Radio Frequency Identification Mutual Authentication Protocol Research Articles

ENHANCING SECURITY OF RFID-ENABLED IOT SUPPLY CHAIN

In addition to its benefits, the popular Internet of Things (IoT) technology has also opened the way to novel security and privacy issues. The basis of IoT security and privacy starts with trust in the IoT hardware and its supply chain. Counterfeiting, cloning, tampering of hardware, theft, and lost issues in the IoT supply chain have to be addressed, in order to ensure reliable IoT industry growth. In four previous works, radio-frequency identification (RFID)-enabled solutions have been proposed by the same authors, aimed to bring security to the entire IoT supply chain. The works propose a new RFID-traceable hardware architecture, device authentication, and supply chain tracing procedure. In each of these works, a variant of the same is proposed. However, the same variant of lightweight RFID authentication protocol coupled with the offline supply chain proposed in these works has such security vulnerabilities that make the whole supply chain unsafe. In our present work, an online supply chain hop-tracking procedure supported by a novel RFID mutual authentication protocol, based on the strong matching of the RFID readers-their operators-central database present at the transfer hops is proposed. Our proposed Strong RFID Authentication Protocol (STRAP) has been verified by two well-accepted formal protocol analyzers Scyther and AVISPA. The verification results demonstrate that STRAP overcomes the previous works’ vulnerabilities. Furthermore, our proposed novel online supply chain tracing procedure supporting STRAP removes the previous offline supply chain tracing procedure weaknesses.

Simple Yet Secure Encoder Architecture and Ultralightweight Mutual Authentication Protocol for RFID Tags in IoT

Internet of things (IoT) has evolved as the internet of everything, and it has grabbed the interest of all the researchers in recent days. Almost all the objects, including nonelectronics devices, can also be connected with the internet through radio frequency identification (RFID) technology. The security of the perception layer is crucial to secure the entire IoT network. RFID-enabled IoT perception layer has secured reader-to-server channel and unsecured tag to reader channel. Hence, securing the unsecured communication channel between the reader and the tag is the need of the hour. This work proposes a simple yet secure permutation approximate adder (SYSPXA)-based RFID mutual authentication protocol to address the need. The proposed protocol dramatically reduces the tag’s storage and computational overhead. It needs 40% less storage and 66.7% less permutation operation in comparison with the existing protocols. Nondisclosure of the key and freshness of key, IDS and random numbers at every mutual authentication process gives resistance to the protocol against de-synchronization attack, disclosure attack, tag tracking, replay attack. The SYSPXA protocol is validated for its security features using Burrows–Abadi–Needham (BAN) logic formal verification. The performance and security of the proposed protocol are contrasted with various futuristic permutation-based protocols, and its superiority over other protocols is highlighted. We have simulated the SYSPXA protocol with ModelSim tool for verifying its functionality. The protocol encoder architecture is implemented in the Intel cyclone IV Field Programmable Gate Array (FPGA) EP4CE115F29C7 device.

SecMAP: A Secure RFID Mutual Authentication Protocol for Healthcare Systems

In recent years, radio frequency identification (RFID) technology has been applied to construct better healthcare systems, offering various healthcare services that can benefit all medical staff and patients. However, because of the insecure communication channels in RFID systems, security is a main concern to be solved for RFID to be used in healthcare systems. To address this issue, recently in 2019, Safkhani et al. proposed a lightweight RFID authentication protocol in IEEE Access. The authors claimed that their protocol has a higher security level than existing protocols in this category. This article firstly analyzes the security of Safkhani et al.'s protocol, and shows that this protocol is lack of forward secrecy and scalability. Then, a new and secure mutual authentication protocol (SecMAP) is proposed to overcome these weaknesses. The security of the SecMAP protocol is confirmed with formal analyses using the Gong-Needham-Yahalom (GNY) logic and the Scyther tool. Besides, SecMAP is compatible with low-cost RFID tags. Thus, the proposed protocol can effectively provide security for RFID based healthcare systems.

