[go: up one dir, main page]

CN107423647B - RFID entrusted authentication method for smart home - Google Patents

RFID entrusted authentication method for smart home Download PDF

Info

Publication number
CN107423647B
CN107423647B CN201710203811.5A CN201710203811A CN107423647B CN 107423647 B CN107423647 B CN 107423647B CN 201710203811 A CN201710203811 A CN 201710203811A CN 107423647 B CN107423647 B CN 107423647B
Authority
CN
China
Prior art keywords
reader
tag
party
trusted
identity
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201710203811.5A
Other languages
Chinese (zh)
Other versions
CN107423647A (en
Inventor
周由胜
李缘
蒋溢
王永
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Chongqing University of Post and Telecommunications
Original Assignee
Chongqing University of Post and Telecommunications
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Chongqing University of Post and Telecommunications filed Critical Chongqing University of Post and Telecommunications
Priority to CN201710203811.5A priority Critical patent/CN107423647B/en
Publication of CN107423647A publication Critical patent/CN107423647A/en
Application granted granted Critical
Publication of CN107423647B publication Critical patent/CN107423647B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06KGRAPHICAL DATA READING; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
    • G06K7/00Methods or arrangements for sensing record carriers, e.g. for reading patterns
    • G06K7/10Methods or arrangements for sensing record carriers, e.g. for reading patterns by electromagnetic radiation, e.g. optical sensing; by corpuscular radiation
    • G06K7/10009Methods or arrangements for sensing record carriers, e.g. for reading patterns by electromagnetic radiation, e.g. optical sensing; by corpuscular radiation sensing by radiation using wavelengths larger than 0.1 mm, e.g. radio-waves or microwaves
    • G06K7/10257Methods or arrangements for sensing record carriers, e.g. for reading patterns by electromagnetic radiation, e.g. optical sensing; by corpuscular radiation sensing by radiation using wavelengths larger than 0.1 mm, e.g. radio-waves or microwaves arrangements for protecting the interrogation against piracy attacks
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06KGRAPHICAL DATA READING; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
    • G06K7/00Methods or arrangements for sensing record carriers, e.g. for reading patterns
    • G06K7/10Methods or arrangements for sensing record carriers, e.g. for reading patterns by electromagnetic radiation, e.g. optical sensing; by corpuscular radiation
    • G06K7/10009Methods or arrangements for sensing record carriers, e.g. for reading patterns by electromagnetic radiation, e.g. optical sensing; by corpuscular radiation sensing by radiation using wavelengths larger than 0.1 mm, e.g. radio-waves or microwaves
    • G06K7/10257Methods or arrangements for sensing record carriers, e.g. for reading patterns by electromagnetic radiation, e.g. optical sensing; by corpuscular radiation sensing by radiation using wavelengths larger than 0.1 mm, e.g. radio-waves or microwaves arrangements for protecting the interrogation against piracy attacks
    • G06K7/10287Methods or arrangements for sensing record carriers, e.g. for reading patterns by electromagnetic radiation, e.g. optical sensing; by corpuscular radiation sensing by radiation using wavelengths larger than 0.1 mm, e.g. radio-waves or microwaves arrangements for protecting the interrogation against piracy attacks the arrangement including a further device in the proximity of the interrogation device, e.g. signal scrambling devices
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/001Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using chaotic signals
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0643Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0866Generation of secret information including derivation or calculation of cryptographic keys or passwords involving user or device identifiers, e.g. serial number, physical or biometrical information, DNA, hand-signature or measurable physical characteristics
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0869Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0877Generation of secret information including derivation or calculation of cryptographic keys or passwords using additional device, e.g. trusted platform module [TPM], smartcard, USB or hardware security module [HSM]

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Physics & Mathematics (AREA)
  • Health & Medical Sciences (AREA)
  • Toxicology (AREA)
  • General Engineering & Computer Science (AREA)
  • Electromagnetism (AREA)
  • General Health & Medical Sciences (AREA)
  • Artificial Intelligence (AREA)
  • Computer Vision & Pattern Recognition (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Power Engineering (AREA)
  • Storage Device Security (AREA)

Abstract

本发明请求保护一种面向智能家居的RFID委托认证方法,涉及智能家居领域。基于RFID的门禁系统被广泛用于智能家居解决方案中,但是现有门禁认证方案无法适用于用户委托情形,例如用户无法在远出旅游或出差期间委托他人进入自己家中以完成某些任务。本发明提供了一种用户自主授权的RFID委托认证方案来解决这种问题。本发明首先设计了一种普通RFID认证协议,用于智能家居中的一般认证场景;在此基础上,针对事务委托场景,提出了一种委托认证协议。本方案基于切比雪夫混沌映射设计,使得用户可以远程完成事务委托。

Figure 201710203811

The invention claims to protect a smart home-oriented RFID entrusted authentication method, which relates to the field of smart home. RFID-based access control systems are widely used in smart home solutions, but existing access control authentication solutions cannot be applied to user entrustment situations, such as users who cannot entrust others to enter their home to complete certain tasks during a long trip or business trip. The present invention provides a user-authorized RFID entrusted authentication scheme to solve this problem. The present invention first designs a common RFID authentication protocol, which is used in a common authentication scenario in a smart home; on this basis, an entrusted authentication protocol is proposed for the transaction delegation scenario. This scheme is based on the Chebyshev chaotic map design, which enables users to complete transaction delegation remotely.

