A robust anonymity preserving authentication protocol for IoT devices

In spite of being a promising technology which will make our lives a lot easier we cannot be oblivious to the fact IoT is not safe from online threat and attacks. Thus, along with the growth of IoT we also need to work on its aspects. Taking into account the limited resources that these devices have it is important that the security mechanisms should also be less complex and do not hinder the actual functionality of the device. In this paper, we propose an ECC based lightweight authentication for IoT devices which deploy RFID tags at the physical layer. ECC is a very efficient public key cryptography mechanism as it provides privacy and security with lesser computation overhead. We also present a security and performance analysis to verify the strength of our proposed approach.

[1]  Chao Wang,et al.  A Lightweight RFID Authentication Protocol based on Elliptic Curve Cryptography , 2013, J. Comput..

[2]  Ingrid Verbauwhede,et al.  Low-cost untraceable authentication protocols for RFID , 2010, WiSec '10.

[3]  Sheetal Kalra,et al.  Secure authentication scheme for IoT and cloud servers , 2015, Pervasive Mob. Comput..

[4]  Mohammad Sabzinejad Farash Cryptanalysis and improvement of an efficient mutual authentication RFID scheme based on elliptic curve cryptography , 2014, The Journal of Supercomputing.

[5]  Zhenguo Zhao,et al.  A Secure RFID Authentication Protocol for Healthcare Environments Using Elliptic Curve Cryptosystem , 2014, Journal of Medical Systems.

[6]  Chih-Ming Hsiao,et al.  A secure ECC-based RFID authentication scheme integrated with ID-verifier transfer protocol , 2014, Ad Hoc Networks.

[7]  Lixiang Li,et al.  An Enhanced Biometric-Based Authentication Scheme for Telecare Medicine Information Systems Using Elliptic Curve Cryptosystem , 2015, Journal of Medical Systems.

[8]  L. Batina,et al.  EC-RAC (ECDLP Based Randomized Access Control): Provably Secure RFID authentication protocol , 2008, 2008 IEEE International Conference on RFID.

[9]  Jue-Sam Chou An efficient mutual authentication RFID scheme based on elliptic curve cryptography , 2013, The Journal of Supercomputing.

[10]  Morteza Nikooghadam,et al.  Three-Factor Anonymous Authentication and Key Agreement Scheme for Telecare Medicine Information Systems , 2014, Journal of Medical Systems.

[11]  Tim Kerins,et al.  Public-Key Cryptography for RFID-Tags , 2007, Fifth Annual IEEE International Conference on Pervasive Computing and Communications Workshops (PerComW'07).

[12]  Antonio Iera,et al.  The Internet of Things: A survey , 2010, Comput. Networks.

[13]  Rodrigo Roman,et al.  Securing the Internet of Things , 2017, Smart Cards, Tokens, Security and Applications, 2nd Ed..

[14]  Manuel Blum,et al.  A Simple Unpredictable Pseudo-Random Number Generator , 1986, SIAM J. Comput..

[15]  Chih-Ming Hsiao,et al.  A Secure ECC-Based RFID Authentication Scheme Using Hybrid Protocols , 2013 .

[16]  Lejla Batina,et al.  Untraceable RFID authentication protocols: Revision of EC-RAC , 2009, 2009 IEEE International Conference on RFID.

[17]  Sherali Zeadally,et al.  Unique Radio Innovation for the 21st Century: Building Scalable and Global RFID Networks , 2010 .

[18]  Marimuthu Palaniswami,et al.  Internet of Things (IoT): A vision, architectural elements, and future directions , 2012, Future Gener. Comput. Syst..

[19]  Roel Peeters,et al.  Attack on Liao and Hsiao's Secure ECC-based RFID Authentication Scheme integrated with ID-Verifier Transfer Protocol , 2013, IACR Cryptol. ePrint Arch..

[20]  Zuowen Tan,et al.  A User Anonymity Preserving Three-Factor Authentication Scheme for Telecare Medicine Information Systems , 2014, Journal of Medical Systems.

[21]  Rodrigo Roman,et al.  Real-time location and inpatient care systems based on passive RFID , 2010, Journal of Network and Computer Applications.

[22]  Lejla Batina,et al.  RFID-Tags for Anti-counterfeiting , 2006, CT-RSA.