[go: up one dir, main page]

CN111641657B - RFID-based information anonymous retrieval method and system in intelligent medical environment - Google Patents

RFID-based information anonymous retrieval method and system in intelligent medical environment Download PDF

Info

Publication number
CN111641657B
CN111641657B CN202010502858.3A CN202010502858A CN111641657B CN 111641657 B CN111641657 B CN 111641657B CN 202010502858 A CN202010502858 A CN 202010502858A CN 111641657 B CN111641657 B CN 111641657B
Authority
CN
China
Prior art keywords
information
identification
server
identification reader
reader
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202010502858.3A
Other languages
Chinese (zh)
Other versions
CN111641657A (en
Inventor
季赛
刘帅
沈剑
戚荣鑫
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Chongqing Mingyi Online Information Technology Co ltd
Original Assignee
Nanjing University of Information Science and Technology
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Nanjing University of Information Science and Technology filed Critical Nanjing University of Information Science and Technology
Priority to CN202010502858.3A priority Critical patent/CN111641657B/en
Publication of CN111641657A publication Critical patent/CN111641657A/en
Application granted granted Critical
Publication of CN111641657B publication Critical patent/CN111641657B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0407Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the identity of one or more communicating identities is hidden
    • H04L63/0421Anonymous communication, i.e. the party's identifiers are hidden from the other party or parties, e.g. using an anonymizer
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/24Querying
    • G06F16/245Query processing
    • G06F16/2455Query execution
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • H04L63/123Applying verification of the received information received data contents, e.g. message integrity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/085Secret sharing or secret splitting, e.g. threshold schemes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0863Generation of secret information including derivation or calculation of cryptographic keys or passwords involving passwords or one-time passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0869Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3297Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving time stamps, e.g. generation of time stamps

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • General Engineering & Computer Science (AREA)
  • Computing Systems (AREA)
  • Computer Hardware Design (AREA)
  • Theoretical Computer Science (AREA)
  • Computational Linguistics (AREA)
  • Data Mining & Analysis (AREA)
  • Databases & Information Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Storage Device Security (AREA)
  • Medical Treatment And Welfare Office Work (AREA)

Abstract

本发明公开了一种智能医疗环境下基于RFID的信息匿名检索方法,包括:对服务器、识别阅读器和识别标签进行初始化操作;发送检索请求信息至识别阅读器,识别阅读器结合存储在本地的哈希值和选取的第一随机数生成身份验证信息,将身份验证信息和加密后的检索请求信息发送至服务器以进行身份验证,使服务器在身份验证通过后,根据解密得到的检索请求信息查找并返回加密后的检索对象信息;采用识别阅读器广播加密后的检索对象信息,根据检索对象返回的认证信息验证并且定位检索对象。本发明可以在不泄露用户身份的前提下向服务器证明识别对象的合法性,同时服务器发送信息的真实合法性也可以被验证。

Figure 202010502858

The invention discloses an RFID-based information anonymous retrieval method in an intelligent medical environment, which includes: initializing a server, an identification reader and an identification tag; sending retrieval request information to the identification reader, and the identification reader combines with a locally stored The hash value and the selected first random number generate authentication information, and send the authentication information and the encrypted retrieval request information to the server for authentication, so that the server can search for the retrieval request information obtained by decryption after the authentication is passed. And return the encrypted retrieval object information; use the identification reader to broadcast the encrypted retrieval object information, verify and locate the retrieval object according to the authentication information returned by the retrieval object. The present invention can prove the legitimacy of the identification object to the server on the premise of not revealing the user's identity, and at the same time, the authenticity and legitimacy of the information sent by the server can also be verified.