Figure 201710203811

Description

RFID entrusted authentication method for smart home
Technical Field
The invention belongs to the field of intelligent home furnishing, and relates to an intelligent home furnishing-oriented RFID entrusted authentication method.
Background
The intelligent home is pursued by experts and people due to the characteristic of bringing great convenience to people. The RFID technology is used for the access control system, so that the user can save the use complexity and the maintenance inconvenience in the unlocking process of the traditional key, and the problem which cannot be solved by the traditional mechanical door lock can be solved. For example, when a user (a) is on business or on a trip and cannot return on schedule, another user (B) needs to be entrusted to his/her home to perform some tasks, such as feeding pets. Because the incident is sudden, A does not give the key to B in advance, so B has no other more convenient method to enter the family of A and finish entrusted affairs except that the door is broken, so the traditional door lock based on machinery obviously can not meet the requirement, but the access control system adopting RFID technology can solve the problem. One possible method is to inform a control center (such as a property management center) to open a door B, but the entrusting mode has a large risk, on one hand, the control center is not completely trusted, and the control center is preset to have a door opening authority and have certain potential safety hazards; on the other hand, this is not preferable since the security of all the resident property is seriously threatened once the control center is subjected to a malicious attack by a hacker. Therefore, a secure delegation way of user autonomous authorization is proposed herein.
Disclosure of Invention
The present invention is directed to solving the above problems of the prior art. The RFID entrusted authentication method for the smart home is capable of improving safety. The technical scheme of the invention is as follows:
an RFID entrusting and authenticating method facing smart home comprises a common authenticating stage and an entrusting and authenticating stage; in the common authentication stage, the first user generates a random number and performs hash calculation to obtain hTg, hTgFor trusted third parties to verify their identity, TTgThe chaos mapping value generated by random generation is used to contain hTg、TTgThe first reader receives the label and then checks the current time stamp inequality of the reader, if yes, the first reader generates a random number and then carries out Hash calculation to obtain hRd,hRdFor trusted third parties to verify their identity, TRdThe chaos mapping value generated by random generation is used to contain hRd、TRdThe first reader label and the user label are sent to a trusted third party, the trusted third party carries out identity verification of the first user label and identity verification of the first reader, and after the verification is successful, the first reader and the first user are returned to generate a session key between the first reader and the first user;
in the entrusting and authenticating phase, the entrusting and authenticating phase comprises: the trustee generates information containing the identity of the trustee to a trusted third party, and the trusted third party performs authentication and stores the information of the trustee; in the authentication stage, the entrusted person sends an information tag containing a hash value and an identity of the entrusted person to a first reader for inspection, the first reader generates a first reader tag after the inspection is successful and sends the first reader tag to a trusted third party, the trusted third party carries out identity authentication of the first reader and the entrusted person, if the identities of the first reader and the entrusted person are authenticated, whether the tag is the same as an identity ID stored in the previous entrusting stage is judged, the identity of the entrusted person is judged, authentication passing information is returned to the first reader and the entrusted person, a session key between the first reader and the entrusted person is generated, and entrusted authentication is completed.
Further, in the ordinary authentication stage, the first user generates a random number x by generating the random number and the Tag-aTgThen calculate
Figure DEST_PATH_GDA0001310698650000021
hTg=h(IDTg_A||PWTg_A||tTg||TTg) Wherein (r, T)S=(Ts(r) modp), p) is the public key of the trusted third party, s is the private key of the trusted third party, IDTg_AIs the true identity of the Tag-A, PWTgIs the shared password of the Tag-A and the trusted third party, tTgIs a time stamp, p represents a large prime number, KTSKey, ID ', representing the first Tag-A and the trusted third party'Tg_ARepresents the anonymous identity of the Tag-A, hTgFor trusted third party to verify identity, and then tag sending MTg={hTg,tTg,TTg,ID'Tg_AGiving the reader.
Further, in the ordinary authentication stage, after the first reader receives the tag, the examination of the current time stamp inequality of the reader specifically includes: the first Reader-A first checks the inequality (t)Rd-tTg) Whether or not △ t is satisfied,tRdfor the current timestamp of the reader, if true, the first reader will generate a random number xRdThen calculate
Figure DEST_PATH_GDA0001310698650000022
hRd=h(IDRd_A||PWRd_A||tRd||TRd) Wherein IDRd_AIs the identity of Reader-A, PWRd_AShared passwords for Reader-A and trusted third parties, TRdIs a chaotic mapping value generated based on a random number, and then the reader transmits MRd={hRd,tRd,TRd,ID′RD_A},MTgTo a trusted third party.
Further, the normal authentication phase is performed when M is receivedRd,MTgThereafter, the trusted third party first checks the inequality (t)S-tTg) △ t ≦ if the inequality holds, then the trusted third party calculates K ≦ if the inequality holds'TS=Ts(TTg)modp,K'RS=Ts(TRd)modp,
Figure DEST_PATH_GDA0001310698650000031
ID″Tg_ARepresents the anonymous identity, ID ', of the Tag-A'Rd_ARepresenting anonymous identity, K ', of Reader-A'TSKey, K ', representing trusted third party and Tag-A'RSRepresenting a key representing a trusted third party and Reader-A, and then according to ID ″Tg_AFind the corresponding PW in its memory cellTg_AAnd calculating h'Tg=h(ID″Tg_A||PWTg_A||tTg||TTg) Then h 'are compared'Tg,hTgIf they are the same, the identity of the label is authenticated by the trusted third party, the identity of the reader is verified in the same way, if the identities of the label and the reader are both verified, the trusted third party verifies according to the ID ″Tg_AIn the stored tuple (ID)Tg,IDRd,PWTg) Finds the corresponding ID thereinRdIt is then compared with IDRd_AIn comparison, if equal, the trusted third party assumes that the reader is the owner of the tag, where equal is apparent, and then the trusted third party knows that the tag is the tag corresponding to the reader, and then the trusted third party calculates
Figure DEST_PATH_GDA0001310698650000032
Figure DEST_PATH_GDA0001310698650000033
Own indicates that the reader is the owner of the tag,
Figure DEST_PATH_GDA0001310698650000034
used for Reader-a to verify the identity of a trusted third party,
