Haradhan Ghosh,Pramod Kumar Maurya,Satya Bagchi

DOI: https://doi.org/10.1007/s11277-024-11616-z

IF: 2.017

2024-10-20

Wireless Personal Communications

Abstract:A cutting-edge idea known as the Internet of Things (IoT) connects different physical items with the online environment. IoT technology is expanding quickly and will soon have an important encounter on how we live our everyday lives. IoT applications use radio frequency identification (RFID) to automatically identify the linked devices. RFID-enabled technologies are becoming more common nowadays for protecting privacy in a variety of industries, including the smart grid, smart cities, and smart education. Healthcare is one of the prominent applications of RFID technology. Patients can receive quick and convenient care at home due to RFID-enabled healthcare solutions. However, there are instances of technology forgery, putting patients' medical information in danger. Utilizing an authentication protocol is extensively regarded as the most efficient way for RFID-enabled healthcare systems to prevent malicious attacks and the misuse of resources. Very recently, Shariq and Singh proposed a lightweight RFID-enabled protocol for healthcare using the properties of vector space. This article presents evidence that Shariq and Singh's protocol has some wrong steps and is also liable to tag anonymity and impersonation attacks. Moreover, we proposed a secured authentication protocol to overcome the flaws of Shariq and Singh's protocol using vector addition, scalar multiplication, and dot products. We analyze the formal security utilizing BAN logic and Scyther simulation tools. The proposed protocol performs better than related protocols regarding costs associated with computation, transmission, storage, and security measures.

telecommunications

Jianqing Fu,Chunming Wu,XiaoPing Chen,Rong Fan

DOI: https://doi.org/10.1109/iccet.2010.5485559

2010-01-01

Abstract:Nowadays, the use of Radio Frequency Identification (RFID) systems in industry and stores has increased. Nevertheless, some of these systems present problems that may discourage potential users. Hence, high confidence and efficient privacy protocols are urgently needed. Previous studies to achieve privacy authentication can be grouped into tree-based and synchronization approaches. But all of the tree-based designs are not suitable to large scale RFID systems, and most of the synchronization designs have security flaws. So in this paper, we propose a scalable pseudo random RFID private mutual authentication protocol (SPRA) to archive both scalable and security. The analysis results show that SPRA effectively enhances the security protection for RFID private authentication, and has the authentication efficiency of O(1).

Yang Ming,Xiaopeng Yu,Xiaoqin Shen

DOI: https://doi.org/10.1109/access.2020.3018488

IF: 3.9

2020-01-01

IEEE Access

Abstract:Healthcare Internet of Things (IoT) is an emerging paradigm, which can provide comprehensive and different types of health services and enable various types of medical sensors to monitor patient's health conditions. In the healthcare IoT, patient is deployed with a variety of medical sensors, which continuously monitors and collects patient's sensitive health data that needs specially protection for preventing privacy leakage. To safely send multiple different health data monitored by multiple different medical sensors to multiple corresponding healthcare professionals in one data report, several multi-message and multi-receiver signcryption schemes have been introduced by employing the traditional public key cryptography, identity-based cryptography or certificateless cryptography. However, these schemes suffer from the certificate management, key escrow and key distribution problem. Besides, due to the resource-constraint property of medical sensors, they are unsuitable for healthcare IoT in terms of both performance and privacy requirements. To solve these issues, this paper introduces an efficient anonymous certificate-based multi-message and multi-receiver signcryption scheme for healthcare IoT, where the certificate-based cryptography and elliptic curve cryptography are combined to simplify the certificate management problem, eliminate the key escrow problem, solve the key distribution problem and ensure the privacy-preserving. Furthermore, the security analysis suggests that the proposed scheme is able to achieve the confidentiality, unforgeability, receiver anonymity, sender anonymity and decryption fairness; the performance evaluation indicates that the proposed scheme brings to the lower computation cost and communication cost in comparison to the existing schemes.