Cloud-based lightweight secure RFID mutual authentication protocol in IoT

Radio Frequency Identification (RFID) is a supporting technology for the Internet of things (IoT). RFID enables all physical devices to be connected to IoT. When RFID is widely used and developing rapidly, its security and privacy issues cannot be ignored. The wireless broadcast channel between the tag and the reader may be subject to many security attacks, such as interception, modification, and replay. Messages from unverified tags or readers are also untrustworthy. A secure and stable RFID authentication scheme is critical to IoT. This paper puts forward an efficient and reliable cloud-based RFID authentication scheme. In order to reduce the RFID tag's overhead, the proposed authentication scheme explores the rotation and enhanced permutation to encrypt data. The proposed protocol not only resists the above common attacks and protects the privacy of the tag, but also adds the cloud server to the RFID system. Performance simulation shows that permutation and rotation are efficient. Security analysis shows that our protocol can resist various attacks, such as tracking, replay, and desynchronization attack. Mutual authentication and backward security are also achieved. Finally, we apply BAN logic to prove the security of the protocol.

SecLAP: Secure and lightweight RFID authentication protocol for Medical IoT

The safety of medical data and equipment plays a vital role in today’s world of Medical Internet of Things (MIoT). These IoT devices have many constraints (e.g., memory size, processing capacity, and power consumption) that make it challenging to use cost-effective and energy-efficient security solutions. Recently, researchers have proposed a few Radio-Frequency Identification (RFID) based security solutions for MIoT. The use of RFID technology in securing IoT systems is rapidly increasing because it provides secure and lightweight safety mechanisms for these systems. More recently, authors have proposed a lightweight RFID mutual authentication (LRMI) protocol. The authors argue that LRMI meets the necessary security requirements for RFID systems, and the same applies to MIoT applications as well. In this paper, our contribution has two-folds, firstly we analyze the LRMI protocol’s security to demonstrate that it is vulnerable to various attacks such as secret disclosure, reader impersonation, and tag traceability. Also, it is not able to preserve the anonymity of the tag and the reader. Secondly, we propose a new secure and lightweight mutual RFID authentication (SecLAP) protocol, which provides secure communication and preserves privacy in MIoT systems. Our security analysis shows that the SecLAP protocol is robust against de-synchronization, replay, reader/tag impersonation, and traceability attacks, and it ensures forward and backward data communication security. We use Burrows–Abadi–Needham (BAN) logic to validate the security features of SecLAP. Moreover, we compare SecLAP with the state-of-the-art and validate its performance through a Field Programmable Gate Array (FPGA) implementation, which shows that it is lightweight, consumes fewer resources on tags concerning computation functions, and requires less number of flows.

A Lightweight RFID Mutual Authentication Protocol with PUF.

Radio frequency identification is one of the key techniques for Internet of Things, which has been widely adopted in many applications for identification. However, there exist various security and privacy issues in radio frequency identification (RFID) systems. Particularly, one of the most serious threats is to clone tags for the goal of counterfeiting goods, which causes great loss and danger to customers. To solve these issues, lots of authentication protocols are proposed based on physical unclonable functions that can ensure an anti-counterfeiting feature. However, most of the existing schemes require secret parameters to be stored in tags, which are vulnerable to physical attacks that can further lead to the breach of forward secrecy. Furthermore, as far as we know, none of the existing schemes are able to solve the security and privacy problems with good scalability. Since many existing schemes rely on exhaustive searches of the backend server to validate a tag and they are not scalable for applications with a large scale database. Hence, in this paper, we propose a lightweight RFID mutual authentication protocol with physically unclonable functions (PUFs). The performance analysis shows that our proposed scheme can ensure security and privacy efficiently in a scalable way.

IoT Device Security: Challenging "A Lightweight RFID Mutual Authentication Protocol Based on Physical Unclonable Function".

With the exponential increase of Internet of things (IoT) connected devices, important security risks are raised as any device could be used as an attack channel. This preoccupation is particularly important with devices featuring limited processing power and memory capabilities for security purposes. In line with this idea, Xu et al. (2018) proposed a lightweight Radio Frequency Identification (RFID) mutual authentication protocol based on Physical Unclonable Function (PUF)—ensuring mutual tag-reader verification and preventing clone attacks. While Xu et al. claim that their security protocol is efficient to protect RFID systems, we found it still vulnerable to a desynchronization attack and to a secret disclosure attack. Hence, guidelines for the improvements to the protocol are also suggested, for instance by changing the structure of the messages to avoid trivial attacks. In addition, we provide an explicit protocol for which our formal and informal security analysis have found no weaknesses.

A Lightweight RFID Mutual Authentication Protocol Based on Physical Unclonable Function.