Figure DEST_PATH_GDA0001310698650000035
for Tag-A to verify trusted third party identity, MTs1Is a message combination to Reader-A, MTs2Is a message combination for a Tag-A, and a trusted third party sends MTs1,MTs2To the first reader.
Further, the first Reader-A receives MTs1,MTs2Then, calculate
Figure DEST_PATH_GDA0001310698650000036
It is mixed with
Figure DEST_PATH_GDA0001310698650000037
In comparison, if equal, the reader knows that the tag was successfully authenticated by the trusted third party, and then it will authenticate MTs2Sending to the tag, the reader computing
Figure DEST_PATH_GDA0001310698650000038
As a session key with the first user tag; tag receipt MTs2Then, first calculate
Figure DEST_PATH_GDA0001310698650000039
It is mixed with
Figure DEST_PATH_GDA00013106986500000310
Comparing, if the two are equal, the tag knows that the authentication by the trusted third party is successful, and then the tag calculates
Figure DEST_PATH_GDA00013106986500000311
After this operation is completed, the mutual authentication of the tag and the reader is completed as a session key with the reader.
Further, the delegation phase: the client is requested by generating a packageThe label of the information of the person is given to a trusted third party, and the trusted third party carries out authentication and stores information of the person to be entrusted, and the method specifically comprises the following steps: user A selects random number a and calculates K ═ Ta(TS) modp, K denotes the secret key of user A and the trusted third party, which is then calculated
Figure DEST_PATH_GDA0001310698650000041
h1=h(IDTg_A||PWTg_A||IDTg_B||tA),A=Ta(r) modp, where IDTg_A,PWTg_ARespectively the identity and password of Tag A, tAIs a time stamp, IDTg_BIs the identity of Tag-B and then sends h1,tAN, M, A to a trusted third party;
after receiving the information, the trusted third party calculates K' ═ Ts(A) modp, K' represents the key of user a and the trusted third party,
Figure DEST_PATH_GDA0001310698650000042
ID'Tg_Arepresenting the anonymous identity of the Tag-a,
Figure DEST_PATH_GDA0001310698650000043
then according to ID'Tg_AFind out corresponding PW in databaseTg_AThen calculate h1'=h(ID'Tg_A||PWTg_A||ID'Tg_B||tA) If h is1' and h1Equal, then the trusted third party will be (ID'Tg_B||ID'Tg_A) Stored in a database.
Further, the authentication phase: Tag-B generates a random number xTgThen calculate
Figure DEST_PATH_GDA0001310698650000044
hTg=h(IDTg_B||PWTg_B||tTg||TTg) Wherein IDTg_B,PWTg_BIs the identity and password of the Tag-B, tTgIs the current timestamp of the tag, and the tag then sends MTg={hTg,tTg,TTg,ID'Tg_BReader A; receive MTgThereafter, Reader-A first checks the inequality (t)Rd-tTg) Whether t is equal to or less than △ t, tRdFor the current timestamp of the reader, if true, the reader will generate a random number xRdThen calculate
Figure DEST_PATH_GDA0001310698650000045
Then calculate hRd=h(IDRd_A||PWRd_A||tRd||TRd) Wherein IDRd_A,PWRd_AIs the identity and password of Reader-A, and then the Reader sends MRd={hRd,tRd,TRd,ID'Rd_A},MTgTo a trusted third party.
Further, when receiving MRd,MTgThereafter, the trusted third party first checks the inequality (t)S-tTg) △ t ≦ if the inequality holds, then the trusted third party calculates K ≦ if the inequality holds'TS=Ts(TTg)modp,K'RS=Ts(TRd)mod p,
Figure DEST_PATH_GDA0001310698650000046
Then according to ID ″)Tg_BFind the corresponding PW in its memory cellTg_BAnd calculating h'Tg=h(ID″Tg_B||PWTg_B||tTg||TTg). Then h 'is compared'Tg,hTgIf they are the same, the identity of the label is authenticated by the trusted third party, the identity of the reader is verified in the same way, if the identities of the label and the reader are both verified, the trusted third party verifies according to the ID ″Tg_BIn the stored tuple (ID)Tg,IDRd,PWTg) Finds the corresponding ID thereinRdIt is then compared with IDRd_AComparing, if equal, the trusted third party knows that the reader is the owner of the tag, where obviously unequal, and then the trusted third party knows the ID "by finding the identity pair stored in the delegation phaseTg_BIs IDTg_ACommitted, then according to ID ″)Tg_ATo the corresponding triplet (ID)Tg,IDRd,PWTg) Find its corresponding IDRdIs IDRd_AThe trusted third party then believes that the tag can be authenticated by the reader, which then calculates
Figure DEST_PATH_GDA0001310698650000051
Figure DEST_PATH_GDA0001310698650000052
Auth indicates that the tag is trusted, and a trusted third party sends MTs1,MTs2To Reader a.
Further, receiving MTs1,MTs2Then, Reader-A calculates
Figure DEST_PATH_GDA0001310698650000053
It is mixed with
Figure DEST_PATH_GDA0001310698650000054
In comparison, if equal, the reader knows that the tag was successfully authenticated by the trusted third party, and then it will authenticate MTs2Sending to the tag, the reader computing
Figure DEST_PATH_GDA0001310698650000055
As a session key with the tag; tag receipt MTs2Then, first calculate
Figure DEST_PATH_GDA0001310698650000056
It is mixed with
Figure DEST_PATH_GDA0001310698650000057
Comparing, if the two are equal, the tag knows that the authentication by the trusted third party is successful, and then the tag calculates
Figure DEST_PATH_GDA0001310698650000058
As a session key with the reader, after this operation is completed, the tag and the reader readMutual authentication of the readers is completed.
The invention has the following advantages and beneficial effects:
firstly, designing a non-entrusted RFID authentication protocol which is used for a general authentication scene without entrustment in the smart home, and is called as common authentication; on the basis, a delegation authentication protocol is provided for a transaction delegation scene. The scheme of the invention is based on Chebyshev chaotic mapping design, has the advantages that a user can remotely finish transaction entrustment, and the system does not need to bear the key management task of traditional public key password authentication due to the half-group characteristic of the chaotic mapping, thereby reducing the system overhead.
Drawings
FIG. 1 is a diagram of a scenario in which a preferred embodiment of the present invention is provided;
FIG. 2 is a diagram of the delegation phase of delegation authentication;
FIG. 3 is a diagram of the authentication phase of the delegation authentication.
Detailed Description
The technical solutions in the embodiments of the present invention will be described in detail and clearly with reference to the accompanying drawings. The described embodiments are only some of the embodiments of the present invention.
The technical scheme for solving the technical problems is as follows: as described with reference to figures 1-3,
(1) the method comprises the following steps of general authentication, wherein the authentication process corresponds to an authentication process which is carried out by a user according to a Tag of the user and a Reader of the user, and the specific steps are as follows:
A) the Tag-A generates a random number xTgThen calculate
Figure DEST_PATH_GDA0001310698650000061
Figure DEST_PATH_GDA0001310698650000062
