Jianqing Fu,Chunming Wu,XiaoPing Chen,Rong Fan

DOI: https://doi.org/10.1109/iccet.2010.5485559

2010-01-01

Abstract:Nowadays, the use of Radio Frequency Identification (RFID) systems in industry and stores has increased. Nevertheless, some of these systems present problems that may discourage potential users. Hence, high confidence and efficient privacy protocols are urgently needed. Previous studies to achieve privacy authentication can be grouped into tree-based and synchronization approaches. But all of the tree-based designs are not suitable to large scale RFID systems, and most of the synchronization designs have security flaws. So in this paper, we propose a scalable pseudo random RFID private mutual authentication protocol (SPRA) to archive both scalable and security. The analysis results show that SPRA effectively enhances the security protection for RFID private authentication, and has the authentication efficiency of O(1).

ZW Luo,T Chan,JS Li

DOI: https://doi.org/10.1109/icebe.2005.7

2005-01-01

Abstract:Radio frequency identification (RFID) technology is expected to become an important and ubiquitous infrastructure technology of supply chain processes and customer service. The low-cost tag, or so-called passive tag, will be likely the factor for widespread adoption of the technology. It must be noticed that the deployment of such tags may create new threats to user privacy due to the powerful tracking capability of the tags. As a result, some sort of security issues must be imposed on the passive tags for addressing the privacy problem. However, providing security in such tags is a challenging task because they are highly resource constrained and cannot support strong cryptography. This paper provides both discussion on the requirements and restrictions of security implementation of a RFID system. It also examines the features and issues pertinent to several existing RFID security solution. Finally, this paper suggests the use of our proposed lightweight security protocol based on Ohkubo's scheme, which protects user privacy using a hash chain mechanism and also provides an analysis of the protocol

Hanguang Luo,Tao Zou,Chunming Wu,Dan Li,Shunbin Li,Chu

DOI: https://doi.org/10.32604/cmc.2022.027118

2022-01-01

Abstract:In the emerging Industrial Internet of Things (IIoT), authentication problems have become an urgent issue for massive resource-constrained devices because traditional costly security mechanisms are not suitable for them. The security protocol designed for resource-constrained systems should not only be secure but also efficient in terms of usage of energy, storage, and processing. Although recently many lightweight schemes have been proposed, to the best of our knowledge, they are unable to address the problem of privacy preservation with the resistance of Denial of Service (DoS) attacks in a practical way. In this paper, we propose a lightweight authentication protocol based on the Physically Unclonable Function (PUF) to overcome the limitations of existing schemes. The protocol provides an ingenious authentication and synchronization mechanism to solve the contradictions amount forward secrecy, DoS attacks, and resource-constrained. The performance analysis and comparison show that the proposed scheme can better improve the authentication security and efficiency for resource-constrained systems in IIoT.

He Jialiang -,Ouyang Dantong -,Ye Yuxin -

DOI: https://doi.org/10.4156/aiss.vol3.issue9.43

2011-01-01

INTERNATIONAL JOURNAL ON Advances in Information Sciences and Service Sciences

Abstract:Wireless communication, signal broadcasting, strictly limited resources in tags make RFID systems being confronted with many security attacks and privacy disclosure threats. In this paper，an efficient lightweight RFID mutual authentication protocol is proposed, this protocol only requires O(1) work to identify and authenticate a tag in the backend server and is particularly suitable for the low-cost RFID systems because only one-way hash function, XOR operation and concatenation operation are needed in tags. The security and performance of this protocol are analyzed as well by comparing with the related RFID authentication protocols.

Eslam Gamal Ahmed,Eman Shaaban,Mohamed Hashem

DOI: https://doi.org/10.48550/arXiv.1005.4499

2010-05-25

Cryptography and Security

Abstract:Radio Frequency Identification (RFID) technology one of the most promising technologies in the field of ubiquitous computing. Indeed, RFID technology may well replace barcode technology. Although it offers many advantages over other identification systems, there are also associated security risks that are not easy to be addressed. When designing a real lightweight authentication protocol for low cost RFID tags, a number of challenges arise due to the extremely limited computational, storage and communication abilities of Low-cost RFID tags. This paper proposes a real mutual authentication protocol for low cost RFID tags. The proposed protocol prevents passive attacks as active attacks are discounted when designing a protocol to meet the requirements of low cost RFID tags. However the implementation of the protocol meets the limited abilities of low cost RFID tags.