With the fast development of the Internet of Things, Radio Frequency Identification (RFID) has been widely applied into many areas. Nevertheless, security problems of the RFID technology are also gradually exposed, when it provides life convenience. In particular, the appearance of a large number of fake and counterfeit goods has caused massive loss for both producers and customers, for which the clone tag is a serious security threat. If attackers acquire the complete information of a tag, they can then obtain the unique identifier of the tag by some technological means. In general, because there is no extra identifier of a tag, it is difficult to distinguish an original tag and its clone one. Once the legal tag data is obtained, attackers can be able to clone this tag. Therefore, this paper shows an efficient RFID mutual verification protocol. This protocol is based on the Physical Unclonable Function (PUF) and the lightweight cryptography to achieve efficient verification of a single tag. The protocol includes three process: tag recognition, mutual verification and update. The tag recognition is that the reader recognizes the tag; mutual verification is that the reader and tag mutually verify the authenticity of each other; update is supposed to maintain the latest secret key for the following verification. Analysis results show that this protocol has a good balance between performance and security.

Implementation of $2^{n}\,- \,2^{k}\,- \,1$ Modulo Adder Based RFID Mutual Authentication Protocol

In wireless communication, secure transmission and reception of data are the major concern today. In recent years, Radio Frequency Identification (RFID) has played a vital role in the security system for secured data communication. The main challenge in RFID-based security system is to design a more secure, better area and power efficient encoder architecture for tag-reader mutual authentication protocol. This paper proposes new and efficient encoder architecture for RFID mutual authentication protocol which utilizes $2^{n}\,- \,2^{k}\,- \,1$ modulo adder for achieving higher security. The proposed architecture is described in Verilog hardware description language and the functionalities are verified and synthesized using Altera Quartus II tool. The architecture is also synthesized using Cadence RTL compiler for 180 and 90 nm technology. Experimental results of the proposed scheme give better performances in terms of area, power, and delay when compared with existing mutual authentication schemes. In addition to that, the architecture is realized as hardware in Altera DE2 Cyclone II (EP2C35F672C6) field programmable gate array and real time verification has been carried out using Logic Analyzer 16851A. Finally, formal security analysis has been performed using the Burrows–Abadi–Needham (BAN) logic to show that the proposed protocol is secure.

DoS, impersonation and de-synchronization attacks against an ultra-lightweight RFID mutual authentication protocol for IoT

In recent years, RFID (radio-frequency identification) systems are widely used in many applications. One of the most important applications for this technology is the Internet of things (IoT). Therefore, researchers have proposed several authentication protocols that can be employed in RFID-based IoT systems, and they have claimed that their protocols can satisfy all security requirements of these systems. However, in RFID-based IoT systems we have mobile readers that can be compromised by the adversary. Due to this attack, the adversary can compromise a legitimate reader and obtain its secrets. So, the protocol designers must consider the security of their proposals even in the reader compromised scenario. In this paper, we consider the security of the ultra-lightweight RFID mutual authentication (ULRMAPC) protocol recently proposed by Fan et al. They claimed that their protocol could be applied in the IoT systems and provide strong security. However, in this paper we show that their protocol is vulnerable to denial of service, reader and tag impersonation and de-synchronization attacks. To provide a solution, we present a new authentication protocol, which is more secure than the ULRMAPC protocol and also can be employed in RFID-based IoT systems.

Design and Implementation of RFID Active Tags and Mutual Authentication Protocol with Ownership Transfer Stage

Radio frequency identification (RFID) technology is being used widely in the last few years. Its applications classifies into auto identification and data capturing issues. The purpose of this paper is to design and implement RFID active tags and reader using microcontroller ATmega328 and 433 MHz RF links. The paper also includes a proposed mutual authentication protocol between RFID reader and active tags with ownership transfer stage. Our protocol is a mutual authentication protocol with tag’s identifier updating mechanism. The updating mechanism has the purpose of providing forward security which is important in any authentication protocol to prevent the attackers from tracking the past transactions of the compromised tags. The proposed protocol gives the privacy and security against all famous attacks that RFID system subjected for due to the transfer of data through unsecure wireless channel, such as replay, denial of service, tracking and cloning attacks. It also ensures ownership privacy when the ownership of the tag moves to a new owner.

