Enhanced RFID mutual authentication scheme based on shared secret information

RFID is a revolutionary remote technology which has many useful implications. Large scale implementation of RFID is seeking 100% information privacy and untraceability, for users and organizations, which is suitable for low cost RFID tag (Class1). To protect users and organization we are proposing an enhanced RFID mutual authentication scheme. In this protocol we use authentication based on shared unique parameters as a method to protect privacy. This protocol will be capable of handling forward and backward security, rouge reader better than existing protocols. In our new scheme we involved RFID reader’s hardware ID in addition to other shared secret information which uses hash to protect users and industries privacy. Moreover, we used LAMED as our PRNG (Pseudorandom Number Generator) which is faster and take less computational power.

Mutual authentication with malware protection for a RFID system

Radio Frequency Identification (RFID) system is a remote identification technology which is taking the place of barcodes to become electronic tags of an object. However, its radio transmission nature is making it vulnerable in terms of security. Recently, research proposed that an RFID tag can contain malicious code which might spread viruses, worms and other exploits to middleware and back-end systems. This paper is proposing a framework which will provide protection from malware and ensure the data privacy of a tag. The framework will use a sanitization technique with a mutual authentication in the reader level. This will ensure that any malicious code in the tag is identified. If the tag is infected by malicious code it will stop execution of the code in the RFIF system. Here shared unique parameters are used for authentication. It will be capable of protecting an RFID system from denial of service (DOS) attack, forward security and rogue reader better than existing protocols. The framework is introducing a layer concept on a smart reader to reduce coupling between different tasks. Using this framework, the RFID system will be protected from malware and also the privacy of the tag will be ensured.

A novel mutual authentication scheme with minimum disclosure for rfid systems

In this paper we present a novel approach to authentication and privacy in RFID systems based on the minimum disclosure property and in conformance to EPC Class-1 Gen-2 specifications. We take into account the computational constraints of EPC Class-1 Gen-2 passive RFID tags and only the cyclic redundancy check (CRC) and pseudo random number generator (PRNG) functions that passive RFID tags are capable of are employed. Detailed security analysis of our scheme shows that it can offer robust security properties in terms of tag anonymity and tag untraceability while at the same time being robust to replay, tag impersonation and desynchronisation attacks. Simulations results are also presented to study the scalability of the proposed scheme and its impact on authentication delay.

A secure tag ownership transfer scheme in a closed loop RFID system

In this paper we propose a novel secure tag ownership transfer scheme for closed loop RFID systems. An important property of our method is that the ownership transfer is guaranteed to be atomic and the scheme is protected against desynchronisation leading to permanent DoS. Further, it is suited to the computational constraints of EPC Class-1 Gen-2 passive RFID tags as they only use the CRC and PRNG functions that passive RFID tags are capable of. We provide a detailed security analysis to show that our scheme satisfies the required security properties of tag anonymity, tag location privacy, forward secrecy, forward untraceability while being resistant to replay, desynchronisation and server impersonation attacks. Performance comparisons show that our scheme is practical and can be implemented on passive low-cost RFID tags.

Secure RFID tag ownership transfer based on quadratic residues

In this paper, we propose a novel approach to secure ownership transfer in RFID systems based on the quadratic residue property. We present two secure ownership transfer schemes-the closed loop and open loop schemes. An important property of our schemes is that ownership transfer is guaranteed to be atomic. Further, both our schemes are suited to the computational constraints of EPC Class-1 Gen-2 passive RFID tags as they only use operations that such passive RFID tags are capable of. We provide a detailed security analysis to show that our schemes achieve strong privacy and satisfy the required security properties of tag anonymity, tag location privacy, forward secrecy, and forward untraceability. We also show that the schemes are resistant to replay (both passive and algebraic), desynchronization, and server impersonation attacks. Performance comparisons demonstrate that our schemes are practical and can be implemented on low-cost passive RFID tags.

RFID ownership transfer protocol based on cloud

RFID and Cloud computing are widely used in the IoT (Internet of Things). However, there are few research works which combine RFID ownership transfer schemes with Cloud computing. Subsequently, this paper points out the weaknesses in two protocols proposed by Xie et al. (2013) [3] and Doss et al. (2013) [9]. To solve the security issues of these protocols, we present a provably secure RFID ownership transfer protocol which achieves the security and privacy requirements for cloud-based applications. To be more specific, the communication channels among the tags, mobile readers and the cloud database are insecure. Besides, an encrypted hash table is used in the cloud database. Next, the presented protocol not only meets backward untraceability and the proposed strong forward untraceability, but also resists against replay attacks, tracing attacks, inner reader malicious impersonation attacks, tag impersonation attacks and desynchronization attacks. The comparisons of security and performance properties show that the proposed protocol has more security, higher efficiency and better scalability compared with other schemes.