Anti-quantum RFID tag identity registration and authentication method and system

By collaborating with the backend server through RFID readers and writers, and utilizing PUF and post-quantum cryptography, a one-time session key bound to the session is generated. This solves the key storage risk and insufficient quantum resistance of existing RFID authentication schemes, and builds a full-link quantum-resistant security system to ensure business continuity and compliance.

CN122179779APending Publication Date: 2026-06-09BEIJING HETENGTUZHI TECH CO LTD

Patent Information

Authority / Receiving Office
CN · China
Patent Type
Applications(China)
Current Assignee / Owner
BEIJING HETENGTUZHI TECH CO LTD
Filing Date
2026-03-12
Publication Date
2026-06-09

AI Technical Summary

Technical Problem

Existing RFID authentication solutions suffer from key storage risks, insufficient quantum resistance, and predictable randomness. They cannot effectively resist quantum computing attacks and cloning attacks, and lack end-to-end quantum-resistant design and business continuity.

Method used

By working in collaboration between RFID readers and backend servers, a stable seed key and auxiliary data are generated using Physically Unclonable Functions (PUFs). Combined with the KEM key encapsulation component of a post-quantum cryptography system, encrypted communication is achieved, constructing a full-link quantum-resistant security system. This enables hardware root trust for tags without long-term key storage. Furthermore, a one-time session key bound to the session context is generated through a key derivation function, and a hash chain-style tamper-proof audit record is introduced.

Benefits of technology

It achieves zero long-term key storage at the tag end, constructs a full-link quantum-resistant security system, can resist quantum computing and replay attacks, ensure business continuity, and meet the traceability and data integrity requirements of government and enterprise compliance.

✦ Generated by Eureka AI based on patent content.

Smart Images

  • Figure CN122179779A_ABST
    Figure CN122179779A_ABST
Patent Text Reader

Abstract

The application provides an anti-quantum RFID tag identity registration and authentication method and system. In the registration stage, the reader drives the tag to generate a stable seed key and auxiliary data by using a physically unclonable function, and stores the tag identification, auxiliary data and seed key in the background by hash encryption, thereby realizing zero-length key storage at the tag end and suppressing the risk of key leakage from the root. In the authentication stage, the reader generates a quantum random number and a KEM public-private key pair, the tag synchronously generates a side quantum random number and recovers the seed key, generates a one-time session key bound with the hardware identity and session context by using a key derivation function, generates a response message after encapsulation by the KEM public key, the server decapsulates by using the private key, completes MAC verification, random number freshness check and downgrade authority management based on the observable field, and generates a hash chain tamper-proof audit record. The application can resist quantum computing attacks, replay attacks and physical cloning attacks.
Need to check novelty before this filing date? Find Prior Art

Description

Technical Field

[0001] This invention relates to the fields of information security and radio frequency identification technology, and in particular to a quantum-resistant RFID tag identity registration and authentication method and system. Background Technology

[0002] Radio Frequency Identification (RFID) technology, due to its advantages such as contactless operation, low cost, and high-speed identification, has become a core sensing technology for the Internet of Things (IoT), widely used in supply chains, financial warehousing, and the management of confidential assets. However, with the rapid development of quantum computing technology and the upgrading of IoT attack methods, the security flaws of existing RFID authentication schemes are becoming increasingly prominent. Current mainstream industry solutions can be divided into three categories: First, challenge-response authentication schemes based on symmetric keys, such as the ISO / IEC 18000-63 standard. This scheme requires long-term key storage on the tag or in the background, posing a risk of leakage; it also uses pseudo-random numbers, which are easily predictable and cannot resist replay and tracking attacks; furthermore, it lacks hardware root trust, making it vulnerable to physical cloning. Second, schemes based on the fusion of Physically Unclonable Functions (PUFs) and post-quantum cryptography (PQC). Although these introduce Physically Unclonable Functions (PUFs) and post-quantum cryptography (PQC), they do not achieve completely keyless storage on the tag, resulting in incomplete quantum resistance design and a lack of PUF anomaly handling mechanisms, which can easily lead to business interruption in extreme environments. Third, the anti-replay scheme based on quantum random numbers improves randomness, but it is not bound to hardware identity and cannot resist cloning attacks. Furthermore, it does not introduce a post-quantum cryptography system and is not strong enough against quantum attacks.

[0003] Therefore, there is an urgent need for an RFID identity authentication solution that can fundamentally solve the risks of key storage, build a quantum-resistant system across the entire chain, establish hardware root trust while ensuring business availability, meet compliance and audit requirements, and have high value for rights protection. Summary of the Invention

[0004] In view of this, embodiments of the present invention provide a quantum-resistant RFID tag identity registration and authentication method and system to eliminate or improve one or more defects existing in the prior art, and solve the problems of key storage risk, insufficient quantum resistance and predictable randomness in existing RFID identity authentication schemes.

[0005] One aspect of the present invention provides a quantum-resistant RFID tag identity registration method, the method being executed by an RFID reader / writer, the RFID reader / writer connecting to a target RFID tag via radio frequency and establishing communication with a background authentication server, the method comprising the following steps: Send a registration challenge value and a tag unique identifier writing instruction to the target RFID tag, so that the target RFID tag can collect the original response of the physical non-cloning function sampling unit to the registration challenge value in response to the tag unique identifier writing instruction, and generate a stable seed key and corresponding auxiliary data from the original response by calling the generation algorithm through the fuzz extractor, and calculate the hash digest of the stable seed key; The system receives the unique identifier of the target RFID tag, the auxiliary data, and the hash digest returned by the target RFID tag and forwards them to the backend authentication server through an encrypted communication link. The backend authentication server then binds and encrypts the auxiliary data, the hash digest, and the unique identifier of the target RFID tag to complete the registration of the target RFID tag.

[0006] In some embodiments, the encrypted communication link uses a session-shared public-private key pair established based on the KEM key encapsulation component in the post-quantum cryptosystem for encrypted communication. The backend authentication server uses a key managed by a KEM key encapsulation component to encrypt and store the bound auxiliary data, the hash digest, and the unique identifier of the tag.

[0007] In some embodiments, after receiving the tag unique identifier, the auxiliary data, and the hash digest returned by the target RFID tag, the method further includes: verifying the length, format, and content integrity of the tag unique identifier, the auxiliary data, and the hash digest, and forwarding them to the background authentication server through an encrypted communication link after the verification is passed; After sending a tag unique identifier writing instruction to the target RFID tag, the method further includes: if no response is received from the target RFID tag within a preset time, resending the tag unique identifier writing instruction or recording a registration failure log.