hTg=h(IDTg_A||PWTg_A||tTg||TTg) Where r, TS ═ t (TS (r) modp), p is the public key of the trusted third party, s is the private key of the trusted third party, IDTgIs label TaName of g-A, PWTgIs the shared password of the Tag-A and the trusted third party, tTgIs a time stamp. The tag then sends MTg={hTg,tTg,TTg,ID'Tg_AGiving the reader.
B) Receive MTgThereafter, Reader-A first checks the inequality (t)Rd-tTg) Whether or not t is equal to △ t (t)RdIs the current timestamp of the reader), if true, the reader will generate a random number xRdThen calculate
Figure DEST_PATH_GDA0001310698650000063
hRd=h(IDRd_A||PWRd_A||tRd||TRd). Wherein the IDRd_AIs the identity of Reader-A, PWRd_AThe Reader-a and the trusted third party share the password. Next, the reader transmits MRd={hRd,tRd,TRd,ID'RD_A},MTgTo a trusted third party.
C) When receiving MRd,MTgThereafter, the trusted third party first checks the inequality (t)S-tTg)≤△t,(tS-tRd) If the inequality holds, then the trusted third party calculates K'TS=Ts(TTg)mod p,K'RS=Ts(TRd)mod p,
Figure DEST_PATH_GDA0001310698650000064
Then according to ID ″)Tg_AFind the corresponding PW in its memory cellTg_AAnd calculating h'Tg=h(ID″Tg_A||PWTg_A||tTg||TTg). Then h 'is compared'Tg,hTgIf they are the same, the identity of the tag is authenticated by the trusted third party. And the identity of the reader is verified in the same way. If the identities of the two are verified, the trusted third party verifies the ID ″, according to the IDTg_AIn the stored tuple (ID)Tg,IDRd,PWTg) Finds the corresponding ID thereinRdIt is then compared with IDRd_AAnd (6) comparing. If so, the trusted third party knows that the reader is the owner of the tag. Here, it is apparent that the same is true, and the trusted third party knows that the tag is a tag corresponding to the reader. Then trusted third party computing
Figure DEST_PATH_GDA0001310698650000065
Figure DEST_PATH_GDA0001310698650000066
(Own indicates that the reader is the owner of the tag). Trusted third party sending MTs1,MTs2To the reader.
D) Receive MTs1,MTs2Then, Reader-A calculates
Figure DEST_PATH_GDA0001310698650000067
It is mixed with
Figure DEST_PATH_GDA0001310698650000068
And (6) comparing. If the two are equal, the reader knows that the tag is successfully authenticated by the trusted third party. Then it sends MTs2And sending to the tag. Reader computing
Figure DEST_PATH_GDA00013106986500000713
As a session key with the ticket.
E) Tag receipt MTs2Then, first calculate
Figure DEST_PATH_GDA0001310698650000071
It is mixed with
Figure DEST_PATH_GDA0001310698650000072
And (6) comparing. If the two are equal, the tag knows that the authentication by the trusted third party is successful, and then the tag calculates
Figure DEST_PATH_GDA0001310698650000073
As a session key with the reader. After this operation is completed, the tagAnd the mutual authentication of the reader is completed.
(2) The delegation phase of delegation authentication (which begins with the default that user a has obtained user B's tag information). This stage is shown in fig. 2, and the specific steps are as follows:
A) user A selects random number a and calculates K ═ Ta(TS) mod p, then calculate
Figure DEST_PATH_GDA0001310698650000074
Figure DEST_PATH_GDA0001310698650000075
h1=h(IDTg_A||PWTg_A||IDTg_B||tA),A=Ta(r) modp, where IDTg_A,PWTg_AIs the identity and password of Tag A, tAIs a time stamp. IDTg_BIs the identity of Tag-B. Then sends h1,tAN, M, A to a trusted third party.
B) After receiving the information, the trusted third party calculates K' ═ Ts(A)modp,
Figure DEST_PATH_GDA0001310698650000076
Figure DEST_PATH_GDA0001310698650000077
Then according to ID'Tg_AFind out corresponding PW in databaseTg_AThen calculate h1'=h(ID'Tg_A||PWTg_A||ID'Tg_B||tA) If h is1' and h1Equal, then the trusted third party will be (ID'Tg_B||ID'Tg_A) Stored in a database.
(3) The authentication phase of the delegation authentication, as shown in fig. 3, includes the following steps:
A) Tag-B generates a random number xTgThen calculate
Figure DEST_PATH_GDA0001310698650000078
Figure DEST_PATH_GDA0001310698650000079
hTg=h(IDTg_B||PWTg_B||tTg||TTg) Wherein IDTg_B,PWTg_BIs the identity and password of the Tag-B, tTgIs the current timestamp of the tag. The tag then transmits
Figure DEST_PATH_GDA00013106986500000710
To Reader a.
B) Receive MTgThereafter, Reader-A first checks the inequality (t)Rd-tTg) Whether or not t is equal to △ t (t)RdIs the current timestamp of the reader), if true, the reader will generate a random number xRdThen calculate
Figure DEST_PATH_GDA00013106986500000711
Figure DEST_PATH_GDA00013106986500000712
He then calculates hRd=h(IDRd_A||PWRd_A||tRd||TRd). Wherein the IDRd_A,PWRd_AIs the identity and password of Reader-a. Next, the reader transmits MRd={hRd,tRd,TRd,ID'Rd_A},MTgTo a trusted third party.
C) When receiving MRd,MTgThereafter, the trusted third party first checks the inequality (t)S-tTg)≤△t,(tS-tRd) If the inequality holds, then the trusted third party calculates K'TS=Ts(TTg)modp,K'RS=Ts(TRd)mod p,
Figure DEST_PATH_GDA0001310698650000081
Then according to ID ″)Tg_BFind the corresponding PW in its memory cellTg_BAnd calculating h'Tg=h(ID″Tg_B||PWTg_B||tTg||TTg). Then h 'is compared'Tg,hTgIf they are the same, the identity of the tag is authenticated by the trusted third party. And the identity of the reader is verified in the same way. If the identities of the two are verified, the trusted third party verifies the ID ″, according to the IDTg_BIn the stored tuple (ID)Tg,IDRd,PWTg) Finds the corresponding ID thereinRdIt is then compared with IDRd_AAnd (6) comparing. If so, the trusted third party knows that the reader is the owner of the tag. Here, it is obviously not equal. The trusted third party then finds the identity pair stored in the delegation phase and knows the ID ″Tg_BIs IDTg_ACommitted, then according to ID ″)Tg_ATo the corresponding triplet (ID)Tg,IDRd,PWTg) Find its corresponding IDRdIs IDRd_AThe trusted third party then believes that the tag can be authenticated by the reader. Then trusted third party computing
Figure DEST_PATH_GDA0001310698650000082
Figure DEST_PATH_GDA0001310698650000083
(Auth indicates that the tag is delegated). Trusted third party sending MTs1,MTs2To Reader a.
D) Receive MTs1,MTs2Then, Reader-A calculates
Figure DEST_PATH_GDA0001310698650000084
It is mixed with
Figure DEST_PATH_GDA0001310698650000085
And (6) comparing. If the two are equal, the reader knows that the tag is successfully authenticated by the trusted third party. Then it sends MTs2And sending to the tag. Reader computing
Figure DEST_PATH_GDA0001310698650000089
As a session key with the ticket.
E) Tag receipt MTs2Then, first calculate
Figure DEST_PATH_GDA0001310698650000086
It is mixed with
Figure DEST_PATH_GDA0001310698650000087
And (6) comparing. If the two are equal, the tag knows that the authentication by the trusted third party is successful, and then the tag calculates
Figure DEST_PATH_GDA0001310698650000088
As a session key with the reader. After this operation is completed, the mutual authentication of the tag and the reader is completed.
The above examples are to be construed as merely illustrative and not limitative of the remainder of the disclosure. After reading the description of the invention, the skilled person can make various changes or modifications to the invention, and these equivalent changes and modifications also fall into the scope of the invention defined by the claims.

