A Lightweight Authentication Scheme for RFID Using ECC

  • Atul KumarEmail author
  • Ankit Kumar Jain
Conference paper
Part of the Advances in Intelligent Systems and Computing book series (AISC, volume 1122)


Internet of things (IoT) contains a massive number of “things” which are communicated without human interaction. The “things” refers to a physical device such as bar code, tag, smart card, etc. These devices contain a limited amount of memory and a small processing unit. Hence, these devices require a lightweight scheme to provide authentication. However, there are various security issues with these tags such as tracking, cloning, replay attacks, disclosure attack, etc. To remove these security issues, many researchers proposed various authentication schemes. However, there are various security issues, large storage and communication requirement in these schemes. A new lightweight authentication scheme for RFID tag has been proposed which uses hash function and elliptic curve cryptography to authenticate tag and server. The hash function provides irreversibly to the scheme. The performance analysis of the scheme is analyzed in terms of communication, storage, and memory required to store the data. The scheme requires 3 hash function and 1 multiplication to mutual authentication between tag and reader. The scheme provides mutual authentication, forward security and also resistance from tracking attack, cloning attack.


IoT RFID Mutual authentication Untraceable privacy 


  1. 1.
    Bringer, J., Chabanne, H., Icart, T.: Cryptanalysis of EC-RAC a RFID identification protocol. In: International Conference on Cryptology and Network Security, pp. 149–161. Springer (2008)Google Scholar
  2. 2.
    Chen, Y., Chou, J.S.: ECC-based untraceable authentication for large-scale active-tag RFID systems. Electron. Commer. Res. 15(1), 97–120 (2015)CrossRefGoogle Scholar
  3. 3.
    Finkenzeller, K.: RFID Handbook: Fundamentals and Applications in Contactless Smart Cards Radio Frequency Identification and Near-Field Communication. Wiley, Hoboken (2010)CrossRefGoogle Scholar
  4. 4.
    Juels, A., Weis, S.A.: Defining strong privacy for RFID. ACM Trans. Inf. Syst. Secur. (TISSEC) 13(1), 7 (2009)CrossRefGoogle Scholar
  5. 5.
    Lee, Y.K., Batina, L., Verbauwhede, I.: EC-RAC (ECDLP based randomized access control): provably secure RFID authentication protocol. In: 2008 IEEE International Conference on RFID, pp. 97–104. IEEE (2008)Google Scholar
  6. 6.
    Liao, Y.P., Hsiao, C.M.: A secure ECC-based RFID authentication scheme integrated with ID-verifier transfer protocol. Ad Hoc Netw. 18, 133–146 (2014)CrossRefGoogle Scholar
  7. 7.
    Ryu, E.K., Kim, D.S., Yoo, K.Y.: On elliptic curve based untraceable RFID authentication protocols. In: Proceedings of the 3rd ACM Workshop on Information Hiding and Multimedia Security, pp. 147–153. ACM (2015)Google Scholar
  8. 8.
    Shen, H., Shen, J., Khan, M.K., Lee, J.H.: Efficient RFID authentication using elliptic curve cryptography for the Internet of Things. Wireless Pers. Commun. 96(4), 5253–5266 (2017)CrossRefGoogle Scholar
  9. 9.
    Zhao, Z.: A secure RFID authentication protocol for healthcare environments using elliptic curve cryptosystem. J. Med. Syst. 38(5), 46 (2014)CrossRefGoogle Scholar

Copyright information

© The Editor(s) (if applicable) and The Author(s), under exclusive license to Springer Nature Switzerland AG 2020

Authors and Affiliations

  1. 1.National Institute of TechnologyKurukshetraIndia

Personalised recommendations