[0008] On the other hand, the present invention also provides a quantum-resistant RFID tag authentication method, wherein the method is executed by an RFID reader / writer, the RFID reader / writer is connected to the target RFID tag via radio frequency and establishes communication with a background authentication server; the target RFID tag is registered using the above-mentioned quantum-resistant RFID tag registration method, the method comprising the following steps: Send a tag unique identifier query command to the target RFID tag, receive the tag unique identifier in response, and forward it to the background authentication server through an encrypted communication link to query and return the auxiliary data corresponding to the tag unique identifier; A read-write side random number is generated based on a local quantum random number generator. A session-shared public-private key pair is established based on the KEM key encapsulation component in the post-quantum cryptography system. The read-write side random number, the public key in the public-private key pair, the authentication challenge value, and the auxiliary data are sent to the target RFID tag so that the target RFID tag can generate an authentication response message, including: The target RFID tag generates tag-side random numbers using a local quantum random number generator and collects the real-time response of the Physically Unclonable Function (PUC) sampling unit to the authentication challenge value. A local fuzzy extractor calls a recovery algorithm with the real-time response and auxiliary data as input to recover a stable seed key. The stable seed key, the read / write-side random number, the tag-side random number, and session context information are input to a key derivation function to generate a one-time session key bound to the hardware identity and session scenario. The one-time session key is encapsulated using the public key to obtain ciphertext. The one-time session key is used to calculate a message authentication code on the full transcript of the authentication session. The message authentication code, the ciphertext, the full transcript of the authentication session, and observable fields are combined to obtain the authentication response message. Receiving the authentication response message returned by the target RFID tag and forwarding it to the background authentication server via an encrypted link to perform the authentication process includes: The backend authentication server obtains the private key from the public-private key pair forwarded by the post-quantum cryptography interaction unit in the RFID reader, decapsulates the ciphertext to obtain the one-time session key, verifies the legality of the message authentication code by the one-time session key and the full transcript of the authentication session in the authentication response message, and verifies the freshness of the random number on the read-write side based on the observable field, calculates the hash value of the authentication result to generate a hash chain-style anti-tampering audit record; The system receives the authentication result returned by the background authentication server and forwards it to the target RFID tag to conduct an encrypted session based on a preset session key if the authentication is successful. At the same time, the system verifies the freshness of the random number on the read / write side and terminates sessions that exceed the threshold.

[0009] In some embodiments, the session context information includes at least two of the following: tenant identifier, RFID reader identifier, session identifier, time window, and scenario usage identifier; The observable fields include a random number health field, a physical no-cloning function drift index field, and a degradation negotiation field. The physical no-cloning function drift index field is the bit inversion rate of the real-time response generated by the target RFID tag based on the physical no-cloning function. The degradation negotiation field is used to indicate the parameter mode switching of the KEM key encapsulation component in the post-quantum cryptosystem under different security levels. The security level is obtained by comparing the random number health field and the physical no-cloning function drift index field with a preset threshold.

[0010] In some embodiments, the RFID reader and the target RFID tag communicate encrypted based on a negotiated session key, use the national cryptographic SM4 algorithm for data encryption, and use the national cryptographic SM3 algorithm for hash verification.

[0011] In some embodiments, the background authentication server uses a hash chain or Merkle tree structure to generate hash chain-style tamper-proof audit records. Each audit record includes a unique tag identifier, challenge value digest, response value digest, physical non-cloning function drift index, random number health, degradation negotiation mode, record serial number, millisecond-level timestamp, and input / output digest hash. The hash anchor value of the audit record is written to a read-only storage medium or a trusted execution environment.

[0012] In some embodiments, the KEM key encapsulation component in the post-quantum cryptosystem employs one of the NIST-standardized ML-KEM algorithm, BIKE algorithm, or HQC algorithm.

[0013] On the other hand, the present invention also provides a quantum-resistant RFID tag identification system, the system comprising: The target RFID tag includes: a first radio frequency front-end, a physically non-cloning function sampling unit, a first quantum random number generation unit, a fuzzy extractor unit, a key derivation unit, a lightweight cryptographic operation unit, and a low-power energy management unit; The RFID reader / writer includes: a radio frequency transceiver unit, a second quantum random number generation unit, a post-quantum cryptography interaction unit, a session management unit, and a backend communication interface unit; The backend authentication server includes: a PUF auxiliary data encryption and storage unit, a post-quantum KEM key management unit, an authentication and verification unit, an audit and evidence storage unit, and an access control unit; The RFID reader / writer, in collaboration with the background authentication server, executes the aforementioned quantum-resistant RFID tag identity registration method and the aforementioned quantum-resistant RFID tag identity authentication method.

[0014] On the other hand, the present invention also provides a computer-readable storage medium having a computer program or instructions stored thereon, which, when executed by a processor, implement the steps of the above-described method.

[0015] The quantum-resistant RFID tag identity registration and authentication method and system described in this invention constructs a full-link quantum-resistant security system by coordinating the interaction between the tag and the backend server through a reader / writer. During the registration phase, the reader / writer sends a challenge value to the tag, driving the tag to generate a stable seed key and auxiliary data using a physically unclonable function (PUF). The tag identifier, auxiliary data, and seed key hash are then forwarded to the backend server via an encrypted communication link for binding and encrypted storage, achieving hardware root trust establishment without long-term key storage for the tag. During the authentication phase, the reader generates a local quantum random number and a KEM public / private key pair, which, along with auxiliary data and authentication challenge value, are sent to the tag. The tag simultaneously generates a tag-side quantum random number and recovers a stable seed key. It then generates a one-time pad session key bound to the hardware identity and session context through a key derivation function (KDF). After encapsulation with the KEM public key and calculation of the message authentication code, an authentication response message is generated. The reader forwards the response message to the backend server, which uses the private key to decapsulate and obtain the session key. The server then completes MAC validity verification, random number freshness verification, and downgraded permission control based on observable fields, and generates a hash chain-style anti-tampering audit record. Finally, the authentication result is returned to the tag to start an encrypted session.

[0016] This invention combines PUF with a fuzzy extractor to achieve zero long-term key storage at the tag end, suppressing the risk of key leakage at its source. Based on a quantum random number generator and a post-quantum cryptography mechanism, it constructs a full-link security system that can resist quantum computing attacks, replay attacks, and physical cloning attacks. By constructing a context-bound one-time pad mechanism through a key derivation function, it ensures the unpredictability of session keys and session isolation. It introduces a dynamic degradation negotiation mechanism based on observable fields to ensure business continuity through access control in extreme environments and avoid complete system interruption. The hash chain audit record meets the traceability, data integrity, and domestic IT compliance requirements of government and enterprise scenarios.

[0017] Additional advantages, objects, and features of the invention will be set forth in part in the description which follows, and will also become apparent in part to those skilled in the art upon studying the description, or may be learned by practice of the invention. The objects and other advantages of the invention can be realized and obtained by means of the structures specifically pointed out in the description and drawings.

[0018] Those skilled in the art will understand that the objectives and advantages achievable with the present invention are not limited to those specifically described above, and that the above and other objectives achievable with the present invention will become clearer from the following detailed description. Attached Figure Description

[0019] The accompanying drawings, which are included to provide a further understanding of the invention and form part of this application, are not intended to limit the scope of the invention. In the drawings: Figure 1 This is a schematic flowchart of a quantum-resistant RFID tag identity registration method according to an embodiment of the present invention.

[0020] Figure 2 This is a flowchart illustrating the quantum-resistant RFID tag authentication method according to an embodiment of the present invention.

[0021] Figure 3 This is a schematic diagram of the RFID tag registration method in an anti-quantum RFID tag identity registration and authentication system according to an embodiment of the present invention.

[0022] Figure 4 This is a schematic diagram of the RFID tag authentication method in an anti-quantum RFID tag identity registration and authentication system according to an embodiment of the present invention.

