Article Preview
Top1. Introduction
RFID (Radio-frequency identification) technology, with its advantages that universal anti-counterfeiting methods (such as laser holographic imaging and chemical markers) are short of, has now become one of the most promising tools to solve the problem of supply chain data counterfeiting.
RFID is a non-contact identification technology to identify the presence of an object through radio signals, which can quickly track items and exchange data. The identification process is without manual intervention and can work in a variety of harsh environment. Therefore, RFID technology has been widely used in the supply chain management. The typical applications include: the tracking and management of container or dangerous goods such as gas tank, the logistics of agricultural products, the storage management, etc. The key to these applications lies in the automatic identification of the product, so that all the information in the enterprise's MIS system or ERP system can get real-time transmission and reflection. Through the RFID supply chain management, enterprises obtain the supply chain flow of goods in a more accurate, more timely and more detailed manner, so as to provide helps for the daily operation and decision-making. RFID is having a profound impact on the mode of production for enterprise supply chain management.
However, with signal broadcasting, resource limitation and wireless transmission, the RF tags are facing security attacks such as monitoring, tracking, tampering and so on. A reliable communication system must ensure the transmission of confidential data, as well as the integrity and availability of data (Wang, 2010). However, due to the physical characteristics of RF tag, its computing speed, storage space and communication capacity are very limited, which increases the difficulty of the research of RFID technology security mechanism. Unfortunately, most of the current researches focus on the security and privacy of tags and readers, and pay little attention to the security of RF tags. More worrying, the existing EPCglobal standard EPCC1G2 allows RF tags to be read and written (Yuan, 2010). Malicious attackers can not only access to the RF tags or even tamper and forge them, but also speculate consumers’ favourites by tracing the characteristics of the tags.
At present, there are two main methods for RFID system security: 1) the security mechanism based on physical methods, such as Sleep command, using Faraday nets mask, clipping label method, etc., for active shielding and interference, etc. The physical method is direct and effective, but depends on the additional equipment, it increases the cost of using the label and has a certain risk; 2) authentication technology based on cryptographic authentication techniques, such as the Hash function mechanism and symmetric keys (Sajadieh, 2015, Lin, 2015 and So, 2017). But for Hash functions, even MD5 hash function, which is widely used as a computer security domain, has been shown to be unable to resist strong collision attacks (Liang, 2007). The symmetric key technology has such disadvantages as simple encryption algorithm, low encryption strength, limited key length (56 bits, /128 bits) and so on. Moreover, the symmetric key technology is difficult to manage key distribution, which is not conducive to managing (Shen, 2013).