Abstract
Privacy issue has become a crucial concern in internet of things (IoT) applications ranging from home appliances to vehicular networks. RFID system has found enormous scope in IoT applications such as consumer electronics, healthcare, tracking objects and transport system. In this paper, we present a privacy preserving authentication protocol for RFID system. The protocol provides mutual authentication of tag and reader, and preserves privacy of tags. We analyze the proposed protocol against active adversary and show that the protocol preserves narrow-strong privacy of the tags. We compare our protocol with the related work and show its usefulness in wide range of IoT applications.
Similar content being viewed by others
References
Naskar, S., Basu, P., & Sen, A. K. (2017). A literature review of the emerging field of IOT using RFID and its applications in supply chain management. In The internet of things in the modern business environment advances in e-business research, (pp. 1–27).
Irawan, J. D., Adriantantri, E., & Farid, A. (2018). RFID and IOT for attendance monitoring system. In MATEC web of conferences - the 3rd international conference on electrical systems, technology and information, Vol. 164, 01020, EDP Sciences.
Porambage, P., Ylianttila, M., Schmitt, C., Kumar, P., Gurtov, A., & Vasilakos, A. V. (2016). The quest for privacy in the internet of things. IEEE Cloud Computing, 3(2), 36–45.
Mahdin, H., Kamaludin, H., Saedudin, R. R., Omar, A. H., Kasim, S., & Jailani, J. (2017). The application of RFID system in water level monitoring. International Journal on Advanced Science, Engineering and Information Technology, 7(4–2), 1522–1527.
Fan, K., Jiang, W., Li, H., & Yang, Y. (2018). Lightweight RFID protocol for medical privacy protection in IOT. IEEE Transactions on Industrial Informatics, 14(4), 1656–1665.
Rahman, F., Bhuiyan, M. Z. A., & Ahamed, S. I. (2017). A privacy preserving framework for RFID based health care systems. Future Generation Computer Systems, 72, 339–352.
Gope, P., Amin, R., Islam, S. H., Kumar, N., & Bhalla, V. K. (2017). Lightweight and privacy-preserving RFID authentication scheme for distributed IOT infrastructure with secure localization services for smart city environment. Future Generation Computer Systems, 83(C), 629–637.
Shen, H., Shen, J., Khan, M. K., & Lee, J.-H. (2017). Efficient RFID authentication using elliptic curve cryptography for the internet of things. Wireless Personal Communications, 96(4), 5253–5266.
Liu, B., Yang, B., & Su, X. (2018). An improved two-way security authentication protocol for RFID system. Information, 9(4), 86.
Vaudenay, S. (2007). On privacy models for RFID. In International conference on the theory and application of cryptology and information security, (pp. 68–87). Springer.
Hermans, J., Peeters, R., & Preneel, B. (2014). Proper RFID privacy: Model and protocols. IEEE Transactions on Mobile Computing, 13(12), 2888–2902.
Lee, Y. K., Sakiyama, K., Batina, L., & Verbauwhede, I. (2008). Elliptic-curve based security processor for RFID. IEEE Transactions on Computers, 57(11), 1514–1527.
Hein, D., Wolkerstorfer, J., Felber, N. (2008). ECC is ready for RFID-a proof in silicon. In International workshop on selected areas in cryptography, (pp. 401–413). Springer.
Hankerson, D., Menezes, A. J., & Vanstone, S. (2006). Guide to elliptic curve cryptography. Berlin: Springer.
Das, M. L. (2013). Strong security and privacy of RFID system for internet of things infrastructure. In International conference on security, privacy, and applied cryptography engineering, (pp. 56–69). Springer.
Lee, Y. K., Batina, L., & Verbauwhede, I. (2009). Untraceable RFID authentication protocols: Revision of EC-RAC. In IEEE international conference on RFID, (pp. 178–185).
Lee, Y. K., Batina, L., Singelee, D., & Verbauwhede, I. (2010). Low-cost untraceable authentication protocols for RFID. In Proceedings of the 3rd ACM conference on Wireless network security, (pp. 55–64).
He, D., Kumar, N., Chilamkurti, N., & Lee, J.-H. (2014). Lightweight ECC based RFID authentication integrated with an ID verifier transfer protocol. Journal of Medical Systems, 38(10), 116.
Jin, C., Xu, C., Zhang, X., & Zhao, J. (2015). A secure RFID mutual authentication protocol for healthcare environments using elliptic curve cryptography. Journal of Medical Systems, 39(3), 24.
Chien, H.-Y. (2017). Elliptic curve cryptography-based RFID authentication resisting active tracking. Wireless Personal Communications, 94(4), 2925–2936.
Bringer, J., Chabanne, H., & Icart, T. (2008). Cryptanalysis of EC-RAC, a RFID identification protocol. In International conference on cryptology and network security, (pp. 149–161), Springer.
Van Deursen, T., & Radomirovic, S. (2008). Attacks on RFID protocols. IACR Cryptology ePrint Archive, 2008(310), 1–56.
Van Deursen, T., & Radomirovic, S. (2010). EC-RAC: enriching a capacious RFID attack collection. In International workshop on radio frequency identification: Security and privacy issues, (pp. 75–90). Springer.
Pokala, J., Reddy, M. C., Bapana, S., Vorugunti, C. S., et al. (2016). A secure RFID protocol for telecare medicine information systems using ECC. In International conference on wireless communications, signal processing and networking, (pp. 2295–2300).
Schnorr, C.-P. (1989). Efficient identification and signatures for smart cards. In Conference on the theory and application of cryptology, (pp. 239–252). Springer.
Adame, T., Bel, A., Carreras, A., Melia-Segui, J., Oliver, M., & Pous, R. (2018). Cuidats: An RFID-WSN hybrid monitoring system for smart health care environments. Future Generation Computer Systems, 78, 602–615.
Hinterwalder, G., Moradi, A., Hutter, M., Schwabe, P., & Paar, C. (2014). Fullsize high-security ECC implementation on msp430 microcontrollers. In International conference on cryptology and information security in Latin America, (pp. 31–47), Springer.
Liu, A., & Ning, P. (2008). Tinyecc: A configurable library for elliptic curve cryptography in wireless sensor networks. In Proceedings of the 7th international conference on information processing in sensor networks, (pp. 245–256).
Marin, L., Jara, A., & Gomez, A. S. (2013). Shifting primes: Optimizing elliptic curve cryptography for 16-bit devices without hardware multiplier. Mathematical and Computer Modelling, 58(5–6), 1155–1174.
Acknowledgements
This research was supported in part by the Indo-French Centre for the Promotion of Advanced Research (IFCPAR) and the Center Franco-Indien Pour La Promotion De La Recherche Advancée (CEFIPRA) through the project DST-CNRS 2015-03 under DST-INRIA-CNRS Targeted Programme.
Author information
Authors and Affiliations
Corresponding author
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
About this article
Cite this article
Das, M.L., Kumar, P. & Martin, A. Secure and Privacy-Preserving RFID Authentication Scheme for Internet of Things Applications. Wireless Pers Commun 110, 339–353 (2020). https://doi.org/10.1007/s11277-019-06731-1
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11277-019-06731-1