Figure 202010502858

Description

RFID-based information anonymous retrieval method and system in intelligent medical environment
Technical Field
The invention relates to the technical field of information security transmission, in particular to an information anonymous retrieval method and system based on RFID in an intelligent medical environment.
Background
With the rapid development of radio frequency identification technology and microelectronic technology, intelligent medical theory based on the technology in the field is gradually applied to practical production. In an intelligent medical environment, through wearing by a patient and embedding an identifiable radio frequency tag in a medical article, a medical system center can acquire information such as the position, the quantity and the like of the patient and the medical article in real time and give suggestions according to different situations. For example: when the data shows that the patient is not in the affected area for a long time, the medical system center automatically sends alarm information to the accompanying person, and simultaneously informs an on-duty doctor nearby the patient to prepare medical help for the patient at the first time; when a large amount of medical resources are consumed, the medical system center automatically reminds the medical resources to be supplemented and prompts related departments to reduce the number of stored patients; when a doctor prescribes a medicine for a patient, the medical system center can timely retrieve and inform a pharmacy of preparing the medicine according to the prescription. Medical staff can also check and analyze the data through the medical system, and put forward some suggestions for improving medical services according to the working characteristics of each department.
Intelligent medical treatment also hides many safety problems while bringing convenient service to people. In the communication messages between the medical system and the terminal, a large amount of privacy information such as the identity, address, medical history of the patient is generally included. However, early intelligent medical systems were less likely to consider privacy concerns, transmitting various types of information directly over a wireless channel. Because of the open nature of wireless channels, illegal molecules can easily steal private information to earn benefits, and the physical and mental health of patients will face threats. Therefore, the intelligent medical system of today should realize the function of privacy protection. Some experts and scholars have already achieved some research results in the aspect of intelligent medical secure communication, and propose a secure communication scheme based on various hash functions and elliptic curve calculation difficulties. However, while such secure communication schemes increase system security and privacy protection, they also place increased demands on the communication devices within the system, requiring servers and terminal devices to perform a significant number of computing and communication tasks, and also increasing the cost of deploying the medical system invisibly. Some experts have found that this problem is a lightweight process that reduces the amount of computation for algorithms that compute hash and elliptic curves, but does not increase the complexity. When frequent retrieval and updating of identifying object information is required in a medical system, frequent performance of these computational tasks can significantly reduce the performance of the medical system, which is undesirable for time-to-life situations. If a weak or even no security mechanism is used for improving the performance of the medical system, illegal personnel can guess through the password dictionary to pass system authentication, view and modify system information at will, and cause privacy information leakage. The invention patent No. CN104009974A discloses a radio frequency identification medical information processing method for providing privacy protection, which, although proposing the concept of anonymous authentication, is mainly used to solve the problems of medical errors and privacy disclosure of patients in the digital medical process, and also improves the efficiency of patients seeing a doctor, and does not involve the security problem in information retrieval.
In fact, under the urgent health needs of people and the push of increasingly mature digital technologies, the establishment of mature intelligent medical treatment is an inevitable trend, and partial problems in the existing communication schemes need to be solved:
(1) anonymous authentification of an identity. In order to prevent users from illegally accessing the system, the identity of the communicating object needs to be authenticated before communication. And the identity of the user is easily acquired by depending on the identity of the communication object and the authentication mode of the password, and then the user is attacked by the password dictionary to break the system. Furthermore, the identity of the system user is also a kind of privacy and should not be used directly for authentication. In order to prevent illegal persons from forging or tampering with the identified object and ensure the reliability of the data obtained by the system, the identity validity of the identification object also needs to be verified.
(2) Identity anonymity irretrievable. To ensure the legitimacy of the user and the identification object, we need to authenticate them. And considering the privacy of the identity information, the identities of the user and the identification object are to be authenticated in an anonymous mode. In the anonymous authentication method, although an attacker cannot reproduce the authentication information and passes the system authentication, the reproduced information is legitimate, and the user or the identified object responds to the reproduced authentication information. Therefore, an attacker can achieve the purpose of tracing the communication object by physically observing the responding device by continuously replaying the authentication information.
(3) The communication device resources are limited. At present, in order to popularize an intelligent medical system, the privacy safety of the medical system needs to be ensured, and the deployment cost of the medical system needs to be reduced. Therefore, when the intelligent medical system is deployed, communication equipment with high computing and storage capacities but high cost cannot be preferentially used, and most communication equipment is low in cost and limited in resources. However, most of the existing secure communication schemes are based on computational difficulties and are not suitable for devices with limited computational and memory capabilities.
Disclosure of Invention
Aiming at the defects in the prior art, the invention provides an information anonymous retrieval method and system based on RFID in an intelligent medical environment. Under the anonymous mutual authentication mechanism, the legitimacy of the identification object can be proved to the server on the premise of not revealing the identity of the user, and meanwhile, the real legitimacy of the information sent by the server can also be verified; in addition, the invention mainly uses the object of bit operation matching identification, ensures the freshness and integrity of the message by using a small amount of Hash and pseudo-random number functions, and can ensure the safety and reliability of the system while reducing the calculation and storage expenses.
In order to achieve the purpose, the invention adopts the following technical scheme:
an information anonymous retrieval method based on RFID in an intelligent medical environment comprises the following steps:
s1, initializing the server, the identification reader and the identification tag, including: allocating an identity number and a corresponding shared secret value to each identification reader and each identification tag, setting a unique account and a unique password for each identification reader, and performing exclusive OR and Hash operation on the account, the password, the identity number and the corresponding shared secret value of each identification reader to generate a corresponding Hash value;