[0023] Figure 5 This is a schematic diagram of the RFID reader registration method in an anti-quantum RFID tag identity registration and authentication system according to an embodiment of the present invention.

[0024] Figure 6 This is a schematic diagram of the authentication method at the RFID reader end of the quantum-resistant RFID tag identity registration and authentication system according to an embodiment of the present invention.

[0025] Figure 7 This is a schematic diagram of the registration method on the backend authentication server side of the anti-quantum RFID tag identity registration and authentication system according to an embodiment of the present invention.

[0026] Figure 8 This is a schematic diagram of the back-end authentication server-side authentication method in the quantum-resistant RFID tag identity registration and authentication system according to an embodiment of the present invention.

[0027] Figure 9 This is a timing diagram of the complete authentication process of the quantum-resistant RFID tag identity registration and authentication system according to an embodiment of the present invention. Detailed Implementation

[0028] To make the objectives, technical solutions, and advantages of this invention clearer, the invention will be further described in detail below with reference to the embodiments and accompanying drawings. Here, the illustrative embodiments and descriptions of this invention are used to explain the invention, but are not intended to limit the invention.

[0029] It should also be noted that, in order to avoid obscuring the invention with unnecessary details, only the structures and / or processing steps closely related to the solution according to the invention are shown in the accompanying drawings, while other details that are not closely related to the invention are omitted.

[0030] It should be emphasized that the term "including / comprises" as used herein refers to the presence of a feature, element, step, or component, but does not exclude the presence or addition of one or more other features, elements, steps, or components.

[0031] It should also be noted that, unless otherwise specified, the term "connection" in this article can refer not only to a direct connection, but also to an indirect connection involving an intermediary.

[0032] In the following description, embodiments of the invention will be illustrated with reference to the accompanying drawings. In the drawings, the same reference numerals represent the same or similar parts, or the same or similar steps.

[0033] Currently, there are three main types of RFID authentication technologies, but all have significant drawbacks. The first type is a challenge-response scheme based on symmetric keys, such as the ISO / IEC 18000-63 standard. This requires storing long-term keys on tags or servers, making them vulnerable to side-channel attacks or physical disassembly. Furthermore, the use of pseudo-random numbers makes them susceptible to replay and tag tracking attacks, lacks hardware root trust, and cannot prevent physical cloning. The second type combines Physically Unclonable Functions (PUFs) with post-quantum cryptography (PQC). While introducing hardware fingerprints and quantum-resistant algorithms, it doesn't achieve completely keyless tag storage, resulting in incomplete quantum resistance. It also lacks a PUF anomaly handling mechanism, and in extreme environments, PUF response drift can easily lead to complete service interruption. The third type is based on quantum random numbers (QRNGs). While improving randomness, it's not bound to hardware identity, making it vulnerable to cloning attacks. It also lacks a post-quantum cryptography system, resulting in insufficient quantum resistance. In addition, none of these schemes have a full-chain anti-tampering audit mechanism, failing to meet the compliance and evidence requirements of government and enterprises. Therefore, existing technologies cannot simultaneously meet the comprehensive requirements of key erasure, quantum resistance, hardware trust, business continuity, and effective rights protection in high-security scenarios.

[0034] The key technical concepts involved in this invention are explained below: RFID (Radio Frequency Identification) is a non-contact information identification technology that conforms to the ISO / IEC 18000-63 standard.

[0035] PUF (Physical Unclonable Function) is a circuit that uses inherent physical differences that are unavoidable in the chip manufacturing process to generate a unique and unpredictable hardware fingerprint, possessing the characteristics of being unclonable and unpredictable.

[0036] QRNG (Quantum Random Number Generator) refers to a quantum random number generator, which is a device that outputs high-entropy, unpredictable, truly random bits based on the inherent randomness of quantum physics.

[0037] PQC (Post-Quantum Cryptography) is a standardized cryptographic algorithm system that can resist attacks from general-purpose quantum computers. It is based on mathematical problems that are difficult for quantum computers to solve, such as lattice problems, encoding problems, hashing problems, and multivariable polynomial problems, ensuring that quantum computers cannot crack it in polynomial time.

[0038] KEM (Key Encapsulation Mechanism) is a key encapsulation mechanism and a core component of post-quantum asymmetric encryption. It is used for secure session key negotiation. One party establishes a session to share a public-private key pair and sends the public key to the other party. The other party uses the public key to encapsulate the symmetric session key into ciphertext. Only the party holding the private key can decapsulate it to obtain the session key, thus achieving secure transmission of symmetric keys. It is suitable for scenarios such as RFID and communication that require temporary session keys.

[0039] KDF (Key Derivation Function) refers to a key derivation function that conforms to the NIST SP 800-108 standard. It is used to derive independent subkeys that are bound to a master key and context information for a specific purpose.

[0040] FE (Fuzzy Extractor) refers to a fuzzy extractor that includes the Gen algorithm and the Rep algorithm. It can recover a noisy PUF response into a stable seed key and simultaneously generate auxiliary data that does not reveal the original information.

[0041] Aux (Helper Data) refers to PUF auxiliary data, which is used for error correction and seed recovery in the fuzz extractor. It does not disclose the original PUF response information and can be stored and transmitted publicly.

[0042] False Acceptance Rate (FAR) and False Rejection Rate (FRR) are core industry indicators for evaluating the reliability of RFID authentication systems.

[0043] Fallback_Flag refers to the fallback negotiation flag field, which is used to switch the authentication mode and permission boundaries in a controlled manner when the PQC algorithm is unavailable or the hardware status is abnormal.

[0044] SM2 / SM3 / SM4 are my country's national standards for commercial cryptographic algorithms, corresponding to elliptic curve public key algorithms, cryptographic hash algorithms, and block cipher algorithms, respectively.

[0045] Specifically, this invention provides a quantum-resistant RFID tag identity registration method. The method is executed by an RFID reader / writer, which connects to the target RFID tag via radio frequency and establishes communication with a backend authentication server, such as... Figure 1 As shown, the method includes the following steps S101~S102: Step S101: Send a registration challenge value and a tag unique identifier writing instruction to the target RFID tag, so that the target RFID tag can respond to the tag unique identifier writing instruction by collecting the original response of the physical non-cloning function sampling unit to the registration challenge value, and use the fuzz extractor to call the generation algorithm to generate a stable seed key and corresponding auxiliary data from the original response, and calculate the hash digest of the stable seed key.

[0046] Step S102: Receive the tag's unique identifier, auxiliary data, and hash digest returned by the target RFID tag and forward them to the backend authentication server through an encrypted communication link. The backend authentication server will bind and encrypt the auxiliary data, hash digest, and tag's unique identifier to complete the registration of the target RFID tag.

[0047] In step S101, the registration process is performed in a factory controlled environment or during the initial initialization phase, and the RFID reader establishes a radio frequency wireless connection with the target RFID tag that conforms to the ISO / IEC 18000-63 or EPC Gen2 standard.

[0048] The reader generates or presets a random number as a registration challenge value. This challenge value serves as an incentive input to the PUF circuitry within the tag. Due to the challenge-response characteristics of the PUF, different challenge values ​​will elicit different hardware responses, ensuring the flexibility of seed generation. The tag unique identifier write command is used to write the globally unique tag identifier into the tag's reserved memory area. All subsequent authentication relies on this identifier to query the corresponding security credentials.

