摘要
对文献[11]协议进行安全性分析,给出一个改进的无后端数据库的认证协议。为抵抗攻击者暴力破解攻击,所有通信消息加密再传送,且加密过程中全部混入随机数;协议为减少系统整体的计算量,采用基于位运算实现的交叉再交换运算对信息加密,加密算法实现过程中根据加密信息自身汉明重量的不同进行相对应的操作。对协议进行安全性和性能分析,结果表明协议在满足较高安全性的同时还可以适用于现有的低成本系统中。
This paper analyses the security of Wang et al.protocol and presents an improved authentication protocol without backend database.In order to resist the violent attack of attackers,all communication messages were encrypted in transmission,and random numbers were mixed in the encryption process.To reduce the computation of the whole system,the protocol used the cross-exchange operation based on bit operation to encrypt the information.In the process of implementing the encryption algorithm,the encrypted information was encrypted according to the Hamming of the encrypted information itself.The security and performance analysis of the protocol shows that it can be applied to existing low-cost systems while satisfying higher security.
作者
常志鹏
Chang Zhipeng(Modern Educational Technology Center,Ningxia Medical University,Yinchuan 750001,Ningxia,China)
出处
《计算机应用与软件》
北大核心
2021年第5期344-349,共6页
Computer Applications and Software
基金
宁夏回族自治区2019年本科教育教学改革研究与实践项目(nxbjgz-2)。
关键词
射频识别
无后端数据库
交叉再交换运算
标签假名
认证协议
RFID
No backend database
Cross-exchange operation(Cre)
Tag's pseudonym
Authentication protocol
作者简介
常志鹏,讲师,主研领域:计算机网络,网络教育及应用。