Claims (6)

1.一种面向智能家居的RFID委托认证方法,其特征在于,包括普通认证阶段和委托认证阶段;在普通认证阶段,第一用户通过生成一个随机数,进行哈希计算得到hTg,hTg用于可信第三方验证自身身份,TTg是利用随机出生成的混沌映射值,将包含有hTg、TTg的第一用户标签发送给第一阅读器,所述第一阅读器收到标签后进行阅读器的当前时间戳不等式的检验,如果成立,第一阅读器将生成一个随机数然后进行哈希计算得到hRd,hRd用于可信第三方验证自身身份,TRd是利用随机数生成的混沌映射值,将包含有hRd、TRd的第一阅读器标签和用户标签发送给可信第三方,可信第三方进行第一用户标签的身份验证和第一阅读器的身份验证,验证成功后返回给第一阅读器和第一用户生成两者之间的会话密钥;1. a kind of RFID entrusted authentication method oriented to smart home, it is characterized in that, comprise common authentication stage and entrusted authentication stage; In common authentication stage, the first user by generating a random number, carries out hash calculation and obtains h Tg , h Tg It is used for a trusted third party to verify its own identity. T Tg is a chaotic map value generated by random generation, and the first user tag containing h Tg and T Tg is sent to the first reader, and the first reader receives After the tag, the current timestamp inequality of the reader is checked. If it is true, the first reader will generate a random number and then perform hash calculation to obtain h Rd , h Rd is used for the trusted third party to verify its own identity, T Rd is used The chaotic map value generated by the random number sends the first reader tag and user tag containing h Rd and T Rd to a trusted third party, and the trusted third party performs the authentication of the first user tag and the identification of the first reader. Identity verification, after the verification is successful, it is returned to the first reader and the first user to generate a session key between the two; 在委托认证阶段,包括委托阶段和认证阶段,委托阶段包括:委托者通过生成包含有被委托者标签身份的信息给可信第三方,可信第三方进行认证和存储被委托者信息;在认证阶段,被委托者将包含自己的哈希值、身份在内的信息标签发送给第一阅读器进行检验,检验成功后第一阅读器生成第一阅读器标签发送给可信第三方,可信第三方进行第一阅读器、被委托者的身份验证,如果两者的身份都被验证通过,判断标签是否和之前委托阶段存储的身份ID相同,判断出是被委托者的身份,然后返回验证通过信息给第一阅读器和被委托者,并生成第一阅读器和被委托者之间的会话密钥,完成委托认证;In the entrusted authentication stage, including the entrustment stage and the authentication stage, the entrustment stage includes: the trustor generates information containing the identity of the delegator's label to the trusted third party, and the trusted third party authenticates and stores the information of the delegator; In the stage, the entrusted person sends the information tag including its own hash value and identity to the first reader for verification. After the verification is successful, the first reader generates the first reader tag and sends it to the trusted third party. The third party performs the identity verification of the first reader and the entrusted person. If the identities of both are verified, it is judged whether the tag is the same as the identity ID stored in the previous entrustment stage, and the identity of the entrusted person is judged, and then the verification is returned. By sending the information to the first reader and the delegatee, and generating a session key between the first reader and the delegatee, the delegated authentication is completed; 所述普通认证阶段,第一用户通过生成一个随机数,标签Tag-A生成一个随机数xTg然后计算
Figure FDA0002407569230000011
hTg=h(IDTg_A||PWTg_A||tTg||TTg),其中(r,TS=(Ts(r)modp),p)是可信第三方的公钥,s是可信第三方的私钥,IDTg_A是标签Tag-A的真实身份,PWTg是标签Tag-A与可信第三方的共享口令,tTg是时间戳,p表示一个大素数,KTS表示第一标签Tag-A和可信第三方的密钥,ID'Tg_A表示标签Tag-A的匿名身份,hTg用于可信第三方验证身份,然后标签发送MTg={hTg,tTg,TTg,ID'Tg_A}给阅读器;In the ordinary authentication stage, the first user generates a random number, and the tag Tag-A generates a random number x Tg and then calculates
Figure FDA0002407569230000011
h Tg = h(ID Tg_A ||PW Tg_A ||t Tg ||T Tg ), where (r,T S =(T s (r)modp),p) is the public key of the trusted third party, and s is the The private key of the trusted third party, ID Tg_A is the real identity of the tag Tag-A, PW Tg is the shared password between the tag Tag-A and the trusted third party, t Tg is the timestamp, p represents a large prime number, K TS represents The key of the first tag Tag-A and the trusted third party, ID' Tg_A represents the anonymous identity of the tag Tag-A, h Tg is used for the trusted third party to verify the identity, and then the tag sends M Tg = {h Tg , t Tg ,T Tg ,ID' Tg_A } to the reader; 所述普通认证阶段,所述第一阅读器收到标签后进行阅读器的当前时间戳不等式的检验具体为:第一阅读器Reader-A首先检验不等式(tRd-tTg)≤△t是否成立,tRd为阅读器的当前时间戳,如果成立,第一阅读器将生成一个随机数xRd然后计算
Figure FDA0002407569230000021
hRd=h(IDRd_A||PWRd_A||tRd||TRd),其中IDRd_A为阅读器Reader-A的真实身份,PWRd_A为阅读器Reader-A和可信第三方的共享口令,TRd是根据根据随机数生成的混沌映射值,接着,阅读器发送MRd={hRd,tRd,TRd,ID′RD_A},MTg给可信第三方;In the ordinary authentication stage, after the first reader receives the tag, the current time stamp inequality of the reader is checked as follows: the first reader Reader-A first checks whether the inequality (t Rd -t Tg )≤Δt is If established, t Rd is the current timestamp of the reader. If established, the first reader will generate a random number x Rd and then calculate
Figure FDA0002407569230000021
h Rd = h(ID Rd_A ||PW Rd_A ||t Rd ||T Rd ), where ID Rd_A is the real identity of the reader Reader-A, and PW Rd_A is the shared password between the reader Reader-A and the trusted third party , T Rd is the chaotic map value generated according to the random number, then, the reader sends M Rd = {h Rd , t Rd , T Rd , ID′ RD_A }, M Tg to the trusted third party; 所述普通认证阶段,当收到MRd,MTg之后,可信第三方首先检验不等式(tS-tTg)≤△t是否成立,如果不等式成立,那么可信第三方计算K'TS=Ts(TTg)modp,K'RS=Ts(TRd)modp,
Figure FDA0002407569230000022