Abhay Kumar Agrahari,Shirshu Varma

DOI: https://doi.org/10.1007/s12083-020-01069-z

2021-03-05

Abstract:Radio Frequency Identification (RFID) is an emerging technology that is used for the unique identification of objects. RFID can be used in different application domains, including Health-care systems, where the safety of patient-sensitive data is a primary concern. Since the RFID technology is used in various medicine sectors, particularly real-time patient monitoring, patient medicine Information, medical emergency, and drug administration system, the use of RFID raises severe security and privacy concerns. In order to cope with these security issues, we propose an Elliptic curve based authentication protocol for RFID. The proposed model uses an implicit certificate concept to secure health-care data. We prove this claim for secure communication using the formal security analysis, i.e., BAN logic, security analysis based on the mathematical model, i.e., ROR model, formal verification using AVISPA tool, and informal security analysis. We review some of the RFID authentication schemes based on ECC in terms of performance and security. Our analysis indicates that the proposed protocol provides mobility, scalability, security, and privacy in the health care environment.

computer science, information systems,telecommunications

Diksha,Meenakshi

2023-06-13

Abstract:The creation of TMIS (Telecare Medical Information System) makes it simpler for patients to receive healthcare services and opens up options for seeking medical attention and storing medical records with access control. With Wireless Medical Sensor Network and cloud-based architecture, TMIS gives the chance to patients to collect their physical health information from medical sensors and also upload this information to the cloud through their mobile devices. The communication is held through internet connectivity, therefore security and privacy are the main motive aspects of a secure cloud-assisted TMIS. However, because very sensitive data is transmitted between patients and doctors through the cloud server, thus security protection is important for this system. Recently, Kumar et al designed a mutual authentication protocol for cloud-assisted TMIS based on ECC [2]. In this paper, we revisited this scheme and traced out that their scheme has some significant pitfalls like health report revelation attack, and report confidentiality. In this study, we will provide the cryptanalysis of the scheme developed by Kumar et al.

Cryptography and Security,Information Theory

Niranchana Radhakrishnan,Amutha Prabakar Muniyandi

DOI: https://doi.org/10.1155/2022/9273662

2022-02-14

Journal of Healthcare Engineering

Abstract:With the recent tremendous growth in technology, the Internet of Things (IoT) Telecare Medicine Information System (TMIS) is the most widely used medical information system with prominent achievements. Authentication schemes, which use Smart cards, offer the best solution for TMIS applications that in turn provide efficiency and security. Furthermore, authentication schemes that combine passwords and smart cards are considered to be an effective solution for the two-factor authentication scheme. Such schemes contribute to high security along with the public-key cryptosystem. In this research work, a two-factor authentication technique that is both efficient and secure, which makes use of Elliptic Curve Cryptography (ECC) with smart cards, has been proposed. Here, we have used the fundamental assumptions of strong and collision free cryptographic Hash function and Elliptic Curve arithmetic. The proposed authentication technique protects user privacy by allowing registered users to change their passwords without revealing their identity to the server. The proposed authentication scheme has been subjected to formal and informal security investigations. In terms of efficiency and performance, the proposed two-factor authentication technique was compared with the existing relevant two-factor authentication schemes based on ECC. This scheme satisfies the two-factor authentication scheme’s basic security standards.

health care sciences & services

Haradhan Ghosh,Pramod Kumar Maurya,Satya Bagchi

DOI: https://doi.org/10.1504/ijahuc.2024.141960

2024-10-04

International Journal of Ad Hoc and Ubiquitous Computing

Abstract:Radio frequency identification technology has been rapidly embraced throughout different wireless communication domains as one of the primary identification solutions for the internet of things. Most present RFID authentication techniques are susceptible to a wide range of malicious attacks. A typical security feature in RFID authentication protocols is key updating, which leads to desynchronisation attacks. We propose a shared key update approach to overcome this issue by the hash function, properties of eigenvectors of a matrix, and addition and concatenation operations. Formal and informal security analyses of the proposed protocol reveal that it is durable to numerous assaults. To simulate the protocol, we apply the Scyther tool, and the findings suggest that the proposed protocol may endure severe assaults. The performance analysis also shows that it has less computation costs on the tag side, making it suitable for use in real-time control systems.

computer science, information systems,telecommunications

Khwaja Mansoor,Anwar Ghani,Shehzad Ashraf Chaudhry,Shahaboddin Shamshirband,Shahbaz Ahmed Khan Ghayyur,Amir Mosavi,Shehzad Chaudhry,Shahbaz Ghayyur