storing the encrypted relevant information of each identification reader and the corresponding relation between the identification reader and the identification tag in the server; storing the encrypted hash value in the identification reader; storing the encrypted identity number, the corresponding shared secret value and the timestamp in the identification tag;
s2, sending retrieval request information to an identification reader, generating identity authentication information by the identification reader in combination with the hash value stored locally and the selected first random number, sending the identity authentication information and the encrypted retrieval request information to a server for identity authentication, and searching and returning encrypted retrieval object information according to the retrieval request information obtained by decryption after the server passes the identity authentication;
and S3, broadcasting the encrypted retrieval object information by using the identification reader, and verifying and positioning the retrieval object according to the authentication information returned by the retrieval object.
In order to optimize the technical scheme, the specific measures adopted further comprise:
further, in step S1, the initializing operation on the server, the identification reader and the identification tag includes the following steps:
s11, initializing the server:
s111, distributing an identity number and a corresponding shared secret value to each identification reader and each identification tag by adopting a server, and locally storing the encrypted related information of each identification reader in the server;
s112, according to the deployment requirement of the identification tags, the identification tag information covered by each identification reader and the corresponding identification reader information are bound and then encrypted and stored in the local server;
s12, initializing the identification reader:
s121, setting a unique account and a unique password locally on each identification reader;
s122, receiving the identity number and the shared secret value sent by the server through the secure communication channel;
s123, performing XOR and Hash operation on the account number, the password, the identity number and the corresponding shared secret value of each identification reader to generate a corresponding Hash value, and deleting the received identity number and the shared secret value;
s13, initializing the identification tag:
and receiving the identity number and the shared secret value sent by the server through the secure communication channel, encrypting and storing the identity number and the shared secret value, and storing the timestamp of the received information.
Further, in step S2, the process of generating the authentication information by the identification reader in combination with the locally stored hash value and the selected first random number includes the following steps:
and receiving an account number and a password input by a user, selecting a first random number after the authentication is passed, and calculating by using a hash value stored in the local and combining a time stamp to generate anonymous identity authentication information.
Further, in step S2, the process of the server searching for and returning the encrypted retrieval object information according to the authentication information sent by the identification reader and the retrieval request information obtained by decryption includes the following steps:
receiving identity authentication information and encrypted retrieval request information sent by an identification reader;
and verifying the identity verification information by using the encrypted relevant information of the identification reader stored locally, if the verification is passed, decrypting to obtain retrieval request information, searching for matched identification tag information, generating anonymous information of an identification object, encrypting and then sending the anonymous information to the identification reader, and otherwise, sending a failure prompt to the identification reader.
Further, the generating of the anonymous information of the identification object includes:
and selecting a second random number, and performing XOR and Hash operation by adopting the second random number, the timestamp, the first random number, the authentication information of the identification reader and the authentication information of the identification tag to generate anonymous information of the identification object.
Further, in step S3, the process of broadcasting the encrypted search object information by using the identification reader, verifying and locating the search object according to the authentication information returned by the search object includes the following steps:
s31, the identification reader receives and broadcasts the anonymous information of the identification object after encryption returned by the server, and the identification label in the broadcast area judges the received broadcast information:
when the difference between the timestamp of the broadcast information and the locally stored timestamp is larger than a preset difference threshold value, the identification tag decrypts the received broadcast information, if the identification tag information obtained by decryption is matched with the information of the identification tag, the identification tag updates the locally stored timestamp information, calculates authentication information for proving the validity of the identification tag, and sends the authentication information to an identification reader;
and S32, the identification reader verifies and positions the retrieval object according to the authentication information returned by the identification tag.
Further, the information anonymous retrieval method further comprises the following steps:
if the time length for broadcasting the encrypted retrieval object information by the identification reader exceeds a preset time length threshold value and the retrieval object is not identified in the corresponding broadcast area, the identification reader sends an assistance search request to the server, so that the server informs the identification readers in idle states in other areas to assist in searching.
Further, the information anonymous retrieval method further comprises the following steps:
and the server, the identification reader and the identification tag send the timestamp for generating the transmission information together with the transmission information to the opposite side in the information transmission process as the primary verification information of the transmission information.
Based on the method, the invention also provides an information anonymous retrieval system based on RFID in an intelligent medical environment, wherein the information anonymous retrieval system comprises a server, an identification reader and an identification tag;
the server distributes an identity number and a corresponding shared secret value to each identification reader and each identification tag, sends the identity number and the shared secret value to each identification reader and each identification tag through a secure communication channel, and stores encrypted related information of each identification reader and a corresponding relation between the identification reader and the identification tag in a local database;
the identification reader sets a unique account and a unique password, receives an identity number and a shared secret value sent by a server, performs exclusive OR and Hash operation by combining the account, the password, the identity number and the corresponding shared secret value to generate a corresponding Hash value, and stores the Hash value in a local database;
the identification tag receives the identity number and the shared secret value sent by the server, encrypts and stores the identity number and the shared secret value, and stores a timestamp of received information;
