Skip to main content
Erschienen in: Peer-to-Peer Networking and Applications 1/2018

06.05.2017

Towards secure authenticating of cache in the reader for RFID-based IoT systems

verfasst von: Chun-Ta Li, Cheng-Chi Lee, Chi-Yao Weng, Chien-Ming Chen

Erschienen in: Peer-to-Peer Networking and Applications | Ausgabe 1/2018

Einloggen

Aktivieren Sie unsere intelligente Suche um passende Fachinhalte oder Patente zu finden.

search-config
loading …

Abstract

The use of radio frequency identification (RFID) in Internet of things (IoT) has led to a significant progress in numerous intelligent devices. However, due to its restrictions on computation ability, storage space and battery capacity, RFID-based IoT system has to confront with various security and efficiency challenges. Recently, a lightweight RFID mutual authentication protocol with cache in the reader is introduced by Fan et al., named LRMAPC. Fan et al.’s LRMAPC can achieve stronger security and privacy requirements and reduce the computation and storage overheads during authentication process. Unfortunately, we discover that Fan et al.’s LRMAPC is susceptible to reader impersonation attack, tag forgery attack and message eavesdropping attack. Besides, it fails to preserve mutual authentication between the reader and the database. In order to remedy these flaws mentioned above, we further present an advanced authentication mechanisms and demonstrate the correctness of the advanced LRMAPC through the Gong-Needham-Yahalom (GNY) logic analysis. Compared the security and efficiency with Fan et al.’s LRMAPC, the advanced LRMAPC satisfies desirable security requirements and maintains acceptable efficiency in terms of the costs of storage space and computation time. As a result, our advanced LRMAPC is a very promising solution for resource-constrained devices in RFID-based IoT systems.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

  • über 102.000 Bücher
  • über 537 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Maschinenbau + Werkstoffe
  • Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 390 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Maschinenbau + Werkstoffe




 

Jetzt Wissensvorsprung sichern!

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 340 Zeitschriften

aus folgenden Fachgebieten:

  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Versicherung + Risiko




Jetzt Wissensvorsprung sichern!

