本文關(guān)鍵詞：RFID認(rèn)證系統(tǒng)的匿名隱私模型和技術(shù)研究　出處：《廣西師范大學(xué)》2015年碩士論文　論文類型：學(xué)位論文

  更多相關(guān)文章： RFID 隱私保護(hù) k匿名

【摘要】：RFID技術(shù)是新型無(wú)線感知技術(shù),其利用無(wú)線電波對(duì)目標(biāo)進(jìn)行自動(dòng)識(shí)別,具有識(shí)別速度快、環(huán)境適應(yīng)性好、可復(fù)用等優(yōu)點(diǎn),主要應(yīng)用在識(shí)別和認(rèn)證領(lǐng)域,如智慧交通、身份識(shí)別、物流管理等。由于閱讀器與標(biāo)簽之間無(wú)線通信信道的暴露性、交互協(xié)議的自身缺陷以及各組件內(nèi)部的安全風(fēng)險(xiǎn)等因素,導(dǎo)致攻擊者可以對(duì)閱讀器和標(biāo)簽之間的通信進(jìn)行竊聽(tīng)、重放,也可以對(duì)標(biāo)簽進(jìn)行追蹤。因此在RFID應(yīng)用中,存在安全和隱私問(wèn)題。隨著系統(tǒng)規(guī)模的擴(kuò)大,標(biāo)簽的數(shù)量越來(lái)越多,由此引發(fā)了以下問(wèn)題。一方面,標(biāo)簽的龐大數(shù)量迫使制造商不斷壓低標(biāo)簽的生產(chǎn)成本,導(dǎo)致標(biāo)簽的計(jì)算能力和存儲(chǔ)資源不足,因此標(biāo)簽只能執(zhí)行一些簡(jiǎn)單的操作,如異或、生成偽隨機(jī)數(shù)、Hash運(yùn)算等,而不能支持復(fù)雜的加密技術(shù)；另一方面,應(yīng)用系統(tǒng)要求閱讀器能快速的完成對(duì)標(biāo)簽的識(shí)別和認(rèn)證,減少時(shí)延,保證較高的認(rèn)證效率。顯然在資源受限的條件下,如何實(shí)現(xiàn)隱私保護(hù)強(qiáng)度和認(rèn)證效率之間的平衡,成為關(guān)鍵問(wèn)題。為了解決上述問(wèn)題,已經(jīng)提出了很多隱私模型和輕量級(jí)認(rèn)證協(xié)議。如Sarma等人提出的Hash-Lock協(xié)議,Weis提出的樹形結(jié)構(gòu)協(xié)議,Li Lu等人提出的刷新隱私模型等。但是,這些協(xié)議都在安全性或者認(rèn)證效率方面存在一些問(wèn)題。如Hash-Lock協(xié)議存在信息泄露的風(fēng)險(xiǎn),并且其認(rèn)證效率較低；樹形結(jié)構(gòu)協(xié)議對(duì)存儲(chǔ)資源需求高,且容易遭受關(guān)聯(lián)性攻擊；刷新隱私模型容易遭受追蹤攻擊,導(dǎo)致標(biāo)簽的位置隱私泄露。本文主要研究如何在低成本的前提下解決RFID系統(tǒng)中的安全和隱私問(wèn)題。通過(guò)對(duì)系統(tǒng)各組件的深入分析,了解其特點(diǎn)和面臨的威脅；研究和分析當(dāng)前的隱私模型和交互協(xié)議,針對(duì)其中的缺陷,給出優(yōu)化和解決方案；面對(duì)新型攻擊方式,提出新的隱私保護(hù)模型,同時(shí)給出可用的認(rèn)證協(xié)議,更加注重隱私保護(hù)強(qiáng)度和認(rèn)證效率之間的平衡。本文的研究成果包括以下方面：(1)結(jié)合RFID認(rèn)證系統(tǒng)隱私保護(hù)的需求,對(duì)RFID認(rèn)證系統(tǒng)中的隱私威脅進(jìn)行分類：分析RFID認(rèn)證系統(tǒng)的隱私模型中存在的問(wèn)題,并給出解決方案。其中強(qiáng)隱私模型要求標(biāo)簽的輸出信息具有嚴(yán)格的隨機(jī)性和不可預(yù)測(cè)性,導(dǎo)致系統(tǒng)的認(rèn)證效率大大降低。而刷新隱私模型是一種弱隱私模型,其主要基于刷新機(jī)制。之所以稱之為弱模型,是因?yàn)槠鋵?duì)標(biāo)簽輸出信息的隨機(jī)性與不可預(yù)測(cè)性沒(méi)有嚴(yán)格的要求。刷新隱私模型允許標(biāo)簽輸出信息中包含一個(gè)不變的臨時(shí)信息,并且利用此信息提高認(rèn)證效率。但是攻擊者通過(guò)竊聽(tīng)截獲此信息,并且將此信息與標(biāo)簽進(jìn)行綁定,可以對(duì)標(biāo)簽進(jìn)行追蹤,即標(biāo)簽攜帶者的位置信息將被泄露。雖然,攻擊者并不知道標(biāo)簽的密鑰信息,但是這依然嚴(yán)重威脅到用戶的個(gè)人隱私安全。(2)提出了基于k-匿名的匿名隱私保護(hù)模型。k-匿名是數(shù)據(jù)發(fā)布時(shí)用于隱私保護(hù)的經(jīng)典方法,其通過(guò)在數(shù)據(jù)中構(gòu)造k條相似的記錄,使得攻擊者無(wú)法區(qū)分這k條記錄。具體來(lái)說(shuō),k-匿名的方法是通過(guò)概念層次泛化,對(duì)數(shù)據(jù)的某一屬性值進(jìn)行泛化處理,保證每個(gè)屬性值都至少對(duì)應(yīng)k條記錄。即使攻擊者通過(guò)其他途徑獲得某一個(gè)屬性值,也無(wú)法區(qū)分這k條記錄,更無(wú)法定位到具體的某一條記錄,因此用戶的隱私得以保護(hù)。在新的隱私模型中,利用k-匿名的思想對(duì)標(biāo)簽進(jìn)行處理。將系統(tǒng)中所有的標(biāo)簽隨機(jī)的劃分為若干組,每個(gè)組包含至少k個(gè)標(biāo)簽,這k個(gè)標(biāo)簽使用相同的準(zhǔn)標(biāo)識(shí)符,組與組之間的準(zhǔn)標(biāo)識(shí)符不相同并且相互獨(dú)立。準(zhǔn)標(biāo)識(shí)符以明文的形式直接包含在標(biāo)簽的響應(yīng)信息中,但不存在刷新隱私模型中的安全問(wèn)題。因?yàn)?即使攻擊者獲得準(zhǔn)標(biāo)識(shí)符,也無(wú)法分辨同一組的k個(gè)標(biāo)簽,無(wú)法對(duì)標(biāo)簽進(jìn)行追蹤,所以,新模型可以保護(hù)標(biāo)簽的位置隱私不被泄露。同時(shí),閱讀器在認(rèn)證標(biāo)簽時(shí),可以利用明文的準(zhǔn)標(biāo)識(shí)符加快認(rèn)證效率。(3)提出一個(gè)基于k-匿名隱私模型的新的輕量級(jí)隱私保護(hù)協(xié)議k-PPA,其可以保護(hù)隱私安全,并且具有較高的認(rèn)證效率。k-PPA協(xié)議可以抵抗竊聽(tīng)攻擊、重傳攻擊、假冒攻擊和追蹤攻擊等。與同類協(xié)議相比,該協(xié)議在隱私保護(hù)強(qiáng)度和認(rèn)證效率之間取得了較好的平衡。
[Abstract]:RFID technology is a new wireless sensing technology, the use of radio waves to identify the target, high recognition speed, good environmental adaptability, reusable advantages, mainly used in the field of identification and authentication, such as identity recognition, intelligent transportation, logistics management and so on. Because of the exposure of the wireless communication channel between the reader and tag the defects, interaction protocols and components of the internal security risks and other factors, an attacker can eavesdrop on the communication between the reader and the tag, the replay can also tag tracking. Therefore in the RFID application, there are security and privacy problems. With the expansion of the scale of the system, the increasing number of tags, which triggered the following problems. On the one hand, a large number of label forced manufacturers continue to depress the production cost of the resulting label label, computing and storage resources, so the label Can only perform some simple operations, such as XOR, pseudo random number generation, Hash operation, and can not support complex encryption technology; on the other hand, the application requirements of the system can quickly complete the reader to tag identification and authentication, reduce the delay, ensure the high efficiency of authentication. Obviously in resource constrained