信息网络安全
信息網絡安全
신식망락안전
Netinfo Security
2015年
9期
25-28
,共4页
RFID系统%安全协议%隐私性%追踪攻击%攻击者模型%射频指纹
RFID繫統%安全協議%隱私性%追蹤攻擊%攻擊者模型%射頻指紋
RFID계통%안전협의%은사성%추종공격%공격자모형%사빈지문
RFID system%security protocol%privacy%tracking attack%attacker model%radio frequency ifngerprint
针对当前RFID安全协议可能存在的恶意追踪问题,文章提出了一个追踪攻击的形式化分析模型.该模型首先定义了攻击者消息元素集合的概念,之后根据攻击者消息元素集合中消息使用的代数运算,推导出攻击者的攻击行为,并由此确定攻击者行为集合.通过攻击者元素集合和攻击者行为集合,规范了攻击者攻击行为和攻击对象.之后通过引入标签特征值的概念,确定了RFID安全协议存在追踪攻击的条件,明确了攻击者发起追踪攻击的目标.最后,使用该模型对一个RFID安全协议进行了分析,计算出了该协议的标签特征值,由此发现了新的追踪攻击,证明了模型的可靠性.
針對噹前RFID安全協議可能存在的噁意追蹤問題,文章提齣瞭一箇追蹤攻擊的形式化分析模型.該模型首先定義瞭攻擊者消息元素集閤的概唸,之後根據攻擊者消息元素集閤中消息使用的代數運算,推導齣攻擊者的攻擊行為,併由此確定攻擊者行為集閤.通過攻擊者元素集閤和攻擊者行為集閤,規範瞭攻擊者攻擊行為和攻擊對象.之後通過引入標籤特徵值的概唸,確定瞭RFID安全協議存在追蹤攻擊的條件,明確瞭攻擊者髮起追蹤攻擊的目標.最後,使用該模型對一箇RFID安全協議進行瞭分析,計算齣瞭該協議的標籤特徵值,由此髮現瞭新的追蹤攻擊,證明瞭模型的可靠性.
침대당전RFID안전협의가능존재적악의추종문제,문장제출료일개추종공격적형식화분석모형.해모형수선정의료공격자소식원소집합적개념,지후근거공격자소식원소집합중소식사용적대수운산,추도출공격자적공격행위,병유차학정공격자행위집합.통과공격자원소집합화공격자행위집합,규범료공격자공격행위화공격대상.지후통과인입표첨특정치적개념,학정료RFID안전협의존재추종공격적조건,명학료공격자발기추종공격적목표.최후,사용해모형대일개RFID안전협의진행료분석,계산출료해협의적표첨특정치,유차발현료신적추종공격,증명료모형적가고성.
In order to solve the problem of malicious tracking attack that exists in RFID security protocols, a formal analysis model of tracking attack was proposed. At first, the model defined the concepts of attacker message element set. Then accroding to the algebraic calculation applied in the message in attacker message element set, the actions of attacker were deduced, and thus the attacker action set was determined. The concepts of attacker message element set and attacker action set regulated the actions and targets of attackers. Then the model introduced the concept of tag characteristic value, which conifrmed the conditions that the tracking attack existed and clariifed the attack target for tracking attack. Finally, using the proposed model, an RFID security protocol was analyzed. Through caculating the tag characteristic value of the protocol, a new tracking attack was found, which exactly proved the reliability of the model.