Bing Zhang,Zhi Guang Qin,Guo Gen Wan,Xin

DOI: https://doi.org/10.4028/www.scientific.net/amm.543-547.2255

2014-01-01

Applied Mechanics and Materials

Abstract:This document analyzes the security drawback of the Hash-based algorithm authentication protocols which is frequently used in low-cost RFID systems, and proposes a lightweight mutual authentication protocol. In the proposed protocol, all authenticated information is encrypted , the location privacy is also provided by refreshing an identifier of a tag in each session and lost massages can be recovered from many attacks such as spoofing attacks. The comparison result of the simulation experiment and the formal correctness proof of the proposed authentication protocol is based on BAN logic. It shows that the proposed protocol in this article greatly enhance the capability of verifiability, confidentiality and integrality, it also corrects the existing Hash-based protocol secure deficiency so that it is more suitable for low-cost RFID systems than those existing ones.

Shijie Zhou,Zhen Zhang,Zongwei Luo,Edward C. Wong

DOI: https://doi.org/10.1007/s10796-009-9216-6

2009-01-01

Information Systems Frontiers

Abstract:Radio frequency identification (RFID) technology has been widely used in ubiquitous infrastructures. However, resource constraint in the low-cost RFID systems has posed potential risks such as privacy and security problems, becoming adoption barrier for RFID-based applications. In this paper, current security issues in RFID are introduced firstly. Then, we propose a lightweight Anti-desynchronization privacy preserving RFID authentication protocol. It is particularly suitable for the low-cost RFID environment for only the capacity of one-way hash function and XOR operation is needed. In this lightweight Anti-desynchronization RFID authentication protocol, the back-end server keeps the history of the random key update to prevent the active attackers from de-synchronizing the shared secret between the tag and the back-end server. The security and the performance of the proposed protocol are analyzed as well.

Shucheng Yu,Kui Ren,Wenjing Lou

DOI: https://doi.org/10.1109/milcom.2007.4454918

2007-01-01

Abstract:Radio frequency identification (RFID) is an emerging technology for automatic object identification. For successful deployment of tags, a RFID system should provide effective protection over security and privacy. In particular, traceability is the main concern for user privacy. To address these issues, mutual authentication between the reader and tags is required when deploying a RFID system. Unfortunately, because low-cost RFID tags are highly resource constrained, they are not able to carry out expensive cryptographic primitives to achieve strong authentication. This paper introduces a lightweight authentication protocol for low-cost RFID tags. Compared with previous work, our solution provides better traceability protection while keeping the system efficient in terms of computation and communication. Our scheme also maintains comparable strength regarding other security aspects.

Jie Li,Yunfeng Wang,Baoying Jiao,Yong Xu

DOI: https://doi.org/10.1109/iclsim.2010.5461250

2010-01-01

Abstract:A scalable authentication protocol is proposed for security and efficient RFID communication. The performance evaluation and security analysis has proved its advantages. Compared with other protocols, it can preserve content and location privacy, resist replay attacks and Dos attacks, and has forward security and scalable.

Sanjeev Kumar,Haider Banka,Baijnath Kaushik,Kumar, Sanjeev

DOI: https://doi.org/10.1007/s11042-024-19013-1

IF: 2.577

2024-04-02

Multimedia Tools and Applications

Abstract:Nowadays, wireless technology has been widely used in healthcare and communication systems. It makes our life easier in all respects. A radiofrequency identification device (RFID) has been deployed as a wireless and identity communication device. RFID is a low-resource device that requires cryptography with limited energy regarding the minimum key size. Security and authentication between the server and the tags are key challenges for an RFID system to maintain data privacy. This article presents the security vulnerabilities of recent existing RFID authentication schemes. Keeping the focus on stringent security, privacy, and low cost, we have designed a new lightweight group authentication protocol for the robust RFID system. A single server controls multiple tags by using the proposed lightweight protocol in the RFID system. Formal and informal security analysis is performed compared to other lightweight group authentication articles in which only informal security analysis is carried out. The formal security strength of our proposed protocol is analyzed using the AVISPA (Automated Verification of Internet Security Protocol Analysis) tool, confirming that it is safe from different security threats. The newly designed protocol's performance analysis results are measured in terms of computational cost, storage space, and communication cost. Finally, the combined consequence of security and lightweight of the proposed group authentication protocol is superior and outperforms compared to the existing scheme.

computer science, information systems, theory & methods,engineering, electrical & electronic, software engineering