conditions. How to realize the strength of privacy protection and authentication efficiency balance, become a key problem. In order to solve the above problems, a lot of privacy model and lightweight authentication protocols have been proposed as proposed by Sarma et al. Hash-Lock protocol, protocol tree structure proposed by Weis, Li proposed by Lu et al. Refresh the privacy model but these agreements exist some problems in the security or authentication efficiency. Such as risk Hash-Lock protocol for information disclosure, and the authentication efficiency is low; the tree structure of storage resource demand high agreement, And the relevance of vulnerable to attack; refresh the privacy model vulnerable to tracking attacks, resulting in tag location privacy. This paper mainly studies how to solve the security and privacy issues in RFID system on the premise of low cost. Based on the in-depth analysis of the various components of the system, understand its characteristics and threats; research and analysis of privacy model and the current interaction protocol, aiming at the defects, and proposed the optimal solution; in the face of new attack methods, put forward a new privacy protection model, and gives the available authentication protocol, pay more attention to the strength of privacy protection and authentication between the balance of efficiency. The research results of this paper include the following aspects: (1) combined with privacy protection RFID certification the demand of the system, the classification of RFID authentication system in privacy threats: analysis of the existing privacy model RFID authentication system in the problem, and gives the solution The strong privacy case. The output information model label has strict randomness and unpredictability, cause the system authentication efficiency greatly reduced. And refresh the privacy model is a kind of weak privacy model, which is mainly based on the refresh mechanism. It is called a weak model, because of the randomness of tag output information and unpredictability is not a strict requirement. Refresh privacy model allows the inclusion of a temporary information the same tag output information, and use this information to improve the authentication efficiency. But the attacker by eavesdropping intercepted this information, and this information and tag binding, the tag can be tracked, the position information label carriers will be leaked. Although, the attacker does not know the key information labels, but it is still a serious threat to the user's personal privacy. (2) proposed anonymous anonymous privacy based on k- .k- model is a classic for anonymous protection method for privacy preserving data publishing, by constructing K similar records in the data, the attacker can not distinguish the K records. Specifically, k- anonymous is through the concept of a hierarchical generalization, attribute data values that each attribute value learning process. At least the corresponding K records. Even if the attacker obtained through other means a certain attribute value, also cannot separate the K records, more unable to locate a record of a specific, so the user privacy can be protected. In the privacy model, to deal with the label using k- anonymous system. All the tags randomly divided into several groups, each group contains at least k tags, K tags that use the same quasi identifier, quasi identifiers between the groups were not identical and independent of each other. The quasi identifier to The plaintext form directly included in the response information label, but there is no refresh security issues privacy model. Because, even if an attacker to obtain quasi identifiers, also cannot distinguish the same set of K tags, to track on the label so that the new model can location privacy protection label is not leaked. At the same time in the authentication tag, reader, can speed up the authentication efficiency using quasi identifiers. The plaintext (3) proposed a k- based model of the new lightweight anonymous privacy privacy protection protocol k-PPA, which can protect the privacy and security authentication,.K-PPA protocol has high efficiency and can resist the attack, replay attack, impersonation attack and tracking attack. Compared with similar protocols, the proposed protocol achieves good balance between privacy protection strength and authentication efficiency.

