Abstract
With the development of information technology, the Internet of Thing (IoT) is extensively employed in many fields such as logistics, medical healthcare, food safety and intelligent transportation. The Radio Frequency Identification (RFID) technology is an important building block of the IoT. Therefore, how to address security problem in RFID system is a crucial issue for the security of the IoT. The RFID authentication protocol is a key cryptographic protocol ensuring communication security because it could provide authentication between the tag and the server. Recently, elliptic curve cryptography (ECC)-based RFID authentication protocols were studied widely because they could provide better security attributes compared with traditional RFID authentications. Lv et al. proposed three ECC-based RFID protocols and claimed their protocols could overcome weaknesses in previous protocols. Unfortunately, in this paper, we show that Lv et al.’s protocols cannot withstand the man-in-the-middle attack. To solve security problems in their protocols, we propose three improved ECC-based RFID authentication protocols.
Access provided by CONRICYT-eBooks. Download to read the full chapter text
Chapter PDF
Similar content being viewed by others
Keywords
References
B. Guo, D. Zhang, Z. Yu, Y. Liang, Z. Wang, and X. Zhou, From the Internet of Things to Embedded Intelligence, World Wide Web Journal, vol. 16, no. 4, pp. 399-420, 2013. 16
M. Feki, F. Kawsar, M Boussard, and L Trappeniers, The Internet of Things: The Next Technological Revolution, Computer, vol. 46, no. 2, pp. 24-25, 2013.
R. Das, Rfid market projections 2008–2018, IDTechEx, 2008.
Y. Tian, G. Chen, J. Li, A New Ultralightweight RFID Authentication Protocol with Permutation, IEEE Communication Letters, vol. 16, no. 5, pp. 702-705, 2012.
H. Lee, T. Yi, J. Hyun, Secure and Lightweight Authentication Protocol for Mobile RFID Privacy, Applied Mathematics & Information Sciences, vol. 7, no. 1, pp. 421-426, 2013.
Y. Lee, Y. Park, A New Privacy-preserving Path Authentication Scheme using RFID for Supply Chain Management, Advances in Electrical and Computer Engineering, vol. 13, no. 1, pp. 23-26, 2013.
Z. Wu, L. Chen, J. Wu, A Reliable RFID Mutual Authentication Scheme for Healthcare Environments, Journal of Medical Systems, vol. 37, no. 2, Article ID: 9917, 2013.
C. Yen, M. Lo, N. Lo, Authentication with low-cost RFID tags in mobile networks, Security and Communication Networks, vol. 6. no. 8, pp. 1021-1027, 2013.
G. Deng, H. Li, Y, Zhang, Tree-LSHB plus : An LPN-Based Lightweight Mutual Authentication RFID Protocol, Wireless Personal Communication, vol. 72, no. 1, pp. 159-174, 2013.
G. Avoine, M. Bingol, X. Carpent, Privacy-Friendly Authentication in RFID Systems: On Sublinear Protocols Based on Symmetric-Key Cryptography, IEEE Transactions on Mobile Computing, vol. 12, no. 10, pp. 2037-2049, 2013.
S. Kaul, A. K. Awasthi, RFID Authentication Protocol to Enhance Patient Medication Safety, Journal of Medical Systems, vol. 37, no. 6, Article ID: 9979, 2013.
M. Dehkordi, Y. Farzaneh, Improvement of the Hash-Based RFID Mutual Authentication Protocol, Wireless Personal Communication, vol. 75, no. 1, pp. 219-232, 2014.
L. Gao, M. Ma, Y. Shu, An ultralightweight RFID authentication protocol with CRC and permutation, Journal of Network and Computer Applications, vol. 41, no. 1, pp. 37-46, 2014.
Y. Lee, K. Sakiyama, L. Batina, I. Verbauwhede, Elliptic curve-based security processor for RFID, IEEE Transactions on Computers, vol. 57, no. 11, pp. 1514-1527, 2008.
Y. Liao, C. Hsiao, A secure ECC-based RFID authentication scheme integrated with ID-verifier transfer protocol, Ad Hoc Networks, vol. 18, no. 1, pp. 133-146, 2014.
Z. Zhang, Q. Qi, An Efficient RFID Authentication Protocol to Enhance Patient Medication Safety Using Elliptic Curve Cryptography, Journal of Medical Systems, vol. 38, no. 5, Article ID: 47, 2014.
Z. Zhao, A Secure RFID Authentication Protocol for Healthcare Environments Using Elliptic Curve Cryptosystem, Journal of Medical Systems, vol. 38, no. 5, Article ID: 46, 2014.
Y. Lee, L. Batina, I. Verbauwhede, EC-RAC (ECDLP based randomized access control): provably secure RFID authentication protocol, In: IEEE International Conference on RFID 2008, pp. 97-104, 2008.
J. Bringer, H. Chabanne, T. Icart, Cryptanalysis of EC-RAC, a RFID identification protocol. In: 7 th International Conference on Cryptology And Network Security- CANS’08, pp. 149-161, 2008.
T. Deursen, S. Radomirovic, Attacks on RFID protocols (version 1.1), Technical Report, University of Luxembourg, 2009.
Y. Lee, L. Batina, I. Verbauwhede, Untraceable RFID authentication protocols: revision of EC-RAC, In: IEEE International Conference on RFID 2009, pp. 178–185, 2009.
T. Deursen, S. Radomirovic, Untraceable RFID protocols are not trivially composable: attacks on the revision of EC-RAC. Technical Report, University of Luxembourg, 2009.
C. Lv, H. Li, J. Ma, Y. Zhang, Vulnerability analysis of elliptic curve cryptography-based RFID authentication protocols, Transactions on Emerging Telecommunications Technologies, vol. 23, no. 7, pp. 618–624. 17
S. Vaudenay, On privacy models for RFID, In: Advances in Cryptology - Asiacrypt 2007, pp. 68–87, 2007.
A. Juels, S. Weis, Defining strong privacy for RFID, ACM Transactions on Information and System Security, vol. 13, no. 1, pp. 1–23, 2009.
G. Avoine, Adversarial model for radio frequency identification, Cryptology ePrint Archive, Report 2005/049, 2005.
C. Ng, W. Susilo, Y. Mu, R. Safavi-Naini, RFID privacy models revisited. In: Proceedings of the 13 th European Symposium on Research in Computer Security, pp. 251–266, 2008.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2017 Springer International Publishing AG
About this paper
Cite this paper
An, R., Feng, H., Liu, Q., Li, L. (2017). Three elliptic curve cryptography-based RFID authentication protocols for Internet of Things. In: Barolli, L., Xhafa, F., Yim, K. (eds) Advances on Broad-Band Wireless Computing, Communication and Applications. BWCCA 2016. Lecture Notes on Data Engineering and Communications Technologies, vol 2. Springer, Cham. https://doi.org/10.1007/978-3-319-49106-6_88
Download citation
DOI: https://doi.org/10.1007/978-3-319-49106-6_88
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-49105-9
Online ISBN: 978-3-319-49106-6
eBook Packages: EngineeringEngineering (R0)