Yan Wang,Feng Shu,Xuemei Lei,Xuehui Wang,Rongen Dong,Qiankun Cheng

DOI: https://doi.org/10.1109/cbd63341.2023.00021

2023-01-01

Abstract:In this paper, a new protocol is proposed to improve the security of mobile RFID smart medical system based on three existing RFID security authentication protocols. Through security analysis, BAN logic analysis and Scyther tool test, it is shown that the proposal protocol can effectively resist many typical attacks that RFID system is vulnerable to, such as location privacy leakage, impersonation attack and desynchronization attack. In addition, the time cost of tag, reader and server is 0.042 ms, 0.084 ms and 0.042 ms respectively in the process of protocol mutual authentication. The storage cost of the tag is 96 bits, and the communication cost of the protocol is 864 bits. Therefore, the results of security and performance analysis show that the protocol is low cost and high security, and can meet to the EPC C1G2 standard.

Hanguang Luo,Guangjun Wen,Jian Su,Zhong Huang

DOI: https://doi.org/10.1007/s11276-016-1323-y

IF: 2.701

2016-01-01

Wireless Networks

Abstract:Data security is crucial for a RFID system. Since the existing RFID mutual authentication protocols encounter the challenges such as security risks, poor performance, an ultra-lightweight authentication protocol named Succinct and Lightweight Authentication Protocol (SLAP) is proposed. SLAP is only composed of bitwise operations like XOR, left rotation and conversion which is easy to implement on a passive tag. The proposed conversion operation as the main security component guarantees the security of RFID system with the properties such as irreversibility, sensibility, full confusion and low complexity, which better performed or even absent in other previous protocols. Security analysis shows that SLAP guarantees the functionalities of mutual authentication as well as resistance to various attacks such as de-synchronization attack, replay attack and traceability attack, etc. Furthermore, performance evaluation also indicates that the proposed scheme outperforms the existing protocols in terms of less computation requirement and fewer communication messages during authentication process.

Kai Fan,Qi Luo,Kuan Zhang,Yintang Yang

DOI: https://doi.org/10.1016/j.ins.2019.08.006

2017-01-01

Abstract:Radio Frequency Identification (RFID) makes it a supporting technology for the Internet of things (IoT). While RFID has been widely used and developed rapidly, its security and privacy issues cannot be ignored. With the development of cloud computing, cloud based RFID system has become a new solution. Protecting the security of RFID system in cloud environment is particularly important. Not verifying the tag or reader when reading message will have serious consequences, which may suffer many secure issues, such as intercept, modifying, replaying, DoS and synchronization. This paper puts forward an efficient and reliable RFID security authentication scheme in cloud environment. The protocol combines the logic encryption operation with timestamp, which can resist DoS attacks and anti-synchronization attacks. The proposed protocol not only can well solve the RFID security and privacy issues, but also can use the powerful cloud computing capabilities to process data.

W Liang,S Xie,X Li,J Long,Y Xie,KC Li

DOI: https://doi.org/10.1007/978-981-10-7398-4_36

2017-01-01

Abstract:The widespread use of radio frequency identification (RFID) in IoTs makes authentication of RFID systems be widely concerned. In existing encryption schemes (e.g., Hash function) in electronic products, secure chip is hard to be used in high performance RFID system due to high computation complexity and cost. In this work, we consider problems in these performances and propose a PUF-GIMAP protocol by combining GIMAP protocol and physically unclonable functions (PUFs). The response of PUF is added into protocol. The mutual authentication between label and reader is realized by transmitting information such as secret key and dynamical pseudonym, which greatly ensures data security in transmission. After authentication, the reserved data is updated in time. The protocol analysis shows that the proposed scheme has the advantages of high security and high reliability.

He Jialiang -,Ouyang Dantong -,Bai Tian -,Zhang Liming -

DOI: https://doi.org/10.4156/jdcta.vol6.issue6.10

2012-01-01

International Journal of Digital Content Technology and its Applications

Abstract:Special physical character and strictly limited resources in tags make RFID systems being confronted with many security problems, mobile reader brings higher design requirements for RFID protocols. In this paper, a lightweight RFID authentication protocol for mobile reader is proposed, this protocol only requires O(1) work to identify and authenticate a tag in the server and is suitable for the low-cost RFID systems. The security and performance of the proposed protocol are analyzed as well.

