Top

Peer-to-Peer Networking and Applications

Published in:

06-05-2017

Towards secure authenticating of cache in the reader for RFID-based IoT systems

Authors: Chun-Ta Li, Cheng-Chi Lee, Chi-Yao Weng, Chien-Ming Chen

Published in: Peer-to-Peer Networking and Applications | Issue 1/2018

Activate our intelligent search to find suitable subject content or patents.

search-config

AI-assisted search

Off

Abstract

The use of radio frequency identification (RFID) in Internet of things (IoT) has led to a significant progress in numerous intelligent devices. However, due to its restrictions on computation ability, storage space and battery capacity, RFID-based IoT system has to confront with various security and efficiency challenges. Recently, a lightweight RFID mutual authentication protocol with cache in the reader is introduced by Fan et al., named LRMAPC. Fan et al.’s LRMAPC can achieve stronger security and privacy requirements and reduce the computation and storage overheads during authentication process. Unfortunately, we discover that Fan et al.’s LRMAPC is susceptible to reader impersonation attack, tag forgery attack and message eavesdropping attack. Besides, it fails to preserve mutual authentication between the reader and the database. In order to remedy these flaws mentioned above, we further present an advanced authentication mechanisms and demonstrate the correctness of the advanced LRMAPC through the Gong-Needham-Yahalom (GNY) logic analysis. Compared the security and efficiency with Fan et al.’s LRMAPC, the advanced LRMAPC satisfies desirable security requirements and maintains acceptable efficiency in terms of the costs of storage space and computation time. As a result, our advanced LRMAPC is a very promising solution for resource-constrained devices in RFID-based IoT systems.

previous article Delay-tolerant sensing data delivery for IoT network by using signal strength information

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Atzori L, Iera A, Morabito G (2010) The internet of things: a survey. Comput Netw 54(15):2787–2805CrossRefMATH

Banerjee D, Dong B, Taghizadeh M, Biswas S (2014) Privacy-preserving channel access for internet of things. IEEE Internet of Things Journal 1(5):430–445CrossRef

Boyeon S, Chris JM (2008) RFID authentication protocol for low-cost tags Proceedings of 1st ACM conference on wireless network security, Alexandria, USA, pp 140–147

Cho JS, Yeo SS, Kim SK (2011) Securing against brute-force attack: a hash-based RFID mutual authentication protocol using a secret value. Comput Commun 34(3):391–397CrossRef

Deursen T, Mauw S, Radomirović S, Vullers P (2009) Secure ownership and ownership transfer in RFID systems Proceedings of 14th European symposium on research in computer security, lecture notes in computer science, vol 5789. pp 637–654

Dimitriou T (2016) Key evolving RFID systems: forward/ backward privacy and ownership transfer of RFID tags. Ad Hoc Netw 37(2):195–208MathSciNetCrossRef

Dominikus S, Kraxberger S (2014) Secure communication with RFID tags in the internet of things. Secur Commun Netw 7(12): 2639–2653CrossRef

Gong L, Needham R, Yahalom R (1990) Reasoning about belief in cryptographic protocols IEEE computer society symposium on research in security and privacy, Oakland, USA, pp 234–248

Fan K, Ge N, Gong Y, Li H, Su R, Yang Y (2016) An ultra-lightweight RFID authentication scheme for mobile commerce. Peer-to-Peer Networking and Applications. doi:10.1007/s12083-016-0443-6

10.

Fan K, Gong Y, Liang C, Li H, Yang Y (2016) Lightweight and ultralightweight RFID mutual authentication protocol with cache in the reader for iot in 5g. Secur Commun Netw. doi:10.1002/sec.1314

11.

Fan K, Liang C, Li H, Yang Y (2014) LRMAPC: a lightweight RFID mutual authentication protocol with cache in the reader for IoT 2014 IEEE international conference on computer and information technology, Xi’an, China, pp 276–280

12.

He D, Kumar N, Chilamkurti N, Lee JH (2014) Lightweight ECC based RFID authentication integrated with an ID verifier transfer protocol. J Med Syst 38:116CrossRef

13.

He D, Zeadally S (2015) An analysis of RFID authentication schemes for internet of things in healthcare environment using elliptic curve cryptography. IEEE Internet of Things Journal 2(1):72–83CrossRef

14.