DOI: https://doi.org/10.3390/s19214752

IF: 3.9

2019-11-01

Sensors

Abstract:Despite the many conveniences of Radio Frequency Identification (RFID) systems, the underlying open architecture for communication between the RFID devices may lead to various security threats. Recently, many solutions were proposed to secure RFID systems and many such systems are based on only lightweight primitives, including symmetric encryption, hash functions, and exclusive OR operation. Many solutions based on only lightweight primitives were proved insecure, whereas, due to resource-constrained nature of RFID devices, the public key-based cryptographic solutions are unenviable for RFID systems. Very recently, Gope and Hwang proposed an authentication protocol for RFID systems based on only lightweight primitives and claimed their protocol can withstand all known attacks. However, as per the analysis in this article, their protocol is infeasible and is vulnerable to collision, denial-of-service (DoS), and stolen verifier attacks. This article then presents an improved realistic and lightweight authentication protocol to ensure protection against known attacks. The security of the proposed protocol is formally analyzed using Burrows Abadi-Needham (BAN) logic and under the attack model of automated security verification tool ProVerif. Moreover, the security features are also well analyzed, although informally. The proposed protocol outperforms the competing protocols in terms of security.

engineering, electrical & electronic,chemistry, analytical,instruments & instrumentation

Xuanang Li,Zhiming Zheng,Xiao Zhang

DOI: https://doi.org/10.1109/ngmast.2015.75

2015-01-01

Abstract:Telecare Medicine Information System enables patients to get healthcare services at home expediently and efficiently. Authentication and key agreement protocol suited for TMIS protect patient's privacy via the unsecure network. Recently, numerous protocols have been proposed intend to safeguard the communication between patients and server. However, most of them have high computation overhead and security problems. In this paper, we aim to propose a secure and effective authentication and key agreement protocol using smartcard and password for TMIS. The protocol is based on elliptic curve cryptography. Through security analysis we illustrate that our protocol is secure to resist some known attacks and provide user anonymity. Furthermore, by comparing with other related protocols we show our protocol is superior in security and performance aspects.

Junyu Wang,Christian Floerkemeier,Sanjay E. Sarma

DOI: https://doi.org/10.1007/s00779-014-0788-x

2014-01-01

Personal and Ubiquitous Computing

Abstract:Radio frequency identification (RFID) is an important technique used for automatic identification and data capture. In recent years, low-cost RFID tags have been used in many open-loop applications beyond supply chain management, such as the tagging of the medicine, clothes, and belongings after the point of sales. At the same time, with the development of semiconductor industry, handheld terminals and mobile phones are becoming RFID-enabled. Unauthorized mobile RFID readers could be abused by the malicious hackers or curious common people. Even for authorized RFID readers, the ownership of the reader can be transferred and the owners of the authorized mobile reader may not be always reliable. The authorization and authentication of the mobile RFID readers need to take stronger security measures to address the privacy or security issues that may arise in the emerging open-loop applications. In this paper, the security demands of RFID tags in emerging open-loop applications are summarized, and two example protocols for authorization, authentication and key establishment based on symmetric cryptography are presented. The proposed protocols adopt a timed-session-based authorization scheme, and all reader-to-tag operations are authorized by a trusted third party using a newly defined class of timed sessions. The output of the tags is randomized to prevent unauthorized tracking of the RFID tags. An instance of the protocol A is implemented in 0.13-μm CMOS technology, and the functions are verified by field programmable gate array. The baseband consumes 44.0 μW under 1.08 V voltage and 1.92 MHz frequency, and it has 25,067 gate equivalents. The proposed protocols can successfully resist most security threats toward open-loop RFID systems except physical attacks. The timing and scalability of the two protocols are discussed in detail.