Literatur
1.
Zurück zum Zitat Atzori L, Iera A, Morabito G (2010) The internet of things: a survey. Comput Netw 54(15):2787–2805CrossRefMATH Atzori L, Iera A, Morabito G (2010) The internet of things: a survey. Comput Netw 54(15):2787–2805CrossRefMATH
2.
Zurück zum Zitat Banerjee D, Dong B, Taghizadeh M, Biswas S (2014) Privacy-preserving channel access for internet of things. IEEE Internet of Things Journal 1(5):430–445CrossRef Banerjee D, Dong B, Taghizadeh M, Biswas S (2014) Privacy-preserving channel access for internet of things. IEEE Internet of Things Journal 1(5):430–445CrossRef
3.
Zurück zum Zitat Boyeon S, Chris JM (2008) RFID authentication protocol for low-cost tags Proceedings of 1st ACM conference on wireless network security, Alexandria, USA, pp 140–147 Boyeon S, Chris JM (2008) RFID authentication protocol for low-cost tags Proceedings of 1st ACM conference on wireless network security, Alexandria, USA, pp 140–147
4.
Zurück zum Zitat Cho JS, Yeo SS, Kim SK (2011) Securing against brute-force attack: a hash-based RFID mutual authentication protocol using a secret value. Comput Commun 34(3):391–397CrossRef Cho JS, Yeo SS, Kim SK (2011) Securing against brute-force attack: a hash-based RFID mutual authentication protocol using a secret value. Comput Commun 34(3):391–397CrossRef
5.
Zurück zum Zitat Deursen T, Mauw S, Radomirović S, Vullers P (2009) Secure ownership and ownership transfer in RFID systems Proceedings of 14th European symposium on research in computer security, lecture notes in computer science, vol 5789. pp 637–654 Deursen T, Mauw S, Radomirović S, Vullers P (2009) Secure ownership and ownership transfer in RFID systems Proceedings of 14th European symposium on research in computer security, lecture notes in computer science, vol 5789. pp 637–654
6.
Zurück zum Zitat Dimitriou T (2016) Key evolving RFID systems: forward/ backward privacy and ownership transfer of RFID tags. Ad Hoc Netw 37(2):195–208MathSciNetCrossRef Dimitriou T (2016) Key evolving RFID systems: forward/ backward privacy and ownership transfer of RFID tags. Ad Hoc Netw 37(2):195–208MathSciNetCrossRef
7.
Zurück zum Zitat Dominikus S, Kraxberger S (2014) Secure communication with RFID tags in the internet of things. Secur Commun Netw 7(12): 2639–2653CrossRef Dominikus S, Kraxberger S (2014) Secure communication with RFID tags in the internet of things. Secur Commun Netw 7(12): 2639–2653CrossRef
8.
Zurück zum Zitat Gong L, Needham R, Yahalom R (1990) Reasoning about belief in cryptographic protocols IEEE computer society symposium on research in security and privacy, Oakland, USA, pp 234–248 Gong L, Needham R, Yahalom R (1990) Reasoning about belief in cryptographic protocols IEEE computer society symposium on research in security and privacy, Oakland, USA, pp 234–248
9.
Zurück zum Zitat Fan K, Ge N, Gong Y, Li H, Su R, Yang Y (2016) An ultra-lightweight RFID authentication scheme for mobile commerce. Peer-to-Peer Networking and Applications. doi:10.1007/s12083-016-0443-6 Fan K, Ge N, Gong Y, Li H, Su R, Yang Y (2016) An ultra-lightweight RFID authentication scheme for mobile commerce. Peer-to-Peer Networking and Applications. doi:10.​1007/​s12083-016-0443-6
10.
Zurück zum Zitat Fan K, Gong Y, Liang C, Li H, Yang Y (2016) Lightweight and ultralightweight RFID mutual authentication protocol with cache in the reader for iot in 5g. Secur Commun Netw. doi:10.1002/sec.1314 Fan K, Gong Y, Liang C, Li H, Yang Y (2016) Lightweight and ultralightweight RFID mutual authentication protocol with cache in the reader for iot in 5g. Secur Commun Netw. doi:10.​1002/​sec.​1314
11.
Zurück zum Zitat Fan K, Liang C, Li H, Yang Y (2014) LRMAPC: a lightweight RFID mutual authentication protocol with cache in the reader for IoT 2014 IEEE international conference on computer and information technology, Xi’an, China, pp 276–280 Fan K, Liang C, Li H, Yang Y (2014) LRMAPC: a lightweight RFID mutual authentication protocol with cache in the reader for IoT 2014 IEEE international conference on computer and information technology, Xi’an, China, pp 276–280
12.
Zurück zum Zitat He D, Kumar N, Chilamkurti N, Lee JH (2014) Lightweight ECC based RFID authentication integrated with an ID verifier transfer protocol. J Med Syst 38:116CrossRef He D, Kumar N, Chilamkurti N, Lee JH (2014) Lightweight ECC based RFID authentication integrated with an ID verifier transfer protocol. J Med Syst 38:116CrossRef
13.
Zurück zum Zitat He D, Zeadally S (2015) An analysis of RFID authentication schemes for internet of things in healthcare environment using elliptic curve cryptography. IEEE Internet of Things Journal 2(1):72–83CrossRef He D, Zeadally S (2015) An analysis of RFID authentication schemes for internet of things in healthcare environment using elliptic curve cryptography. IEEE Internet of Things Journal 2(1):72–83CrossRef
14.
Zurück zum Zitat Khedr WI (2013) SRFID: a hash-based security scheme for low cost RFID systems. Egyptian Informatics Journal 14(1):89–98CrossRef Khedr WI (2013) SRFID: a hash-based security scheme for low cost RFID systems. Egyptian Informatics Journal 14(1):89–98CrossRef
15.
