引用本文
  • 黄伟庆,冯越,江上,王思叶,张艳芳,曹籽文.RFID系统安全风险分析与防御综述[J].信息安全学报,已采用    [点击复制]
  • huangweiqing,fengyue,jiangshang@iie.ac.cn,wangsiye,zhangyanfang,caoziwen.A Survey of RFID Security Risk Analysis and Countermeasures[J].Journal of Cyber Security,Accept   [点击复制]
【打印本页】 【下载PDF全文】 查看/发表评论下载PDF阅读器关闭

过刊浏览    高级检索

本文已被:浏览 3123次   下载 171  
RFID系统安全风险分析与防御综述
黄伟庆, 冯越, 江上, 王思叶, 张艳芳, 曹籽文
0
(中国科学院信息工程研究所)
摘要:
无线射频识别(Radio Frequency Identification,RFID)技术采用非接触的方式,利用射频信号自动识别物体。它以便携性、低成本等特点引起人们广泛关注,并逐渐进入到工业领域以及我们的日常生活中。一方面,RFID成为影响安全性的关键技术之一,如门禁、防伪等应用中。另一方面,它也正用于改善军事、医疗、物流等关键性产业。一旦这些应用中存在安全缺陷和安全漏洞,势必造成严重的不良影响,甚至影响社会发展与国家安全。然而,由于标签和读写器之间的通信是通过不安全的无线信道进行的,攻击者可以对读写器和标签之间的通信进行窃听、中继、中间人、重放等攻击。对于标签而言,低成本和便携性也限制了其安全性,容易受到逆向工程、移除、篡改、克隆等攻击。并且,随着新的RFID应用的出现,所提出的对策在有效性、效率、安全性、隐私性和适用性方面不断显示出局限性。因此,防御措施需要不断改进,以保持领先。本文,我们根据RFID系统的组成部分,从物理威胁、空口威胁、终端威胁这三个层面对近年来RFID系统面临的主要攻击和防御方法进行阐述和分析。我们着重在各个层面上分析相关攻击和防御方法的研究进展,比较不同攻击和防御方法在实际应用中的优势和劣势,总结当前阶段RFID系统安全性研究的主要趋势,并对未来发展方向进行展望。希望此综述能够对RFID安全领域有关的研究者提供研究文献的参考、研究方法上的启发和研究思路上的借鉴。
关键词:  射频识别技术  安全攻击  应对措施
DOI:10.19363/J.cnki.cn10-1380/tn.2024.04.08
投稿时间:2022-01-26修订日期:2022-06-14
基金项目:中国科学院战略重点研究项目(No.XDC02040300)
A Survey of RFID Security Risk Analysis and Countermeasures
huangweiqing, fengyue, jiangshang@iie.ac.cn, wangsiye, zhangyanfang, caoziwen
(Institute of Information Engineering, Chinese Academy of Sciences)
Abstract:
Radio Frequency Identification (RFID) technology is a non-contact, automatic identi?cation technology by using radio frequency signals. It has increasingly attracted people"s attention with its portability and low cost, and has gradually en-tered the industrial field and our daily life. On the one hand, RFID technology has become one of the key infrastructures affecting security, such as access control, anti-counterfeiting and other applications. On the other hand, it is also being used to improve key industries and applications such as military, medical and logistics. Once there are security flaws and security loopholes in these applications, it is bound to cause more serious adverse effects, and even affect social devel-opment and national security. However, the communication between the tag and the reader is carried out over an inse-cure wireless channel. The attacker can eavesdrop, relay, man-in-the-middle, and replay the communications between readers and tags. For tags, low cost and portability also limit security. They are vulnerable to reverse engineering, re-moval, tampering, cloning and other attacks. In addition, with the emergence of new RFID applications, the proposed countermeasures constantly show limitations in terms of effectiveness, efficiency, security, privacy or applicability. The countermeasures therefore need to evolve to stay ahead of the curve. According to the components of the RFID system, this survey focuses on the primary attack methods and countermeasures faced by the RFID system in recent years from the three aspects of physical threat, channel threat and terminal threat. We focus on analyzing the research progress of related attacks and countermeasures at various levels and comparing their advantages and disadvantages of them in prac-tical applications. Finally, we summarize the main trends of RFID system security research at the current stage and look forward to the future development direction. We hope that this survey can act as a reference and inspiration and can pro-vide ideas for future researchers.
Key words:  radio frequency identification  security attacks  countermeasures