Junbin Kang,Kai Fan,Kuan Zhang,Xiaochun Cheng,Hui Li,Yintang Yang

DOI: https://doi.org/10.1016/j.comcom.2020.12.004

IF: 5.047

2021-02-01

Computer Communications

Abstract:<p>As an application of IoT technology in the healthcare industry, IoMT has higher security requirements than IoT while improving medical efficiency and reducing medical costs. How to ensure the safety of IoMT is a challenging task. In the implementation of IoMT, Radio-Frequency Identification (RFID) is a key technology for establishing an identity authentication system, which can efficiently identify medical equipment and patients. Designing a safe and efficient RFID authentication protocol will help protect user privacy, enhance the security of the IoMT system and improve the efficiency of medical staff to detect and manage patients. Most of the existing RFID authentication protocols can only authenticate one tag in each authentication session, which is called a per-tag protocol. In medical scenarios that need to efficiently authenticate a mass of tags at short notice, the use of traditional per-tag protocols is inefficient and may delay the treatment of patients. To solve the problem that the per-tag protocols are not applicable in some medical scenarios, we designed a low-cost batch authentication protocol which can accurately identify each illegal tag and reduce the overhead of authentication data transmission. We use the solution of homogeneous linear equations as a key to encrypt the authentication data of the tag to further reduce the cost of the tag. The protocol proposed in this paper is capable of batch certification of tags, with strong security and low tag cost. After security analysis and performance analysis, our scheme can be well applied to IoMT.</p>

computer science, information systems,telecommunications,engineering, electrical & electronic

J Yang,Kui Ren,Kwangjo Kim

2005-01-01

Abstract:In the near future, radio frequency identiflcation (RFID) technology is expected to play an important role for object identiflcation as a ubiquitous infrastructure. However, low-cost RFID tags are highly resource-constrained and cannot support its long-term security, so they have potential risks and may violate privacy for their bearers. To remove security vulnerabilities, we propose a robust mutual authentication protocol between a tag and a back-end server for low-cost RFID system that guarantees data privacy and location privacy of tag bearers. Difierent from the previous works (4, 14), our protocol flrstly provides reader authentication and prevent active attacks based on the assumption that a reader is no more a trusted third party and the communication channel between the reader and the back-end server is insecure like wireless channel. Also, the proposed protocol exhibits forgery resistant against simple copy, or counterfeiting prevailing RFID tags. As tags only have hash function and exclusive-or operation, our proposed protocol is very feasible for low-cost RFID system compared to the previous works. The formal proof of correctness of the proposed authentication protocol is given based on GNY logic.

S. Satheesh Kumar,Manjula Sanjay Koti

DOI: https://doi.org/10.1007/s13721-021-00329-z

2021-08-12

Network Modeling Analysis in Health Informatics and Bioinformatics

Abstract:In recent decades, broad range of Internet of Things (IoT) technologies are deployed such as machine to machine communication, Internet Technologies (IT), robots, smart devices, and wireless sensor networks. IoT is a spectacular technology in the modern world of IT in which the objects can do data transmission and connect using the intranet or internet networks. Data security and privacy is one of the top most challenging issue where several researchers are showing interest that to especially in healthcare domain. For this reason, a hybrid combination of Elliptic Curve Digital Signature Algorithm (ECDSA), Rivest Cipher 4 (RC4), and Secure Hash Algorithm (SHA-256) is proposed for protecting the reliable data which is transmitted from the IoT based healthcare systems. In the proposed model, the ECDSA is used for improving the RC4 in which the encryption of key is processed by ECDSA for performing the XOR operation in RC4. Furthermore, the security is ensured by transforming the incoming data using the SHA-256 technique. Experimental results show that the proposed model outperforms for 10 MB of data in terms of encryption time that obtained as 631 ms, decryption time is 616 ms, and throughput obtained by the proposed models is 11.71 MB/ms when compared with other existing techniques such as ECC+3DES+SHA-256, RC4+AES+SHA-256, and ECC+RC2+SHA-256.

Yan Wang,Ruiqi Liu,Tong Gao,Feng Shu,Xuemei Lei,Yongpeng Wu,Guan Gui,Jiangzhou Wang

