In recent years, RFID technology and its application are growing rapidly all over the world. The concept of “Internet of things” is regarded as one of the most promising important industries and application technologies in this century. The huge application scale and market prospect of RFID are concerned by all information technology countries. Many countries regard it as an important industrial strategy and national strategy to develop. At present, RFID technology has been widely used in logistics storage, manufacturing, library management, drug production, patient care, environmental awareness and check anti-counterfeiting. However, due to the high cost, some security risks and other reasons, it is difficult to apply to the key tasks, which hinders the application and promotion of RFID system. Therefore, it is necessary to study the security processing strategy of RFID system, and improve the overall security of RFID system through effective security authentication and access mechanism.
Security risks and attacks in RFID system
In RFID system, potential security risks and attacks are as follows:
Illegal reading: the attacker communicates with the tag with an unauthorized reader, causing the information in the tag to be leaked, modified and deleted;
Eavesdropping: receiving the communication between the tag and the reader, resulting in information leakage;
Non forward security: according to the output of the tag intercepted in a communication, the attacker can calculate the information sent by the previous tag;
Location tracking: by analyzing the fixed messages sent by RFID tags, the location of tags is determined and tracked;
Camouflage: put the real tag information intercepted into the fake tag, disguise as a legal tag, in order to pass the reader’s authentication;
Replay: when the reader sends the authentication information, the attacker intercepts the response information from the tag. When the reader makes the next authentication request, the intercepted tag information is sent to the reader, so as to achieve the purpose of continuing the following operation;
Clone: when the RFID related standard is established, the attacker can make the tag circuit according to the information in the standard, so that the reader can not judge the authenticity;
Denial of service (DOS) attack: artificial signal interference, so that legitimate devices can not operate the tag data normally;
Forgery: the attacker forges information to transmit on the network; Illegal modification and access of database, unauthorized change, deletion, replacement and access of data in back-end database.
2. The method of realizing RFID Security mechanism
At present, the methods to realize RFID Security mechanism can be roughly divided into three types: Based on physical security mechanism, based on cryptography technology and tag authentication mechanism.
1) Physical security mechanism is the use of physical methods to protect the security of the label. Commonly used are kill tag mechanism, Faraday net cover (electrostatic shielding method), active interference and stop tag method. The use of these physical security mechanisms increases the number of additional physical devices and has many limitations. Epcgen2 RFID tags now support pseudo-random number generator (PRNG) and cyclic redundancy code (CRC) verification, but do not provide hash function 3] although an authentication protocol conforming to epcgen2 standard is proposed, the authentication message sent by the tag to the reader does not contain the random value of the reader, which is vulnerable to message replay attack. Moreover, the attacker can send a session end message to the reader through the eavesdropping message, which makes the reader data and the corresponding tag data out of sync.
2) Security mechanisms based on cryptography are generally divided into two types: static ID mechanism and dynamic ID refresh mechanism. In many security policies based on cryptography, the design of RFID Security Protocol Based on hash function is more practical, because hash function is very suitable for RFID authentication protocol, whether from the security requirements or from the implementation of low-cost RFID tags. At present, many RFID security protocols have been proposed, such as hash lock protocol, randomized hash lock protocol, hash chain protocol and hash based ID change protocol. However, these protocols can not resist retransmission and impersonation attacks, and have potential security risks of database synchronization; In reference , a low-cost hash chain mechanism is proposed, which updates the secret information of the tag and provides forward security. Its purpose is to ensure its privacy, but it can not avoid replay attack; Reference  relies on one-way hash function to prevent tag tracking attack. In this solution, through a tag response, the stored value is updated after successful verification, but it does not provide anti tracking and forward security mechanism; The ID change protocol based on hash can make the ID exchange information different in each conversation, which can resist the retransmission attack. However, the tag can only update its information after receiving the message and passing the verification, so this protocol is not suitable for the computing environment of distributed database, The protocol also has potential security risks of database synchronization; Reference  proposes to use pseudo-random number to protect the confidentiality of information without any hash function. This method can resist cloning and eavesdropping. However, the label required by this protocol requires additional storage and communication overhead, which limits its applicability.
3) Label based authentication method – this method can effectively improve the security intensity. David’s digital library RFID protocol, distributed RFID challenge response protocol, LCAP protocol and re encryption mechanism all belong to this authentication method. The first two methods are effective in defense of eavesdropping, deception and location tracking, but both of them need the support of certain tag circuit, and can not resist the denial of service attack; In reference , ya-yrap protocol is proposed, which uses time stamp to reduce the complexity, but makes the tag more vulnerable to denial of service attack; Document  proposes low-cost HB protocol and Hb + protocol. In Hb protocol, the attacker can only attack passively. In Hb + protocol, the attacker can attack passively as well as actively, but the active attack in Hb + protocol is not very secure; The security protocol of reference  adopts hash technology, which uses the ID of the tag as the shared secret. After the mutual authentication between the tag and the reader, the tag can change the corresponding counter data and output data. The problem of this protocol is that the update of the database and the tag is not synchronous, and it is also vulnerable to denial of service attack.
To sum up, there are still some problems in the previous schemes, such as preventing the tampering of tag data, ensuring its integrity, identifying cloned tags, preventing counterfeiting attacks, denial of service attacks and data synchronization. To solve the security risks in RFID system, we can base on the authentication of the subject and object in RFID system, and analyze the security of the authentication protocol. We are committed to find out the security defects of these protocols, and put forward a new solution.
Editor in charge: CT