Towards secure authenticating of cache in the reader for RFID-based IoT systems

The use of radio frequency identification (RFID) in Internet of things (IoT) has led to a significant progress in numerous intelligent devices. However, due to its restrictions on computation ability, storage space and battery capacity, RFID-based IoT system has to confront with various security and efficiency challenges. Recently, a lightweight RFID mutual authentication protocol with cache in the reader is introduced by Fan et al., named LRMAPC. Fan et al.’s LRMAPC can achieve stronger security and privacy requirements and reduce the computation and storage overheads during authentication process. Unfortunately, we discover that Fan et al.’s LRMAPC is susceptible to reader impersonation attack, tag forgery attack and message eavesdropping attack. Besides, it fails to preserve mutual authentication between the reader and the database. In order to remedy these flaws mentioned above, we further present an advanced authentication mechanisms and demonstrate the correctness of the advanced LRMAPC through the Gong-Needham-Yahalom (GNY) logic analysis. Compared the security and efficiency with Fan et al.’s LRMAPC, the advanced LRMAPC satisfies desirable security requirements and maintains acceptable efficiency in terms of the costs of storage space and computation time. As a result, our advanced LRMAPC is a very promising solution for resource-constrained devices in RFID-based IoT systems.

Cost and Lightweight Modeling Analysis of RFID Authentication Protocols in Resource Constraint Internet of Things

Internet of Things (IoT) is a pervasive environment to interconnect the things like: smart objects, devices etc. in a structure like internet. Things can be interconnected in IoT if these are uniquely addressable and identifiable. Radio Frequency Identification (RFID) is one the important radio frequency based addressing scheme in IoT. Major security challenge in resource constraint RFID networks is how to achieve traditional CIA security i.e. Confidentiality, Integrity and Authentication. Computational and communication costs for Lightweight Mutual Authentication Protocol (LMAP), RFID mutual Authentication Protocol with Permutation (RAPP) and kazahaya authentication protocols are analyzed. These authentication protocols are modeled to analyze the delays using lightweight modeling language. Delay analysis is performed using alloy model over LMAP, RAPP and kazahaya authentication protocols where one datacenter (DC) is connected to different number of readers (1,5 or 10) with connectivity to 1, 5 or 25 tags associated with reader and its results show that for LMAP delay varies from 30-156 msec, for RAPP from 31-188 while for kazahaya from 61-374 msec. Further, performance of RFID authentication protocols is analyzed for group construction through more than one DC (1,5 or 10) with different number of readers (10, 50 or 100) and tags associated with these readers (50, 500, 1000) and results show that DC based binary tree topology with LMAP authentication protocol is having a minimum delay for 50 or 100 readers. Other authentication protocols fail to give authentication results because of large delays in the network. Thus, RAPP and Kazahaya are not suitable for scenarios where there is large amount of increase in number of tags or readers.

A secure ECC-based RFID mutual authentication protocol for internet of things

Progression of the internet technologies has led to the emergence of internet of things (IoT). One of the familiar deployment of IoT is through radio-frequency identification (RFID) technology. In recent times, RFID based systems are one of the most widely spread applications for tagging and keep tracking purposes in IoT deployment. This is due to their powerful features compared to their counterparts of similar techniques such as barcodes. In contrast, radio-frequency identification systems suffer from various attacks and security threats. The wireless channel used for communication is responsible for the majority of these vulnerabilities. In this paper, we propose a new radio-frequency identification authentication protocol based on elliptic curve cryptography (ECC) to eliminate these vulnerabilities. In addition, we use elliptic curve Diffie–Hellman (ECDH) key agreement protocol to generate a temporary shared key used to encrypt the later transmitted messages. Our protocol achieves a set of security properties likes mutual authentication, anonymity, confidentiality, forward security, location privacy, resistance of man-in-the-middle attack, resistance of replay attack and resistance of impersonation attack. We implement our proposed protocol in real RFID system using Omnikey smartcard reader (Omnikey 5421) and NXP Java smartcards (J3A040). Implementation results shows that our proposed protocol outperform in term of time complexity as compared to other similar protocols and requires less number of operations.

