Top

Wireless Networks

Published in:

22-06-2020

SEOTP: a new secure and efficient ownership transfer protocol based on quadric residue and homomorphic encryption

Authors: Farokhlagha Moazami, Masoumeh Safkhani

Published in: Wireless Networks | Issue 7/2020

Activate our intelligent search to find suitable subject content or patents.

search-config

AI-assisted search

Off

Abstract

In systems equipped with radio frequency identification (RFID) technology, several security concerns may arise when the ownership of a tag should be transferred from one owner to another, e.g. the confidentiality of information related to the old owner or the new owner. Therefore, this transfer is usually done via a security protocol called the ownership transfer protocol. If the ownership of several things together transmitted from one owner to another during a single session, the protocol is referred to as the group ownership transfer protocol. Lee et al. recently proposed a new group ownership transfer protocol by using a cloud server, as a trusted third-party, and based on homomorphic encryption and quadratic residue. In this paper, at first, we explain some essential security attacks against this recently proposed RFID group ownership transfer protocol. The success probability of all attacks that are presented in this paper is one, and the complexities are just a run of the protocol. Zhu et al. also, to providesimultaneoustransfer of a group of tags in a multi-owner environment, proposed a lightweight anonymous group ownership transfer protocol. In this paper, we show that it suffers from a desynchronization attack. The success probability of this attack is one, and its complexity is only five runs of group ownership transfer protocol. Besides, to overcome the Lee et al.’s protocol security weaknesses, we present a new group ownership transfer protocol called SEOTP that is resistant against all known active and passive attacks, including the attacks presented in this paper. The provided security proof through informal methods and also formal methods such as Barrows–Abadi–Needham logic and the Scyther tool show the proposed protocol’s security correctness.

previous article Performance analysis of electrically coupled SRR bowtie antenna for wireless broadband communications

next article State-of-the-art approach to clustering protocols in VANET: a survey

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Available only for authorised users

Cai, S., Li, Y., Li, T., Deng, R.H. (2009). Attacks and improvements to an RIFD mutual authentication protocol and its extensions. In Proceedings of the second ACM conference on Wireless network security, ACM, pp. 51–58.

Cao, T., Chen, X., Doss, R., Zhai, J., Wise, L. J., & Zhao, Q. (2016). RFID ownership transfer protocol based on cloud. Computer Networks, 105, 47–59.CrossRef

Chen, C.-T., & Lee, C.-C. (2015). A two-factor authentication scheme with anonymity for multi-server environments. Security and Communication Networks, 8(8), 1608–1625.CrossRef

Chen, Y., & Chou, J.-S. (2015). ECC-based untraceable authentication for large-scale active-tag rfid systems. Electronic Commerce Research, 15(1), 97–120.CrossRef

Chien, H.-Y. (2015). De-synchronization attack on quadratic residues-based RFID ownership transfer. In 2015 10th Asia joint conference on information security. IEEE, pp. 42–47.

Cong, G., Zhang, Z.-J., Zhu, L.-H., Tan, Y.-A., & Zhen, Y. (2014). A novel secure group RFID authentication protocol. The Journal of China Universities of Posts and Telecommunications., 21(1), 94–103.CrossRef

Cremers, C. J. F. (2008). The Scyther tool: Verification, falsification, and analysis of security protocols. In A. Gupta and S. Malik, (Eds.) Computer aided verification. Springer, Berlin, pp. 414–418.

Dimitriou, T. (2016). Key evolving RFID systems: Forward/backward privacy and ownership transfer of rfid tags. Ad Hoc Networks, 37, 195–208.CrossRef

Doss, R., Zhou, W., & Yu, S. (2012). Secure RFID tag ownership transfer based on quadratic residues. IEEE Transactions on Information Forensics and Security, 8(2), 390–401.CrossRef

10.

Edelev, S., Taheri, S., Hogrefe, D. (2015). A secure minimalist RFID authentication and an ownership transfer protocol compliant to EPC C1G2. In 2015 IEEE international conference on RFID technology and applications (RFID-TA). IEEE, pp. 126–133.

11.