the identification reader receives retrieval request information input by a user, generates identity authentication information by combining a locally stored hash value and a selected first random number, and sends the identity authentication information and the encrypted retrieval request information to a server for identity authentication, so that the server searches and returns encrypted retrieval object information according to the retrieval request information obtained by decryption after the identity authentication is passed; and the identification reader receives and broadcasts the encrypted retrieval object information, verifies and positions the retrieval object according to the authentication information returned by the retrieval object.
The invention has the beneficial effects that:
the invention solves the problem of anonymous authentication of identity.
1. The invention shares identity number and secret value with the server in advance at the identification reader and the tag end respectively, and generates anonymous authentication information by combining the shared secret information with random number and time stamp, thereby realizing mutual identity authentication under anonymity. Under the anonymous mutual authentication mechanism, the legality of the identification object can be proved to the server on the premise of not revealing the identity of the user, and meanwhile, the real legality of the information sent by the server can also be verified. In addition, the anonymous authentication mechanism can prevent an attacker from launching a password dictionary attack and can also prevent the threat of replaying authentication information to deceive a server or identify an object and steal confidential information of a medical system.
2. The invention can realize the irretrievable identity anonymity.
In the present invention, the authentication information for anonymous authentication is time-efficient, that is, authentication can be performed only when the authentication information is used for a predetermined time. Beyond a limited time, the authentication information will fail, and reusing this authentication information will result in authentication failure. An attacker can tamper with the timestamp but cannot properly tamper with the authentication information containing the timestamp. Therefore, when an attacker replays the authentication message, no identification tag responds, a specific identification object cannot be traced, and the non-traceability of the identity under anonymity is realized.
3. The invention can reduce the communication and calculation amount of the medical system and the resource-limited equipment.
The invention combines the authentication information with the encryption information to be searched and sends the combined information to the server, thereby reducing the interaction times with the server and the time for waiting for the response of the server, reducing the communication traffic and improving the execution efficiency of the system. And the identified object can be determined off-line only by using the message returned by the server, and the on-line state does not need to be kept for a long time. In addition, the invention mainly uses the object of bit operation matching identification, ensures the freshness and integrity of the message by using a small amount of hash and pseudo-random number functions, and can ensure the safety and reliability of the system while reducing the calculation and storage expenses.
Drawings
FIG. 1 is a flow chart of an RFID-based anonymous information retrieval method in an intelligent medical environment.
Fig. 2 is a schematic diagram of the system parameter initialization principle of the present invention.
Fig. 3 is a schematic diagram of the transmission process of the search request of the present invention.
FIG. 4 is a schematic diagram of the identification reader retrieving and authenticating an identification object of the present invention.
Detailed Description
The present invention will now be described in further detail with reference to the accompanying drawings.
It should be noted that the terms "upper", "lower", "left", "right", "front", "back", etc. used in the present invention are for clarity of description only, and are not intended to limit the scope of the present invention, and the relative relationship between the terms and the terms is not limited by the technical contents of the essential changes.
Detailed description of the preferred embodiment
With reference to fig. 1, the present invention provides an information anonymous retrieval method based on RFID in an intelligent medical environment, where the information anonymous retrieval method includes:
s1, initializing the server, the identification reader and the identification tag, including: the method comprises the steps of distributing an identity number and a corresponding shared secret value for each identification reader and each identification label, setting a unique account number and a unique password for each identification reader, and executing exclusive OR and Hash operation aiming at the account number, the password, the identity number and the corresponding shared secret value of each identification reader to generate a corresponding Hash value.
Storing the encrypted relevant information of each identification reader and the corresponding relation between the identification reader and the identification tag in the server; storing the encrypted hash value in the identification reader; and storing the encrypted identity number, the corresponding shared secret value and the timestamp in the identification tag.
And S2, sending the retrieval request information to the identification reader, generating authentication information by the identification reader by combining the hash value stored locally and the selected first random number, sending the authentication information and the encrypted retrieval request information to the server for authentication, and searching and returning the encrypted retrieval object information according to the retrieval request information obtained by decryption after the server passes the authentication.
And S3, broadcasting the encrypted retrieval object information by using the identification reader, and verifying and positioning the retrieval object according to the authentication information returned by the retrieval object.
The invention realizes the functions of identifying and retrieving objects based on the automatic identification characteristic of the radio frequency identification technology (RFID).
The invention comprises the following three steps:
1. pretreatment of
Before the intelligent medical system is used for the first time, initialization operations need to be performed on the server, the identification reader and the identification tag in sequence, as shown in fig. 2. At a server side: the server firstly distributes identity numbers to each reader and each label in sequence, generates corresponding shared secret values and sends the shared secret values to the readers and the labels through a safe communication channel; then, the information of all readers is encrypted and stored; and finally, binding, encrypting and storing the label covered by each reader and the information of the corresponding reader according to the actual deployment requirement of the label. At the identification reader end: each reader sets a local account number and a password, executes exclusive OR and Hash operation with the set account number and password in sequence according to the received identity number and the shared secret value, stores the exclusive OR and Hash operation locally, and deletes the received identity number and the secret value. And directly encrypting and storing the received serial number and the shared secret value at the identification tag end, and storing the received time stamp.
2. Request phase
