2,493 research outputs found
Efficient and Low-Cost RFID Authentication Schemes
Security in passive resource-constrained Radio Frequency Identification
(RFID) tags is of much interest nowadays. Resistance against illegal tracking,
cloning, timing, and replay attacks are necessary for a secure RFID
authentication scheme. Reader authentication is also necessary to thwart any
illegal attempt to read the tags. With an objective to design a secure and
low-cost RFID authentication protocol, Gene Tsudik proposed a timestamp-based
protocol using symmetric keys, named YA-TRAP*. Although YA-TRAP* achieves its
target security properties, it is susceptible to timing attacks, where the
timestamp to be sent by the reader to the tag can be freely selected by an
adversary. Moreover, in YA-TRAP*, reader authentication is not provided, and a
tag can become inoperative after exceeding its pre-stored threshold timestamp
value. In this paper, we propose two mutual RFID authentication protocols that
aim to improve YA-TRAP* by preventing timing attack, and by providing reader
authentication. Also, a tag is allowed to refresh its pre-stored threshold
value in our protocols, so that it does not become inoperative after exceeding
the threshold. Our protocols also achieve other security properties like
forward security, resistance against cloning, replay, and tracking attacks.
Moreover, the computation and communication costs are kept as low as possible
for the tags. It is important to keep the communication cost as low as possible
when many tags are authenticated in batch-mode. By introducing aggregate
function for the reader-to-server communication, the communication cost is
reduced. We also discuss different possible applications of our protocols. Our
protocols thus capture more security properties and more efficiency than
YA-TRAP*. Finally, we show that our protocols can be implemented using the
current standard low-cost RFID infrastructures.Comment: 21 pages, Journal of Wireless Mobile Networks, Ubiquitous Computing,
and Dependable Applications (JoWUA), Vol 2, No 3, pp. 4-25, 201
A Cloud-based RFID Authentication Protocol with Insecure Communication Channels
© 2016 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.Radio Frequency Identification (RFID) has becomea widespread technology to automatically identify objects and withthe development of cloud computing, cloud-based RFID systemsattract more research these days. Several cloud-based RFIDauthentication protocols have been proposed to address privacyand security properties in the environment where the cloudprovider is untrusted therefore the tag’s data are encrypted andanonymously stored in the cloud database. However, most of thecloud-based RFID authentication protocols assume securecommunication channels between the reader and the cloud server.To protect data transmission between the reader and the cloudserver without any help from a third party, this paper proposes acloud-based RFID authentication protocol with insecurecommunication channels (cloud-RAPIC) between the reader and the cloud server. The cloud-RAPIC protocol preserves tag privacyeven when the tag does not update its identification. The cloudRAPIC protocol has been analyzed using the UPriv model andAVISPA verification tool which have proved that the protocolpreserves tag privacy and protects data secrecy
Serverless protocols for inventory and tracking with a UAV
It is widely acknowledged that the proliferation of Unmanned Aerial Vehicles
(UAVs) may lead to serious concerns regarding avionics safety, particularly
when end-users are not adhering to air safety regulations. There are, however,
domains in which UAVs may help to increase the safety of airplanes and the
management of flights and airport resources that often require substantial
human resources. For instance, Paris Charles de Gaulle airport (CDG) has more
than 7,000 staff and supports 30,000 direct jobs for more than 60 million
passengers per year (as of 2016). Indeed, these new systems can be used
beneficially for several purposes, even in sensitive areas like airports. Among
the considered applications are those that suggest using UAVs to enhance safety
of on-ground airplanes; for instance, by collecting (once the aircraft has
landed) data recorded by different systems during the flight (like the sensors
of the Aircraft Data Networks - ADN) or by examining the state of airplane
structure. In this paper, our proposal is to use UAVs, under the control of the
airport authorities, to inventory and track various tagged assets, such as
luggage, supplies required for the flights, and maintenance tools. The aim of
our proposal is to make airport management systems more efficient for
operations requiring inventory and tracking, along with increasing safety
(sensitive assets such as refueling tanks, or sensitive pieces of luggage can
be tracked), thus raising financial profit.Comment: 11 pages, Conference, The 36th IEEE/AIAA Digital Avionics Systems
Conference (DASC'17
- …