Zurück zum Zitat Kumar N, Kaur K, Misra SC, Iqbal R (2015) An intelligent RFID-enabled authentication scheme for healthcare applications in vehicular mobile cloud. Peer-to-Peer Networking and Applications 9(5):824–840CrossRef Kumar N, Kaur K, Misra SC, Iqbal R (2015) An intelligent RFID-enabled authentication scheme for healthcare applications in vehicular mobile cloud. Peer-to-Peer Networking and Applications 9(5):824–840CrossRef
16.
Zurück zum Zitat Lee CC, Chen CT, Li CT, Wu PH (2014) A practical RFID authentication mechanism for digital television. Telecommun Syst 57(3):239–246CrossRef Lee CC, Chen CT, Li CT, Wu PH (2014) A practical RFID authentication mechanism for digital television. Telecommun Syst 57(3):239–246CrossRef
17.
Zurück zum Zitat Li CT, Lee CC, Weng CY (2016) A secure cloud-assisted wireless body area network in mobile emergency medical care system. J Med Syst 40(5):1–15, article no. 117CrossRef Li CT, Lee CC, Weng CY (2016) A secure cloud-assisted wireless body area network in mobile emergency medical care system. J Med Syst 40(5):1–15, article no. 117CrossRef
18.
Zurück zum Zitat Li CT, Lee CW, Shen JJ (2015) An extended chaotic maps based keyword search scheme over encrypted data resist outside and inside keyword guessing attacks in cloud storage services. Nonlinear Dyn 80(3):1601–1611CrossRefMATH Li CT, Lee CW, Shen JJ (2015) An extended chaotic maps based keyword search scheme over encrypted data resist outside and inside keyword guessing attacks in cloud storage services. Nonlinear Dyn 80(3):1601–1611CrossRefMATH
19.
Zurück zum Zitat Li CT, Weng CY, Lee CC (2015) A secure RFID tag authentication protocol with privacy preserving in telecare medicine information systems. J Med Syst 39(8):77CrossRef Li CT, Weng CY, Lee CC (2015) A secure RFID tag authentication protocol with privacy preserving in telecare medicine information systems. J Med Syst 39(8):77CrossRef
20.
Zurück zum Zitat Mayzaud A, Badonnel R, Chrisment I (2016) A taxonomy of attacks in RPL-based internet of things. International Journal of Network Security 18(3):459–473 Mayzaud A, Badonnel R, Chrisment I (2016) A taxonomy of attacks in RPL-based internet of things. International Journal of Network Security 18(3):459–473
21.
Zurück zum Zitat Nguyen KT, Laurent M, Oualha N (2016) Survey on secure communication protocols for the Internet of things. Ad Hoc Netw 32:17–31CrossRef Nguyen KT, Laurent M, Oualha N (2016) Survey on secure communication protocols for the Internet of things. Ad Hoc Netw 32:17–31CrossRef
22.
Zurück zum Zitat Ohkubo M, Suzuki K, Kinoshita S (2003) Cryptographic approach to ’privacy-friendly’ tags Proceedings of RFID privacy workshop, pp 1–9 Ohkubo M, Suzuki K, Kinoshita S (2003) Cryptographic approach to ’privacy-friendly’ tags Proceedings of RFID privacy workshop, pp 1–9
23.
Zurück zum Zitat Qian Q, Jia YL, Zhang R (2016) A lightweight RFID security protocol based on elliptic curve crytography. International Journal of Network Security 18(2):354–361 Qian Q, Jia YL, Zhang R (2016) A lightweight RFID security protocol based on elliptic curve crytography. International Journal of Network Security 18(2):354–361
25.
Zurück zum Zitat Roman R, Zhou J, Lopez J (2013) On the features and challenges of security and privacy in distributed internet of things. Comput Netw 57(10):2266–2279CrossRef Roman R, Zhou J, Lopez J (2013) On the features and challenges of security and privacy in distributed internet of things. Comput Netw 57(10):2266–2279CrossRef
26.
Zurück zum Zitat Srivastava K, Awasthi AK, Kaul SD, Mittal RC (2015) A hash based mutual RFID tag authentication protocol in telecare medicine information system. J Med Syst 39:153CrossRef Srivastava K, Awasthi AK, Kaul SD, Mittal RC (2015) A hash based mutual RFID tag authentication protocol in telecare medicine information system. J Med Syst 39:153CrossRef
27.
Zurück zum Zitat Weis SA, Sarma SE, Rivest RL, Engels DW (2004) Security and privacy aspects of low-cost radio frequency identification systems Proceedings of the 1st security in pervasive computing, lecture notes in computer science, vol 2802. pp 201–212 Weis SA, Sarma SE, Rivest RL, Engels DW (2004) Security and privacy aspects of low-cost radio frequency identification systems Proceedings of the 1st security in pervasive computing, lecture notes in computer science, vol 2802. pp 201–212
28.
Zurück zum Zitat Xu D, Wu Z, Wu Z, Zhang Q, Qin L, Zhou J (2015) Internet of things: hotspot-based discovery service architecture with security mechanism. International Journal of Network Security 17(2):208–216 Xu D, Wu Z, Wu Z, Zhang Q, Qin L, Zhou J (2015) Internet of things: hotspot-based discovery service architecture with security mechanism. International Journal of Network Security 17(2):208–216
29.
Zurück zum Zitat Zhou S, Zhang Z, Luo Z, Wong EC (2010) A lightweight anti-desynchronization RFID authentication protocol. Inf Syst Front 12(5):521–528CrossRef Zhou S, Zhang Z, Luo Z, Wong EC (2010) A lightweight anti-desynchronization RFID authentication protocol. Inf Syst Front 12(5):521–528CrossRef
Metadaten
Titel
Towards secure authenticating of cache in the reader for RFID-based IoT systems
verfasst von
Chun-Ta Li
Cheng-Chi Lee
Chi-Yao Weng
Chien-Ming Chen
Publikationsdatum
06.05.2017
Verlag
Springer US
Erschienen in
Peer-to-Peer Networking and Applications / Ausgabe 1/2018
Print ISSN: 1936-6442
Elektronische ISSN: 1936-6450
DOI
https://doi.org/10.1007/s12083-017-0564-6

Weitere Artikel der Ausgabe 1/2018

Peer-to-Peer Networking and Applications 1/2018 Zur Ausgabe