In the request phase, a legitimate user may request to the medical system to retrieve a particular patient or item through his own reader, as shown in fig. 3. First, the user needs to input the account and password value set by the user. Then, the reader device selects a random number, and then calculates by using the hash value stored locally and the timestamp to generate anonymous authentication information. Finally, the reader sends the retrieval request information containing the authentication information and the encryption to the server. After receiving the requested information, the server firstly uses the reader information stored by local encryption to verify the requested information. If the server successfully verifies the request information, the server decrypts the retrieved content, finds the matched tag information in the database, generates information of the reader authentication retrieval object, and encrypts and sends the information to the reader. And if the server fails to verify the request information, sending a failure prompt to inform the reader.
3. Retrieval phase
First, the reader decrypts the information returned by the server and broadcasts the anonymous information of the identification object, as shown in fig. 4. The identification tag within the broadcast area then determines the broadcast information and attempts to decrypt the broadcast information when the difference between the timestamp of the broadcast information and the locally stored timestamp is greater than a threshold. If the decrypted information is matched with the information of the identification tag, the identification tag can update the locally stored timestamp information, calculate authentication information for proving the validity of the identification tag and send the authentication information to the reader. Finally, the reader verifies and locates the retrieved object using the authentication information. If the reader does not identify the retrieved object in the broadcast area after broadcasting the anonymous information, the reader may request the server to perform such a lookup using readers in other areas.
Detailed description of the invention
In this embodiment, the doctor user D requests to retrieve the patient label P by using the reader device R, and the detailed description will be given to the specific implementation method of the present invention.
1. Pretreatment of
The preprocessing in the invention only needs to be executed once, and the preprocessing operation does not need to be executed after the initialization of the system parameters is completed. First, the servers are readers R respectivelyiAnd a label PijAssigning identity numbers
Figure BDA0002525417880000061
And a shared secret value
Figure BDA0002525417880000062
Figure BDA0002525417880000063
And stores the information in a database in an encrypted manner. Then, the user D sets the account U of the user D on the reader RDCode WDThe reader will calculate
Figure BDA0002525417880000064
And stores S and then deletes IDRAnd sR. Finally, tag P directly stores IDPAnd sPAnd updates the value of the time stamp T.
2. Request phase
When a user D requests to retrieve a patient label P, firstly, the user D inputs an account U of the user on a reader RDAnd a password WD. However, the device is not suitable for use in a kitchenThen, the reader calculates according to the input account number and password
Figure BDA0002525417880000071
To obtain
Figure BDA0002525417880000072
Request information for encrypted retrieval as encryption key
Figure BDA0002525417880000073
Finally, the reader randomly selects a number NRFor calculating anonymous authentication information
Figure BDA0002525417880000074
And sent to the server along with the timestamp. After the server receives the request, if the time stamp T is verified1And if the authentication information is new, the local reader information is searched, and the reader R with the calculation result of the authentication information is found. When this reader information is found, it means that the user is authenticated by the server. Then, the server will decrypt the request message and randomly select a number NSFinding out the information of the label P in the label related to the reader, and calculating the mutual anonymous authentication information of the reader and the label
Figure BDA0002525417880000075
Figure BDA0002525417880000076
Transmitting alpha1,α2,β2,T2,Auth2To the reader R. Where Lrot () is used as the left circular shift operation, rot () is the right circular shift operation, T2Is the server-side timestamp. If the user is authenticated or the tag is found to fail, the server returns a prompt that the request is invalid.
3. Retrieval phase
After receiving the information, the reader firstly determines the time stamp T2Is fresh and then local
Figure BDA00025254178800000710
And received alpha1、α2、β2、T2Performing connection and Hash operation in sequence, and judging whether the calculated Hash value is equal to Auth2Are equal. After the integrity of the authentication information is successfully verified, the reader R broadcasts alpha1、α2、T2And NR. The tag receiving the broadcast first checks the timestamp T2When T is2-T is greater than a threshold, the tag attempts to decrypt alpha1、α2. However, only the tag P can correctly decrypt α1、α2Obtaining and self-identity IDPThe same value, the reader is considered authenticated. The label can be used
Figure BDA0002525417880000077
T2And NRComputing
Figure BDA0002525417880000078
This information, which can be authenticated, proves itself to the reader as the tag that the reader is looking for. Finally, reader R uses β1Calculate out
Figure BDA0002525417880000079
When beta is2 *And beta2And if the two are equal, the label is marked to pass the reader authentication, and the doctor user D is proved to find the patient label P.
Detailed description of the preferred embodiment
Based on the method, the invention also provides an information anonymous retrieval system based on the RFID in the intelligent medical environment, and the information anonymous retrieval system comprises a server, an identification reader and an identification tag.
The server distributes an identity number and a corresponding shared secret value to each identification reader and each identification tag, sends the identity number and the shared secret value to each identification reader and each identification tag through a secure communication channel, and stores encrypted related information of each identification reader and corresponding relation between the identification reader and the identification tag in a local database.
The identification reader is provided with a unique account and a unique password, receives an identity number and a shared secret value sent by a server, performs exclusive OR and Hash operation by combining the account, the password, the identity number and the corresponding shared secret value to generate a corresponding Hash value, and stores the Hash value in a local database.
And the identification tag receives the identity number and the shared secret value sent by the server, encrypts and stores the identity number and the shared secret value, and stores the timestamp of the received information.
The identification reader receives retrieval request information input by a user, generates identity authentication information by combining a locally stored hash value and a selected first random number, and sends the identity authentication information and the encrypted retrieval request information to a server for identity authentication, so that the server searches and returns encrypted retrieval object information according to the retrieval request information obtained by decryption after the identity authentication is passed; and the identification reader receives and broadcasts the encrypted retrieval object information, verifies and positions the retrieval object according to the authentication information returned by the retrieval object.
The above is only a preferred embodiment of the present invention, and the protection scope of the present invention is not limited to the above-mentioned embodiments, and all technical solutions belonging to the idea of the present invention belong to the protection scope of the present invention. It should be noted that modifications and embellishments within the scope of the invention may be made by those skilled in the art without departing from the principle of the invention.