ID”Tg_A表示标签Tag-A的匿名身份,ID'Rd_A表示阅读器Reader-A的匿名身份,K'TS表示可信第三方和标签Tag-A的密钥,K'RS表示表示可信第三方和阅读器Reader-A的密钥,然后根据ID”Tg_A到它的存储单元里找到对应的PWTg_A并计算h'Tg=h(ID”Tg_A||PWTg_A||tTg||TTg),接着比较h'Tg,hTg,如果它们相同,那么标签的身份就被可信第三方认证通过,同理验证阅读器的身份,如果两者的身份都被验证通过,可信第三方根据ID”Tg_A在存储的元组(IDTg,IDRd,PWTg)中找到对应的IDRd,将其与ID”Rd_A比较,如果相等,那么可信第三方就认定该阅读器是该标签的拥有者,在这里,显然相等,于是可信第三方知道该标签是对应于该阅读器的标签,然后可信第三方计算
Figure FDA0002407569230000023
Own表示该阅读器是标签的拥有者,
Figure FDA0002407569230000025
用于阅读器Reader-A验证可信第三方身份,
Figure FDA0002407569230000024
用于标签Tag-A验证可信第三方身份,MTs1是给阅读器Reader-A的消息组合,MTs2是给标签Tag-A的消息组合,可信第三方发送MTs1,MTs2给第一阅读器。In the ordinary authentication stage, after receiving M Rd , M Tg , the trusted third party first checks whether the inequality (tS-tT g )≤Δt holds, and if the inequality holds, then the trusted third party calculates K' TS =T s (T Tg )modp, K' RS =T s (T Rd )modp,
Figure FDA0002407569230000022
ID" Tg_A represents the anonymous identity of the tag Tag-A, ID' Rd_A represents the anonymous identity of the reader Reader-A, K' TS represents the key of the trusted third party and the tag Tag-A, K' RS represents the trusted third party The key of the third party and the reader Reader-A, and then find the corresponding PWT g_A in its storage unit according to the ID" Tg_A and calculate h' Tg = h(ID" Tg_A ||PW Tg_A ||t Tg ||T Tg ), then compare h' Tg , h Tg , if they are the same, then the identity of the tag is authenticated by a trusted third party, and the identity of the reader is verified in the same way, if both identities are verified, the trusted third party According to ID" Tg_A , find the corresponding ID Rd in the stored tuple (ID Tg , ID Rd , PW Tg ), compare it with ID" Rd_A , if they are equal, then the trusted third party considers that the reader is the tag The owner of , here, is obviously equal, so the trusted third party knows that the tag is the tag corresponding to the reader, and then the trusted third party calculates
Figure FDA0002407569230000023
Own means that the reader is the owner of the tag,
Figure FDA0002407569230000025
Used for the reader Reader-A to verify the identity of the trusted third party,
Figure FDA0002407569230000024
It is used for tag Tag-A to verify the identity of the trusted third party, M Ts1 is the message combination for Reader-A, M Ts2 is the message combination for tag Tag-A, and the trusted third party sends M Ts1 and M Ts2 to the first a reader. 2.根据权利要求1所述的面向智能家居的RFID委托认证方法,其特征在于,第一阅读器Reader-A收到MTs1,MTs2之后,计算
Figure FDA0002407569230000031
将其与
Figure FDA0002407569230000032
比较,如果相等,阅读器知道标签被可信第三方认证成功,接着它把MTs2发送给标签,阅读器计算
Figure FDA0002407569230000033
作为和第一用户标签的会话密钥;标签收到MTs2之后,首先计算
Figure FDA0002407569230000034
将其与
Figure FDA0002407569230000035
比较,如果两者相等,那么标签就知道被可信第三方认证成功,接着标签计算
Figure FDA0002407569230000036
作为和阅读器的会话密钥,这个操作完成之后,标签和阅读器的相互认证就完成了。2. RFID entrusted authentication method for smart home according to claim 1, is characterized in that, after the first reader Reader-A receives M Ts1 , M Ts2 , calculates
Figure FDA0002407569230000031
combine it with
Figure FDA0002407569230000032
Compare, if equal, the reader knows that the tag is successfully authenticated by a trusted third party, then it sends M Ts2 to the tag, and the reader calculates
Figure FDA0002407569230000033
As the session key with the first user tag; after the tag receives M Ts2 , it first calculates
Figure FDA0002407569230000034
combine it with
Figure FDA0002407569230000035
Compare, if the two are equal, then the tag knows that it has been successfully authenticated by a trusted third party, and then the tag calculates
Figure FDA0002407569230000036
As the session key with the reader, after this operation is completed, the mutual authentication between the tag and the reader is completed. 3.根据权利要求1-2之一所述的面向智能家居的RFID委托认证方法,其特征在于,所述委托阶段:委托者通过生成包含有被委托者信息的标签给可信第三方,可信第三方进行认证和存储被委托者信息,具体包括:用户A选取随机数a,计算K=Ta(TS)modp,K表示用户A和可信第三方的密钥,然后计算
Figure FDA0002407569230000037
h1=h(IDTg_A||PWTg_A||IDTg_B||tA),A=Ta(r)modp,其中IDTg_A,PWTg_A分别是Tag A的身份和口令,tA为时间戳,IDTg_B为Tag-B的身份,然后发送h1,tA,N,M,A给可信第三方;可信第三方收到信息之后,计算K'=Ts(A)modp,K'表示用户A和可信第三方的密钥,
Figure FDA0002407569230000038
ID'Tg_A表示标签Tag-A的匿名身份,
Figure FDA0002407569230000039
然后根据ID'Tg_A到数据库中找到对应的PWTg_A,然后计算h1'=h(ID'Tg_A||PWTg_A||ID'Tg_B||tA),如果h1'与h1相等,那么可信第三方将(ID'Tg_B||ID'Tg_A)存储在数据库中。3. The smart home-oriented RFID entrusted authentication method according to one of claims 1-2, characterized in that, in the entrusting stage: the entrusting party generates a label containing the information of the entrusted party to a trusted third party, and can The trusted third party authenticates and stores the information of the trustee, specifically including: user A selects a random number a, calculates K=T a (T S )modp, K represents the key of user A and the trusted third party, and then calculates
Figure FDA0002407569230000037
h 1 =h(ID Tg_A ||PW Tg_A ||ID Tg_B ||t A ), A=T a (r)modp, where ID Tg_A and PW Tg_A are the identity and password of Tag A respectively, and t A is the timestamp , ID Tg_B is the identity of Tag-B, and then send h 1 , t A , N, M, A to the trusted third party; after the trusted third party receives the information, calculate K'=T s (A) modp, K ' denotes the secret key of user A and a trusted third party,
Figure FDA0002407569230000038
ID' Tg_A represents the anonymous identity of Tag-A,
Figure FDA0002407569230000039
