Wide-weak Privacy Preserving RFID Mutual Authentication Protocol

Radio Frequency IDentification (RFID) systems are gaining enormous interests at industry due to their vast applications such as supply chain, access control, inventory, transport, health care and home appliances. Although tag identification is the primary security goal of an RFID system, privacy issue is equally, even more, important concern in RFID system because of pervasiveness of RFID tags. Over the years, many protocols have been proposed for RFID tags\u27 identification using different cryptographic primitives. It has been observed that most of them provide tags\u27 identification, but they fail to preserve tags\u27 privacy. It has been also proven that public-key primitives are essential for strong privacy and security requirements in RFID systems. In this paper, we present a mutual authentication protocol for RFID systems using elliptic curves arithmetic. Precisely, the proposed protocol provides narrow-strong and wide-weak privacy and resists tracking attacks under standard complexity assumption. The protocol is compared with related works and found efficient in comparison to others

A secure and private RFID authentication protocol based on quadratic residue

Radio Frequency IDentification based systems are getting pervasively deployed in many real-life applications in various settings for identification and authentication of remote objects. However, the messages that are transmitted over a insecure channel, are vulnerable to security and privacy concerns such as data privacy, location privacy of tag owner and etc. Recently, Yeh et al.'s proposed a RFID authentication protocol based on quadratic residue which is claimed to provide location privacy and prevent possible attacks. In this paper, we formally analyzed the protocol and we proved that the protocol provides destructive privacy according to Vaudenay privacy model. Moreover, we proposed a unilateral authentication protocol and we prove that our protocol satisfies higher privacy level such as narrow strong privacy. Besides, we proposed an enhanced version of our proposed protocol, which has same privacy level as Yeh at al protocol, but has reader authentication against stronger adversaries. Furthermore, the enhanced version of our protocol uses smaller number of cryptographic operations when compared to Yeh at al protocol and it is also cost efficient at the server and tag side and requires O(1) complexity to identify a RFID tag

A Privacy Preserving Framework for RFID Based Healthcare Systems

RFID (Radio Frequency IDentification) is anticipated to be a core technology that will be used in many practical applications of our life in near future. It has received considerable attention within the healthcare for almost a decade now. The technology’s promise to efficiently track hospital supplies, medical equipment, medications and patients is an attractive proposition to the healthcare industry. However, the prospect of wide spread use of RFID tags in the healthcare area has also triggered discussions regarding privacy, particularly because RFID data in transit may easily be intercepted and can be send to track its user (owner). In a nutshell, this technology has not really seen its true potential in healthcare industry since privacy concerns raised by the tag bearers are not properly addressed by existing identification techniques. There are two major types of privacy preservation techniques that are required in an RFID based healthcare system—(1) a privacy preserving authentication protocol is required while sensing RFID tags for different identification and monitoring purposes, and (2) a privacy preserving access control mechanism is required to restrict unauthorized access of private information while providing healthcare services using the tag ID. In this paper, we propose a framework (PriSens-HSAC) that makes an effort to address the above mentioned two privacy issues. To the best of our knowledge, it is the first framework to provide increased privacy in RFID based healthcare systems, using RFID authentication along with access control technique

Privacy-Preserving Mutual Authentication in RFID with Designated Readers

We study privacy-preserving mutual authentication in radio-frequency identification systems with designated readers (PP-MADR in short). In PP-MADR, each tag has its designated-reader group instead of all readers, and only tags and their designated readers can authenticate each other. Other readers and adversaries cannot trace tags or know their designated readers. The most challenging task of constructing such a PP-MADR protocol is the verification of reader designation without compromising tag privacy. We found that traditional solutions are impractical due to linear storage growth on tags, linear computation growth on tags, or requiring new key generations for designated readers. In this paper, we show how to construct such an efficient PP-MADR protocol. In our protocol, each tag stores constant-size secret state and performs constant-time computation for mutual authentication. When a tag is created, the server does not generate new private keys for designated readers. Our protocol captures the strong privacy property, where tags cannot be traced and designated readers cannot be distinguished, even if tags are corrupted by adversaries

