Practical Schemes For Privacy & Security Enhanced RFID

Proper privacy protection in RFID systems is important. However, many of the schemes known are impractical, either because they use hash functions instead of the more hardware efficient symmetric encryption schemes as a efficient cryptographic primitive, or because they incur a rather costly key search time penalty at the reader. Moreover, they do not allow for dynamic, fine-grained access control to the tag that cater for more complex usage scenarios. In this paper we investigate such scenarios, and propose a model and corresponding privacy friendly protocols for efficient and fine-grained management of access permissions to tags. In particular we propose an efficient mutual authentication protocol between a tag and a reader that achieves a reasonable level of privacy, using only symmetric key cryptography on the tag, while not requiring a costly key-search algorithm at the reader side. Moreover, our protocol is able to recover from stolen readers.Comment: 18 page

A NOVEL TECHNIQUE FOR SECURE ENCRYPTED MESSAGES IN MOBILE AND PERVASIVE APPLICATIONS

More than applications rely on the existence of small devices that can exchange information and form communication networks. In a significant portion of such applications, the confidentiality and integrity of the communicated messages are of particular interest. In this work, to propose two novel techniques for authenticating short encrypted messages that are directed to meet the requirements of mobile and pervasive applications. By taking advantage of the fact that the message to be authenticated must also be encrypted, to propose provably secure authentication codes that are more efficient than any message authentication code in the literature. The key idea behind the proposed techniques is to utilize the security that the encryption algorithm can provide to design more efficient authentication mechanisms, as opposed to using standalone authentication primitives

Privacy Guaranteed Mutual Authentication on EPCglobal Class 1 Gen 2 Scheme

Concerning the security weakness of EPC scheme especially on privacy concerned applications, an anonymous mutual authentication protocol is proposed for light-weight security inauguration on Class 1 Gen 2 UHF RFID (EPC C1G2) scheme. By utilizing the existing functions and memory bank of tag, we amend the processing sequence based on current EPC architecture. And an auto-updating index number IDS is enrolled to provide privacy protection to EPC code. A light weight encryption algorithm utilizing tagpsilas existing PRNG and keys are introduced for mutual authentication. Several attacks to the RFID solutions can be effectively resolved through our improvement.published_or_final_versio

SLEC: A Novel Serverless RFID Authentication Protocol Based on Elliptic Curve Cryptography

Radio Frequency Identification (RFID) is one of the leading technologies in the Internet of Things (IoT) to create an efficient and reliable system to securely identify objects in many environments such as business, health, and manufacturing areas. Since the RFID server, reader, and tag communicate via insecure channels, mutual authentication between the reader and the tag is necessary for secure communication. The central database server supports the authentication of the reader and the tag by storing and managing the network data. Recent lightweight RFID authentication protocols have been proposed to satisfy the security features of RFID communication. A serverless RFID system is a new promising solution to alternate the central database for mobile RFID models. In this model, the reader and the tag perform the mutual authentication without the support of the central database server. However, many security challenges arise from implementing the lightweight RFID authentication protocols in the serverless RFID network. We propose a new robust serverless RFID authentication protocol based on the Elliptic Curve Cryptography (ECC) to prevent the security attacks on the network and maintain the confidentiality and the privacy of the authentication messages and tag information and location. While most of the current protocols assume a secure channel in the setup phase to transmit the communication data, we consider in our protocol an insecure setup phase between the server, reader, and tag to ensure that the data can be renewed from any checkpoint server along with the route of the mobile RFID network. Thus, we implemented the elliptic curve cryptography in the setup phase (renewal phase) to transmit and store the data and the public key of the server to any reader or tag so that the latter can perform the mutual authentication successfully. The proposed model is compared under the classification of the serverless model in term of computation cost and security resistance

Authentication Techniques That Work Well With Mobile and Distributed Systems

In the modern technological world, the existence of minuscule devices that are able to exchange data and build networks is necessary for the completion of numerous activities. In many of these applications, the confidentiality and dependability of the information that is being transferred are of the utmost importance. The purpose of this article is to offer two novel ways for authenticating short conversations that are encrypted, with the end objective of fulfilling the requirements of mobile and ubiquitous software. We take advantage of the fact that the message that has to be verified must also be encrypted in order to propose a set of authentication codes that are not only provably secure but also surpass every other message authentication code that has been published in the past. The recommended procedures make use of encryption techniques to provide an additional layer of protection, with the goal of enhancing the performance of the conventional authentication primitives

Two Novel E-Visas Verification Schemes Based On Public Key Infrastructure (Pki) And Identity Based Encryption (Ibe).

Visa merupakan dokumen perjalanan yang sangat penting yang membenarkan kita memasuki sesebuah negara yang akan kita lawati. Visa is a very important traveling document, which is an essential need at the point of entry of any country we are visiting

KALwEN: a new practical and interoperable key management scheme for body sensor networks

Key management is the pillar of a security architecture. Body sensor networks (BSNs) pose several challenges–some inherited from wireless sensor networks (WSNs), some unique to themselves–that require a new key management scheme to be tailor-made. The challenge is taken on, and the result is KALwEN, a new parameterized key management scheme that combines the best-suited cryptographic techniques in a seamless framework. KALwEN is user-friendly in the sense that it requires no expert knowledge of a user, and instead only requires a user to follow a simple set of instructions when bootstrapping or extending a network. One of KALwEN's key features is that it allows sensor devices from different manufacturers, which expectedly do not have any pre-shared secret, to establish secure communications with each other. KALwEN is decentralized, such that it does not rely on the availability of a local processing unit (LPU). KALwEN supports secure global broadcast, local broadcast, and local (neighbor-to-neighbor) unicast, while preserving past key secrecy and future key secrecy (FKS). The fact that the cryptographic protocols of KALwEN have been formally verified also makes a convincing case. With both formal verification and experimental evaluation, our results should appeal to theorists and practitioners alike