Skip to main content

Advertisement

SpringerLink
Log in

A Provably Secure RFID Authentication Protocol Based on Elliptic Curve for Healthcare Environments

  • Patient Facing Systems
  • Published:
Journal of Medical Systems Aims and scope Submit manuscript

Abstract

To enhance the quality of healthcare in the management of chronic disease, telecare medical information systems have increasingly been used. Very recently, Zhang and Qi (J. Med. Syst. 38(5):47, 32), and Zhao (J. Med. Syst. 38(5):46, 33) separately proposed two authentication schemes for telecare medical information systems using radio frequency identification (RFID) technology. They claimed that their protocols achieve all security requirements including forward secrecy. However, this paper demonstrates that both Zhang and Qi’s scheme, and Zhao’s scheme could not provide forward secrecy. To augment the security, we propose an efficient RFID authentication scheme using elliptic curves for healthcare environments. The proposed RFID scheme is secure under common random oracle model.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3

Similar content being viewed by others

References

  1. Burmester, M., Le, T. V., Medeiros, B. D., Tsudik, G., Universally composable RFID identification and authentication protocols. ACM Trans. Inf. Syst. Secur.(TISSEC) 12(4):21, 2009.

    Article  Google Scholar 

  2. Juels, A., and Weis, S.: Defining Strong Privacy for RFID. Cryptology ePrint Archive Report 2006/137 (2006)

  3. Cai, S., Li, Y., Li, T., Deng, R. H.: Attacks and improvements to an RIFD mutual authentication protocol and its extensions. In: Proceedings of the second ACM conference on wireless network security, pp 51-58 (2009)

  4. Song, B., and Mitchell C. J., Scalable RFID security protocols supporting tag ownership transfer. Comput. Commun. 34(4):556–566, 2011.

    Article  Google Scholar 

  5. Niu, B., Zhu, X., Chi, H., Li, H., Privacy and authentication protocol for mobile RFID systems. Wirel. Pers. Commun., 2014. doi:http://dx.doi.org/10.1007/s11277-014-1605-6.

    Google Scholar 

  6. Shao-hui, W., Zhijie, H., Sujuan, L., Dan-wei, C., Security analysis of two lightweight RFID authentication protocols. annals of telecommunications-annales des tlcommunications, 2013. doi:10.1007/s12243-013-0361-z.

    Google Scholar 

  7. Dehkordi, M. H., and Farzaneh, Y., Improvement of the hash-based RFID mutual authentication protocol. Wirel. Pers. Commun., 2013. doi:10.1007/s11277-013-1358-7.

    Google Scholar 

  8. Safkhani, M., Peris-Lopez, P., Hernandez-Castro, J. C., Bagheri, N., Cryptanalysis of the Cho others. protocol: A hash-based RFID tag mutual authentication protocol. J. Comput. Appl. Math. 259(1):571–577, 2014.

    Article  Google Scholar 

  9. Alagheband, M. R., and Aref, M. R., Simulation-Based Traceability analysis of RFID authentication protocols. Wirel. Pers. Commun., 2013. doi:10.1007/s11277-013-1552-7.

    Google Scholar 

  10. Chen, C. L., Huang, Y. C., Shih, T. F., A Novel Mutual Authentication Scheme for RFID conforming EPCglobal Class 1 Generation 2 Standards. Information Technology And Control 41(3):220–228, 2012.

    Article  Google Scholar 

  11. Kuo, W. C., Chen, B. L., Wuu, L. C., Secure Indefinite-Index RFID Authentication scheme with Challenge-Response strategy. Information Technology And Control 42(2):124–130, 2013.

    Article  Google Scholar 

  12. Alagheband, M. R., and Aref, M. R., Unified privacy analysis of newfound RFID authentication protocols. Security and Communication Networks 6(8):999–1009, 2013.

    Article  Google Scholar 

  13. Farash M.S., Cryptanalysis and improvement of an efficient mutual authentication RFID scheme based on elliptic curve cryptography. J. Supercomput. 70(2):987–1001, 2014.

