Skip to main content
SpringerLink
Log in

Lightweight ECC Based RFID Authentication Integrated with an ID Verifier Transfer Protocol

  • Systems-Level Quality Improvement
  • Published:
Journal of Medical Systems Aims and scope Submit manuscript

Abstract

The radio frequency identification (RFID) technology has been widely adopted and being deployed as a dominant identification technology in a health care domain such as medical information authentication, patient tracking, blood transfusion medicine, etc. With more and more stringent security and privacy requirements to RFID based authentication schemes, elliptic curve cryptography (ECC) based RFID authentication schemes have been proposed to meet the requirements. However, many recently published ECC based RFID authentication schemes have serious security weaknesses. In this paper, we propose a new ECC based RFID authentication integrated with an ID verifier transfer protocol that overcomes the weaknesses of the existing schemes. A comprehensive security analysis has been conducted to show strong security properties that are provided from the proposed authentication scheme. Moreover, the performance of the proposed authentication scheme is analyzed in terms of computational cost, communicational cost, and storage requirement.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2

Similar content being viewed by others

References

  1. A. Juels, RFID security and privacy: a research survey, IEEE Journal on Selected Areas in Communication 24 (2006) 381-394.

    Article  Google Scholar 

  2. T. Phillips, T. Karygiannis, R. Kuhn, Security standards for the RFID market, IEEE Security & Privacy 3 (6) (2005) 85-89.

    Article  Google Scholar 

  3. C.M. Robert, Radio frequency identification, Computers and Security 25 (2006) 18-26.

    Article  Google Scholar 

  4. P. Peris-Lopez, A. Orfila, A. Mitrokots, J. van der Lubbe, A comprehensive RFID solution to enhance inpatient medication safety, International Journal of Medical Informatics 80 (2011) 13-24.

    Article  Google Scholar 

  5. S. L. Ting, S. K. Kwok, Albert H. C. Tsang, W. B. Lee, Critical Elements and Lessons Learnt from the Implementation of an RFID-enabled Healthcare Management System in a Medical Organization, Journal of Medical Systems 35 (4) (2011) 657-669.

    Article  Google Scholar 

  6. Y. Yen, N. Lo, T. Wu, Two RFID-based solutions for secure inpatient medication administration, Journal of Medical Systems 36(5) (2012) 2769-2778.

    Article  Google Scholar 

  7. A. Juels, Yoking-proofs for RFID tags, in: First International Workshop on Pervasive Computing and Communication Security, 2004.

  8. K. Wong, P. Hui, A. Chan, Cryptography and authentication on RFID tags for apparels, Computer in Industry 57 (2005) 342–349.

    Article  Google Scholar 

  9. Y. Chen, J.-S. Chou, H.-M. Sun, A novel mutual authentication scheme based on quadratic residues for RFID systems, Computer Networks 52 (2008) 2373–2380.

    Article  MATH  Google Scholar 

  10. H.-Y. Chien, C.-H. Chen, Mutual authentication protocol for RFID conforming to EPC Class 1 Generation 2 standards, Computer Standards and Interfaces 29 (2007) 254–259.

    Article  Google Scholar 

  11. P. Peris-Lopez, J.C. Hernandez-Castro, J.M. Estevez-Tapiador, A. Ribagorda, Cryptanalysis of a novel authentication protocol conforming to epc-c1g2 standard, Computer Standards and Interfaces 31 (2) (2009) 372–380.

    Article  Google Scholar 

  12. N. Lo, K. Yeh, An efficient mutual authentication scheme for EPCglobal Class-1 Generation-2 RFID systems, in: Intenational Conference on Embedded and Ubiquitous Computing, 2007.

  13. T.-C. Yeh, Y.-J. Wang, T.-C. Kuo, S.-S. Wang, Securing RFID systems conforming to EPC Class 1 Generation 2 standards, Expert Systems and Applications 37 (2010) 7678–7683.

    Article  Google Scholar 

  14. J. Cho, S. Yeo, S. Kim, Securing against brute-force attack: A hash-based RFID mutual authentication protocol using a secret value, Computer Communications 34(3) (2011) 391-397.

    Article  Google Scholar 

  15. M. Safkhani, P. Peris-Lopez, J.C. Hernandez-Castro, N. Bagheri, M. Naderi, Cryptanalysis of Cho et al.’s protocol, a hash-based mutual authentication protocol for RFID systems, Cryptology ePrint Archive, Report 2011/311, 2011. <http://eprint.iacr.org/2011/331.pdf>.