AnonPri: A Secure Anonymous Private Authentication Protocol for RFID Systems

Privacy preservation in RFID systems is a very important issue in modern day world. Privacy activists have been worried about the invasion of user privacy while using various RFID systems and services. Hence, significant efforts have been made to design RFID systems that preserve users\u27 privacy. Majority of the privacy preserving protocols for RFID systems require the reader to search all tags in the system in order to identify a single RFID tag which not efficient for large scale systems. In order to achieve high-speed authentication in large-scale RFID systems, researchers propose tree-based approaches, in which any pair of tags share a number of key components. Another technique is to perform group-based authentication that improves the tradeoff between scalability and privacy by dividing the tags into a number of groups. This novel authentication scheme ensures privacy of the tags. However, the level of privacy provided by the scheme decreases as more and more tags are compromised. To address this issue, in this paper, we propose a group based anonymous private authentication protocol (AnonPri) that provides higher level of privacy than the above mentioned group based scheme and achieves better efficiency (in terms of providing privacy) than the approaches that prompt the reader to perform an exhaustive search. Our protocol guarantees that the adversary cannot link the tag responses even if she can learn the identifier of the tags. Our evaluation results demonstrates that the level of privacy provided by AnonPri is higher than that of the group based authentication technique

AnonPri: A Secure Anonymous Private Authentication Protocol for RFID Systems

Privacy preservation in RFID systems is a very important issue in modern day world. Privacy activists have been worried about the invasion of user privacy while using various RFID systems and services. Hence, significant efforts have been made to design RFID systems that preserve users\u27 privacy. Majority of the privacy preserving protocols for RFID systems require the reader to search all tags in the system in order to identify a single RFID tag which not efficient for large scale systems. In order to achieve high-speed authentication in large-scale RFID systems, researchers propose tree-based approaches, in which any pair of tags share a number of key components. Another technique is to perform group-based authentication that improves the tradeoff between scalability and privacy by dividing the tags into a number of groups. This novel authentication scheme ensures privacy of the tags. However, the level of privacy provided by the scheme decreases as more and more tags are compromised. To address this issue, in this paper, we propose a group based anonymous private authentication protocol (AnonPri) that provides higher level of privacy than the above mentioned group based scheme and achieves better efficiency (in terms of providing privacy) than the approaches that prompt the reader to perform an exhaustive search. Our protocol guarantees that the adversary cannot link the tag responses even if she can learn the identifier of the tags. Our evaluation results demonstrates that the level of privacy provided by AnonPri is higher than that of the group based authentication technique

Secured authentication of radio-frequency identification system using PRESENT block cipher

The internet of things (IoT) is an emerging and robust technology to interconnect billions of objects or devices via the internet to communicate smartly. The radio frequency identification (RFID) system plays a significant role in IoT systems, providing most features like mutual establishment, key establishment, and data confidentiality. This manuscript designed secure authentication of IoT-based RFID systems using the light-weight PRESENT algorithm on the hardware platform. The PRESENT-256 block cipher is considered in this work, and it supports 64-bit data with a 256-key length. The PRESENT-80/128 cipher is also designed along with PRESENT-256 at electronic codebook (ECB) mode for Secured mutual authentication between RFID tag and reader for IoT applications. The secured authentication is established in two stages: Tag recognition from reader, mutual authentication between tag and reader using PRESENT-80/128/256 cipher modules. The complete secured authentication of IoT-based RFID system simulation results is verified using the chip-scope tool with field-programmable gate array (FPGA) results. The comparative results for PRESENT block cipher with existing PRESENT ciphers and other light-weight algorithms are analyzed with resource improvements. The proposed secured authentication work is compared with similar RFID-mutual authentication (MA) approaches with better chip area and frequency improvements