Skip to main content
SpringerLink
Log in

Lightweight group authentication protocol for secure RFID system

  • Published:
Multimedia Tools and Applications Aims and scope Submit manuscript

Abstract

Nowadays, wireless technology has been widely used in healthcare and communication systems. It makes our life easier in all respects. A radiofrequency identification device (RFID) has been deployed as a wireless and identity communication device. RFID is a low-resource device that requires cryptography with limited energy regarding the minimum key size. Security and authentication between the server and the tags are key challenges for an RFID system to maintain data privacy. This article presents the security vulnerabilities of recent existing RFID authentication schemes. Keeping the focus on stringent security, privacy, and low cost, we have designed a new lightweight group authentication protocol for the robust RFID system. A single server controls multiple tags by using the proposed lightweight protocol in the RFID system. Formal and informal security analysis is performed compared to other lightweight group authentication articles in which only informal security analysis is carried out. The formal security strength of our proposed protocol is analyzed using the AVISPA (Automated Verification of Internet Security Protocol Analysis) tool, confirming that it is safe from different security threats. The newly designed protocol’s performance analysis results are measured in terms of computational cost, storage space, and communication cost. Finally, the combined consequence of security and lightweight of the proposed group authentication protocol is superior and outperforms compared to the existing scheme.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10
Fig. 11
Fig. 12
Fig. 13
Fig. 14
Fig. 15
Fig. 16
Fig. 17
Fig. 18

Similar content being viewed by others

References

  1. Juels A (2006) RFID security and privacy: a research survey. IEEE J Sel Areas Commun 24:381–394

    Article  Google Scholar 

  2. Hunt VD, Puglia A, Puglia M (2007) RFID A Guide to Radio Frequency Identification. John Wiley Sons, Inc., Technology Research Corporation

    Book  Google Scholar 

  3. Hung YK (2007) The study of adopting RFID technology in the medical institute with cost-benefit perspectives. In International Medical Informatics Symposium in Taiwan, Taiwan

    Google Scholar 

  4. Leu JG (2010) The benefit analysis of RFID use in the health management center The experience in Shin Kong Wu Ho-Su Memorial Hospital. National Taiwan University

  5. Najera P, Lopez J, Roman R (2011) Real-time location and inpatient care systems based on passive RFID. J Netw Comput Appl 34(3):980–989

    Article  Google Scholar 

  6. Katz JE, Rice RE (2009) Public views of mobile medical devices and services: A US national survey of consumer sentiments towards RFID healthcare technology. Int J Med Inf 78(2):104–114

    Article  Google Scholar 

  7. Yu C, Chen C, Liao P, Lee Y (2008) RFID-based operation room and medicare system for patient safety enhancement-a case study of Keelung branch. J Inf Manag 15:97–122

    Google Scholar 

  8. William S (2006) Cryptography and network security: principles and practice. Upper Saddle River, NJ: Pearson/Prentice Hall, 2006. Print

  9. Diffie W, Hellman M (2006) New directions in cryptography. IEEE Trans Inf Theory 22(6):644–654

    Article  MathSciNet  Google Scholar 

  10. Koblitz N (1987) Elliptic curve cryptosystems. Math Comput 48(177):203–209

    Article  MathSciNet  Google Scholar 

  11. Miller V (1985) Use of elliptic curves in cryptography(1985). in Advances in Cryptology-CRYPTO ’85 Proceedings, vol. 218 of Lecture Notes in Computer Science. Springer, Berlin, Germany, pp 417–426

  12. Juels A (2004) “Yoking-proofs” for RFID tags. In: IEEE Annual conference on pervasive computing and communications workshops, 2004. Proceedings of the Second. IEEE, (pp 138–143)

  13. Wong K, Chan Hui P, A, (2005) Cryptography and authentication on RFID tags for apparel. Comput Ind 57(2005):342349

  14. Chen Y, Chou JS, Sun HM (2008) A novel mutual authentication scheme based on quadratic residues for RFID systems. Comput Netw 52(2008):23732380

    Google Scholar 

  15. Tuyls P, Batina L (2006) RFID-tags for anti-counterfeiting. In: Topics in cryptology CT-RSA 2006, vol. 3860 of Lecture notes in comput. sci. Springer, Berlin, p 115131

  16. Lee Y, Batina L, Verbauwhede I (2008) EC-RAC (ECDLP based randomized access control): provably secure RFID authentication protocol. In: IEEE international conference on RFID. Las Vegas, Nev, USA, p 97104

