A Communication Protocol of RFID Systems in Internet of Things
A Communication Protocol of RFID Systems in Internet of Things
A Communication Protocol of RFID Systems in Internet of Things
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
International Journal <strong>of</strong> Security and Its Applications<br />
Vol. 6, No. 2, April, 2012<br />
E ( EPC ) , that is '<br />
'<br />
e H( E ( EPC<br />
' T<br />
)) , make substitution <strong>of</strong> K<br />
ij<br />
and E ' ( EPC T<br />
) to K and ij<br />
'<br />
K ij<br />
Tj<br />
E ( EPC ) .<br />
K ij T j<br />
K ij<br />
j<br />
'<br />
'<br />
(2) Send e and e to reader, the reader will send them to the tag. When receive e and e ,<br />
the tag recovers E ' ( EPC T<br />
) through e E ( EPC ).Certify if H ( E ' T<br />
' ( EPC T<br />
)) is equal to '<br />
e If<br />
K ij<br />
j<br />
it is, the verification is completed, make substitution <strong>of</strong><br />
Otherwise, Key Update Failed.<br />
K ij<br />
j<br />
K ij<br />
K ij<br />
K ij T j<br />
j<br />
E ( EPC ) to E ' ( EPC T<br />
) .<br />
j<br />
K ij<br />
j<br />
Transfer Stage <strong>of</strong> Ownership<br />
(1)In order to achieve the ownership transfer <strong>of</strong> tag T j<br />
, the orig<strong>in</strong>al owner <strong>of</strong> tag send the<br />
tag <strong>in</strong>formation to <strong>RFID</strong> middleware <strong>of</strong> new system. In the new ownership <strong>of</strong> the system,<br />
' '<br />
'<br />
<strong>RFID</strong> middleware, the reader and the tag re-run the key update phase, K H( K r),<br />
then<br />
encrypt<br />
EPC to generate E ' ' ( EPC T<br />
) ,then XOR E ( EPC ) and E ( EPC ) ,that is<br />
' ' T<br />
' T<br />
T j<br />
e '<br />
E EPC E EPC<br />
' T<br />
' '<br />
K<br />
j<br />
T<br />
ij<br />
Kij<br />
j<br />
K ij<br />
j<br />
( ) ( ) , then Hash function <strong>of</strong> E ' ' ( EPC T<br />
) , that is ' '<br />
e H( E ( EPC<br />
' ' T<br />
)) .<br />
' '<br />
make substitution <strong>of</strong> Kij<br />
and E ' ' ( EPC T<br />
) to<br />
K ij<br />
j<br />
K ij<br />
K ij<br />
'<br />
K<br />
ij<br />
and '<br />
K ij<br />
Tj<br />
E ( EPC ) .<br />
(2) Send e '<br />
and e to reader, the reader will send them to tag. When receive e and e ' ,the<br />
tag recover E ' ' ( EPC T<br />
) through '<br />
e E ( EPC<br />
' T<br />
).Certify if H ( E ' ' ( EPC T<br />
)) ) is equal to e . If<br />
K ij<br />
j<br />
K ij<br />
j<br />
it is, the verification is completed, make substitution <strong>of</strong> E ' ( EPC T<br />
) to E ( EPC ) In the new<br />
' ' T<br />
ownership system <strong>of</strong> tag T j<br />
, reader and <strong>RFID</strong> middleware systems have tag <strong>in</strong>formation <strong>of</strong><br />
updated keys, the orig<strong>in</strong>al ownership <strong>of</strong> the system no longer has any access to visit.<br />
4.2 Security <strong>of</strong> the SPAP<br />
Theorem1. SPAP can realize mutual authentication<br />
(1)Identity authentication <strong>of</strong> the reader<br />
Proposition 1.If any attacker R <strong>of</strong> PPT types successfully calculates the probability<br />
<strong>of</strong> t H( EPCR<br />
i<br />
) r to meet Pr[ t H( EPCR<br />
) r] ( K)<br />
, it achieve identity authentication <strong>of</strong><br />
i<br />
the reader.<br />
Pro<strong>of</strong>. The event that the attacker R can calculate<br />
EPCR i<br />
and r is recorded as Adv( R ) , it has the follow<strong>in</strong>g three possibilities:<br />
K ij<br />
j<br />
K ij<br />
j<br />
j<br />
R i<br />
j<br />
K ij<br />
ij<br />
K ij<br />
t H( EPC ) r without know<strong>in</strong>g<br />
1. the t maybe known by the attacker itself by <strong>in</strong>quir<strong>in</strong>g Oracles SendReader, Execute,<br />
CorruptRead and Test ( <br />
R<br />
) . We suppose it had <strong>in</strong>quired q<br />
i<br />
send<br />
times by Oracle<br />
SendReader ( <br />
R<br />
, Pm ,<br />
2)<br />
, q<br />
i<br />
exe<br />
times by Oracle Execute ( R <br />
T<br />
, P)<br />
. And output length <strong>of</strong> H (.)<br />
i j<br />
is l 1<br />
.Accord<strong>in</strong>g to the characteristics <strong>of</strong> birth attack<strong>in</strong>g[11],the possibility the attacker have<br />
right conjectures is no more than<br />
q<br />
q<br />
send<br />
l<br />
2 1<br />
exe<br />
.<br />
j<br />
ij<br />
j<br />
K ij<br />
j<br />
97