    Article  Google Scholar 

  14. Hein, D., Wolkerstorfer, J., Felber, N.: ECC Is ready for RFID - a proof in silicon. In: Selected areas in cryptography, LNCS 5381, pp 401413 (2009)

  15. Lee, Y. K., Sakiyama, K., Batina, L., Verbauwhede, I., Elliptic curve based security processor for RFID. IEEE Trans. Comput. 57(11):1514–1527, 2008.

    Article  Google Scholar 

  16. of Standards, N.N.I.: Technology: Cryptographic Hash Algorithm Competition. http://csrc.nist.gov/groups/ST/hash/sha-3/index.html

  17. Ning, H., Liu, H., Mao, J., Zhang, Y., Scalable and distributed key array authentication protocol in radio frequency identification-based sensor systems. IET Commun. 5(12):1755–1768, 2011.

    Article  Google Scholar 

  18. Alomair, B., Clark, A., Cuellar, J., Poovendran, R., Scalable RFID systems: a privacy-preserving protocol with constant-time identification. IEEE Trans. Parallel Distrib. Syst. 23(8):1536–1550, 2012.

    Article  Google Scholar 

  19. Alomair, B., and Poovendran, R., Privacy versus scalability in radio frequency identification systems. Comput. Commun. 33(18):2155–2163, 2010.

    Article  Google Scholar 

  20. Song, B., and Mitchell, C. J., Scalable RFID Security protocols supporting tag ownership transfer. Comput. Commun. 34(4):556–566, 2011.

    Article  Google Scholar 

  21. Batina, L., Lee, Y. K., Seys, S., Singele, D., Verbauwhede, I., Extending ECC-based RFID authentication protocols to privacy-preserving multi-party grouping proofs. Pers. Ubiquit. Comput. 16(3):323–335, 2012.

    Article  Google Scholar 

  22. Chou, J., S.,an efficient mutual authentication RFID scheme based on elliptic curve cryptography. J. Supercomput., 2013. doi:10.1007/s11227-013-1073-x.

    Google Scholar 

  23. Tuyls, P., and Batina, L.: RFID-Tags for Anti-Counterfeiting. In: Topics in cryptology (CT-RSA’06), LNCS 3860, pp 115-131 (2006)

  24. Schnorr, C. P., Efficient identification and signatures for smart cards. In Advances in Cryptology (CRYPTO’89), 239–252 , 1990.

  25. Batina, L, Guajardo, J, Kerins, T, Mentens, N, Tuyls, P, Verbauwhede, I.: Public-key cryptography for RFID-tags. In: Fifth annual IEEE 2007. International Conference on Pervasive Computing and Communications Workshops, (PerCom Workshops’07), pp 217-222 (2007)

  26. Okamoto, T.: Provably secure and practical identification schemes and corresponding signature schemes. In: Advances in Cryptology (CRYPTO’92), pp 31-53 (1993)

  27. Lee, Y. K., Batina, L., Verbauwhede, I.: EC-RAC (ECDLP Based randomized access control): provably secure RFID authentication protocol. In: IEEE International conference on RFID, pp. 97-104 (2008)

  28. O’Neill, M, and Robshaw, M J, Low-cost digital signature architecture suitable for radio frequency identification tags. Comput. Digital Tech. IET 4(1):14–26, 2010.

    Article  Google Scholar 

  29. Godor, G., Giczi, N., Imre, S.: Elliptic curve cryptography based mutual authentication protocol for low computational capacity RFID systems-performance analysis by simulations. In: IEEE International conference on wireless communications, networking and information security (WCNIS), pp 650-657 (2010)

  30. Liao, Y., and Hsiao, C., A secure ECC-based RFID authentication scheme integrated with ID-verifier transfer protocol. Ad Hoc Netw., 2013. doi:10.1016/j.adhoc.2013.02.004.