【學(xué)位授予單位】：廣西師范大學(xué)
【學(xué)位級(jí)別】：碩士
【學(xué)位授予年份】：2015
【分類號(hào)】：TP309;TP391.44

【相似文獻(xiàn)】

相關(guān)期刊論文 前10條

1 葛偉平;汪衛(wèi);周皓峰;施伯樂(lè);;基于隱私保護(hù)的分類挖掘[J];計(jì)算機(jī)研究與發(fā)展;2006年01期

2 聞丹巖;夏國(guó)平;;電子商務(wù)中的不可否認(rèn)和隱私保護(hù)協(xié)議[J];北京工業(yè)大學(xué)學(xué)報(bào);2007年06期

3 沈中林;崔建國(guó);;隱私保護(hù)下關(guān)聯(lián)規(guī)則挖掘方法[J];中國(guó)民航大學(xué)學(xué)報(bào);2007年S1期

4 魏瓊;盧炎生;;位置隱私保護(hù)技術(shù)研究進(jìn)展[J];計(jì)算機(jī)科學(xué);2008年09期

5 劉恒;王鐵軍;周明天;佘X;;普適環(huán)境中基于角色的隱私保護(hù)系統(tǒng)設(shè)計(jì)[J];微電子學(xué)與計(jì)算機(jī);2010年12期

6 許大宏;;基于隱私保護(hù)關(guān)聯(lián)規(guī)則的改進(jìn)算法[J];福建電腦;2010年12期

7 王平水;王建東;;匿名化隱私保護(hù)技術(shù)研究綜述[J];小型微型計(jì)算機(jī)系統(tǒng);2011年02期

8 王艷;;數(shù)據(jù)隱私保護(hù)技術(shù)綜述[J];知識(shí)經(jīng)濟(jì);2011年14期

9 宋金玲;劉國(guó)華;黃立明;李玉香;賀禮智;王丹麗;;k-匿名隱私保護(hù)模型中k值的優(yōu)化選擇算法[J];小型微型計(jì)算機(jī)系統(tǒng);2011年10期

