Skip to main content
SpringerLink
Log in

Secure and Privacy-Preserving RFID Authentication Scheme for Internet of Things Applications

  • Published:
Wireless Personal Communications Aims and scope Submit manuscript

Abstract

Privacy issue has become a crucial concern in internet of things (IoT) applications ranging from home appliances to vehicular networks. RFID system has found enormous scope in IoT applications such as consumer electronics, healthcare, tracking objects and transport system. In this paper, we present a privacy preserving authentication protocol for RFID system. The protocol provides mutual authentication of tag and reader, and preserves privacy of tags. We analyze the proposed protocol against active adversary and show that the protocol preserves narrow-strong privacy of the tags. We compare our protocol with the related work and show its usefulness in wide range of IoT applications.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5

Similar content being viewed by others

References

  1. Naskar, S., Basu, P., & Sen, A. K. (2017). A literature review of the emerging field of IOT using RFID and its applications in supply chain management. In The internet of things in the modern business environment advances in e-business research, (pp. 1–27).

  2. Irawan, J. D., Adriantantri, E., & Farid, A. (2018). RFID and IOT for attendance monitoring system. In MATEC web of conferences - the 3rd international conference on electrical systems, technology and information, Vol. 164, 01020, EDP Sciences.

  3. Porambage, P., Ylianttila, M., Schmitt, C., Kumar, P., Gurtov, A., & Vasilakos, A. V. (2016). The quest for privacy in the internet of things. IEEE Cloud Computing, 3(2), 36–45.

    Article  Google Scholar 

  4. Mahdin, H., Kamaludin, H., Saedudin, R. R., Omar, A. H., Kasim, S., & Jailani, J. (2017). The application of RFID system in water level monitoring. International Journal on Advanced Science, Engineering and Information Technology, 7(4–2), 1522–1527.

    Article  Google Scholar 

  5. Fan, K., Jiang, W., Li, H., & Yang, Y. (2018). Lightweight RFID protocol for medical privacy protection in IOT. IEEE Transactions on Industrial Informatics, 14(4), 1656–1665.

    Article  Google Scholar 

  6. Rahman, F., Bhuiyan, M. Z. A., & Ahamed, S. I. (2017). A privacy preserving framework for RFID based health care systems. Future Generation Computer Systems, 72, 339–352.

    Article  Google Scholar 

  7. Gope, P., Amin, R., Islam, S. H., Kumar, N., & Bhalla, V. K. (2017). Lightweight and privacy-preserving RFID authentication scheme for distributed IOT infrastructure with secure localization services for smart city environment. Future Generation Computer Systems, 83(C), 629–637.

    Google Scholar 

  8. Shen, H., Shen, J., Khan, M. K., & Lee, J.-H. (2017). Efficient RFID authentication using elliptic curve cryptography for the internet of things. Wireless Personal Communications, 96(4), 5253–5266.

    Article  Google Scholar 

  9. Liu, B., Yang, B., & Su, X. (2018). An improved two-way security authentication protocol for RFID system. Information, 9(4), 86.

    Article  Google Scholar 

  10. Vaudenay, S. (2007). On privacy models for RFID. In International conference on the theory and application of cryptology and information security, (pp. 68–87). Springer.

  11. Hermans, J., Peeters, R., & Preneel, B. (2014). Proper RFID privacy: Model and protocols. IEEE Transactions on Mobile Computing, 13(12), 2888–2902.

    Article  Google Scholar 

  12. Lee, Y. K., Sakiyama, K., Batina, L., & Verbauwhede, I. (2008). Elliptic-curve based security processor for RFID. IEEE Transactions on Computers, 57(11), 1514–1527.

    Article  MathSciNet  Google Scholar 

  13. Hein, D., Wolkerstorfer, J., Felber, N. (2008). ECC is ready for RFID-a proof in silicon. In International workshop on selected areas in cryptography, (pp. 401–413). Springer.

  14. Hankerson, D., Menezes, A. J., & Vanstone, S. (2006). Guide to elliptic curve cryptography. Berlin: Springer.

    MATH  Google Scholar 

  15. Das, M. L. (2013). Strong security and privacy of RFID system for internet of things infrastructure. In International conference on security, privacy, and applied cryptography engineering, (pp. 56–69). Springer.