Khedr WI (2013) SRFID: a hash-based security scheme for low cost RFID systems. Egyptian Informatics Journal 14(1):89–98CrossRef

15.

Kumar N, Kaur K, Misra SC, Iqbal R (2015) An intelligent RFID-enabled authentication scheme for healthcare applications in vehicular mobile cloud. Peer-to-Peer Networking and Applications 9(5):824–840CrossRef

16.

Lee CC, Chen CT, Li CT, Wu PH (2014) A practical RFID authentication mechanism for digital television. Telecommun Syst 57(3):239–246CrossRef

17.

Li CT, Lee CC, Weng CY (2016) A secure cloud-assisted wireless body area network in mobile emergency medical care system. J Med Syst 40(5):1–15, article no. 117CrossRef

18.

Li CT, Lee CW, Shen JJ (2015) An extended chaotic maps based keyword search scheme over encrypted data resist outside and inside keyword guessing attacks in cloud storage services. Nonlinear Dyn 80(3):1601–1611CrossRefMATH

19.

Li CT, Weng CY, Lee CC (2015) A secure RFID tag authentication protocol with privacy preserving in telecare medicine information systems. J Med Syst 39(8):77CrossRef

20.

Mayzaud A, Badonnel R, Chrisment I (2016) A taxonomy of attacks in RPL-based internet of things. International Journal of Network Security 18(3):459–473

21.

Nguyen KT, Laurent M, Oualha N (2016) Survey on secure communication protocols for the Internet of things. Ad Hoc Netw 32:17–31CrossRef

22.

Ohkubo M, Suzuki K, Kinoshita S (2003) Cryptographic approach to ’privacy-friendly’ tags Proceedings of RFID privacy workshop, pp 1–9

23.

Qian Q, Jia YL, Zhang R (2016) A lightweight RFID security protocol based on elliptic curve crytography. International Journal of Network Security 18(2):354–361

24.

RFC 2104 – HMAC. Keyed-Hashing for message authentication. http://www.ietf.org/rfc/rfc2104.txt

25.

Roman R, Zhou J, Lopez J (2013) On the features and challenges of security and privacy in distributed internet of things. Comput Netw 57(10):2266–2279CrossRef

26.

Srivastava K, Awasthi AK, Kaul SD, Mittal RC (2015) A hash based mutual RFID tag authentication protocol in telecare medicine information system. J Med Syst 39:153CrossRef

27.

Weis SA, Sarma SE, Rivest RL, Engels DW (2004) Security and privacy aspects of low-cost radio frequency identification systems Proceedings of the 1st security in pervasive computing, lecture notes in computer science, vol 2802. pp 201–212

28.

Xu D, Wu Z, Wu Z, Zhang Q, Qin L, Zhou J (2015) Internet of things: hotspot-based discovery service architecture with security mechanism. International Journal of Network Security 17(2):208–216

29.

Zhou S, Zhang Z, Luo Z, Wong EC (2010) A lightweight anti-desynchronization RFID authentication protocol. Inf Syst Front 12(5):521–528CrossRef

Title: Towards secure authenticating of cache in the reader for RFID-based IoT systems
Authors: Chun-Ta Li
Cheng-Chi Lee
Chi-Yao Weng
Chien-Ming Chen
Publication date: 06-05-2017
Publisher: Springer US
Published in: Peer-to-Peer Networking and Applications / Issue 1/2018
Print ISSN: 1936-6442
Electronic ISSN: 1936-6450
DOI: https://doi.org/10.1007/s12083-017-0564-6

Springer Professional

Abstract

Please log in to get access to your license.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Other articles of this Issue 1/2018

A robust power control scheme for femtocell networks with probability constraint of channel gains

Peer-to-peer live video streaming with rateless codes for massively multiplayer online games

Sensor communication area and node extend routing algorithm in opportunistic networks

An improved and provably secure three-factor user authentication scheme for wireless sensor networks

An efficient and secure three-factor based authenticated key exchange scheme using elliptic curve cryptosystems

OPPO: An optimal copy allocation scheme in mobile opportunistic networks

Premium Partner