A Communication Protocol of RFID Systems in Internet of Things

More documents

Recommendations

Info

International Journal of Security and Its Applications Vol. 6, No. 2, April, 2012 2. Or r has already been inquired by Oracle Execute, CorruptRead, SendReader and ' Test ( ) . We suppose it inquired q times before and now inquires q times, then the Ri ' q possibility the attacker have right conjectures is no more than q . 3. Or the attacker successfully calculates EPCR i that the length of EPCR i is l 2 , the probability for attacking successfully is In all, 1 . 2 2 l ' qsend qexe q 1 Pr[ t H( EPCR ) r] Pr[Adv(R)] Pr[ ] , i l1 l2 2 q 2 ' qsend qexe q 1 ( K) Pr[ ], So the proposition is proved. l1 l2 2 q 2 (2)Identity authentication of the tag Proposition2. If the symmetric encryption is secure, any attacker T of PPT types successfully calculates the probability of a H( E ( EPCT ) r) to meet K ij T j K ij j Pr[ a H( E ( EPC ) r)] ( K) , it achieve identity authentication of the reader. Proof.The event that the attacker can calculate K ij T j a H( E ( EPC ) r) without knowing K ij T j E ( EPC ) and r is recorded as Adv( T ) , it has the following three possible: 1. the a maybe known by the attacker T itself by inquiring Oracles SendReader, Execute, CorruptRead and Test ( T ) ,We suppose it had inquired q j send times by Oracle SendTag ( T , Pm , 1) , q j exe times by Oracle Execute ( R T , P) .And output length of H (.) is i j l . According to the characteristics of birth attacking[11] ,the possibility the attacker 1 has the right conjectures is no more than q q send l 2 1 2. Or r has already been inquired by Oracle Execute, CorruptRead, SendReader and ' Test ( ). We suppose it inquired q times before and now inquires q times, then the Tj possibility the attacker have right conjectures is no more than 3. Or the attacker can E ( EPC T ), because the symmetric encryption is secure, so the K ij j probability of successfully calculating So K ij T j exe . E ( EPC ) is neglected. ' qsend qexe q Pr[ a H( EK ( EPCT ) r)] Pr[Adv(T)] Pr[ ] , ij j l1 2 q ' qsend qexe q ( K) Pr[ ] , proposition is proof. l1 2 q Theorem 2.If the symmetrical encryption is secure, SPAP can achieve forward security. ' q q . 98
International Journal of Security and Its Applications Vol. 6, No. 2, April, 2012 Proof. If the attacker Q know the information e E ( EPC ) E ' ( EPC ), ' e H E ' EPC K ij Tj ( ( )) of the tag at time t 2 , and successful get K ij T j Kij Tj K ij Tj E ( EPC ) and K ij at time t 1 , we note the event as Adv( Q ) . The attacker execute the inquiry of Execute, SendReader, SendTag, CorruptRead, CorruptTag, Test ( T ) and Test ( R ) in sequence. We suppose the attacker Q inquires q exe times by Oracle Execute ( R T , P), q i j send times by Oracle SendTag ( T , Pm , 1) and SendReader ( j R , Pm , 2) , and the output length of i H (.) is l 1 . According to the characteristics of birthday attack, the possibility that the attacker successfully get the key of tag at time t is 2qsend qexe 1 Pr[Adv( Q)] , and l1 2 2qsend qexe can be ignored. Similarly, probability of successfully get E l K ( T ) 1 2 ij EPC j can also be ignored. And the theorem is tenable. Theorem 3.SPAP can realize the Tag information indistinguishable. Proof, j1, j2 [1, M] , If the attacker D want to distinguish and identify the secret information of T j and T 1 j , the attacker inquiries the Oracles Execute, SendReader, 2 SendTag, CorruptRead, CorruptTag, Test ( ) ,because SPAP can realize mutual authentication, forward security, internal security, security of ownership transfer, so if the event the attacker D can successfully identify and distinguish the secret information of T j and T 1 j is recorded I den( D ) , Pr[I den( D)] ( K) .That is to say, the attacker does not 2 have the legitimacy, can't identify the tag information, also can't distinguish between the target. So the theorem is proved. Theorem 4.SPAP can implement internal security. j Proof. i, j [1, N] , m, n [1, M] , suppose that reader R i(R j ) successfully identify tag T m(T n ) by fabricating R j(R i ) , we denote it as Adv( NR ) . Because it has the only key K ij between every legal reader and tag in the system, and theorem 1 has proved tag can achieve authentication of reader, so Pr(Adv( NR) ( K) . Similarly, if T m(T n ) successfully identified by R i(R j ) through fabricating T n(T m ) , we denote it as Adv( NT ) , then Pr(Adv( NT) ( K) . And the theorem is tenable. Theorem 5.SPAP can realize the security of ownership transfer Proof. Because there is the only authentication key between any tag and reader for SPAP, after the ownership transfer, the only authentication key between any tag and reader is updated, at the same time, SPAP also can realize the two-way authentication, therefore, That is, i [1, N] , j [1, M] , After ownership transfer of the tag T j , T j may become T j ,the event that the read R i successfully gets information of the tag T j can be denoted as Adv( Z ) , Pr[Adv( Z)] ( K) . So the theorem is proved. 5. Performance Analysis Safety performance[12] for a authentication is of great importance, the security of SPAP and the previous typical authentication protocols are analyzed in table 2, √ and Tj i 99
Page 1 and 2: International Journal of Security a
Page 7: International Journal of Security a

A Communication Protocol of RFID Systems in Internet of Things

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?