An Analysis of Provable Security Frameworks for RFID Security

Radio frequency identification (RFID) has become one of the most eminent commercial technologies in the last few years. The RFID tags are embedded or latched with any item for their unique identification. These tags can carry small amounts of data and have capability to perform simple computations. However, because of their simple architecture, the data these tags carry are not secure. This paper discusses some of the state-of-the-art authentication schemes that can secure RFID tags along with some security models that are used to verify whether an authentication scheme is secure against any potential security risks or not. This paper analyzes some authentication schemes and security models along with their strengths and weaknesses.

[1]  Sheetal Kalra,et al.  Secure authentication scheme for IoT and cloud servers , 2015, Pervasive Mob. Comput..

[2]  Lejla Batina,et al.  RFID-Tags for Anti-counterfeiting , 2006, CT-RSA.

[3]  Sébastien Canard,et al.  Privacy-Preserving RFID Systems: Model and Constructions , 2010, IACR Cryptol. ePrint Arch..

[4]  Marc Girault,et al.  Security of privacy-preserving RFID systems , 2010, 2010 IEEE International Conference on RFID-Technology and Applications.

[5]  Kai Bu,et al.  You Can Clone But You Cannot Hide: A Survey of Clone Prevention and Detection for RFID , 2017, IEEE Communications Surveys & Tutorials.

[6]  Roel Peeters,et al.  Attack on Liao and Hsiao's Secure ECC-based RFID Authentication Scheme integrated with ID-Verifier Transfer Protocol , 2013, IACR Cryptol. ePrint Arch..

[7]  Tim Güneysu,et al.  Secure and Private, yet Lightweight, Authentication for the IoT via PUF and CBKA , 2016, ICISC.

[8]  Zuowen Tan,et al.  A User Anonymity Preserving Three-Factor Authentication Scheme for Telecare Medicine Information Systems , 2014, Journal of Medical Systems.

[9]  Lixiang Li,et al.  An Enhanced Biometric-Based Authentication Scheme for Telecare Medicine Information Systems Using Elliptic Curve Cryptosystem , 2015, Journal of Medical Systems.

[10]  Laurence T. Yang,et al.  The Internet of Things: From RFID to the Next-Generation Pervasive Networked Systems , 2008 .

[11]  Mike Burmester,et al.  Universally composable and forward-secure RFID authentication and authenticated key exchange , 2007, ASIACCS '07.

[12]  Hung-Yu Chien,et al.  SASI: A New Ultralightweight RFID Authentication Protocol Providing Strong Authentication and Strong Integrity , 2007, IEEE Transactions on Dependable and Secure Computing.

[13]  Chih-Ming Hsiao,et al.  A Secure ECC-Based RFID Authentication Scheme Using Hybrid Protocols , 2013 .

[14]  Juan E. Tapiador,et al.  M2AP: A Minimalist Mutual-Authentication Protocol for Low-Cost RFID Tags , 2006, UIC.

[15]  Serge Vaudenay,et al.  On Privacy Models for RFID , 2007, ASIACRYPT.

[16]  L. Batina,et al.  EC-RAC (ECDLP Based Randomized Access Control): Provably Secure RFID authentication protocol , 2008, 2008 IEEE International Conference on RFID.

[17]  Morteza Nikooghadam,et al.  Three-Factor Anonymous Authentication and Key Agreement Scheme for Telecare Medicine Information Systems , 2014, Journal of Medical Systems.

[18]  Chih-Ming Hsiao,et al.  A secure ECC-based RFID authentication scheme integrated with ID-verifier transfer protocol , 2014, Ad Hoc Networks.

[19]  Juan E. Tapiador,et al.  Advances in Ultralightweight Cryptography for Low-Cost RFID Tags: Gossamer Protocol , 2009, WISA.

[20]  Ari Juels,et al.  Defining Strong Privacy for RFID , 2007, Fifth Annual IEEE International Conference on Pervasive Computing and Communications Workshops (PerComW'07).

[21]  Leslie Lamport,et al.  Password authentication with insecure communication , 1981, CACM.

[22]  Ronald L. Rivest,et al.  Security and Privacy Aspects of Low-Cost Radio Frequency Identification Systems , 2003, SPC.

[23]  Dawu Gu,et al.  Efficient Fuzzy Extraction of PUF-Induced Secrets: Theory and Applications , 2016, CHES.

[24]  Patrick Schaumont,et al.  A new maskless debiasing method for lightweight physical unclonable functions , 2017, 2017 IEEE International Symposium on Hardware Oriented Security and Trust (HOST).

[25]  Simson L. Garfinkel,et al.  RFID privacy: an overview of problems and proposed solutions , 2005, IEEE Security & Privacy Magazine.

[26]  M. Ufuk Çaglayan,et al.  Providing destructive privacy and scalability in RFID systems using PUFs , 2015, Ad Hoc Networks.

[27]  Juan E. Tapiador,et al.  EMAP: An Efficient Mutual-Authentication Protocol for Low-Cost RFID Tags , 2006, OTM Workshops.

[28]  David A. Wagner,et al.  Privacy and security in library RFID: issues, practices, and architectures , 2004, CCS '04.

[29]  Paul Müller,et al.  Hash-based enhancement of location privacy for radio-frequency identification devices using varying identifiers , 2004, IEEE Annual Conference on Pervasive Computing and Communications Workshops, 2004. Proceedings of the Second.

[30]  Wooi-Haw Tan,et al.  Combined Spline and B-spline for an Improved Automatic Skin Lesion Segmentation in Dermoscopic Images Using Optimal Color Channel , 2014, Journal of Medical Systems.

[31]  Moti Yung,et al.  End-To-End Design of a PUF-Based Privacy Preserving Authentication Protocol , 2015, CHES.

[32]  Khaled Ouafi,et al.  Security and Privacy in RFID Systems , 2012 .