Jannati, H., Falahati, A. (2011) Cryptanalysis and enhancement of a secure group ownership transfer protocol for RFID tags. In Global security, safety and sustainability & e-democracy. Springer, Berlin, pp. 186–193.

12.

Juels, A., & Weis, S. A. (2009). Defining strong privacy for RFID. ACM Transactions on Information and System Security (TISSEC), 13(1), 7.CrossRef

13.

Kapoor, G., Zhou, W., & Piramuthu, S. (2011). Multi-tag and multi-owner RFID ownership transfer in supply chains. Decision Support Systems, 52(1), 258–270.CrossRef

14.

Lee, C.-C., Chen, S.-D., Li, C.-T., Cheng, C.-L., & Lai, Y.-M. (2019). Security enhancement on an RFID ownership transfer protocol based on cloud. Future Generation Computer Systems, 93, 266–277.CrossRef

15.

Lee, C.-C., Li, C.-T., Cheng, C.-L., & Lai, Y.-M. (2019). A novel group ownership transfer protocol for RFID systems. Ad Hoc Networks, 91.

16.

Lee, C.-C., Li, C.-T., Cheng, C.-L., Lai, Y.-M., & Vasilakos, A. V. (2019). A novel group ownership delegate protocol for RFID systems. Information Systems Frontiers, 21(5), 1153–1166.CrossRef

17.

Li, C.-T., Weng, C.-Y., & Lee, C.-C. (2015). A secure RFID tag authentication protocol with privacy preserving in telecare medicine information system. Journal of Medical Systems, 39(8), 77.CrossRef

18.

Munilla, J., Burmester, M., & Peinado, A. (2016). Attacks on ownership transfer scheme for multi-tag multi-owner passive RFID environments. Computer Communications, 88, 84–88.CrossRef

19.

Qi, S., Zheng, Y., Li, M., Lu, L., & Liu, Y. (2016). Secure and private RFID-enabled third-party supply chain systems. IEEE Transactions on Computers, 65(11), 3413–3426.MathSciNetCrossRef

20.

Ray, B. R., Abawajy, J., Chowdhury, M., & Alelaiwi, A. (2018). Universal and secure object ownership transfer protocol for the Internet of Things. Future Generation Computer Systems, 78, 838–849.CrossRef

21.

Rosen, K. H. (2011). Elementary number theory. London: Pearson Education.

22.

Sundaresan, S., Doss, R., Zhou, W., & Piramuthu, S. (2015). Secure ownership transfer for multi-tag multi-owner passive RFID environment with individual-owner-privacy. Computer Communications, 55, 112–124.CrossRef

23.

Yang, M. H. (2012). Secure multiple group ownership transfer protocol for mobile RFID. Electronic Commerce Research and Applications, 11(4), 361–373.CrossRef

24.

Zhang, R., Zhu, L., Xu, C., Yi, Y. (2015). An efficient and secure RFID batch authentication protocol with group tags ownership transfer. In 2015 IEEE conference on collaboration and internet computing (CIC). IEEE, pp. 168–175.

25.

Zhu, D., Rong, W., Wu, D., Pang, N. (2018). Lightweight anonymous RFID group ownership transfer protocol in multi-owner environment, vol. 2018-January, pp. 404–411.

Title: SEOTP: a new secure and efficient ownership transfer protocol based on quadric residue and homomorphic encryption
Authors: Farokhlagha Moazami
Masoumeh Safkhani
Publication date: 22-06-2020
Publisher: Springer US
Published in: Wireless Networks / Issue 7/2020
Print ISSN: 1022-0038
Electronic ISSN: 1572-8196
DOI: https://doi.org/10.1007/s11276-020-02397-x

Springer Professional

Abstract

Please log in to get access to your license.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Other articles of this Issue 7/2020

Influence maximization algorithm based on cross propagation in location-based social networks

State-of-the-art approach to clustering protocols in VANET: a survey

An upper bound of radio k-coloring problem and its integer linear programming model

Energy-saving automated system for microclimate in agricultural premises with utilization of ventilation air

Binary monkey algorithm for approximate packing non-congruent circles in a rectangular container

EEFFL: energy efficient data forwarding for forest fire detection using localization technique in wireless sensor network