Then find the corresponding PW Tg_A in the database according to ID' Tg_A , and then calculate h 1 '=h(ID' Tg_A ||PW Tg_A ||ID' Tg_B ||t A ), if h 1 ' is equal to h 1 , then The trusted third party stores (ID' Tg_B ||ID' Tg_A ) in the database. 4.根据权利要求3所述的面向智能家居的RFID委托认证方法,其特征在于,所述认证阶段:Tag-B生成一个随机数xTg,然后计算
Figure FDA00024075692300000310
hTg=h(IDTg_B||PWTg_B||tTg||TTg),其中IDTg_B,PWTg_B是标签Tag-B的身份和口令,tTg是标签的当前时间戳,然后标签发送MTg={hTg,tTg,TTg,ID'Tg_B}给阅读器Reader A;收到MTg之后,Reader-A首先检验不等式(tRd-tTg)≤△t是否成立,tRd为阅读器的当前时间戳,如果成立,阅读器将生成一个随机数xRd然后计算
Figure FDA00024075692300000311
然后计算hRd=h(IDRd_A||PWRd_A||tRd||TRd),其中IDRd_A,PWRd_A是阅读器Reader-A的身份和口令,接着,阅读器发送MRd={hRd,tRd,TRd,ID'Rd_A},MTg给可信第三方。4. The smart home-oriented RFID entrusted authentication method according to claim 3, characterized in that, in the authentication stage: Tag-B generates a random number x Tg , and then calculates
Figure FDA00024075692300000310
h Tg = h(ID Tg_B ||PW Tg_B ||t Tg ||T Tg ), where ID Tg_B , PW Tg_B are the identity and password of the tag Tag-B, t Tg is the current timestamp of the tag, and then the tag sends M Tg = {h Tg , t Tg , T Tg , ID' Tg_B } to the reader Reader A; after receiving M Tg , Reader-A first checks whether the inequality (t Rd -t Tg )≤△t holds, t Rd is The current timestamp of the reader, if true, the reader will generate a random number x Rd and then calculate
Figure FDA00024075692300000311
Then calculate h Rd = h(ID Rd_A ||PW Rd_A ||t Rd ||T Rd ), where ID Rd_A , PW Rd_A are the identity and password of the reader Reader-A, then the reader sends M Rd = {h Rd ,t Rd ,T Rd ,ID' Rd_A },M Tg to the trusted third party. 5.根据权利要求4所述的面向智能家居的RFID委托认证方法,其特征在于,当收到MRd,MTg之后,可信第三方首先检验不等式(tS-tTg)≤△t是否成立,如果不等式成立,那么可信第三方计算K'TS=Ts(TTg)modp,K'RS=Ts(TRd)modp,
Figure FDA0002407569230000041
然后根据ID”Tg_B到它的存储单元里找到对应的PWTg_B并计算h'Tg=h(ID”Tg_B||PWTg_B||tTg||TTg), 接着比较h'Tg,hTg,如果他们相同,那么标签的身份就被可信第三方认证通过,同理验证阅读器的身份,如果两者的身份都被验证通过,可信第三方根据ID”Tg_B在存储的元组(IDTg,IDRd,PWTg)中找到对应的IDRd,将其与ID”Rd_A比较,如果相等,那么可信第三方就知道该阅读器是该标签的拥有者,在这里,显然不相等,然后可信第三方找到委托阶段存储的身份对,就知道了ID”Tg_B是ID”Tg_A委托了的,然后根据ID”Tg_A到对应的三元组(IDTg,IDRd,PWTg)找到其对应的IDRd就是ID”Rd_A,于是可信第三方相信该标签可以通过该阅读器的认证,然后可信第三方计算
Figure FDA0002407569230000042
Figure FDA0002407569230000043
Auth表示该标签是被委托了的,可信第三方发送MTs1,MTs2给阅读器Reader A。5. RFID entrusted authentication method oriented to smart home according to claim 4, is characterized in that, after receiving M Rd , M Tg , trusted third party first checks whether inequality (t S -t Tg )≤△t is established, if the inequality is established, then the trusted third party calculates K' TS =T s (T Tg )modp, K' RS =T s (T Rd )modp,
Figure FDA0002407569230000041
Then find the corresponding PW Tg_B in its storage unit according to ID" Tg_B and calculate h' Tg = h(ID" Tg_B || PW Tg_B ||t Tg ||T Tg ), then compare h' Tg , h Tg , If they are the same, then the identity of the tag is authenticated by the trusted third party, and the identity of the reader is verified in the same way. If the identities of both are verified, the trusted third party will store the tuple (ID) according to the ID" Tg_B Find the corresponding ID Rd in Tg , ID Rd , PW Tg ), compare it with ID" Rd_A , if it is equal, then the trusted third party knows that the reader is the owner of the tag, here, it is obviously not equal, Then the trusted third party finds the identity pair stored in the delegation stage, and knows that ID” Tg_B is delegated by ID” Tg_A , and then finds the corresponding triplet (ID Tg , ID Rd , PW Tg ) according to ID” Tg_A . The corresponding ID Rd is ID” Rd_A , so the trusted third party believes that the tag can pass the authentication of the reader, and then the trusted third party calculates
Figure FDA0002407569230000042
Figure FDA0002407569230000043
Auth indicates that the tag is entrusted, and the trusted third party sends M Ts1 and M Ts2 to Reader A. 6.根据权利要求5所述的面向智能家居的RFID委托认证方法,其特征在于,收到MTs1,MTs2之后,Reader-A计算
Figure FDA0002407569230000044
将其与
Figure FDA0002407569230000045
比较,如果相等,阅读器知道标签被可信第三方认证成功,接着它把MTs2发送给标签,阅读器计算
Figure FDA0002407569230000046
作为和标签的会话密钥;标签收到MTs2之后,首先计算
Figure FDA0002407569230000047
将其与
Figure FDA0002407569230000048
比较,如果两者相等,那么标签就知道被可信第三方认证成功,接着标签计算
Figure FDA0002407569230000049
作为和阅读器的会话密钥,这个操作完成之后,标签和阅读器的相互认证就完成了。6. smart home-oriented RFID entrusted authentication method according to claim 5, is characterized in that, after receiving M Ts1 , M Ts2 , Reader-A calculates
Figure FDA0002407569230000044
combine it with
Figure FDA0002407569230000045
Compare, if equal, the reader knows that the tag is successfully authenticated by a trusted third party, then it sends M Ts2 to the tag, and the reader calculates
Figure FDA0002407569230000046
As the session key with the tag; after the tag receives M Ts2 , it first calculates
Figure FDA0002407569230000047
combine it with
Figure FDA0002407569230000048
Compare, if the two are equal, then the tag knows that it has been successfully authenticated by a trusted third party, and then the tag calculates
Figure FDA0002407569230000049
As the session key with the reader, after this operation is completed, the mutual authentication between the tag and the reader is completed.
CN201710203811.5A 2017-03-30 2017-03-30 RFID entrusted authentication method for smart home Active CN107423647B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201710203811.5A CN107423647B (en) 2017-03-30 2017-03-30 RFID entrusted authentication method for smart home

