Can new lightweight RFID security mutual authentication protocol based on the hash-function protect against attacks upon the perception layer in RFID in the medical field
Keywords:Radio Frequency Identification (RFID), Internet of Things (IoT), Hash-Lock protocol, security, privacy, reader, tag
The Internet of Things (IoT) is a technology that enables interaction between the digital world and the physical world. It is important and meaningful to study the security of Radio Frequency Identification (RFID) technology as it is the cornerstone of IoT. In the past decade, due to its portability, it has drawn considerable attention in the healthcare field. The technology effectively tracks hospital supplies, medical equipment, and can store patient information. However, due to the lack of authentication protocols, RFID has security and privacy issues including tag anonymity, replay attack and inconsistent synchronicity and forward secrecy deficiency, which greatly affects the widespread use of this technology in the medical field. Due to the security and privacy issues of RFID, the authentication protocol has become the research priority. This paper discusses current solutions based on authentication protocols, analyses and discusses the advantages and limitations of current methods. Finally, based on the original security authentication protocol, an improved lightweight RFID protocol for security with low hardware resources and low calculation requirements is proposed for RFID security. This paper solves the attack problem of eavesdropping, tracking and so on. It analyses the calculation amount of the protocol so that it can meet the limited computing capability and the low-cost requirement of RFID. It proves the feasibility of the protocol in the medical field.
RFID technology is the core of the perception layer of the IoT. RFID technology can realise automatic identification and data exchange without the need for contact and conduct real-time information transmission between objects without manual operation (Yung, E & Leung, I, 2009). In a medical system, a large amount of data like patient profile and drug information need to be collected and stored. Compared with the traditional low-efficiency manual information system, RFID technology has the advantages of being waterproof, anti-magnetic, having longevity, a wide reading range and convenient data storage. At present, the application of RFID technology is from the earliest mobile nursing to operating room management, consumables management, equipment asset management, drug management and other fields (W.Z. Khan et al., 2016).
If you need assistance with writing your essay, our professional essay writing service is here to help!Essay Writing Service
However, in an RFID system, because of the limited storage and calculation capability of tag as well as the open communication link between the tag and reader, it is prone to attack. Thus, the security problem of RFID also becomes a privacy and safety problem in medical systems as it could cause information leakage and malicious distorted information (K. Fan et al.,2018). This proposal aims to put forward a security authentication protocol for RFID security protection. According to the limited resources and calculation capability of RFID technology, the authentication protocol needs to balance security and cost. The proposal is an efficient, practical and compatible security authentication protocol and protection mechanism based on the hash function. This is used in limited hardware resources of electronic tags and it is expected to avoid the security issues including eavesdropping, tracking and consistent synchronicity, which can promote the utilisation of RFID in medical systems and build an intelligent healthcare architecture.
As a sensing layer of IoT in the medical field, RFID technology stores personal information of patients such as their health status, personal name, etc. If there is no proper protection, the contents could be easily disclosed by external monitoring and stealing as RFID tags and readers communicate with broadcasting. Currently, many security problems are still dangerous for RFIDs in the medical field. Security mechanisms based on the cryptographic algorithm are regarded as key solutions for RFID security protection. For the cryptographic algorithm, the technology is quite mature. And it is widely used in the security authentication protocol. Scholars from various countries have made long-term research on security protecting of RFID tags as much as possible through management and technology and have achieved a series of research results.
In addition to this, S. Weis (2003) put forward the Hash-Lock protocol for security protection in RFID. The core idea is to replace the real tag ID with a meta ID. The Hash-Lock protocol requires implementing the cryptographic hash-function on the tag as well as a key at the backend. For this setup, no information is displayed by the tag until the right key is sent by the reader corresponding to the meta-ID. The process involves the reader sending a hash of a random key (meta-ID) to the tag to lock it. After that, the reader will store the key and the meta-ID in the backend database. Once locked, only when queried, the tag will respond to the meta-ID. According to (H.K. Verma et al., 2011) the unlocking of the tag will be a result of the reader querying the tag for the meta-ID.
If the query is successful and the meta-ID was located, the key is sent to the tag for unlocking. Verification of the key and the meta-ID within the tag is undertaken; if this is successful the tag will be unlocked, allowing the reader access. Using this scheme, unauthorised readers cannot read tag contents. However, it cannot guarantee the confidentiality of data, the tag can be easily tracked and may be susceptible to attacks by replay and forgery. In order to solve this problem of tag tracking in the Hash-Lock protocol, S. Weis et al. (2004) propounded a random Hash-Lock protocol. For the different queries of the reader in this protocol, the tag generates a random number, ‘R’, and the tag returns H(ID||R) back to the reader to avoid being tracked, where “||” is a string concatenation symbol. The response of the tag is random in this authentication protocol, which solves the problem of tracking and locating the tag according to the same response. However, this protocol does not have forward security. Moreover, the protocol has a large amount of data communication and computation, and it is difficult to use in complicated situations.
To ensure forward security, Ohkubo. M (2004) proposed the Hash-Chain protocol. Each time the authentication request from the reader is received by the tag, the response value is returned to the reader and the secret value is updated. The secret value stored in the tag is continuously updated to obviate private information from being leaked, caused by tracking and positioning. Furthermore, the use of a one-way hash-function means it has forward security. However, it is vulnerable to DoS (Denial of Service) attacks and only has one-way authentication. For the authentication protocol, the security of the mutual authentication protocol means that the reader confirms the identity of the tag and then it confirms the legality of the reader.
Zhen-Yu Wu (2013) proposed an efficiently mutual authentication scheme for RFID and put forward the authentication scheme which satisfies four characteristics: confidentiality, unforgeability, location privacy and scalability. The proposed protocol comprises three main components: the reader, the backend server, as well as the RFID tag. In the authentication process, the ‘nonce’ Nr generated by the reader is randomly sent to the tag. Then, the tag generates random values of ‘nonce’ Nt and does a calculation with a secret key of the tag that is generated by the server, the server’s secret key, the identification number of the tag, Nt and Nr, using a collision-resistant hash function. Once the result is matched, it will assume that the received message from the server is sent by a valid tag otherwise the server will reject the message and inform the reader to restart communication. The location privacy can be protected due to the random ‘nonce’. Furthermore, the calculation is based on one-time matrix multiplication and a one-time XOR operation, which will not increase the burden on the server with the increasing members of the system so that the proposal can achieve the scalability and reduce the overhead on identifying tags. According to the superiority in the authentication of RFID, this scheme can be applied to IoT in the medical field to protect the privacy of patients with its unforgeability and scalability. However, the proposal still faces some challenges to be overcome. For example, it is susceptible to illegal tracking. This is due to the tag’s secret information and ID being updated after each successful verification between the reader and tag (Sarah A. Moniem et al. 2017).
K. Fan (2014) designed a lightweight and ultra-lightweight RFID mutual authentication protocol. The integrated RFID system always contains 3 main parts, tag, reader as well as a server. Because of that the server and the reader are generally connected by a real cable which has excellent security features. However, the reader and the tag were always connected wirelessly, which was prone to attack. Limited by the low storage and low computability of RFID; Lightweight RFID Mutual Authentication Protocol with Cache, named LRMAPC, is the most suitable way for solving the privacy security problem. Moreover, this lightweight protocol will reduce the computation and transmission cost greatly. Particularly, as large numbers of tags and readers require frequent communication. In addition, LRMAPC has performed greater than expected in privacy security.
In this new protocol, the most distinctive method was that both tag and reader will generate a random number to accomplish the whole authentication process, it is important to note, that both tag and reader offered calculation and did not waste the computability of the reader. Compared with ordinary protocols like hash-lock, hash-chain, digital library protocol and the distributed challenge-response, LRMAPC has distinct advantages in privacy security protection. It will defend several attacks such as, eavesdropping, forward attacks, DoS attacks, reply attacks and spoofing as well as tracking. The LRMAPC also scored well by having excellent anonymity as well as synchronicity. As a result of that LRMAPC utilised the displacement operation, the calculation of the system was reduced, and the system was very effective. In the aspect of communication, LRMAPC only needed a factor of 2 times the communication between each part of the system. Furthermore, LRMAPC combined logic encryption and for the first time, the timestamp concept. It supplied DoS-resistance ability for LRMAPC as well. However, LRMAPC will not be a perfect solution for RFID technology and it will still have some disadvantages. For example, in this protocol synchronicity protection did not perform well and had a possibility of being attacked. Potentially, adding a flag value which is generated by tag to remind the server and the reader which session is being implemented and whether it is feasible.
Currently, RFID security authentication protocols have multiple flaws. Various ways to solve the security risks of RFID systems is to design a security mutual authentication protocol with high-security performance, low resource overhead, low cost, high efficiency and scalability; with it still being a challenging research topic.
Significance and Innovation
Improving RFID security authentication protocols is critical for the security of RFID technology. Furthermore, advanced security authentication protocols also promote the utilisation of RFID in medical systems. The new security protocol balances security functionality and resource overheads, which can achieve maximum security strength with minimum resource consumption. It is expected to address RFID security problems and expand the application of RFID technology in the medical field.
In this proposal, the lightweight RFID security mutual authentication protocol based on the hash-function is proposed. The Hash function is regarded as a satisfying function as it matches with the requirements of the RFID system such as fast operation speed and low hardware resource consumption. Various proposals on RFID security mutual authentication protocol are based on the hash function, although, with some defects. Hence, based on previous study, the new protocol adds models and time stamps, making it improve the security of RFIDs with high-security, low- cost, low resource overheads and scalability features which will accelerate the utilisation of RFID technology in the medical field.
In this section, a lightweight RFID security authentication protocol will be presented in order to solve the security problem in the IoT perception layer in the medical field. This paper will introduce the technologies, process and advantages of this new method.
1. Core technologies used in the protocol
A timestamp is a variant application of digital authentication, generally, it is a sequence of strings confirming the accurate time of specific data generation. Thus, it could be used to protect electronic documents and data from being falsified. Simply speaking, a timestamp is the time required for setting up, modifying or visiting aim at a document’s property. It is also used as an encryption language of the security authentication protocol in RFID in order to protect the anonymity in addition to improving the security of this system. Alone with the progressing of IC technology, numbers of researchers proposed and successfully realised the deployment of the clock in electronic taggers. Additionally, this time could be maintained as synchronisation with the standard time which is gathered from the trusted time service centre. YA-TRAP protocol is the earliest RFID authentication protocol employing the timestamp, based on this protocol, protocols such as O-TRAP, YA-TRAP+ as well as YA-TRAP* were put forward by some researches for enhancing security (R. Greeff et al., 2012).
(2) Hash function
The Hash function is used to map data of an arbitrary length to a domain of finite length, that is, the Hash function ‘H’ takes variable length data block ‘M’ as an input to produce a fixed length output value H =H(M), and M which is called the preimage of H. The Hash function has two characteristics, anti-collision, for two data blocks with different input lengths; it is extremely unlikely that the output value ‘h’ is the same, or for any data block with a given length, it is extremely difficult to find out the data with the same hash value. It is also Tamper-resistant, a change in one bit of a block of data can make a big difference to its output hash value. At the same time, the Hash function has the advantages of high-speed operation, high security, low hardware resource consumption, etc. which are matched with the requirements of an RFID system.
Figure 1: Process of protocol authentication
(1) The Reader broadcasts the query request signal to the Tag, and the Tag responds to the signal’s request.
(2) According to the response signal, the Reader select key which corresponds to the tag and past authentication timestamp T
from the list, generates the current authentication timestamp T
. It then encrypts the timestamp using an encryption algorithm with past and current timestamps to obtain the ciphertext
(3) The Tag receives the ciphertext C and decrypts it to obtain the past authentication timestamp T
’ and the current authentication timestamp T
. Comparing them with the original value of the past and current timestamp T
If they are the same, it means that the reader is securely authenticated by the tag. Then using the hash function to calculate
) and send
back to the Reader and store
in a Tag. Here
is the identity value of the Tag.
(4) After the Reader receives
it would calculate
). After that it can send,
and the ciphertext
to the Data Base and store
in the reader. Here
is the identity value of the Reader.
(5) When the Data Base receives the
values from the Reader, it will decrypt the ciphertext
and obtain the current timestamp T
. It will then check the identity value list of the Reader to verify whether there is an identity value
If there is, it means that the Reader is not forged. It would also check the identity value list of the Tag to verify there is an identity value
If there is, it means that the Tag is not forged. Only if the Reader and the Tag are successfully authenticated concurrently will the data base be able to calculate
) and send them to the Reader.
(6) After the Reader receives
, it will compare
. If they match, it means the database is securely authenticated by the reader. Once the authentication is completed and successful, the Reader will then send
to the Tag. The Tag would undergo a similar authentication process comparing
If they are same, it means the database is securely authenticated by the Tag, and the Tag will send a response signal to the Reader.
(7) After the Reader receives the response signal from the Tag, it will generate the completed timestamp T
and encrypt it to obtain a new ciphertext
, sending the new ciphertext
to the Tag. The Tag will then decrypt it to obtain the completed timestamp T
and update the past authentication timestamp T
to the completed timestamp T
The whole process of protocol authentication is as depicted in Figure 1. It can be observed that the protocol achieves tripartite mutual authentication between the Database, Reader and Tag. It avoids the security problem that RFIDs face to a large extent.
3. Process description
The process of authentication for the Tag and the Reader can be seen in Figure 2 and Figure 3.
Figure 2: Authentication process of Tag Figure 3: Authentication process of Reader
The tag is in a standby state in the range of the reader sensing field. After receiving and selecting the query signal C1 from the reader, the tag decrypts the timestamps,
for C1. It then decrypts TSp and TSc and compare them with the authentication timestamp TSp which is stored by itself in the previous round. If and only if,
is legal and
are both established, then hashing is performed to obtain
, and H1 is sent to the reader. After that,
is calculated from the database and forwarded which will be received by the reader. The next step is to compare
, if the two are equal then the reader will feedback the authentication success signal and generate the authentication completion timestamp
to update its original time. Poke
In the entire authentication process, the reader plays an important role in authentication in addition to transmitting data between the tag and the server. Protocol authentication is initiated by the reader first. Readers receive the
from the electronic tag. At the same time, the reader calculates two hash values
according to its own identity value and the generated timestamp, sending
and the encrypted timestamp C1 to the backend server and storing
in the reader memory. After completing a series of authentication processes in the background and receiving the hash values
sent by the background, the reader will compare
in the memory. If they are equal, the background server obtains the security authentication of the reader, otherwise, it terminates the authentication process and then sends
to the tag. When the tag is authenticated and responds to the reader signal, the reader generates an authentication completion timestamp and encrypts it for tag update.
For the Database, after decrypting the timestamp, the traversal calculation is performed in the storage reader and the tag list. This is to determine whether the identity value of the reader and the tag exists in the query which ensures the judgment condition is established simultaneously. It needs to consider whether the server can successfully authenticate the reader and the legality of the tag. If one party is not legal, the authentication is rejected and there will be no response; if and only if both parties are authenticated will the server authenticator pass. After that, it will calculate the hash values
for the reader and tag authentication, and then send it to the reader.
4. Security analysis and comparison
In this part, it will analyse the security and reliability of the protocol. To do this, it needs to analyse the protocol from the perspective of attack which is described as follows:
(1) Anti-replay attack: The attacker replays the previous message in the next communication by intercepting the information between the reader and the tag. In this paper, the timestamp TS will be introduced. The time value messages of each time are different, and the timestamp generated in the next communication is uncertain and unpredictable. If the attacker replays the previous message, due to the property of the time stamp, this attack cannot be authenticated in the first place, let alone the subsequent verification process. Therefore, this protocol can resist a replay attack.
Our academic experts are ready and waiting to assist with any writing project you may have. From simple essay plans, through to full dissertations, you can guarantee we have a service perfectly matched to your needs.View our services
(2) Anti-eavesdropping attack: Due to the openness of the wireless channel, it enables the attacker to completely eavesdrop on the message content of each session. Since this data is an indeterministic timestamp of encrypted data and hash values, if an attacker obtains this information on the wireless channel, the data will be valueless to it. This will mean that it will be unable to launch the attack at the same time.
(3) Anti-forgery attack: The attacker can be disguised to be a reader to illegally access the tag or copy the tag to cheat the reader for the attack. In order to make either party believe the legitimacy of the identity of the other party, it is necessary to know the encryption and decryption algorithm passing the timestamp, as well as, the last authentication timestamp stored by the tag as well as the reader, and the mutual authentication method of the database, reader and tag. There is a close logical relationship between these three, and any slight change in the authentication conditions will result in the termination of authentication. Thus, this protocol can resist a forgery attack.