Claims (7)

1.一种智能医疗环境下基于RFID的信息匿名检索方法,其特征在于,所述信息匿名检索方法包括:1. an anonymous information retrieval method based on RFID under an intelligent medical environment, is characterized in that, described information anonymous retrieval method comprises: S1,对服务器、识别阅读器和识别标签进行初始化操作,包括:为每个识别阅读器和识别标签分配身份编号和对应的共享秘密值,为每个识别阅读器设置独有的账号和密码,针对每个识别阅读器的账号、密码、身份编号和对应的共享秘密值执行异或和哈希运算以生成对应的哈希值;S1, initialize the server, the identification reader and the identification tag, including: assigning an identity number and a corresponding shared secret value to each identification reader and identification tag, setting a unique account and password for each identification reader, Perform XOR and hash operations on the account number, password, identity number and corresponding shared secret value of each identifying reader to generate a corresponding hash value; 其中,在服务器中存储加密后的每个识别阅读器的相关信息和识别阅读器和识别标签的对应关系;在识别阅读器中存储加密后的哈希值;在识别标签中存储加密后的身份编号、对应的共享秘密值和时间戳;Among them, the encrypted information of each identification reader and the corresponding relationship between the identification reader and the identification tag are stored in the server; the encrypted hash value is stored in the identification reader; the encrypted identity is stored in the identification tag number, corresponding shared secret value and timestamp; S2,发送检索请求信息至识别阅读器,识别阅读器结合存储在本地的哈希值和选取的第一随机数生成身份验证信息,将身份验证信息和加密后的检索请求信息发送至服务器以进行身份验证,使服务器在身份验证通过后,根据解密得到的检索请求信息查找并返回加密后的检索对象信息,具体为:接收识别阅读器发送的身份验证信息和加密后的检索请求信息;采用存储在本地的加密后的识别阅读器的相关信息对身份验证信息进行验证,如果验证通过,解密获得检索请求信息,查找匹配的识别标签信息,生成识别对象的匿名信息,加密后发送至识别阅读器,否则,发送失败提示至识别阅读器;S2, send retrieval request information to the identification reader, the identification reader generates identity verification information in combination with the locally stored hash value and the selected first random number, and sends the identity verification information and the encrypted retrieval request information to the server for Identity verification, so that the server searches for and returns the encrypted retrieval object information according to the retrieval request information obtained by decryption after the authentication is passed, specifically: receiving the authentication information sent by the identification reader and the encrypted retrieval request information; The relevant information of the local encrypted identification reader is used to verify the authentication information. If the verification is passed, the retrieval request information is obtained by decryption, the matching identification tag information is searched, the anonymous information of the identification object is generated, and the encrypted information is sent to the identification reader. , otherwise, send a failure prompt to the recognition reader; S3,采用识别阅读器广播加密后的检索对象信息,根据检索对象返回的认证信息验证并且定位检索对象,具体包括如下子步骤:S3, adopt the identification reader to broadcast the encrypted retrieval object information, verify and locate the retrieval object according to the authentication information returned by the retrieval object, and specifically include the following sub-steps: S31,识别阅读器接收并广播服务器返回的加密后的识别对象的匿名信息,使广播区域内的识别标签对接收到的广播信息进行判断:S31, the identification reader receives and broadcasts the encrypted anonymous information of the identification object returned by the broadcast server, so that the identification tag in the broadcast area judges the received broadcast information: 当广播信息的时间戳与本地存储的时间戳的差大于预设的差值阈值,识别标签解密接收到的广播信息,如果解密得到的识别标签信息与识别标签自身的信息匹配,识别标签更新本地存储的时间戳信息,计算出证明自己合法性的认证信息并发送给识别阅读器;When the difference between the timestamp of the broadcast information and the locally stored timestamp is greater than the preset difference threshold, the identification tag decrypts the received broadcast information. If the decrypted identification tag information matches the information of the identification tag itself, the identification tag updates the local Stored timestamp information, calculate the authentication information to prove its legitimacy and send it to the identification reader; S32,识别阅读器根据识别标签返回的认证信息验证和定位检索对象。S32, the identification reader verifies and locates the retrieval object according to the authentication information returned by the identification tag. 2.根据权利要求1所述的智能医疗环境下基于RFID的信息匿名检索方法,其特征在于,步骤S1中,所述对服务器、识别阅读器和识别标签进行初始化操作包括以下步骤:2. The RFID-based information anonymous retrieval method under the intelligent medical environment according to claim 1, wherein in step S1, the initialization operation to the server, the identification reader and the identification tag comprises the following steps: S11,对服务器进行初始化:S11, initialize the server: S111,采用服务器为每个识别阅读器和识别标签分配身份编号和对应的共享秘密值,在服务器本地存储加密后的每个识别阅读器的相关信息;S111, using the server to assign an identity number and a corresponding shared secret value to each identification reader and an identification tag, and store the encrypted relevant information of each identification reader locally on the server; S112,根据识别标签的部署需求,将每个识别阅读器覆盖的识别标签信息和对应的识别阅读器信息绑定后加密存储在服务器本地;S112, according to the deployment requirements of the identification tags, the identification tag information covered by each identification reader and the corresponding identification reader information are bound and encrypted and stored locally on the server; S12,对识别阅读器进行初始化:S12, initialize the identification reader: S121,在每个识别阅读器本地设置独有的账号和密码;S121, set a unique account and password locally in each identification reader; S122,接收服务器通过安全通信信道发送的身份编号和共享秘密值;S122, receiving the identity number and the shared secret value sent by the server through the secure communication channel; S123,针对每个识别阅读器的账号、密码、身份编号和对应的共享秘密值执行异或和哈希运算以生成对应的哈希值,删除接收到的身份编号和共享秘密值;S123, perform XOR and hash operation for the account number, password, identity number and corresponding shared secret value of each identification reader to generate a corresponding hash value, and delete the received identity number and shared secret value; S13,对识别标签进行初始化:S13, initialize the identification label: 接收服务器通过安全通信信道发送的身份编号和共享秘密值,加密后存储,同时存储接收到信息的时间戳。The identity number and shared secret value sent by the receiving server through the secure communication channel are encrypted and stored, and the timestamp of the received information is also stored. 