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710203811.5A CN107423647B (en) 2017-03-30 2017-03-30 RFID entrusted authentication method for smart home

Publications (2)

Publication Number Publication Date
CN107423647A CN107423647A (en) 2017-12-01
CN107423647B true CN107423647B (en) 2020-04-28

Family

ID=60423409

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710203811.5A Active CN107423647B (en) 2017-03-30 2017-03-30 RFID entrusted authentication method for smart home

Country Status (1)

Country Link
CN (1) CN107423647B (en)

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109347813B (en) * 2018-09-27 2021-09-03 广州邦讯信息系统有限公司 Internet of things equipment login method and system, computer equipment and storage medium
CN109474610B (en) * 2018-12-07 2020-12-22 西南石油大学 An anonymous and authenticated key exchange method based on smart grid
CN109829288B (en) * 2019-01-10 2020-12-22 北京大学 Multi-factor identity authentication method based on chaotic mapping
CN110944301A (en) * 2019-12-02 2020-03-31 重庆瑞坤科技发展股份有限公司 Intelligent cell equipment monitoring system based on block chain and key management method

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1646966A2 (en) * 2003-07-17 2006-04-19 Digimarc Corporation Uniquely linking security elements in identification documents
CN103413109A (en) * 2013-08-13 2013-11-27 江西理工大学 Bidirectional authentication method of radio frequency identification system
CN104333539A (en) * 2014-10-22 2015-02-04 浙江中烟工业有限责任公司 RFID security authentication method based on Chebyshev mapping
CN105141425A (en) * 2015-08-14 2015-12-09 重庆邮电大学 Bidirectional authentication method capable of protecting identity based on chaotic mapping

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1646966A2 (en) * 2003-07-17 2006-04-19 Digimarc Corporation Uniquely linking security elements in identification documents
CN103413109A (en) * 2013-08-13 2013-11-27 江西理工大学 Bidirectional authentication method of radio frequency identification system
CN104333539A (en) * 2014-10-22 2015-02-04 浙江中烟工业有限责任公司 RFID security authentication method based on Chebyshev mapping
CN105141425A (en) * 2015-08-14 2015-12-09 重庆邮电大学 Bidirectional authentication method capable of protecting identity based on chaotic mapping

Also Published As

Publication number Publication date
CN107423647A (en) 2017-12-01

Similar Documents

Publication Publication Date Title
US11496310B2 (en) Methods and systems for universal storage and access to user-owned credentials for trans-institutional digital authentication
US10367817B2 (en) Systems and methods for challengeless coauthentication
JP3595109B2 (en) Authentication device, terminal device, authentication method in those devices, and storage medium
CN106657124B (en) Anonymous authentication and key agreement optimization authentication method and optimization authentication analysis method based on pseudonym for Internet of things
US11063941B2 (en) Authentication system, authentication method, and program
EP1927211B1 (en) Authentication method and apparatus utilizing proof-of-authentication module
CN107423647B (en) RFID entrusted authentication method for smart home
CN105871553A (en) Identity-free three-factor remote user authentication method
BR112014023361A2 (en) method for generating a public identity to authenticate an individual carrying an identification object, electronic device, and, system for authenticating an identification object holder
US12395343B2 (en) Signature-free optimized post-quantum authentication scheme, methods and devices
JP2001249901A (en) Authentication device, method therefor and storage medium
CN109375882A (en) It is a kind of based on without mark biological identification safe printing method and system
Mir et al. DAMFA: Decentralized anonymous multi-factor authentication
CN109166216A (en) A kind of control method and device of smart bluetooth door lock
Saleem et al. A cost-efficient anonymous authenticated and key agreement scheme for V2I-based vehicular ad-hoc networks
CN116112242B (en) Unified safety authentication method and system for power regulation and control system
Li et al. A lightweight and secure three-factor access authentication scheme in metaverse
Chang et al. Novel untraceable authenticated key agreement protocol suitable for mobile communication
CN113545004A (en) Authentication system with reduced attack surface
Banerjee et al. A perfect dynamic-id and biometric based remote user authentication scheme under multi-server environments using smart cards
Saraswat et al. PHBio: a pallier homomorphic biometric encryption scheme in healthcare 4.0 ecosystems
PRIYA et al. TRUSTED HYBRID MULTIFACTOR AUTHENTICATION FOR CLOUD USERS.
Soni et al. PAKE PROTOCOL WITH OTSP AND IMAGE BASED PASSWORD AUTHENTICATION.
Tsague et al. DS-NIZKP: a ZKP-based strong authentication using digital signature for distributed systems
Mutaher et al. Entity Authentication

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant