算法中,until就可以看作while,为什么需要repeat?因为流密码是一个bit一个bit的产生,所以这里就是产生 E I D ′ E'_{ID} EID比特长度的流密码。
  5. 失步后继续同步是为什么会引起数据库执行全库计算,因为失步,我们无法通过之前Search E ’ I D = = E I D E’_{ID} == E_{ID} EID==EID,而只能把数据库中的所有ID和key进行 f ( I D i ⊕ T f l a g ∣ ∣ k e y i ⊕ S ) f(ID_i\oplus T_{flag}||key_i\oplus S) f(IDiTflagkeyiS)运算,这里的key就是LKey了,所以保存起来还是很有用的,返回的 R t e m p ′ R'_{temp} Rtemp,因为它是通过S更新后的 R 2 R_2 R2,而tag也是通过S更新 R 2 R_2 R2,这样才起到认证作用。
  6. 糟糕的是,如果database的 R 3 R_3 R3应该是比tag快一步,但T!=0那次,tag和database都没更新 R 3 R_3 R3,那database不是还比tag快一步嘛?而且database也没保存之前的 R 3 R_3 R3,怎么CKey就同步了。还有所以这个 L R 2 LR_2 LR2怎么就没用了,这一点,暂时不研究了,之后有机会再回来一看。
评论 1
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值