3.根据权利要求1所述的智能医疗环境下基于RFID的信息匿名检索方法,其特征在于,步骤S2中,所述识别阅读器结合存储在本地的哈希值和选取的第一随机数生成身份验证信息的过程包括以下步骤:3. RFID-based information anonymous retrieval method under intelligent medical environment according to claim 1, is characterized in that, in step S2, described identification reader combines the hash value stored in local and the selected first random number to generate The process of authenticating information includes the following steps: 接收用户输入的账号和密码,验证通过后选取第一随机数,利用存储在本地的哈希值,结合时间戳进行计算,生成匿名的身份验证信息。Receive the account and password entered by the user, select the first random number after the verification is passed, use the hash value stored locally, and calculate with the timestamp to generate anonymous authentication information. 4.根据权利要求1所述的智能医疗环境下基于RFID的信息匿名检索方法,其特征在于,所述生成识别对象的匿名信息的过程包括:4. The RFID-based information anonymous retrieval method under the intelligent medical environment according to claim 1, wherein the process of generating the anonymous information of the identification object comprises: 选择第二随机数,采用第二随机数、时间戳、第一随机数、识别阅读器的认证信息和识别标签的认证信息进行异或和哈希运算,生成识别对象的匿名信息。The second random number is selected, and the second random number, the timestamp, the first random number, the authentication information of the identification reader and the authentication information of the identification tag are used to perform XOR and hash operations to generate anonymous information of the identification object. 5.根据权利要求1所述的智能医疗环境下基于RFID的信息匿名检索方法,其特征在于,所述信息匿名检索方法还包括:5. The information anonymous retrieval method based on RFID under the intelligent medical environment according to claim 1, is characterized in that, described information anonymous retrieval method also comprises: 如果识别阅读器广播加密后的检索对象信息的时长超过预设时长阈值,并且在对应的广播区域内没有识别到检索对象,识别阅读器发送协助查找请求至服务器,使服务器通知其他区域的处于空闲状态的识别阅读器协助查找。If the duration of broadcasting the encrypted retrieval object information by the identification reader exceeds the preset duration threshold, and the retrieval object is not identified in the corresponding broadcast area, the identification reader sends an assistance search request to the server, so that the server notifies other areas that are idle Status recognition readers assist in finding. 6.根据权利要求1所述的智能医疗环境下基于RFID的信息匿名检索方法,其特征在于,所述信息匿名检索方法还包括:6. The information anonymous retrieval method based on RFID under the intelligent medical environment according to claim 1, is characterized in that, described information anonymous retrieval method also comprises: 所述服务器、识别阅读器和识别标签在信息传输过程中,将生成传递信息的时间戳连同传递信息一起发送至对方,作为传递信息的首要验证信息。During the information transmission process, the server, the identification reader and the identification tag send the time stamp of generating the transmission information together with the transmission information to the other party as the primary verification information of the transmission information. 7.一种权利要求1所述智能医疗环境下基于RFID的信息匿名检索方法所涉及的系统,其特征在于,所述信息匿名检索系统包括服务器、识别阅读器和识别标签;7. A system involved in an RFID-based information anonymous retrieval method under the intelligent medical environment of claim 1, wherein the information anonymous retrieval system comprises a server, an identification reader and an identification tag; 所述服务器为每个识别阅读器和识别标签分配身份编号和对应的共享秘密值,通过安全通信信道将身份编号和共享秘密值发送至每个识别阅读器和每个识别标签,并且在本地数据库中存储有加密后的每个识别阅读器的相关信息和识别阅读器和识别标签的对应关系;The server assigns an identity number and a corresponding shared secret value to each identification reader and identification tag, sends the identification number and shared secret value to each identification reader and each identification tag through a secure communication channel, and stores the data in the local database. The encrypted information about each identification reader and the corresponding relationship between the identification reader and the identification label are stored in the ; 所述识别阅读器设置独有的账号和密码,接收服务器发送的身份编号和共享秘密值,结合账号、密码、身份编号和对应的共享秘密值执行异或和哈希运算以生成对应的哈希值,存储在本地数据库中;The identification reader sets a unique account number and password, receives the identity number and shared secret value sent by the server, and performs XOR and hash operation in combination with the account number, password, identity number and the corresponding shared secret value to generate a corresponding hash value, stored in the local database; 所述识别标签接收服务器发送的身份编号和共享秘密值,加密后存储,同时存储接收信息的时间戳;The identification tag receives the identity number and the shared secret value sent by the server, encrypts it and stores it, and stores the timestamp of the received information at the same time; 所述识别阅读器接收用户输入的检索请求信息,结合存储在本地的哈希值和选取的第一随机数生成身份验证信息,将身份验证信息和加密后的检索请求信息发送至服务器以进行身份验证,使服务器在身份验证通过后,根据解密得到的检索请求信息查找并返回加密后的检索对象信息;所述识别阅读器接收并广播加密后的检索对象信息,根据检索对象返回的认证信息验证并且定位检索对象。The identification reader receives the retrieval request information input by the user, generates identity verification information in combination with the locally stored hash value and the selected first random number, and sends the identity verification information and the encrypted retrieval request information to the server for identity verification. Verification, so that the server searches and returns the encrypted retrieval object information according to the retrieval request information obtained by decryption after the identity verification is passed; the identification reader receives and broadcasts the encrypted retrieval object information, and verifies according to the authentication information returned by the retrieval object And locate the retrieval object.
CN202010502858.3A 2020-06-05 2020-06-05 RFID-based information anonymous retrieval method and system in intelligent medical environment Active CN111641657B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010502858.3A CN111641657B (en) 2020-06-05 2020-06-05 RFID-based information anonymous retrieval method and system in intelligent medical environment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010502858.3A CN111641657B (en) 2020-06-05 2020-06-05 RFID-based information anonymous retrieval method and system in intelligent medical environment

