Recently, the mobile RFID-based applications become a new hot zone for research and development, because it has advantages of RFID technology and mobile smart device. However, mobile RFID system is facing all kinds of security and privacy threats because of its own features (e.g. the communication between a reader and a database is insecure). In this paper, we propose a mutual authentication protocol based on elliptic curve cryptography (ECC) to address such severe problems. For avoiding exhaustive compute to authentication only one single tag, the proposed protocol requires that without secret does be shared by parties. The proposed protocol is designed to authenticate reader before tag authentication to avoid impersonation of a valid mobile reader. Meanwhile, formal security proof show that the proposed protocol no obvious design defect theoretically.

• 出版日期2012
• 单位北京大学