[0049] Correspondingly, after receiving the registration challenge value and the tag's unique identifier write instruction, the target RFID tag collects the original response to the registration challenge value based on the Physically Unclonable Function (PUF) sampling unit within the target RFID tag. The PUF sampling unit can be an SRAM PUF, a ring oscillator PUF, or an arbiter PUF. Since the PUF response may contain noise due to environmental influences, directly using it as a key would lead to instability. In this application, a fuzzy extractor (FE) is used to process the original response based on the Gen algorithm to generate two key data: a stable seed key, which serves as the root of all subsequent keys, and auxiliary data (Aux). The auxiliary data is public and storable; it contains information for error correction, such as checksums, but its disclosure alone will not expose the seed key. Simultaneously, the tag calculates a hash digest of the generated stable seed key, which can be achieved using the SM3 algorithm, for subsequent integrity verification.

[0050] Furthermore, after sending the tag unique identifier writing instruction to the target RFID tag, the method also includes: if no response is received from the target RFID tag within a preset time, resending the tag unique identifier writing instruction or recording a registration failure log.

[0051] In step S102, the triplet information returned by the target RFID tag is received, including the tag's unique identifier, auxiliary data, and hash digest, and forwarded to the background authentication server through an encrypted communication link.

[0052] In practice, after receiving the tag's unique identifier, auxiliary data, and hash digest returned by the target RFID tag, the method further includes: verifying the length, format, and integrity of the tag's unique identifier, auxiliary data, and hash digest; and forwarding the data to the backend authentication server via an encrypted communication link after successful verification. For example, checking whether the Aux data conforms to a preset error correction code format to ensure no bit errors occur during transmission. If verification fails, a retransmission mechanism can be triggered or a log can be recorded.

[0053] In some embodiments, the encrypted communication link between the RFID reader and the back-end authentication server can be encrypted by establishing a session-shared public-private key pair based on the KEM key encapsulation component in the post-quantum cryptography system. That is, the data transmitted between the reader and the back-end server is encrypted using the session key pair negotiated by KEM, ensuring that even the intermediate communication link cannot be eavesdropped on or deciphered by the quantum computer.

[0054] After receiving the data, the PUF auxiliary data encryption storage unit uses the received tag unique identifier (TID) as the primary key and binds it with the auxiliary data and hash digest. During storage, the national standard SM4 algorithm can be used to encrypt the auxiliary data and hash digest to prevent database leaks from leading to credential leakage. Alternatively, the backend authentication server can use a key managed by the KEM key encapsulation component to encrypt and store the bound auxiliary data, hash digest, and tag unique identifier.

[0055] At this point, the backend authentication server possesses the target RFID tag's public auxiliary data and seed key hash digest. The tag itself only stores its unique identifier (TID) and does not store any permanent keys, achieving hardware root trust without key storage. If key recovery is needed at any time in the future, a real-time PUF response and the correct auxiliary data must be provided again.

[0056] On the other hand, the present invention also provides a quantum-resistant RFID tag authentication method. This method is executed by an RFID reader / writer, which connects to the target RFID tag via radio frequency and establishes communication with a background authentication server. The target RFID tag is registered using the quantum-resistant RFID tag registration method described in steps S101 and S102 above. Figure 2 As shown, the method includes the following steps S201~S204: Step S201: Send a tag unique identifier query command to the target RFID tag, receive the returned tag unique identifier, and forward it to the background authentication server through an encrypted communication link to query and return the auxiliary data corresponding to the tag unique identifier.

[0057] Step S202: Generate a read-write side random number based on the local quantum random number generator, establish a session-shared public-private key pair based on the KEM key encapsulation component in the post-quantum cryptography system, and send the read-write side random number, the public key in the public-private key pair, the authentication challenge value, and auxiliary data to the target RFID tag so that the target RFID tag can generate an authentication response message, including step S2021.

[0058] Specifically, step S2021 is executed by the target RFID tag. Specifically, the target RFID tag uses a local quantum random number generator to generate a tag-side random number and collects the real-time response of the physical non-cloning function sampling unit to the authentication challenge value; the local fuzzy extractor calls the recovery algorithm with the real-time response and auxiliary data as input to recover the stable seed key; the stable seed key, the read / write side random number, the tag-side random number, and the session context information are input into the key derivation function to generate a one-time session key bound to the hardware identity and session scenario; the one-time session key is encapsulated with the public key to obtain ciphertext; the one-time session key is used to calculate the message authentication code on the full transcript of the authentication session; the message authentication code, ciphertext, full transcript of the authentication session, and observable fields are combined to obtain the authentication response message.

[0059] Step S203: Receive the authentication response message returned by the target RFID tag and forward it to the background authentication server through an encrypted link to perform the authentication process, including step S2031.

[0060] Specifically, step S2031 is executed by the background authentication server, including: obtaining the private key from the public-private key pair forwarded by the post-quantum cryptography interaction unit in the RFID reader / writer, decapsulating the ciphertext to obtain a one-time session key, verifying the legitimacy of the message authentication code through the one-time session key and the full transcript of the authentication session in the authentication response message, and verifying the freshness of the random number on the read / write side based on the observable field, calculating the hash value of the authentication result to generate a hash chain-style anti-tampering audit record.

[0061] Step S204: Receive the authentication result returned by the background authentication server and forward it to the target RFID tag to conduct an encrypted session based on the preset session key if the authentication is successful; at the same time, verify the freshness of the random number on the read / write side and terminate the session that exceeds the threshold.

[0062] Steps S201 to S204 are one-sided authentication processes executed by the RFID reader, which aim to achieve two-way implicit authentication between the target RFID tag and the back-end authentication server. Steps S2021 and S2031 record the corresponding response processes of the target RFID tag and the back-end authentication server.

[0063] Through coordination by the RFID reader, the target RFID tag is driven to generate a session key that is strictly bound to the current session scenario by using the PUF hardware root and quantum random number bound in the registration phase. The key is then transmitted securely under quantum-resistant channels in a one-time pad form using the post-quantum KEM algorithm. Finally, the backend completes the verification and generates traceable audit evidence.

[0064] In step S201, when the target RFID tag enters the RFID reader's working area, an authentication process is initiated. The reader sends a tag unique identifier query command to the target RFID tag via radio frequency signal. The tag responds and returns its stored tag unique identifier (TID), which the RFID reader forwards to the backend server via an encrypted communication link. The PUF auxiliary data encryption storage unit of the backend authentication server decrypts and retrieves the corresponding auxiliary data (Aux) using the TID as an index, and returns it to the RFID reader via the encrypted link.

[0065] This step enables the on-demand distribution of auxiliary data. While the auxiliary data itself is publicly available, its transmission process still employs quantum-resistant encryption to prevent link-side attacks. Simultaneously, the backend server records the auxiliary data query log, which is incorporated into the subsequent auditing system to ensure the traceability of auxiliary data distribution.

[0066] In step S202, the RFID reader / writer calls its local or onboard quantum random number generator (QRNG) to generate a high-entropy true random number as the read / write side random number, ensuring the unpredictability of the challenge. The subsequent quantum cryptography interaction unit temporarily generates or obtains a public-private key pair for key encapsulation from the backend authentication server. The public key (pk_r) will be used to encrypt the session key, and the private key (sk_r) will be used for decryption on the backend authentication server. The reader / writer then sends the read / write side random number, the KEM public key, the authentication challenge value, and the auxiliary data obtained from the backend to the target RFID tag via an RF link.

