物联网的发展对射频识别(RFID)系统的安全性能提出了越来越高的要求。虽然基于密钥阵列的RFID 认证协议解决了传统RFID 认证协议在多实体环境中存在的内部攻击问题，但基于交换实体身份信息的认证方式存在信息泄露的安全隐患。针对这一问题，设计了基于零知识证明的多实体RFID 认证协议(MERAP)。该协议采用分布式密钥阵列抵御内部攻击，利用零知识证明方案实现双向认证时敏感身份信息零泄露。性能分析结果显示，MERAP 协议在维持一定复杂度和标签成本的基础上，可抵抗包括重传、跟踪、拒绝服务和篡改等多种外部攻击和内部攻击。

As the development of the Internet of Things(IOT), the security requirements of information for Radio Frequency Identification(RFID) system are increasing continuously. Although the RFID authentication protocols based on key array can solve the internal attack problem that is a security flaw of traditional RFID authentication protocols in the multiple entities environment, those protocols can cause the information leakage because they adopt the mechanism of switching entity information during authentication. To tackle with this problem, a Multiple Entities RFID Authentication Protocol(MERAP) based on zero-knowledge proof is designed. The protocol employs distributed key array structure to resist inner attack, and utilizes the zero knowledge proof scheme to realize the zero leakage sensitive of bidirectional authentication information. The security performance analysis results show the MERAP protocol can resist varied external attacks, including retransmission, tracking, denial of service and tampering, and internal attack with a slight increase at complexity and tag cost.