EPC网络中可证明安全的EPCIS通信方案

doi:10.3969/j.issn.1000-436x.2013.z1.031

通信学报 ›› 2013, Vol. 34 ›› Issue (Z1): 235-239.doi: 10.3969/j.issn.1000-436x.2013.z1.031

EPC网络中可证明安全的EPCIS通信方案

李景峰¹,潘恒²,郭卫锋¹

¹ 解放军信息工程大学密码工程学院，河南郑州 450004
² 中原工学院计算机学院，河南郑州 450007

出版日期:2013-08-25 发布日期:2017-06-23

Provable security EPC information service communication scheme for EPC network

Jing-feng LI¹,Heng PAN²,Wei-feng GUO¹

¹ Institute of Cryptographic Engineering, PLA Information Engineering University, Zhengzhou 450004, China
² Computer Science College, Zhongyuan University of Technology, Zhengzhou 450007, China

Online:2013-08-25 Published:2017-06-23

摘要/Abstract

摘要：

针对EPC信息服务存在的安全问题，提出一种EPC信息服务安全通信方案ESCM，方案使用数字签名、消息认证码等安全机制，实现了分属查询应用程序和外域EPCIS服务器之间的相互认证服务与密钥协商服务，能够保护EPCIS通信的机密性和完整性。利用Canetti-Krawczyk模型证明了ESCM方案是会话密钥安全的。此外，性能分析表明该方案的通信开销、计算开销较少，适合EPC网络特性。

关键词: EPC信息服务, 射频标识, Canetti-Krawczyk模型

Abstract:

To resolve the security drawbacks of EPC information services, a provable security EPC information service communication scheme—ESCM was designed. By using some cryptographic mechanisms such as the digital signature and the message authentication code, the ESCM could implement mutual authentication and session key agreement be-tween the EPC Information service servers and querying application belonging to a different trust domain. Security analysis shows that the session key agreement of ESCM is provably secure in the Canetti-Krawczyk model. Furthermore, the ESCM has efficient computation and communication cost.

Key words: EPC Information service, radio frequency identification, Canetti-Krawczyk mode

李景峰,潘恒,郭卫锋. EPC网络中可证明安全的EPCIS通信方案[J]. 通信学报, 2013, 34(Z1): 235-239.

Jing-feng LI,Heng PAN,Wei-feng GUO. Provable security EPC information service communication scheme for EPC network[J]. Journal on Communications, 2013, 34(Z1): 235-239.

图/表 4

参考文献 10

[1]	The EPCglobal architecture framework version 1.4[EB/OL]. . 2010,12.
[2]	EPC information services (EPCIS) version 1.0.1[EB/OL]. . 2007,9.
[3]	KYUHEE A , KIYEAL L , MOKDONG C . Design and implementation of an RFID-based enterprise application framework based on abstract BP and kerberos[J]. International Journal of Information Processing Systems, 2006,2 (3):170-177.
[4]	WEN J , TIAN W H , WANG W D . An authentication approach to enhance RFID security[A]. Proceedings of Communication, Circuits and Systems[C]. 2010.144-146.
[5]	KIM D J , KIM J J , LEE S M , et al. Design and implementation for EPC system method to authentication and cryptography[A]. Proceed-ings of Information Security and Assurance[C]. 2008.137-141.
[6]	王刚．基于HMIPv6的无线Mesh网络安全切换方案研究[D]．郑州：解放军信息工程大学， 2011. WANG G . Research on the Secure Switching Schema based on HMIPv6 for the Wireless Mesh Networks[D]. Zhengzhou: PLA In-formation Engineering University, 2011.
[7]	郭卫锋． EPC网络数据跨域传输安全机制研究[D]．郑州：解放军信息工程大学， 2013. GUO W F . Research on the Secure Crossing-domains Transmission Schema for the EPC Networks[D]. Zhengzhou: PLA In-formation Engineering University, 2013.
[8]	郭卫锋，李景峰，张来顺． EPC网络中一种可证明安全的跨域认证协议[J]．小型微型计算机系统， 2013,34(5):983-986. GUO W F , LI J F , ZHANG L S . A provable secure crossing-domains authentication protocol for the EPC networks[J]. Journal of Chinese Computer Systems, 2013,34(5):983-986.
[9]	彭华熹．一种基于身份的多信任域认证模型[J]．计算机学报， 2006,29(8):1271-1281. PENG H X . An Identity-based authentication model for multi-domain[J]. Chinese Journal of Computers, 2006,29(8):1271-1281.
[10]	朱辉，李晖，杨加喜等．一种可证明安全的通用多信任域认证协议[J]．武汉大学学报（信息科学版）， 2008,33(10):1051-1054. ZHU H , LI Y , YANG J X , et al. A universal provable security authen-tication protocol for multi-domain[J]. Geomatics and Information Science of Wuhan University, 2008,33(10):1051-1054.

安全机制	通信次数	域间通信次数	非对称加密	非对称解密	数字签名	验证签名	MAC运算	验证MAC
IDAKE-MA^[9]	14	6	6	6	5	5	0	0
SKAP^[10]	10	4	4	4	3	3	0	0
ESCM	6	4	0	0	2	2	5	5

EPC网络中可证明安全的EPCIS通信方案

Provable security EPC information service communication scheme for EPC network

在线阅读

PDF下载

可视化

被引次数

摘要/Abstract

引用本文

使用本文

图/表 4

参考文献 10

相关文章 1

Metrics

推荐阅读 0