[0067] In response to step S202, the target RFID tag executes step S2021. The target RFID tag generates a tag-side random number based on its local quantum random number generation unit. The PUF sampling unit receives the authentication challenge value as an incentive and collects the real-time response of the PUF. The tag's fuzzy extractor unit calls the recovery algorithm Rep, taking the real-time response and the auxiliary data issued in step S202 as inputs, and recovers the stable seed key generated during the registration phase through error correction decoding. If the recovery fails, such as due to excessive real-time response drift, the tag records the PUF drift index (puf_drift) and may trigger the fallback negotiation field Fallback_Flag. The target RFID tag's key derivation unit inputs the stable seed key, the read / write-side random number, the tag-side random number, and the session context information into the key derivation function KDF to generate a one-time session key, which is strictly bound to the hardware identity, the current session, and the application scenario. In this form, even if a session key is leaked, it is impossible to deduce the keys or root key for other sessions. In some embodiments, the session context information includes at least two of the following: tenant identifier, RFID reader identifier, session identifier, time window, and scenario usage identifier.

[0068] Furthermore, the target RFID tag uses its local lightweight cryptographic unit to encapsulate the one-time session key with the public key issued by the RFID reader to obtain ciphertext. This ensures that even if the one-time session key is intercepted in the wireless channel returning to the reader, it cannot be cracked by a quantum computer. The target RFID tag uses the one-time session key to calculate the message authentication code from the full transcript of the authentication session, ensuring data integrity and authenticity. The full transcript of the session can include all key fields such as the authentication challenge value, reader-side random number, tag-side random number, public key, and ciphertext. Finally, the message authentication code, ciphertext, full transcript of the authentication session, and observable fields are combined to obtain the authentication response message and fed back.

[0069] The observable fields include a random number health field, a physical non-cloning function drift index field, and a degradation negotiation field. The physical non-cloning function drift index field is the bit inversion rate of the real-time response of the target RFID tag based on the physical non-cloning function. The degradation negotiation field is used to indicate the parameter mode switching of the KEM key encapsulation component in the post-quantum cryptosystem under different security levels. The security level is obtained by comparing the random number health field and the physical non-cloning function drift index field with a preset threshold.

[0070] In step S203, the RFID reader forwards the received authentication response message to the backend authentication server unchanged through the encrypted communication link, and the backend authentication server performs step S2031 to perform authentication audit.

[0071] In step S2031, the post-quantum KEM key management unit of the backend server obtains the private key paired with the public key issued in step S202, decapsulates the ciphertext recorded in the authentication response message, and successfully recovers the one-time session key. The authentication verification unit in the backend server recalculates the message authentication code using the one-time session key and compares it with the message authentication code MAC in the message to verify the legitimacy of the tag identity and the integrity of the data. At the same time, freshness verification is performed based on the tag-side random number in the message and the read / write-side random number recorded locally by the server to resist replay attacks.

[0072] Furthermore, the backend server's permission control unit parses observable fields such as puf_drift and qrng_health. If severe PUF drift or abnormal QRNG entropy source is detected, a pre-defined degradation strategy can be executed based on Fallback_Flag, such as switching to hybrid authentication mode, reducing the security level, or imposing read-only permissions, to ensure basic business continuity without complete interruption in extreme environments.

[0073] Furthermore, the audit evidence storage unit on the backend server generates an immutable record for this authentication. This record uses a hash chain or Merkle tree structure and includes information such as TID, challenge value digest, response digest, puf_drift, qrng_health, Fallback_Flag, and timestamp. The hash value of this record is linked with the hash value of the previous audit record, and the final anchor value is written to read-only storage media or a Trusted Execution Environment (TEE) to ensure that the audit log cannot be tampered with afterward, meeting the compliance evidence requirements of government and enterprises.

[0074] In step S204, the RFID reader receives the authentication success or failure result returned from the backend and forwards it to the target RFID tag via radio frequency signal. If authentication is successful, both parties conduct subsequent encrypted communication based on this key, for example, using the national cryptographic algorithm SM4-GCM for data encryption and integrity verification. The RFID reader's session management unit sets a timeout threshold for the previously generated read / write side random number. If the entire authentication process times out, the reader actively terminates the session to prevent replay risks caused by process delays.

[0075] In some embodiments, the RFID reader and the target RFID tag communicate encrypted based on a negotiated session key, use the national cryptographic SM4 algorithm for data encryption, and use the national cryptographic SM3 algorithm for hash verification.

[0076] In some embodiments, the KEM key encapsulation component in the post-quantum cryptosystem employs one of the NIST-standardized ML-KEM algorithm, BIKE algorithm, or HQC algorithm.

[0077] On the other hand, the present invention also provides a quantum-resistant RFID tag identification system, the system comprising: The target RFID tag includes: a first radio frequency front-end, a physically non-cloning function sampling unit, a first quantum random number generation unit, a fuzzy extractor unit, a key derivation unit, a lightweight cryptographic operation unit, and a low-power energy management unit; The RFID reader / writer includes: a radio frequency transceiver unit, a second quantum random number generation unit, a post-quantum cryptography interaction unit, a session management unit, and a backend communication interface unit; The backend authentication server includes: a PUF auxiliary data encryption and storage unit, a post-quantum KEM key management unit, an authentication and verification unit, an audit and evidence storage unit, and an access control unit; The RFID reader / writer, in collaboration with the background authentication server, performs the quantum-resistant RFID tag identity registration method of steps S101-S102 and the quantum-resistant RFID tag identity authentication method of steps S201-S204.

[0078] On the other hand, the present invention also provides a computer-readable storage medium having a computer program or instructions stored thereon, which, when executed by a processor, implement the steps of the above-described method.

[0079] The present invention will now be described with reference to a specific embodiment: This embodiment provides a quantum-resistant RFID tag identity registration and authentication system and its corresponding registration and authentication method. The system includes the following three independent structural parts: 1. RFID tag device: UHF RFID tag conforming to ISO / IEC 18000-63 standard. The core components include radio frequency front-end, PUF sampling unit, quantum random number generation unit, fuzzy extractor unit, key derivation unit, lightweight cryptographic operation unit and low power energy management unit.

[0080] The radio frequency front end is electrically connected to the fuzzy extractor unit, the key derivation unit, the lightweight cryptographic operation unit, and the low-power energy management unit, respectively; the PUF sampling unit is electrically connected to the fuzzy extractor unit; the quantum random number generation unit is electrically connected to the key derivation unit; and the low-power energy management unit is electrically connected to all units and is responsible for the power consumption control of the entire module.

[0081] The RF front-end is responsible for wireless communication with the RFID reader / writer to complete data transmission and reception; the PUF sampling unit is responsible for collecting the PUF's response to the challenge value and generating a unique hardware fingerprint for the tag; the quantum random number generation unit is responsible for collecting quantum noise and generating high-entropy true random numbers; the fuzzy extractor unit is responsible for executing the Gen and Rep algorithms to generate auxiliary data and recover a stable seed key; the key derivation unit is responsible for executing the KDF algorithm to derive a one-time session key; the lightweight cryptographic operation unit is responsible for performing hash, MAC, and KEM encapsulation operations; and the low-power energy management unit is responsible for shutting down the RF receiving link and high-power units within the PUF sampling window and controlling the tag to enter sleep mode in the non-authentication state.

