Energy-Aware RFID Authentication in Edge Computing

Abstract

Internet of Things (IoT) devices are basic units in edge computing. Denial of service (DoS) attack is a great threat to low-cost IoT devices, even worse in privacy-preserving authentication protocols for radio frequency identification (RFID) tags. During DoS attacks, the attacker consumes the legal states in a target tag by continuous scanning and further observes its behavior in authentication to break privacy. Due to lack of adequate energy and computing power, it is hard for passive backscattering RFID tags to defend against DoS attacks. In this work, we cast a new insight on the DoS attacks to RFID tags and leverage the malicious scanning behavior as a new energy source. In this way, a passive tag gains more and more energy and can afford more and more complex cryptography computation under a DoS attack. Finally, the victim tag with adequate energy achieves to complete the complicated public key cryptographic computations and defend against the DoS attack. We further propose a protocol, namely the RUND protocol. We define the tracking privacy model and introduce in the notion of tracking interval to define the tracking privacy other than indistinguishable privacy. To guarantee the security and tracking privacy properties of our protocol, we propose 3 rules as designing guidelines. The analysis shows that our approach can achieve $O$ (1) efficiency while providing DoS-defending privacy-preserving authentication. Furthermore, with proper parameters our approach can save about 40% boosting time at least, compared to the directly charging for public key cryptographic computation method.