2024-10-15

Abstract:In this paper, authentication for mobile radio frequency identification (RFID) systems with low-cost RFID sensor tags is studied. Firstly, an adaptive modulus (AM) encryption algorithm is proposed. Subsequently, in order to enhance the security without additional storage of new key matrices, a self-updating encryption order (SUEO) algorithm is designed. Furthermore, a diagonal block local transpose key matrix (DBLTKM) encryption algorithm is presented, which effectively expands the feasible domain of the key space. Based on the above three algorithms, a novel joint AM-SUEO-DBLTKM encryption algorithm is constructed. Making full use of the advantages of the proposed joint algorithm, a two-way RFID authentication protocol, named AM-SUEO-DBLTKM-RFID, is proposed for mobile RFID systems. In addition, the Burrows-Abadi-Needham (BAN) logic and security analysis indicate that the proposed AM-SUEO-DBLTKM-RFID protocol can effectively combat various typical attacks. Numerical results demonstrate that the proposed AM-SUEO-DBLTKM algorithm can save 99.59% of tag storage over traditional algorithms. Finally, the low computational complexity as well as the low storage cost of the proposed AM-SUEO-DBLTKM-RFID protocol facilitates deployment within low-cost RFID sensor tags.

Cryptography and Security,Signal Processing

Pedro Peris-Lopez,Julio C. Hernandez-Castro,Christos Dimitrakakis,Aikaterini Mitrokotsa,Juan M. E. Tapiador

DOI: https://doi.org/10.48550/arXiv.0906.4618

2009-06-25

Cryptography and Security

Abstract:The vast majority of RFID authentication protocols assume the proximity between readers and tags due to the limited range of the radio channel. However, in real scenarios an intruder can be located between the prover (tag) and the verifier (reader) and trick this last one into thinking that the prover is in close proximity. This attack is generally known as a relay attack in which scope distance fraud, mafia fraud and terrorist attacks are included. Distance bounding protocols represent a promising countermeasure to hinder relay attacks. Several protocols have been proposed during the last years but vulnerabilities of major or minor relevance have been identified in most of them. In 2008, Kim et al. [1] proposed a new distance bounding protocol with the objective of being the best in terms of security, privacy, tag computational overhead and fault tolerance. In this paper, we analyze this protocol and we present a passive full disclosure attack, which allows an adversary to discover the long-term secret key of the tag. The presented attack is very relevant, since no security objectives are met in Kim et al.'s protocol. Then, design guidelines are introduced with the aim of facilitating protocol designers the stimulating task of designing secure and efficient schemes against relay attacks. Finally a new protocol, named Hitomi and inspired by [1], is designed conforming the guidelines proposed previously.

Atsuko Miyaji,Mohammad Shahriar Rahman

DOI: https://doi.org/10.48550/arXiv.1209.5388

2012-09-23

Abstract:RFID tags are heavily constrained in computational and storage capabilities, and raise numerous privacy concerns in everyday life due to their vulnerability to different attacks. Both forward security and backward security are required to maintain the privacy of a tag i.e., exposure of a tag's secret key should not reveal the past or future secret keys of the tag. We envisage the need for a formal model for backward security for RFID protocol designs in shared key settings, since the RFID tags are too resource-constrained to support public key settings. However, there has not been much research on backward security for shared key environment since Serge Vaudenay in his Asiacrypt 2007 paper showed that perfect backward security is impossible to achieve without public key settings. We propose a Key-Insulated Mutual Authentication Protocol for shared key environment, KIMAP, which minimizes the damage caused by secret key exposure using insulated keys. Even if a tag's secret key is exposed during an authentication session, forward security and `restricted' backward security of the tag are preserved under our assumptions. The notion of `restricted' backward security is that the adversary misses the protocol transcripts which are needed to update the compromised secret key. Although our definition does not capture perfect backward security, it is still suitable for effective implementation as the tags are highly mobile in practice. We also provide a formal security model of KIMAP. Our scheme is more efficient than previous proposals from the viewpoint of computational requirements.