[0082] 2. RFID reader / writer device: Compliant with ISO / IEC 18000-63 standard, the core components include radio frequency transceiver unit, quantum random number generation unit, post-quantum cryptography interaction unit, session management unit, and back-end communication interface unit.

[0083] The radio frequency transceiver unit is electrically connected to the session management unit; the post-quantum cryptography interaction unit is electrically connected to both the session management unit and the backend communication interface unit; and the backend communication interface unit is electrically connected to the session management unit.

[0084] The radio frequency transceiver unit is responsible for UHF radio frequency wireless communication with RFID tags; the quantum random number generation unit is responsible for collecting quantum noise and generating high-entropy true random numbers; the post-quantum cryptography interaction unit is responsible for the generation and management of KEM public and private key pairs; the session management unit is responsible for session lifecycle management, random number freshness verification, and data forwarding; and the backend communication interface unit is responsible for encrypted communication with the backend authentication server.

[0085] 3. Backend authentication server device: Deployed in a secure data center or private cloud, the core components include a PUF auxiliary data encryption storage unit, a post-quantum KEM key management unit, an authentication verification unit, an audit and evidence storage unit, and an access control unit.

[0086] The PUF auxiliary data encryption storage unit is electrically connected to the authentication and verification unit and the access control unit, respectively; the post-quantum KEM key management unit is electrically connected to the authentication and verification unit; and the authentication and verification unit is electrically connected to the audit and evidence storage unit and the access control unit, respectively.

[0087] The PUF auxiliary data encryption storage unit is responsible for the encrypted storage and query management of tag registration information; the post-quantum KEM key management unit is responsible for the generation, storage and lifecycle management of KEM public and private key pairs; the authentication and verification unit is responsible for the legality verification of authentication data and the completion of identity authentication; the audit and evidence storage unit is responsible for generating and storing tamper-proof audit records; and the access control unit is responsible for access control and security policy management in the downgrade mode.

[0088] The RFID tag device and the RFID reader / writer device are wirelessly connected via a UHF radio frequency link, and the RFID reader / writer device is connected to the back-end authentication server device via a wired / wireless encrypted communication link. The three work together to execute a complete quantum-resistant RFID identity authentication process, as detailed below.

[0089] 1. The RFID tag interacts with the RFID reader / writer, performing the following actions: 1.1 The RFID tag terminal performs a single registration process at the factory stage, such as... Figure 3 As shown, the actions are as follows: Step 1a: Receive the registration challenge value and tag unique identifier (TID) writing instruction from the radio frequency signal.

[0090] Step 2a: Collect the raw response of the Physically Unclonable Function (PUF) to the registration challenge value, and generate a stable seed key and PUF auxiliary data through the Gen algorithm of the fuzz extractor.

[0091] Step 3a: Send the hash digest of the stable seed key, PUF auxiliary data, and tag unique identifier TID via radio frequency signal.

[0092] Furthermore, in step 2a, the original PUF response is sampled multiple times within a preset temperature and voltage range. The Gen algorithm of the fuzzy extractor uses an error correction code to coordinate the information of the original response, generating PUF auxiliary data and a stable seed key. The error correction code is one of BCH code, Reed-Solomon code, or LDPC code. The PUF auxiliary data includes verification auxiliary information and hash verification value.

[0093] 1.2 such as Figure 4 and Figure 9 As shown, the RFID tag performs the following actions during the authentication phase: Step 1b: Receive the authentication challenge value, reader-side random number n_r, and public key pk_r of the post-quantum key encapsulation mechanism KEM from the radio frequency signal.

[0094] Step 2b: Receive the PUF auxiliary data corresponding to its own TID from the radio frequency signal.

[0095] Step 3b: Collect the tag-side quantum random number n_t output by the quantum random number generator QRNG, and simultaneously calculate the real-time response of PUF to the authentication challenge value.

[0096] Step 4b: Using the recovery algorithm Rep of the fuzz extractor, input the real-time response and PUF auxiliary data to recover the stable seed key.

[0097] Step 5b: Input the stable seed key, reader-side random number n_r, tag-side quantum random number n_t, and session context information into the key derivation function KDF to derive a one-time session key that is strongly bound to the hardware identity and session scenario.

[0098] Step 6b: Use the KEM public key pk_r to encapsulate the one-time session key to obtain the ciphertext ct. At the same time, use the one-time session key to calculate the message authentication code (MAC) on the full transcript of the session. Combine the message authentication code, ciphertext, full transcript of the session, and observable fields to generate authentication data.

[0099] Step 7b: Send an authentication response message carrying authentication data and observable fields via radio frequency signals.

[0100] Furthermore, the session context information in step 5b includes two or more of the following: tenant identifier, reader identifier, session identifier, time window, and purpose identifier. The key derivation function KDF performs domain separation through preset labels to achieve the binding of the session key with the application scenario.

[0101] Furthermore, the observable fields in step 7b include one or more of the following: the fallback negotiation field Fallback_Flag, the random number health field qrng_health, and the PUF drift index field puf_drift; qrng_health is the online detection result of the entropy value of the quantum random source, and puf_drift is the bit flip rate between the real-time response of the PUF and the original response during the registration phase.

[0102] Furthermore, the Fallback_Flag field of the degradation negotiation is determined based on the comparison results of qrng_health, puf_drift, and a preset threshold. It is used to indicate the switching between post-quantum KEM parameter sets with different security levels, or to switch to the post-quantum-classical hybrid negotiation mode.

[0103] Furthermore, the RFID tag has a built-in low-power energy management unit that shuts down the radio frequency receiving link and the high-power computing unit within the PUF sampling window and enters a sleep mode in the unauthenticated state; during the method execution process, only lightweight cryptographic operations are performed, while complex quantum operations are performed by external devices.

[0104] Furthermore, the method supports Chinese cryptographic algorithms, employs the SM3 algorithm for hash operations, the SM4 algorithm for session data encryption, and the SM2 algorithm for signature operations.

[0105] 2. The RFID reader interacts with the RFID tag and the backend authentication server, performing the following actions: 2.1 The RFID reader / writer terminal performs a registration method during the factory manufacturing stage, such as... Figure 5 As shown, the actions are as follows: Step 1c: Send a registration challenge value and tag unique identifier (TID) writing instruction to the RFID tag to be registered via radio frequency signal.

[0106] Step 2c: Receive the hash digest of the stable seed key, PUF auxiliary data and tag unique identifier TID returned by the RFID tag via radio frequency signal.

[0107] Step 3c: Forward the hash digest of the stable seed key, PUF auxiliary data, and tag unique identifier TID to the backend authentication server via an encrypted communication link.

[0108] 2.2 The RFID reader / writer performs authentication methods during the usage phase, such as... Figure 6 and Figure 9 As shown, the steps are as follows: Step 1d: Generate a random number n_r on the reader side and a public key pk_r for the post-quantum key encapsulation mechanism KEM. Send the authentication challenge value and TID query command to the target RFID tag via radio frequency signal.

[0109] Step 2d: Receive the TID from the RFID tag in response to the TID query command, send a PUF auxiliary data query request for the corresponding TID to the back-end authentication server through an encrypted communication link, and receive the corresponding PUF auxiliary data sent by the back-end authentication server through an encrypted communication link.

[0110] Step 3d: Forward PUF auxiliary data, reader-side random number n_r, and KEM public key pk_r to the target RFID tag via radio frequency signal.

[0111] Step 4d: Receive the authentication response message returned by the RFID tag via radio frequency signal.

[0112] Step 5d: Forward the authentication response message to the backend authentication server through the encrypted communication link, and receive the authentication result returned by the backend authentication server through the encrypted communication link.

[0113] Step 6d: Return the authentication result to the RFID tag via radio frequency signal. After successful authentication, conduct encrypted communication with the RFID tag based on the negotiated session key.

[0114] Step 7d: Perform a freshness check on the random number n_r on the reader side, and terminate the session directly if it exceeds the timeout threshold.

[0115] Furthermore, the public key pk_r of the post-quantum key encapsulation mechanism KEM generated in step 1d comes from its own pre-generated public-private key pair, or from the public-private key pair issued by the background authentication server.

[0116] Furthermore, the observable fields received in step 4d include one or more of the following: the fallback negotiation field Fallback_Flag, the random number health field qrng_health, and the PUF drift indicator field puf_drift. While forwarding these fields to the backend authentication server, they are also stored and backed up in the local logs.

[0117] Furthermore, in step 6d, when communicating encrypted with the RFID tag based on the negotiated session key, the national cryptographic algorithm SM4 is used for data encryption, and the national cryptographic algorithm SM3 is used for hash verification.

[0118] Furthermore, the method also includes step 8d: setting a freshness timeout threshold for the generated reader-side random number n_r, and directly terminating sessions that exceed the timeout threshold.

[0119] 3. The backend authentication server performs the following actions: 3.1 The backend authentication server executes the registration method during the factory setup, such as... Figure 7 As shown, the actions are as follows: Step 1e: Receive RFID tag registration information forwarded by the RFID reader via an encrypted communication link, including PUF auxiliary data, tag unique identifier TID, and hash digest of stable seed key.

[0120] Step 2e: Bind and encrypt the PUF auxiliary data, the hash digest of the stable seed key, and the tag unique identifier TID to complete the tag registration.

[0121] 3.2 The backend authentication server executes the authentication method during the usage phase, such as... Figure 8 and Figure 9 As shown, the steps are as follows: Step 1f: Receive the PUF auxiliary data query request for the corresponding tag TID sent by the RFID reader through the encrypted communication link. After verifying the legitimacy of the reader, send the PUF auxiliary data for the corresponding TID to the RFID reader through the encrypted communication link.

[0122] Step 2f: Receive RFID tag authentication data and observable fields forwarded by the RFID reader / writer through an encrypted communication link. The authentication data includes KEM ciphertext ct and message authentication code MAC.

[0123] Step 3f: Decrypt the ciphertext ct by using the private key sk_r paired with the pre-generated KEM public key pk_r to obtain the one-time session key.

[0124] Step 4f: Verify the validity of the message authentication code MAC using the one-time session key, and at the same time verify the freshness of the random number n_r on the reader side to complete the tag identity authentication and generate the authentication result.

[0125] Step 5f: Generate a hash chain-based tamper-proof audit record corresponding to this authentication, and return the authentication result to the RFID reader via an encrypted communication link.

[0126] Furthermore, the hash chain-style anti-tampering audit records generated in step 5f adopt a hash chain or Merkle tree structure. Each audit record includes a unique tag identifier (TID), a challenge value digest, a response value digest, puf_drift, qrng_health, fallback_Flag, a record serial number, a millisecond-level timestamp, and an input / output digest hash. The hash anchor value of the audit record is written to a read-only storage medium or a trusted execution environment (TEE).

[0127] Furthermore, the observable fields include the fallback negotiation field Fallback_Flag, and the corresponding permission control policy is executed according to the value of Fallback_Flag; when Fallback_Flag indicates a post-quantum-classical hybrid negotiation mode, permission scope and validity period constraints are imposed on the current session.

[0128] Furthermore, the post-quantum key encapsulation mechanism KEM is one of the NIST-standardized ML-KEM algorithm, BIKE algorithm, or HQC algorithm, or a commercial cryptographic quantum-resistant KEM algorithm; the method supports full adaptation to national cryptographic algorithms, uses the SM3 algorithm to perform hash operations, uses the SM4 algorithm to perform data encryption, and uses the SM2 algorithm to perform digital signatures of audit records.

[0129] Furthermore, access permissions for PUF auxiliary data are checked, granting query access only to authorized RFID readers and logging all auxiliary data queries, which are then incorporated into the audit system.

[0130] In summary, the quantum-resistant RFID tag identity registration and authentication method and system of the present invention achieves a closed-loop end-to-end from hardware root trust establishment to quantum-resistant secure transmission by integrating three core technologies: Physically Unclonable Function (PUF), Quantum Random Number Generator (QRNG), and Post-Quantum Cryptography (PQC).

[0131] First, by combining PUF with a fuzz extractor, the tag side does not need to store the authentication key for a long time. It only temporarily restores the stable seed key bound to the chip hardware features during authentication. The background authentication server uses the protected stored seed verification digest to participate in the generation of the reference authentication key, thereby completing the authentication verification without storing the plaintext of the stable seed key.

[0132] Secondly, using post-quantum KEM to establish a shared secret, and inputting the shared secret, along with random numbers from both parties and the session context, into the key derivation function helps improve session isolation and link anti-eavesdropping capabilities. Combined with random number freshness verification, PUF drift monitoring, and degradation negotiation strategies, the security and availability of the system in complex environments can be improved.

[0133] Finally, by centralizing audit evidence storage, access control, and session key distribution on the backend authentication server, and having the RFID reader handle wireless link access and session management, the solution becomes more compatible with low-power RFID hardware, while also facilitating compliance audits and traceability evidence collection in government and enterprise scenarios.

[0134] Those skilled in the art will understand that the exemplary components, systems, and methods described in conjunction with the embodiments disclosed herein can be implemented in hardware, software, or a combination of both. Whether implemented in hardware or software depends on the specific application and design constraints of the technical solution. Those skilled in the art can use different methods to implement the described functions for each specific application, but such implementation should not be considered beyond the scope of this invention. When implemented in hardware, it can be, for example, electronic circuits, application-specific integrated circuits (ASICs), appropriate firmware, plug-ins, function cards, etc. When implemented in software, the elements of this invention are programs or code segments used to perform the desired tasks. The programs or code segments can be stored in a machine-readable medium or transmitted over a transmission medium or communication link via data signals carried in a carrier wave.

[0135] It should be clarified that the present invention is not limited to the specific configurations and processes described above and shown in the figures. For the sake of brevity, detailed descriptions of known methods are omitted here. In the above embodiments, several specific steps are described and shown as examples. However, the method process of the present invention is not limited to the specific steps described and shown. Those skilled in the art can make various changes, modifications, and additions, or change the order of steps, after understanding the spirit of the present invention.