Publications (2)

Publication Number Publication Date
CN111641657A CN111641657A (en) 2020-09-08
CN111641657B true CN111641657B (en) 2022-02-11

Family

ID=72333337

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010502858.3A Active CN111641657B (en) 2020-06-05 2020-06-05 RFID-based information anonymous retrieval method and system in intelligent medical environment

Country Status (1)

Country Link
CN (1) CN111641657B (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115174568B (en) * 2022-06-23 2023-05-16 南京信息工程大学 Ciphertext retrieval method based on attributes

Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102509128A (en) * 2011-09-30 2012-06-20 江苏科技大学 Security authentication method of radio-frequency identification system
CN103020671A (en) * 2012-11-20 2013-04-03 南京邮电大学 Radio frequency identification bidirectional authentication method based on hash function
CN103177273A (en) * 2013-02-08 2013-06-26 西北工业大学 Low-cost tag based mobile radio frequency identification authentication method
KR20140024633A (en) * 2012-08-20 2014-03-03 경북대학교 산학협력단 U-health service user identification system and method using rfid tag
CN104243462A (en) * 2014-09-05 2014-12-24 中国科学院计算机网络信息中心 User identity authentication method and system for discovery service
CN106712962A (en) * 2016-12-23 2017-05-24 西安电子科技大学 Mobile RFID system bidirectional authentication method and system
CN107634828A (en) * 2017-08-25 2018-01-26 徐州医科大学 A method to enhance the protocol's ability to resist desynchronization attacks
CN110121159A (en) * 2019-03-29 2019-08-13 西安电子科技大学 Lightweight RFID safety authentication, car networking communication system under car networking scene
CN110381055A (en) * 2019-07-16 2019-10-25 徐州医科大学 RFID system privacy-protection certification protocol method in healthcare supply chain
CN110460438A (en) * 2019-08-07 2019-11-15 南京信息工程大学 A lightweight communication method with user privacy protection

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7956742B2 (en) * 2003-10-30 2011-06-07 Motedata Inc. Method and system for storing, retrieving, and managing data for tags
US10579995B2 (en) * 2010-03-30 2020-03-03 Visa International Service Association Event access with data field encryption for validation and access control

Patent Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102509128A (en) * 2011-09-30 2012-06-20 江苏科技大学 Security authentication method of radio-frequency identification system
KR20140024633A (en) * 2012-08-20 2014-03-03 경북대학교 산학협력단 U-health service user identification system and method using rfid tag
CN103020671A (en) * 2012-11-20 2013-04-03 南京邮电大学 Radio frequency identification bidirectional authentication method based on hash function
CN103177273A (en) * 2013-02-08 2013-06-26 西北工业大学 Low-cost tag based mobile radio frequency identification authentication method
CN104243462A (en) * 2014-09-05 2014-12-24 中国科学院计算机网络信息中心 User identity authentication method and system for discovery service
CN106712962A (en) * 2016-12-23 2017-05-24 西安电子科技大学 Mobile RFID system bidirectional authentication method and system
CN107634828A (en) * 2017-08-25 2018-01-26 徐州医科大学 A method to enhance the protocol's ability to resist desynchronization attacks
CN110121159A (en) * 2019-03-29 2019-08-13 西安电子科技大学 Lightweight RFID safety authentication, car networking communication system under car networking scene
CN110381055A (en) * 2019-07-16 2019-10-25 徐州医科大学 RFID system privacy-protection certification protocol method in healthcare supply chain
CN110460438A (en) * 2019-08-07 2019-11-15 南京信息工程大学 A lightweight communication method with user privacy protection

Non-Patent Citations (4)

* Cited by examiner, † Cited by third party
Title
"Cloud-aided lightweight certificateless authentication protocol with anonymity for wireless body area networks";Jian Shen等;《Journal of Network and Computer Applications》;20181231;全文 *
"Lightweight Anonymous Authentication Protocols for RFID Systems";Min Chen等;《IEEE/ACM Transactions on Networking》;20170109;全文 *
"用于射频识别技术的认证协议分类";李仕强等;《中国科技信息》;20190918;全文 *
张小红等." 基于椭圆曲线密码的RFID系统安全认证协议研究".《信息网络安全》.2018, *

Also Published As

Publication number Publication date
CN111641657A (en) 2020-09-08

Similar Documents

Publication Publication Date Title
JP6882254B2 (en) Safety verification methods based on biological characteristics, client terminals, and servers
US9432346B2 (en) Protocol for controlling access to encryption keys
JP4463979B2 (en) Apparatus and method for storing, verifying and using cryptographically camouflaged cryptographic keys
US11463435B2 (en) Identity authentication method and system based on wearable device
US7111173B1 (en) Encryption process including a biometric unit
US20140211944A1 (en) System and method of protecting, storing and decrypting keys over a computerized network
CN107920052B (en) Encryption method and intelligent device
CN101529791A (en) A method and apparatus to provide authentication and privacy with low complexity devices
EP3206329B1 (en) Security check method, device, terminal and server
KR20070024633A (en) Renewable and Private Biometric
CN112565265B (en) Authentication method, authentication system and communication method between terminal devices of Internet of things
CN110737915B (en) Anti-quantum-computation anonymous identity recognition method and system based on implicit certificate
US7234060B1 (en) Generation and use of digital signatures
CN111954211A (en) Novel authentication key negotiation system of mobile terminal
CN116318617B (en) Charitable donation method of medical relief supplies based on RFID and blockchain
CN114389802A (en) Information decryption method and device, electronic equipment and readable storage medium
JP2002297551A (en) Identification system
JPH11265349A (en) Computer system and secret protection method, transmitting/receiving log management method, mutual checking method, and a disclosed key generation management method to be applied to its system
CN111641657B (en) RFID-based information anonymous retrieval method and system in intelligent medical environment
CN110807210A (en) Information processing method, platform, system and computer storage medium
JP2020509625A (en) Data message authentication based on random numbers
CN113779534A (en) Personal information providing method and service platform based on digital identity
CN116112234B (en) A method, system, medium and device for electronic signature security verification
US7739500B2 (en) Method and system for consistent recognition of ongoing digital relationships
CN106453300A (en) Data encryption and decryption method and device, and data transmission system

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
TR01 Transfer of patent right

Effective date of registration: 20230410

Address after: Room 1, 21st Floor, Building 13, No. 106, West Section of Jinkai Avenue, Dazhulin Street, Liangjiang New District, Chongqing, 401121

Patentee after: Chongqing Mingyi Online Information Technology Co.,Ltd.

Address before: 210044 No. 219 Ning six road, Jiangbei new district, Nanjing, Jiangsu

Patentee before: Nanjing University of Information Science and Technology

TR01 Transfer of patent right