(4) Anti-tracking attack: The purpose of the attacker is to implement the tracking attack to obtain the characteristic data of the communication between the reader and the tag, as well as, deduce that different messages come from the same tag, and identify a tag among a large number of tags, so as to monitor the tag’s position. In this protocol, the identity value of the tag relates to the timestamp generated by the reader in two different ways and then transmitted through the hash function. The anti-collision performance of the hash function makes it difficult for attackers to infer the identity value of the tag after acquiring the information. At the same time, due to the introduction of the timestamp, the messages responded by the same tag in each communication process are anonymous and dynamic. These hold no significant relevance to the attacker therefore avoiding tracking attacks completely.
In this paper, a lightweight RFID security authentication protocol, which uses timestamp technology, hash function, as well as, data encryption and decryption technology to complete the two-way authentication among server, reader and tag based on certain security have been presented. The proposal is expected to be reasonable and feasible in theory. Through security and performance analysis and in comparison, with previous protocols, the proposed protocol can resist multiple attack modes and consume fewer resources.
- Yung, E. and Leung, I, An active RFID system for hospitals. 2009 Applied Electromagnetics Conference (AEMC),2009, doi:10.1109/aemc.2009.5430580.
- Wazir Zada Khan, Hussein Mohammed Zangoti, Mohammed Y Aalsalern, Muhammad Zahid and Quratulain Arshad, Mobile RFID in Internet of Things: Security Attacks, Privacy Risks, and Countermeasures, 2016 [nternational Conference on Radar, Antenna, Microwave, Electronics, and Telecommunications, 2016.
- Kai Fan, Wei Jiang, Hui Liand Yintang Yang, Lightweight RFID Protocol for Medical
- Privacy Protection in IoT, IEEE TRANSACTIONS ON INDUSTRIAL INFORMATICS, Vol. 14, No. 4, April 2018.
- Lee, B. and Kim, H, Privacy Management for Medical Service Application Using Mobile Phone Collaborated with RFID Reader. 2007 Third International IEEE Conference on Signal-Image Technologies and Internet-Based System, 2007, doi:10.1109/sitis.2007.150
- S. Weis. Security and Privacy in Radio Frequency Identification Device, Cambridge, MA, USA: MIT,2003.
- V. Dixit, H.K. Verma and A, K. Singh, Comparison of various Security Protocols in RFID, vol. 24, pp.17-21, June 2011.
- S. Weis, S. Sarma, R. Rivest, and D. Engels. Security and privacy aspects of low-cost radio frequency identification systems. Proceedings of SPC, vol. 2802, pp. 201-212, 2004.
- M. Ohkubo, K. Suzuki, and S. Kinoshita. Hash-chain based forward secure privacy protection scheme for low-cost RFID. Proceedings of SCIS, pp. 719-724, 2004.
- Zhen-Yu Wu, Tzer-Long Chen, Sung-Chiang Lin and Charlotte Wang, A Secure RFID Authentication Scheme for Medicine Applications, 2013 Seventh International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing, IEEE, 19 September 2013.
- Sarah A. Moniem, Sanaa Taha and Haithem S. Hamza, An anonymous mutual authentication scheme for healthcare RFID systems, 2017 IEEE SmartWorld/SCALCOM/UIC/ATC/CBDCom/IOP/SCI, IEEE, 8 August 2017.
- Fan K, Liang C, Li H, et al. LRMAPC: A lightweight RFID mutual authentication protocol with cache in the reader for IoT[C]//2014 IEEE International Conference on Computer and Information Technology. IEEE, pp. 276-280,2014.
- R. Greeff, F.W. Smith and D.K. Ovard, RFID Device Time Synchronization from a Public Source,
- US: Related U.S. Application Data, US 8,154,407, B2, Apr. 10, 2012.
Cite This Work
To export a reference to this article please select a referencing stye below:
Related ServicesView all
DMCA / Removal Request
If you are the original writer of this essay and no longer wish to have your work published on UKEssays.com then please: