{"title":"大数据背景下针对穷举攻击的改进型 RFID 相互验证协议","authors":"Kongze Li","doi":"10.1186/s13635-024-00151-w","DOIUrl":null,"url":null,"abstract":"The development of big data has epromoted the development of Internet technology, but it has brought more network security and privacy problems. Therefore, how to solve network security problems is the main research direction of current network technology development. In order to deal with the harm of network attacks to personal privacy security, this paper studies and proposes an RFID mutual authentication protocol against exhaustive attacks based on improved Hash function, and proposes a security proof based on BAN logic rules. At the same time, to enhance the computing resources of the improved protocol, this paper proposes an improved authentication query protocol for multi-source RFID tags. In the performance analysis, when the distance between the reader and the tag reaches 10 m, the improved protocol can still be higher than 90%. The application test shows that the improved protocol proposed in the study is capable of resisting exhaustive attacks, its execution time is short, and it is less affected by the number of tags. The above results show that in the context of big data, the improved RFID mutual authentication protocol proposed by the research against network exhaustive attacks has a more significant defense effect, can effectively protect user privacy, and has a greater reference value in network security research.","PeriodicalId":46070,"journal":{"name":"EURASIP Journal on Information Security","volume":"34 1","pages":""},"PeriodicalIF":2.5000,"publicationDate":"2024-01-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Improved RFID mutual authentication protocol against exhaustive attack in the context of big data\",\"authors\":\"Kongze Li\",\"doi\":\"10.1186/s13635-024-00151-w\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The development of big data has epromoted the development of Internet technology, but it has brought more network security and privacy problems. Therefore, how to solve network security problems is the main research direction of current network technology development. In order to deal with the harm of network attacks to personal privacy security, this paper studies and proposes an RFID mutual authentication protocol against exhaustive attacks based on improved Hash function, and proposes a security proof based on BAN logic rules. At the same time, to enhance the computing resources of the improved protocol, this paper proposes an improved authentication query protocol for multi-source RFID tags. In the performance analysis, when the distance between the reader and the tag reaches 10 m, the improved protocol can still be higher than 90%. The application test shows that the improved protocol proposed in the study is capable of resisting exhaustive attacks, its execution time is short, and it is less affected by the number of tags. The above results show that in the context of big data, the improved RFID mutual authentication protocol proposed by the research against network exhaustive attacks has a more significant defense effect, can effectively protect user privacy, and has a greater reference value in network security research.\",\"PeriodicalId\":46070,\"journal\":{\"name\":\"EURASIP Journal on Information Security\",\"volume\":\"34 1\",\"pages\":\"\"},\"PeriodicalIF\":2.5000,\"publicationDate\":\"2024-01-31\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"EURASIP Journal on Information Security\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1186/s13635-024-00151-w\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q2\",\"JCRName\":\"COMPUTER SCIENCE, INFORMATION SYSTEMS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"EURASIP Journal on Information Security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1186/s13635-024-00151-w","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q2","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
引用次数: 0
摘要
大数据的发展推动了互联网技术的发展,但也带来了更多的网络安全和隐私问题。因此,如何解决网络安全问题是当前网络技术发展的主要研究方向。针对网络攻击对个人隐私安全的危害,本文研究并提出了一种基于改进哈希函数的 RFID 互认证协议,并提出了基于 BAN 逻辑规则的安全证明。同时,为了提高改进协议的计算资源,本文提出了一种针对多源 RFID 标签的改进认证查询协议。在性能分析中,当读写器与标签之间的距离达到 10 m 时,改进协议的识别率仍能高于 90%。应用测试表明,本研究提出的改进协议能够抵御穷举攻击,执行时间短,受标签数量的影响较小。以上结果表明,在大数据背景下,研究提出的针对网络穷举攻击的改进RFID相互认证协议具有较为显著的防御效果,能有效保护用户隐私,在网络安全研究中具有较大的参考价值。
Improved RFID mutual authentication protocol against exhaustive attack in the context of big data
The development of big data has epromoted the development of Internet technology, but it has brought more network security and privacy problems. Therefore, how to solve network security problems is the main research direction of current network technology development. In order to deal with the harm of network attacks to personal privacy security, this paper studies and proposes an RFID mutual authentication protocol against exhaustive attacks based on improved Hash function, and proposes a security proof based on BAN logic rules. At the same time, to enhance the computing resources of the improved protocol, this paper proposes an improved authentication query protocol for multi-source RFID tags. In the performance analysis, when the distance between the reader and the tag reaches 10 m, the improved protocol can still be higher than 90%. The application test shows that the improved protocol proposed in the study is capable of resisting exhaustive attacks, its execution time is short, and it is less affected by the number of tags. The above results show that in the context of big data, the improved RFID mutual authentication protocol proposed by the research against network exhaustive attacks has a more significant defense effect, can effectively protect user privacy, and has a greater reference value in network security research.
期刊介绍:
The overall goal of the EURASIP Journal on Information Security, sponsored by the European Association for Signal Processing (EURASIP), is to bring together researchers and practitioners dealing with the general field of information security, with a particular emphasis on the use of signal processing tools in adversarial environments. As such, it addresses all works whereby security is achieved through a combination of techniques from cryptography, computer security, machine learning and multimedia signal processing. Application domains lie, for example, in secure storage, retrieval and tracking of multimedia data, secure outsourcing of computations, forgery detection of multimedia data, or secure use of biometrics. The journal also welcomes survey papers that give the reader a gentle introduction to one of the topics covered as well as papers that report large-scale experimental evaluations of existing techniques. Pure cryptographic papers are outside the scope of the journal. Topics relevant to the journal include, but are not limited to: • Multimedia security primitives (such digital watermarking, perceptual hashing, multimedia authentictaion) • Steganography and Steganalysis • Fingerprinting and traitor tracing • Joint signal processing and encryption, signal processing in the encrypted domain, applied cryptography • Biometrics (fusion, multimodal biometrics, protocols, security issues) • Digital forensics • Multimedia signal processing approaches tailored towards adversarial environments • Machine learning in adversarial environments • Digital Rights Management • Network security (such as physical layer security, intrusion detection) • Hardware security, Physical Unclonable Functions • Privacy-Enhancing Technologies for multimedia data • Private data analysis, security in outsourced computations, cloud privacy