10 霍崢;孟小峰;;軌跡隱私保護(hù)技術(shù)研究[J];計(jì)算機(jī)學(xué)報(bào);2011年10期

相關(guān)會(huì)議論文 前10條

1 鄭思琳;陳紅;葉運(yùn)莉;;實(shí)習(xí)護(hù)士病人隱私保護(hù)意識(shí)和行為調(diào)查分析[A];中華護(hù)理學(xué)會(huì)第8屆全國(guó)造口、傷口、失禁護(hù)理學(xué)術(shù)交流會(huì)議、全國(guó)外科護(hù)理學(xué)術(shù)交流會(huì)議、全國(guó)神經(jīng)內(nèi)、外科護(hù)理學(xué)術(shù)交流會(huì)議論文匯編[C];2011年

2 孫通源;;基于局部聚類和雜度增益的數(shù)據(jù)信息隱私保護(hù)方法探討[A];中國(guó)水利學(xué)會(huì)2013學(xué)術(shù)年會(huì)論文集——S4水利信息化建設(shè)與管理[C];2013年

3 張亞維;朱智武;葉曉俊;;數(shù)據(jù)空間隱私保護(hù)平臺(tái)的設(shè)計(jì)[A];第二十五屆中國(guó)數(shù)據(jù)庫(kù)學(xué)術(shù)會(huì)議論文集（一）[C];2008年

4 公偉;隗玉凱;王慶升;胡鑫磊;李換雙;;美國(guó)隱私保護(hù)標(biāo)準(zhǔn)及隱私保護(hù)控制思路研究[A];2013年度標(biāo)準(zhǔn)化學(xué)術(shù)研究論文集[C];2013年

5 張鵬;于波;童云海;唐世渭;;基于隨機(jī)響應(yīng)的隱私保護(hù)關(guān)聯(lián)規(guī)則挖掘[A];第二十一屆中國(guó)數(shù)據(jù)庫(kù)學(xué)術(shù)會(huì)議論文集（技術(shù)報(bào)告篇）[C];2004年

6 桂瓊;程小輝;;一種隱私保護(hù)的分布式關(guān)聯(lián)規(guī)則挖掘方法[A];2009年全國(guó)開放式分布與并行計(jì)算機(jī)學(xué)術(shù)會(huì)議論文集(下冊(cè))[C];2009年

7 俞笛;徐向陽(yáng);解慶春;劉寅;;基于保序加密的隱私保護(hù)挖掘算法[A];第八屆全國(guó)信息隱藏與多媒體安全學(xué)術(shù)大會(huì)湖南省計(jì)算機(jī)學(xué)會(huì)第十一屆學(xué)術(shù)年會(huì)論文集[C];2009年

8 李貝貝;樂(lè)嘉錦;;分布式環(huán)境下的隱私保護(hù)關(guān)聯(lián)規(guī)則挖掘[A];第二十二屆中國(guó)數(shù)據(jù)庫(kù)學(xué)術(shù)會(huì)議論文集（研究報(bào)告篇）[C];2005年

9 徐振龍;郭崇慧;;隱私保護(hù)數(shù)據(jù)挖掘研究的簡(jiǎn)要綜述[A];第七屆（2012）中國(guó)管理學(xué)年會(huì)商務(wù)智能分會(huì)場(chǎng)論文集（選編）[C];2012年

10 潘曉;郝興;孟小峰;;基于位置服務(wù)中的連續(xù)查詢隱私保護(hù)研究[A];第26屆中國(guó)數(shù)據(jù)庫(kù)學(xué)術(shù)會(huì)議論文集（A輯）[C];2009年

相關(guān)重要報(bào)紙文章 前10條

1 王爾山;跟隱私說(shuō)再見(jiàn)[N];21世紀(jì)經(jīng)濟(jì)報(bào)道;2008年

2 記者 武曉黎;360安全瀏覽器推“隱私瀏覽”模式[N];中國(guó)消費(fèi)者報(bào);2008年

3 早報(bào)記者 是冬冬;“美國(guó)隱私保護(hù)法律已過(guò)時(shí)”[N];東方早報(bào);2012年

4 張曉明;隱私的兩難[N];電腦報(bào);2013年

5 本報(bào)實(shí)習(xí)生 張?jiān)码?本報(bào)記者 董晨;大數(shù)據(jù)時(shí)代，誰(shuí)來(lái)保護(hù)我們的隱私[N];新華日?qǐng)?bào);2013年

6 本報(bào)記者 鄒大斌;隱私保護(hù),老問(wèn)題再添新憂[N];計(jì)算機(jī)世界;2013年

7 本報(bào)記者 趙越;蘋果再陷“定位門”風(fēng)波 隱私保護(hù)成廠商繞不過(guò)的坎[N];通信信息報(bào);2014年

8 記者 馬意，

本文編號(hào)：1421416