  16. T. Cao, P. Shen, Cryptanalysis of some RFID authentication protocols, Journal of Communications 3 (7) (2008) 20–27.

    Article  Google Scholar 

  17. T.-C. Yeh, C.-H. Wu, Y.-M. Tseng, Improvement of the RFID authentication scheme based on quadratic residues, Computer Communications (34) (2011) 337–341.

  18. R. Doss, S. Sundaresan, W. Zhou, A practical quadratic residues based scheme for authentication and privacy in mobile RFID systems, Ad Hoc Networks 11(1) (2013) 383-396.

    Article  Google Scholar 

  19. Y. Lee, L. Batina, I. Verbauwhede, EC-RAC (ECDLP based randomized access control): provably secure RFID authentication protocol. In IEEE International Conference on RFID 2008. IEEE, 97–104, 2008.

  20. J. Bringer, H. Chabanne, T. Icart, Cryptanalysis of EC-RAC, a RFID identification protocol. In 7th International Conference on Cryptology And Network Security – CANS’08, Springer, New York 149–161, 2008.

    Google Scholar 

  21. T. Deursen, S. Radomirovic, Attacks on RFID protocols (version 1.1). Technical Report, August 2009.

  22. Y. Lee, I. Batina, I. Verbauwhede, Untraceable RFID authentication protocols: revision of EC-RAC. In IEEE International Conference on RFID 2009. IEEE: Orlando,FL,USA, 178–185, 2009.

    Google Scholar 

  23. T. Deursen, S. Radomirovic, Untraceable RFID rotocols are not trivially composable: attacks on the evision of EC-RAC. Technical Report, University of uxembourg, July 2009.

  24. Y. Lee, L. Batina, I. Verbauwhede, Privacy challenges in RFID systems. In The Internet of Things, Giusto D, Lera A, Morabito G, Atzori L (eds): Springer New York, 397–407, 2010.

    Chapter  Google Scholar 

  25. C. Lv, H. Li, J. Ma, Y. Zhang, Vulnerability analysis of elliptic curve cryptography–based RFID authentication protocols, Transactions on Emerging Telecommunications Technologies 23(7) (2012) 618-624.

    Article  Google Scholar 

  26. Y. Liao, C. Hsiao, A secure ECC-based RFID authentication scheme integrated with ID-verifier transfer protocol, Ad Hoc Networks, 2013, doi: 10.1016/j.adhoc.2013.02.004.

  27. R. Peeters, J. Hermans, Attack on Liao and Hsiao’s Secure ECC-based RFID Authentication Scheme integrated with ID-Verifier Transfer Protocol. Cryptology ePrint Archive, Report 2013/399, 2013.

  28. G. Godor, N. Giczi, S. Imre, Elliptic curve cryptography based mutual authentication protocol for low computational capacity RFID systems-performance analysis by simulations. In: IEEE international conference on wireless communications, networking and information security (WCNIS), IEEE, pp 650–657, 2010.

  29. X. Cao, W. Kou, A Pairing-free Identity-based Authenticated Key Agreement Protocol with Minimal Message Exchanges, Information Sciences, 180 (15), 2895–2903, 2010.

    Article  MathSciNet  MATH  Google Scholar 

Download references

Acknowledgments

The work of J.-H. Lee was supported by Basic Science Research Program through the National Research Foundation of Korea (NRF) funded by the Ministry of Science, ICT & Future Planning (NRF-2014R1A1A1006770).

Author information

Authors and Affiliations

  1. School of Mathematics and Statistics, Wuhan University, Wuhan, China

    Debiao He

  2. Department of Computer Science, Engineering, Thapar University, Patiala, India

    Neeraj Kumar

  3. Department of Computer Science and Computer Engineering, LaTrobe University, Melbourne, Australia

    Naveen Chilamkurti

  4. Department of Computer Software Engineering, Sangmyung University, Cheonan-si, Republic of Korea

    Jong-Hyouk Lee

Authors
  1. Debiao He
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Neeraj Kumar
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Naveen Chilamkurti
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Jong-Hyouk Lee
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Jong-Hyouk Lee.

Additional information

This article is part of the Topical Collection on Systems-Level Quality Improvement

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

He, D., Kumar, N., Chilamkurti, N. et al. Lightweight ECC Based RFID Authentication Integrated with an ID Verifier Transfer Protocol. J Med Syst 38, 116 (2014). https://doi.org/10.1007/s10916-014-0116-z

Download citation

  • Received:

  • Accepted:

  • Published:

  • DOI: https://doi.org/10.1007/s10916-014-0116-z

Keywords

Search

Navigation