  17. Bringer J, Chabanne H, Icart T (2008) Cryptanalysis of ECRAC, an RFID identification protocol. In: Cryptology and network security: 7thInternational Conference, CANS 2008, Hong- Kong, China, December 24, 2008.Proceedings, vol. 5339 of Lecture notes in computer science. Springer, Berlin, Germany, p 149161

  18. Deursen T, Radomirovic S (2009) Attacks on RFID protocols (version1.1). Technical Report

  19. Chien HM, Chen CH (2007) Mutual authentication protocol for RFID conforming to EPC Class 1 Generation 2 standards. Comput Stand Interfaces 29(2007):254259

    Google Scholar 

  20. Peris-Lopez P, Estevez-Tapiador Hernandez-Castro JC, JM, Ribagorda A, (2009) Cryptanalysis of a novel authentication protocol conforming to the EPC-c1g2 standard. Comput Stand Interfaces 31(2):372380

  21. Lo NW, Yeh KH (2007) An efficient mutual authentication scheme for EPC global class-1 generation-2 RFID system. In: International conference on embedded and ubiquitous computing. Springer, Berlin, Heidelberg, pp 43–56

  22. Yeh TC, Wang YJ, Kuo TC, Wang SS (2010) Securing RFID systems conform to EPC Class 1 Generation 2 standards. Expert Syst Appl 37(2010):76787683

    Google Scholar 

  23. Cho J, Yeo S, Kim S (2011) Securing against brute-force attack: A hash-based RFID mutual authentication protocol using a secret value. Comput Commun 34(3):3

    Article  Google Scholar 

  24. Safkhani M, Peris-Lopez P, Hernandez-Castro JC, Bagheri N, Naderi M (2011) Cryptanalysis of Choet al.’s Protocol, A Hash-Based Mutual Authentication Protocol for RFID Systems. Cryptology ePrint Archive

  25. Cao T, Shen P (2008) Cryptanalysis of some RFID authentication protocols. J Commun 3(7):2027

    Article  Google Scholar 

  26. Yeh T-C, Wu C-H, Tseng Y-M (2011) Improvement of the RFID authentication scheme based on quadratic residues. Comput Commun (34)337341

  27. Doss R, Sundaresan S, Zhou W (2013) A practical quadratic residues-based scheme for authentication and privacy in mobile RFID systems. Ad Hoc Netw 11(1):383–396

    Article  Google Scholar 

  28. Lee Y, Batina I, Verbauwhede I (2009) Untraceable RFID authentication protocols: revision of EC-RAC. In: IEEE international conference on RFID 2009. IEEE, Orlando, FL, USA, pp 178-185

  29. Van Deursen T (2009) Radomirović S (2009) Untraceable RFID protocols are not trivially composable: Attacks on the revision of EC-RAC. Cryptol ePrint Archive 332:1–8

    Google Scholar 

  30. Lee Y, Batina L, Verbauwhede I (2010) Privacy challenges in RFID systems. In: Giusto D, Lera A, Morabito G, Atzori L (eds) The internet of things. Springer, New York, pp 397–407

    Chapter  Google Scholar 

  31. Lv C, Li H, Ma J, Zhang Y (2012) Vulnerability analysis of elliptic curve cryptography-based RFID authentication protocols. Trans Emerg Telecommun Technol 23(7):618–624

    Article  Google Scholar 

  32. Liao YP, Hsiao CM (2014) A secure ECC-based RFID authentication scheme integrated with ID-verifier transfer protocol. Ad Hoc Netw 18:133–146

    Article  Google Scholar 

  33. Peeters R, Hermans J (2013) Attack on Liao and Hsiao’s Secure ECC- based RFID Authentication Scheme integrated with ID-Verifier Transfer Protocol. Cryptology ePrint Archive, Report 2013/399

  34. He D, Kumar N, Chilamkurti N, Lee JH (2014) Lightweight ECC based RFID authentication integrated with an ID verifier transfer protocol. J Med Syst 38:116

  35. Lee CI, Chien HY (2015) An Elliptic Curve Cryptography-Based RFID Authentication Securing E-Health System. Int J Distrib

  36. Zhao Z (2014) A secure RFID authentication protocol for healthcare environments using elliptic curve cryptosystem. J Med Syst 38(5):1–7

    Article  Google Scholar 

  37. Chou JS (2014) An efficient mutual authentication RFID scheme based on elliptic curve cryptography. J Supercomput 70(1):75–94