    Google Scholar 

  31. Peeters, R., and Hermans, J.: Attack on Liao and Hsiao’s Secure ECC-based RFID Authentication Scheme integrated with ID-Verifier Transfer Protocol. http://eprint.iacr.org/2013/399 (2013)

  32. Zhang, Z., and Qi, Q., An Efficient RFID Authentication protocol to enhance patient medication safety using elliptic curve cryptography. J. Med. Syst. 38(5):47, 2014. doi:10.1007/s10916-014-0047-8.

    Article  CAS  PubMed  Google Scholar 

  33. Zhao, Z., A Secure RFID Authentication protocol for healthcare environments using elliptic curve cryptosystem. J. Med. Syst. 38(5):46, 2014. doi:10.1007/s10916-014-0046-9.

    Article  PubMed  Google Scholar 

  34. Guo, P., Wang, J., Li, B., Lee, S., A variable threshold value authentication architecture for wireless mesh networks. J. Internet Technol. 15(6):929–936, 2014.

    Google Scholar 

  35. Shen, J., Tan, H., Wang, J., et al., A novel routing protocol providing good transmission reliability in underwater sensor networks. J. Internet Technol. 16(1):171–178, 2015.

    Google Scholar 

  36. He, D., and Wang, D., Robust biometrics-based authentication scheme for multi-server environment. IEEE Syst. J. 9(3):816–823, 2015.

    Article  Google Scholar 

  37. He, D., and Zeadally, S., Authentication protocol for an ambient assisted living system. IEEE Commun. Mag. 53(1):71–77, 2015.

    Article  Google Scholar 

  38. He, D., An efficient remote user authentication and key agreement protocol for mobile clientserver environment from pairings. Ad Hoc Netw. 10(6):1009–1016, 2012.

    Article  Google Scholar 

  39. Farash M.S., Cryptanalysis and improvement of ‘an improved authentication with key agreement scheme on elliptic curve cryptosystem for global mobility networks’. International Journal of Network Management 25(1):31–51, 2015.

    Article  Google Scholar 

  40. Li, C T, Weng, C Y, Lee, C. C., A secure RFID tag authentication protocol with privacy preserving in telecare medicine information system. J. Med. Syst. 39(8):1–8, 2015.

    Article  Google Scholar 

  41. Srivastava, K, Awasthi, A K, Kaul, S D, Mittal, R. C., A hash based mutual RFID tag authentication protocol in telecare medicine information system. J. Med. Syst. 39(1):1–5, 2015.

    Article  Google Scholar 

Download references

Acknowledgments

Muhammad Khurram Khan extends his sincere appreciations to the Deanship of Scientific Research at King Saud University for its funding the Prolific Research Group (PRG-1436-16).

Author information

Authors and Affiliations

  1. Department of Computer Science & Software Engineering, International Islamic University, Islamabad, Pakistan

    Khalid Mahmood & Shehzad Ashraf Chaudhry

  2. Faculty of Mathematics Sciences and Computer, Kharazmi University, Tehran, Iran

    Mohammad Sabzinejad Farash

  3. Telecommunication Systems, Blekinge Institute of Technology, Karlskrona, Sweden

    Omer Nawaz

  4. Center of Excellence in Information Assurance, King Saud University, Riyadh, Saudi Arabia

    Muhammad Khurram Khan

Authors
  1. Mohammad Sabzinejad Farash
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Omer Nawaz
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Khalid Mahmood
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Shehzad Ashraf Chaudhry
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Muhammad Khurram Khan
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Shehzad Ashraf Chaudhry.

Additional information

This article is part of the Topical Collection on Patient Facing Systems

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Farash, M.S., Nawaz, O., Mahmood, K. et al. A Provably Secure RFID Authentication Protocol Based on Elliptic Curve for Healthcare Environments. J Med Syst 40, 165 (2016). https://doi.org/10.1007/s10916-016-0521-6

Download citation

  • Received:

  • Accepted:

  • Published:

  • DOI: https://doi.org/10.1007/s10916-016-0521-6

Keywords

Search

Navigation