[0136] In this invention, features described and / or illustrated for one embodiment may be used in the same or similar manner in one or more other embodiments, and / or combined with or in place of features of other embodiments.

[0137] The above description is merely a preferred embodiment of the present invention and is not intended to limit the present invention. For those skilled in the art, various modifications and variations of the embodiments of the present invention are possible. Any modifications, equivalent substitutions, improvements, etc., made within the spirit and principles of the present invention should be included within the protection scope of the present invention.

Claims

1. A quantum-resistant RFID tag identity registration method, characterized in that, The method is executed by an RFID reader / writer, which connects to the target RFID tag via radio frequency and establishes communication with a background authentication server. The method includes the following steps: Send a registration challenge value and a tag unique identifier writing instruction to the target RFID tag, so that the target RFID tag can collect the original response of the physical non-cloning function sampling unit to the registration challenge value in response to the tag unique identifier writing instruction, and generate a stable seed key and corresponding auxiliary data from the original response by calling the generation algorithm through the fuzz extractor, and calculate the hash digest of the stable seed key; The system receives the unique identifier of the target RFID tag, the auxiliary data, and the hash digest returned by the target RFID tag and forwards them to the backend authentication server through an encrypted communication link. The backend authentication server then binds and encrypts the auxiliary data, the hash digest, and the unique identifier of the target RFID tag to complete the registration of the target RFID tag.

2. The quantum-resistant RFID tag identity registration method according to claim 1, characterized in that, The encrypted communication link uses a KEM key encapsulation component based on the post-quantum cryptography system to establish a session-shared public-private key pair for encrypted communication. The backend authentication server uses a key managed by a KEM key encapsulation component to encrypt and store the bound auxiliary data, the hash digest, and the unique identifier of the tag.

3. The quantum-resistant RFID tag identity registration method according to claim 1, characterized in that, After receiving the tag unique identifier, the auxiliary data, and the hash digest returned by the target RFID tag, the method further includes: verifying the length, format, and content integrity of the tag unique identifier, the auxiliary data, and the hash digest, and forwarding them to the background authentication server through an encrypted communication link after the verification is passed; After sending a tag unique identifier writing instruction to the target RFID tag, the method further includes: if no response is received from the target RFID tag within a preset time, resending the tag unique identifier writing instruction or recording a registration failure log.

4. A quantum-resistant RFID tag authentication method, characterized in that, The method is executed by an RFID reader / writer, which connects to the target RFID tag via radio frequency and establishes communication with a background authentication server. The target RFID tag is registered using the quantum-resistant RFID tag identity registration method described in claims 1 to 3, which includes the following steps: Send a tag unique identifier query command to the target RFID tag, receive the tag unique identifier in response, and forward it to the background authentication server through an encrypted communication link to query and return the auxiliary data corresponding to the tag unique identifier; A read-write side random number is generated based on a local quantum random number generator. A session-shared public-private key pair is established based on the KEM key encapsulation component in the post-quantum cryptography system. The read-write side random number, the public key in the public-private key pair, the authentication challenge value, and the auxiliary data are sent to the target RFID tag so that the target RFID tag can generate an authentication response message, including: The target RFID tag generates tag-side random numbers using a local quantum random number generator and collects the real-time response of the Physically Unclonable Function (PUC) sampling unit to the authentication challenge value. A local fuzzy extractor calls a recovery algorithm with the real-time response and auxiliary data as input to recover a stable seed key. The stable seed key, the read / write-side random number, the tag-side random number, and session context information are input to a key derivation function to generate a one-time session key bound to the hardware identity and session scenario. The one-time session key is encapsulated using the public key to obtain ciphertext. The one-time session key is used to calculate a message authentication code on the full transcript of the authentication session. The message authentication code, the ciphertext, the full transcript of the authentication session, and observable fields are combined to obtain the authentication response message. Receiving the authentication response message returned by the target RFID tag and forwarding it to the background authentication server via an encrypted link to perform the authentication process includes: The backend authentication server obtains the private key from the public-private key pair forwarded by the post-quantum cryptography interaction unit in the RFID reader, decapsulates the ciphertext to obtain the one-time session key, verifies the legality of the message authentication code by the one-time session key and the full transcript of the authentication session in the authentication response message, and verifies the freshness of the random number on the read-write side based on the observable field, calculates the hash value of the authentication result to generate a hash chain-style anti-tampering audit record; The system receives the authentication result returned by the background authentication server and forwards it to the target RFID tag to conduct an encrypted session based on a preset session key if the authentication is successful. At the same time, the system verifies the freshness of the random number on the read / write side and terminates sessions that exceed the threshold.

5. The quantum-resistant RFID tag authentication method according to claim 4, characterized in that, The session context information includes at least two of the following: tenant identifier, RFID reader identifier, session identifier, time window, and scenario usage identifier; The observable fields include a random number health field, a physical no-cloning function drift index field, and a degradation negotiation field. The physical no-cloning function drift index field is the bit inversion rate of the real-time response generated by the target RFID tag based on the physical no-cloning function. The degradation negotiation field is used to indicate the parameter mode switching of the KEM key encapsulation component in the post-quantum cryptosystem under different security levels. The security level is obtained by comparing the random number health field and the physical no-cloning function drift index field with a preset threshold.

6. The quantum-resistant RFID tag authentication method according to claim 4, characterized in that, The RFID reader and the target RFID tag communicate encryptedly based on a negotiated session key, using the national cryptographic SM4 algorithm for data encryption and the national cryptographic SM3 algorithm for hash verification.

7. The quantum-resistant RFID tag authentication method according to claim 5, characterized in that, The background authentication server uses a hash chain or Merkle tree structure to generate hash chain-style tamper-proof audit records. Each audit record includes a unique tag identifier, challenge value digest, response value digest, physical non-cloning function drift index, random number health, degradation negotiation mode, record serial number, millisecond-level timestamp, and input / output digest hash. The hash anchor value of the audit record is written to a read-only storage medium or a trusted execution environment.

8. The quantum-resistant RFID tag authentication method according to claim 5, characterized in that, The KEM key encapsulation component in the post-quantum cryptosystem adopts one of ML-KEM, HQC, or other post-quantum KEM algorithms.

9. A quantum-resistant RFID tag identification system, characterized in that, The system includes: The target RFID tag includes: a first radio frequency front-end, a physically non-cloning function sampling unit, a first quantum random number generation unit, a fuzzy extractor unit, a key derivation unit, a lightweight cryptographic operation unit, and a low-power energy management unit; The RFID reader / writer includes: a radio frequency transceiver unit, a second quantum random number generation unit, a post-quantum cryptography interaction unit, a session management unit, and a backend communication interface unit; The backend authentication server includes: a PUF auxiliary data encryption and storage unit, a post-quantum KEM key management unit, an authentication and verification unit, an audit and evidence storage unit, and an access control unit; The RFID reader / writer, in collaboration with the background authentication server, executes the quantum-resistant RFID tag identity registration method according to claims 1 to 3, and the quantum-resistant RFID tag identity authentication method according to claims 4 to 8.

10. A computer-readable storage medium having a computer program or instructions stored thereon, characterized in that, When the computer program or instructions are executed by a processor, they implement the steps of the method as described in any one of claims 1 to 8.