Skip to main content
SpringerLink
Log in

A secure ECC-based RFID mutual authentication protocol for internet of things

  • Published:
The Journal of Supercomputing Aims and scope Submit manuscript

Abstract

Progression of the internet technologies has led to the emergence of internet of things (IoT). One of the familiar deployment of IoT is through radio-frequency identification (RFID) technology. In recent times, RFID based systems are one of the most widely spread applications for tagging and keep tracking purposes in IoT deployment. This is due to their powerful features compared to their counterparts of similar techniques such as barcodes. In contrast, radio-frequency identification systems suffer from various attacks and security threats. The wireless channel used for communication is responsible for the majority of these vulnerabilities. In this paper, we propose a new radio-frequency identification authentication protocol based on elliptic curve cryptography (ECC) to eliminate these vulnerabilities. In addition, we use elliptic curve Diffie–Hellman (ECDH) key agreement protocol to generate a temporary shared key used to encrypt the later transmitted messages. Our protocol achieves a set of security properties likes mutual authentication, anonymity, confidentiality, forward security, location privacy, resistance of man-in-the-middle attack, resistance of replay attack and resistance of impersonation attack. We implement our proposed protocol in real RFID system using Omnikey smartcard reader (Omnikey 5421) and NXP Java smartcards (J3A040). Implementation results shows that our proposed protocol outperform in term of time complexity as compared to other similar protocols and requires less number of operations.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2

Similar content being viewed by others

References

  1. Atzori Luigi, Iera Antonio, Morabito Giacomo (2010) The internet of things: a survey. Comput Netw 54(15):2787–2805

    Article  MATH  Google Scholar 

  2. Chien Hung-Yu (2009) Development and implementation of RFID Technology, chapter the study of RFID authentication protocols and security of some popular RFID tags, page 554. i-tech, Vienna

    Google Scholar 

  3. Hof C (2006) Rfid and identity management in everyday life: striking the balance between convenience, choice and control. Report IPOL/A/STOA/2006-22, ETAG (European Technology Assessment Group), European Parliament, Strasbourg

  4. Benssalah M, Djeddou M, Drouiche K (2012) RFID authentication protocols based on ECC encryption schemes. In: 2012 IEEE international conference on RFID-technologies and applications, RFID-TA 2012, Nice, France, November 5–7, 2012, pages 97–100

  5. Chou J-S, Chen Y, Wu C-L, Lin C-F (2011) An efficient rfid mutual authentication scheme based on ecc. Cryptology ePrint Archive, Report 2011/418

  6. Chou Jue-Sam (2014) An efficient mutual authentication RFID scheme based on elliptic curve cryptography. J Supercomput 70(1):75–94

    Article  Google Scholar 

  7. Farash Mohammad Sabzinejad, Kumari Saru, Bakhtiari Majid (2016) Cryptanalysis and improvement of a robust smart card secured authentication scheme on SIP using elliptic curve cryptography. Multimed Tools Appl 75(8):4485–4504

    Article  Google Scholar 

  8. Liao Y-P, Hsiao C-M (2012) A secure ECC-based RFID authentication scheme using hybrid protocols. In: Proceedings of the International Computer Symposium ICS 2012-Advances in Intelligent Systems and Applications, vol 2. Springer, pp 1–13

  9. Gross H, Hlbl M, Slamanig D, Spreitzer R (2015) Privacy-aware authentication in the internet of things. Cryptology ePrint Archive, Report 2015/1110

  10. Abdalla M, Bellare M, Rogaway P (2001) The oracle diffie-hellman assumptions and an analysis of dhies. In: Naccache D (ed) CT-RSA, volume 2020 of lecture notes in computer science. Springer, Berlin, pp 143–158

  11. He Debiao, Zeadally Sherali (2015) An analysis of RFID authentication schemes for internet of things in healthcare environment using elliptic curve cryptography. IEEE Int Things J 2(1):72–83

    Article  Google Scholar 

  12. Christelbach. http://www.christelbach.com/eccalculator.aspx. Accessed 10 May 2014

  13. OMNIKEY 5421 Reader. https://www.hidglobal.com/products/readers/omnikey/5421. Accessed 15 Sept 2014

  14. 40k EEPROM J3A040 NXP JAVA based smart card. http://www.smartcardsource.com/contents/en-ca/p94_J3A040.html. Accessed 4 Apr 2013

  15. Smart solutions for smart services : NXP. http://www.nxp.com/documents/line_card/75016728.pdf. Accessed 25 Dec 2013

  16. Certicom Research. Standards for efficient cryptography sec 2: recommended elliptic curve domain parameters. http://www.secg.org/SEC2-Ver-1.0.pdf. Accessed 17 Mar 2014

Download references

Acknowledgments

This work was supported by the National Research Foundation of Korea(NRF) grant funded by the Korea government (MEST) (No. 2016R1A4A1011761).

Author information

Authors and Affiliations

  1. Department of Computer Science, College of Computer and Information Science, Imam Mohammad bin Saud Islamic University, Riyadh, Saudi Arabia

    Amjad Ali Alamr & Firdous Kausar

  2. Department of Mathematics, Kookmin University, Seoul, Korea

    Jongsung Kim

  3. Department of Financial Information Security, Kookmin University, Seoul, Korea

    Jongsung Kim

  4. Department of Applied Mathematics, Kongju National University, Kongju, Korea

    Changho Seo

Authors
  1. Amjad Ali Alamr
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Firdous Kausar
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Jongsung Kim
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Changho Seo
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Jongsung Kim.

Appendix

Appendix

figure a

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Alamr, A.A., Kausar, F., Kim, J. et al. A secure ECC-based RFID mutual authentication protocol for internet of things. J Supercomput 74, 4281–4294 (2018). https://doi.org/10.1007/s11227-016-1861-1

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11227-016-1861-1

Keywords

Search

Navigation