J Yang,Kui Ren,Kwangjo Kim

2005-01-01

Abstract:In the near future, radio frequency identiflcation (RFID) technology is expected to play an important role for object identiflcation as a ubiquitous infrastructure. However, low-cost RFID tags are highly resource-constrained and cannot support its long-term security, so they have potential risks and may violate privacy for their bearers. To remove security vulnerabilities, we propose a robust mutual authentication protocol between a tag and a back-end server for low-cost RFID system that guarantees data privacy and location privacy of tag bearers. Difierent from the previous works (4, 14), our protocol flrstly provides reader authentication and prevent active attacks based on the assumption that a reader is no more a trusted third party and the communication channel between the reader and the back-end server is insecure like wireless channel. Also, the proposed protocol exhibits forgery resistant against simple copy, or counterfeiting prevailing RFID tags. As tags only have hash function and exclusive-or operation, our proposed protocol is very feasible for low-cost RFID system compared to the previous works. The formal proof of correctness of the proposed authentication protocol is given based on GNY logic.

Yang Liu,Yu Peng,Bailing Wang,Yun Qu,Xuefengi Bai,Xinling Yuan,Zelong Yin

2013-01-01

International Journal of Security and Its Applications

Abstract:With the development and application of RFID technology in Internet of Things (IOT), RFID system plays a more and more important role on privacy protection and information security of users. For the safety need of RFID system and the existing shortage of secure authentication protocols, we offer RFID mutual authentication protocol based on variable update. Mutual authentication is executed in RFID system through the characteristics of Hash function, which prevents the phenomenon of counterfeit in internal system. Meanwhile, we adopt the method of periodic updates System initial value to improve the level of security authentication, which overcomes the various safety attacks. The protocol has certain advantages on security capabilities and algorithm complexity with high safety and practicality.

Yun Tian,Gongliang Chen,Jianhua Li

DOI: https://doi.org/10.1109/lcomm.2012.031212.120237

IF: 3.5529

2012-01-01

IEEE Communications Letters

Abstract:One of the key problems in RFID is security and privacy. The implementation of authentication protocols is a flexible and effective way to solve this problem. This letter proposes a new ultralightweight RFID authentication protocol with permutation (RAPP). RAPP avoids using unbalanced OR and AND operations and introduces a new operation named permutation. The tags only involve three operations: bitwise XOR, left rotation and permutation. In addition, unlike other existing ultralightweight protocols, the last messages exchanged in RAPP are sent by the reader so as to resist de-synchronization attacks. Security analysis shows that RAPP achieves the functionalities of the authentication protocol and is resistant to various attacks. Performance evaluation illustrates that RAPP uses fewer resources on tags in terms of computation operation, storage requirement and communication cost.

Chien-Ming Chen,Shuai-Min Chen,Xinying Zheng,Pei-Yu Chen,Hung-Min Sun

DOI: https://doi.org/10.1155/2014/704623

2014-01-01

The Scientific World JOURNAL

Abstract:RFID technology has become popular in many applications; however, most of the RFID products lack security related functionality due to the hardware limitation of the low-cost RFID tags. In this paper, we propose a lightweight mutual authentication protocol adopting error correction code for RFID. Besides, we also propose an advanced version of our protocol to provide key updating. Based on the secrecy of shared keys, the reader and the tag can establish a mutual authenticity relationship. Further analysis of the protocol showed that it also satisfies integrity, forward secrecy, anonymity, and untraceability. Compared with other lightweight protocols, the proposed protocol provides stronger resistance to tracing attacks, compromising attacks and replay attacks. We also compare our protocol with previous works in terms of performance.

Kai Fan,Yuanyuan Gong,Chen Liang,Hui Li,Yintang Yang

DOI: https://doi.org/10.1002/sec.1314

IF: 1.968

2015-01-01

Security and Communication Networks

Abstract:As one of the core techniques in 5G, the Internet of Things is more interested than ever. Furthermore, radio frequency identification (RFID) plays a crucial role in Internet of Things development. Although the low-cost RFID system has wide prospect, it has to face with huge challenges because of potential security risks, privacy problems, and efficiency because of its restrictions on processing, storage, and power in RFID tags. One of the possible solutions in secure authentication of the low-cost RFID system is the lightweight RFID authentication protocol. A lightweight RFID mutual authentication protocol with cache in the reader is proposed in this paper, named LRMAPC. The LRMAPC can greatly reduce the computational and transmission cost. Especially, it can reduce computational costs greatly when a large number of tags want to be authenticated. We prove the correctness of LRMAPC using GNY logic. Compared with some existing works, LRMAPC achieves higher efficiency and stronger security. Furthermore, we developed LRMAPC into ULRMAPC, an ultralightweight RFID mutual authentication protocol with cache in the reader. Compared with SASI and Gossamer protocols, ULRMAPC also achieves higher efficiency and stronger security in storage and computation cost. Copyright (C) 2015 John Wiley & Sons, Ltd.