  16. Lee, Y. K., Batina, L., & Verbauwhede, I. (2009). Untraceable RFID authentication protocols: Revision of EC-RAC. In IEEE international conference on RFID, (pp. 178–185).

  17. Lee, Y. K., Batina, L., Singelee, D., & Verbauwhede, I. (2010). Low-cost untraceable authentication protocols for RFID. In Proceedings of the 3rd ACM conference on Wireless network security, (pp. 55–64).

  18. He, D., Kumar, N., Chilamkurti, N., & Lee, J.-H. (2014). Lightweight ECC based RFID authentication integrated with an ID verifier transfer protocol. Journal of Medical Systems, 38(10), 116.

    Article  Google Scholar 

  19. Jin, C., Xu, C., Zhang, X., & Zhao, J. (2015). A secure RFID mutual authentication protocol for healthcare environments using elliptic curve cryptography. Journal of Medical Systems, 39(3), 24.

    Article  Google Scholar 

  20. Chien, H.-Y. (2017). Elliptic curve cryptography-based RFID authentication resisting active tracking. Wireless Personal Communications, 94(4), 2925–2936.

    Article  Google Scholar 

  21. Bringer, J., Chabanne, H., & Icart, T. (2008). Cryptanalysis of EC-RAC, a RFID identification protocol. In International conference on cryptology and network security, (pp. 149–161), Springer.

  22. Van Deursen, T., & Radomirovic, S. (2008). Attacks on RFID protocols. IACR Cryptology ePrint Archive, 2008(310), 1–56.

    Google Scholar 

  23. Van Deursen, T., & Radomirovic, S. (2010). EC-RAC: enriching a capacious RFID attack collection. In International workshop on radio frequency identification: Security and privacy issues, (pp. 75–90). Springer.

  24. Pokala, J., Reddy, M. C., Bapana, S., Vorugunti, C. S., et al. (2016). A secure RFID protocol for telecare medicine information systems using ECC. In International conference on wireless communications, signal processing and networking, (pp. 2295–2300).

  25. Schnorr, C.-P. (1989). Efficient identification and signatures for smart cards. In Conference on the theory and application of cryptology, (pp. 239–252). Springer.

  26. Adame, T., Bel, A., Carreras, A., Melia-Segui, J., Oliver, M., & Pous, R. (2018). Cuidats: An RFID-WSN hybrid monitoring system for smart health care environments. Future Generation Computer Systems, 78, 602–615.

    Article  Google Scholar 

  27. Hinterwalder, G., Moradi, A., Hutter, M., Schwabe, P., & Paar, C. (2014). Fullsize high-security ECC implementation on msp430 microcontrollers. In International conference on cryptology and information security in Latin America, (pp. 31–47), Springer.

  28. Liu, A., & Ning, P. (2008). Tinyecc: A configurable library for elliptic curve cryptography in wireless sensor networks. In Proceedings of the 7th international conference on information processing in sensor networks, (pp. 245–256).

  29. Marin, L., Jara, A., & Gomez, A. S. (2013). Shifting primes: Optimizing elliptic curve cryptography for 16-bit devices without hardware multiplier. Mathematical and Computer Modelling, 58(5–6), 1155–1174.

    Article  Google Scholar 

Download references

Acknowledgements

This research was supported in part by the Indo-French Centre for the Promotion of Advanced Research (IFCPAR) and the Center Franco-Indien Pour La Promotion De La Recherche Advancée (CEFIPRA) through the project DST-CNRS 2015-03 under DST-INRIA-CNRS Targeted Programme.

Author information

Authors and Affiliations

  1. DA-IICT, Gandhinagar, India

    Manik Lal Das

  2. Swansea University, Swansea, United Kingdom

    Pardeep Kumar

  3. University of Oxford, Oxford, United Kingdom

    Andrew Martin

Authors
  1. Manik Lal Das
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Pardeep Kumar
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Andrew Martin
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Manik Lal Das.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Das, M.L., Kumar, P. & Martin, A. Secure and Privacy-Preserving RFID Authentication Scheme for Internet of Things Applications. Wireless Pers Commun 110, 339–353 (2020). https://doi.org/10.1007/s11277-019-06731-1

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11277-019-06731-1

Keywords

Search

Navigation