    Article  Google Scholar 

  38. Zhang Z, Qi Q (2014) An efficient RFID authentication protocol to enhance patient medication safety using elliptic curve cryptography. J Med Syst 38(5):1–7

    Article  Google Scholar 

  39. Jin C, Xu C, Zhang X, Zhao J (2015) A secure RFID mutual authentication protocol for healthcare environments using elliptic curve cryptography. J Med Syst 39(3):1–8

    Article  Google Scholar 

  40. Farash MS, Nawaz O, Mahmood K, Chaudhry SA, Khan MK (2016) A provably secure RFID authentication protocol based on elliptic curve for healthcare environments. J Med Syst 40(7):165

    Article  Google Scholar 

  41. Benssalah M, Djeddou M, Drouiche K (2017) a provably secure RFID authentication protocol based on elliptic curve signature with message recovery suitable in m-health environments. Trans Emerg Telecommun Technol 28(11):e3166

    Article  Google Scholar 

  42. Liu Y, Sun Q, Wang Y, Lei Zhu, Ji W (2019) Efficient group authentication in RFID using a secret sharing scheme. Clust Comput 22(4):8605–8611

    Article  Google Scholar 

  43. Pakniat N, Eslami Z (2020) Cryptanalysis and improvement of a group RFID authentication protocol. Wireless Netw (2020):1–10

  44. AVISPA v1.1 user manual (2006) Automated Validation of Internet Security Protocols and Applications

  45. Gódor G, Giczi N, Imre S (2010) Elliptic curve cryptography-based mutual authentication protocol for low computational capacity RFID systems-performance analysis by simulations. In: 2010 IEEE international conference on wireless communications, networking and information security. IEEE, pp 650–657

  46. Dinarvand N, Barati H (2019) An efficient and secure RFID authentication protocol using elliptic curve cryptography. Wireless Netw 25(1):415–42

    Article  Google Scholar 

  47. Kumar S, Banka H, Kaushik B, Sharma S (2021) A review and analysis of secure and lightweight ECC-based RFID authentication protocol for Internet of Vehicles. Trans Emerging Tel Tech 2021:e4354

    Article  Google Scholar 

  48. Jangirala S, Das AK, Vasilakos AV (2019) Designing secure, lightweight blockchain-enabled RFID-based authentication protocol for supply chains in 5G mobile edge computing environment. IEEE Trans Ind Inf 16(11):7081–7093

    Article  Google Scholar 

  49. Kumar S, Banka H, Kaushik B (2023) Ultra-lightweight blockchain-enabled RFID authentication protocol for supply chain in the domain of 5G mobile edge computing. Wireless Netw 1–22

  50. Maurya PK, Bagchi S (2023) Quadratic residue-based unilateral authentication protocol for RFID system. Multimedia Tools Appl 82(11):16533–16554

    Article  Google Scholar 

  51. Khorasgani AA, Sajadieh M, Yazdani MR (2022) Novel lightweight RFID authentication protocols for inexpensive tags. J Inf Secur Appl 67:103191

    Google Scholar 

  52. Khedr WI (2013) SRFID: A hash-based security scheme for lowcost RFID systems. Egypt Inf J 14(1):89–98

    Google Scholar 

Download references

Funding

No funds, grants, or other support was received.

Author information

Authors and Affiliations

  1. Research Scholar, Computer Science and Engineering, I.I.T. (I.S.M.), Dhanbad, Jharkhand, India

    Sanjeev Kumar

  2. Associate Professor, Computer Science and Engineering, I.I.T. (I.S.M.), Dhanbad, Jharkhand, India

    Haider Banka

  3. Associate Professor, Computer Science and Engineering, SMVDU, Katra, Jammu, and Kashmir, India

    Baijnath Kaushik

Authors
  1. Sanjeev Kumar
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Haider Banka
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Baijnath Kaushik
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Sanjeev Kumar.

Ethics declarations

Conflict of Interest

The authors have no relevant financial or non-financial interests to disclose.

Competing interests

Not applicable

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Kumar, S., Banka, H. & Kaushik, B. Lightweight group authentication protocol for secure RFID system. Multimed Tools Appl (2024). https://doi.org/10.1007/s11042-024-19013-1

Download citation

  • Received:

  • Revised:

  • Accepted:

  • Published:

  • DOI: https://doi.org/10.1007/s11042-024-19013-1

Keywords

Search

Navigation