Cryptography and Security

Qiwei Lu,Wenchao Huang,Xudong Gong,Xingfu Wang,Yan Xiong,Fuyou Miao

DOI: https://doi.org/10.48550/arXiv.1307.2977

2013-07-11

Abstract:With the rapid development of MANET, secure and practical authentication is becoming increasingly important. The existing works perform the research from two aspects, i.e., (a)secure key division and distributed storage, (b)secure distributed authentication. But there still exist several unsolved problems. Specifically, it may suffer from cheating problems and fault authentication attack, which can result in authentication failure and DoS attack towards authentication service. Besides, most existing schemes are not with satisfactory efficiency due to exponential arithmetic based on Shamir's scheme. In this paper, we explore the property of verifiable secret sharing(VSS) schemes with Chinese Remainder Theorem (CRT), then propose a secret key distributed storage scheme based on CRT-VSS and trusted computing for MANET. Specifically, we utilize trusted computing technology to solve two existing cheating problems in secret sharing area before. After that, we do the analysis of homomorphism property with CRT-VSS and design the corresponding shares-product sharing scheme with better concision. On such basis, a secure distributed Elliptic Curve-Digital Signature Standard signature (ECC-DSS) authentication scheme based on CRT-VSS scheme and trusted computing is proposed. Furthermore, as an important property of authentication scheme, we discuss the refreshing property of CRT-VSS and do thorough comparisons with Shamir's scheme. Finally, we provide formal guarantees towards our schemes proposed in this paper.

Cryptography and Security

Chien-Ming Chen,Shuai-Min Chen,Xinying Zheng,Pei-Yu Chen,Hung-Min Sun

DOI: https://doi.org/10.1155/2014/704623

2014-01-01

The Scientific World JOURNAL

Abstract:RFID technology has become popular in many applications; however, most of the RFID products lack security related functionality due to the hardware limitation of the low-cost RFID tags. In this paper, we propose a lightweight mutual authentication protocol adopting error correction code for RFID. Besides, we also propose an advanced version of our protocol to provide key updating. Based on the secrecy of shared keys, the reader and the tag can establish a mutual authenticity relationship. Further analysis of the protocol showed that it also satisfies integrity, forward secrecy, anonymity, and untraceability. Compared with other lightweight protocols, the proposed protocol provides stronger resistance to tracing attacks, compromising attacks and replay attacks. We also compare our protocol with previous works in terms of performance.

Xingmiao Wang,Kai Fan,Kan Yang,Xiaochun Cheng,Qingkuan Dong,Hui Li,Yintang Yang

DOI: https://doi.org/10.1016/j.comcom.2022.01.014

IF: 5.047

2022-03-01

Computer Communications

Abstract:The widespread application of Radio Frequency Identification (RFID) technology in smart living, especially in smart healthcare, has greatly facilitated patient management, reduced the labour cost of medical services, and provided patients with better medical services. However, improper use of RFID tags is highly likely to threaten the safety and privacy of hospitals and even patients, which may not only cause physical and mental harm to patients but also damage the reputation of hospitals. Medical monitoring system based on RFID technology plays a significant role in guaranteeing the security of medical records as well as the privacy of patients. Nevertheless, due to the resource constraint of RFID tags/readers, it is also challenging to design an efficient and effective authentication protocol for RFID medical monitoring system. Aiming to reduce the resource overhead and meet security requirements of the RFID system, in this paper, we propose an ultra-lightweight RFID security authentication protocol utilizing a cloud server named CRUSAP, which is based on Bit-Crossing XOR rearrangement operations that can effectively resist forgery attacks, replay attacks, desynchronization attacks, and denial of service attacks while certifying the cloud server. The formal logic of BAN proves the safety and feasibility of the protocol. Additionally, the security analysis and experimental results show that the proposed authentication protocol can realize higher security goals at a lower cost and is more suitable for scaling to large-scale authentication.

computer science, information systems,telecommunications,engineering, electrical & electronic

Longfei Shangguan,Lei Yang,Jinsong Han,Zimu Zhou,Wei Gong,Yiyang Zhao

2014-01-01

Abstract:Counting or estimating the number of tags is crucial for RFID system. Researchers have proposed several fast cardinality estimation schemes to estimate the quantity of a batch of tags within a short time frame. However, existing estimation schemes scarcely consider the privacy issue. Without effective protection, the adversary can utilize the responding signals to estimate the number of tags as accurately as the valid reader. To, address this issue, we propose a novel privacy-preserving estimation scheme, termed as MEAS, which provides an active RF countermeasure against the estimation from invalid readers. MEAS comprises of two components, an Estimation Interference Device (EID) and two well-designed Interference Blanking Estimators (IBE). EID is deployed with the tags to actively generate interfering signals, which introduce sufficiently large estimation errors to invalid or malicious readers. Using a secret interference factor shared with EID, a valid reader can perform accurate estimation via two IBEs. Our theoretical analysis and simulation results show the effectiveness of MEAS. Meanwhile, MEAS can also maintain a high estimation accuracy using IBEs.