Efficient Hardware Implementation of Ultralightweight RFID Mutual Authentication Protocol

Security and privacy are the two major concerns of radio-frequency identification (RFID) based identification systems. Several researchers have proposed ultralightweight mutual authentication protocols (UMAPs) to ensure the security of the low cost RFID tags in recent years. However, almost all of the previously proposed protocols have some serious security flaws and are vulnerable to various security attacks (full disclosure attack, desynchronization attack, impersonation attack, etc.). Recently, a more sophisticated and robust UMAP: Robust confidentiality integrity and authentication (RCIA)1 [U. Mujahid, M. Najam-ul-Islam and M. Ali Shami, RCIA: A new ultralightweight RFID authentication protocol using recursive hash, Int. J. Distrib. Sens. Netw. 2015 (2015) 642180] has been proposed. A new ultralightweight primitive, “recursive hash” has been used extensively in the protocol design which provides hamming weight unpredictability and irreversibility to ensure optimal security. In addition to security and privacy, small chip area is another design constraint which is mandatory requirement for a protocol to be considered as ultralightweight authentication protocol. Keeping in view the scenario presented above, this paper presents the efficient hardware implementation of the RCIA for EPC-C1G2 tags. Both the FPGA and ASIC implementation flows have been adopted. The FPGA design flow is primarily used to validate the functionality of the proposed hardware design whereas ASIC design (using TSMC 0.35 μm library) is used to validate the gate count. To the best of our knowledge, this is the first FPGA and ASIC implementation of any ultralightweight RFID authentication protocol. The simulation and synthesis results of the proposed optimal hardware architecture show the compatibility of the RCIA with extremely low cost RFID tags.

RFID mutual-authentication protocol with synchronous updated-keys based on Hash function

With the wide application of radio frequency identification (RFID) technology, its security privacy issues are becoming more and more prominent. A RFID mutual-authentication protocol with synchronous updated-keys based on Hash function is proposed to tackle those problems in this paper. An updated mechanism of the dynamic tag keys is introduced and a self-synchronized scheme is designed in the protocol, which has achieved the second verification for the tags. The security of the protocol is verified and analyzed by the Burrows-Abadi-Needham (BAN) logic and the attack models, moreover it has been compared with the existing schemes of security properties and its storage and computational performance. The results show that the proposed protocol has the ability to considerably reduce the amount of computation between tags and back-end database, and enhance the search efficiency of the whole system without the additional cost of the tags. It can satisfy safe requirements of RFID system effectively, also improve the authentication efficiency. The proposed protocol is more suitable for the low cost RFID system.

A secure RFID mutual authentication protocol for healthcare environments using elliptic curve cryptography.

Radio Frequency Identification(RFID) is an automatic identification technology, which can be widely used in healthcare environments to locate and track staff, equipment and patients. However, potential security and privacy problems in RFID system remain a challenge. In this paper, we design a mutual authentication protocol for RFID based on elliptic curve cryptography(ECC). We use pre-computing method within tag's communication, so that our protocol can get better efficiency. In terms of security, our protocol can achieve confidentiality, unforgeability, mutual authentication, tag's anonymity, availability and forward security. Our protocol also can overcome the weakness in the existing protocols. Therefore, our protocol is suitable for healthcare environments.

RFID Mutual Authentication Protocol Based on Chaos Key

While radio frequency identification (RFID) is evolving as a major technology enabler for identifying and tracking goods and assets around the world, its security issues are also increasingly exposed. A Hash-based RFID mutual authentication protocol was put forward. The key was joined into the hash algorithm, and chaos sequences were used to update the key. The protocol enhances the security of the RFID system with low cost. Experiments show that the chaos system has the character of initial value sensitivity, which can be used to distribute and update the secret key. Safety analysis show that the mutual authentication protocol can solve security issues including eavesdropping, illegal access, masquerade, spoofing attack, position tracking.

Research and security analysis on open RFID mutual authentication protocol

Considering that Radio Frequency Identification(RFID) system has many security problems because of limited resource and broadcasting transmission,a new improved mutual authentication protocol was put forward.In the protocol,symmetric encryption combined with the random number method was used.It has advantage in balancing the security,efficiency and cost.The protocol can be applied in an open environment which the transmission security between database and reader is not requested necessary.It can improve the mobility and the application range of the reader.BAN logic was used to do the formal analysis and proved that the proposed protocol is safe and reachable.The proposed protocol can effectively solve the security attacks,such as eavesdropping,tracing and replaying.

Improvement of the Hash-Based RFID Mutual Authentication Protocol

Radio frequency identification (RFID) is a popular kind of automatic identification technologies that uses radio frequencies. Many security and privacy problems my be raised in the using of RFID du...