A Quorum RFID System Using Threshold Cryptosystem

The applications of radio frequency identification (RFID) technology have been expanded to be used in different fields that need automatic defining objects without human intervention. Recently, RFID applications have been increasingly used in the world due to its significant advantage in providing accurate information, ease of control, and reduce labour cost. Even though, researchers have reported issues with the RFID technology in terms of security and privacy which makes the RFID technology vulnerable to many threats. To satisfy such threats, many RFID based authentication schemes have been proposed. Secret sharing schemes have been also proposed for RFID system due to key management ability. Elliptical curve cryptography (ECC) has attracted researchers to apply within RFID system due to security and stability properties. This paper attempts to develop an RFID scheme that allows multi RFID tags to be authenticated within an RFID reader by using ElGamal cryptosystem or the lite version of the Cramer-Shoup cryptosystem and elliptical curve cryptography. With the threshold of the ElGamal or the lite version of Cramer-Shoup, the tag's secret information is split by using Shamir secret sharing scheme among n tags with n secrets shares such that any k quorum tags can reconstruct and decrypt the secret information. As the Shamir secret shares are to be stored on RFID tags with limited memory, the elliptic curve version of Cramer-Shoup will be used in the implementation. The security of the scheme is based on the security achievement of the Shamir secret sharing schem, ElGamal cryptosystem and the lite version of Cramer-Shoup cryptosystem.

[1]  Erl-Huei Lu,et al.  Modifying the ECC-Based Grouping-Proof RFID System to Increase Inpatient Medication Safety , 2014, Journal of Medical Systems.

[2]  Bryan Parno,et al.  Unidirectional Key Distribution Across Time and Space with Applications to RFID Security , 2008, USENIX Security Symposium.

[3]  Ronald Cramer,et al.  A Practical Public Key Cryptosystem Provably Secure Against Adaptive Chosen Ciphertext Attack , 1998, CRYPTO.

[4]  Lejla Batina,et al.  RFID-Tags for Anti-counterfeiting , 2006, CT-RSA.

[5]  Yingjiu Li,et al.  Secure and Practical Key Distribution for RFID-Enabled Supply Chains , 2011, SecureComm.

[6]  Robert H. Deng,et al.  Enabling Secure Secret Updating for Unidirectional Key Distribution in RFID-Enabled Supply Chains , 2009, ICICS.

[7]  Ram Shanmugam Elliptic Curves and Their Applications to Cryptography: An Introduction : Andreas Enge, Kluwer Academic Press, Norwell, MA, 1999, pp 164, ISBN 0-7923-8589-6 , 2001, Neurocomputing.

[8]  Iwao Sasase,et al.  Secret sharing based unidirectional key distribution with dummy tags in Gen2v2 RFID-enabled supply chains , 2015, 2015 IEEE International Conference on RFID (RFID).

[9]  Xiaoqi Jia,et al.  An Efficient Group-Based Secret Sharing Scheme , 2011, ISPEC.

[10]  Adi Shamir,et al.  How to share a secret , 1979, CACM.

[11]  Sherali Zeadally,et al.  An Analysis of RFID Authentication Schemes for Internet of Things in Healthcare Environment Using Elliptic Curve Cryptography , 2015, IEEE Internet of Things Journal.

[12]  Frederik Vercauteren,et al.  On the Claimed Privacy of EC-RAC III , 2010, RFIDSec.

[13]  Klaus Finkenzeller,et al.  Book Reviews: RFID Handbook: Fundamentals and Applications in Contactless Smart Cards and Identification, 2nd ed. , 2004, ACM Queue.

[14]  Min-Shiang Hwang,et al.  A Mutual Authentication Protocol for RFID , 2011, IT Professional.

[15]  Ari Juels,et al.  RFID security and privacy: a research survey , 2006, IEEE Journal on Selected Areas in Communications.

[16]  Tim Kerins,et al.  Public-Key Cryptography for RFID-Tags , 2007, Fifth Annual IEEE International Conference on Pervasive Computing and Communications Workshops (PerComW'07).

[17]  Ron Weinstein,et al.  RFID: a technical overview and its application to the enterprise , 2005, IT Professional.

[18]  S.A. Weis RFID privacy workshop , 2004, IEEE Security & Privacy Magazine.

[19]  Mahabir Prasad Jhanwar,et al.  Relaxing IND-CCA: Indistinguishability against Chosen Ciphertext Verification Attack , 2012, SPACE.

[20]  Keith Mayes,et al.  Enhancing the Key Distribution Model in the RFID-Enabled Supply Chains , 2014, 2014 28th International Conference on Advanced Information Networking and Applications Workshops.

[21]  Taher ElGamal,et al.  A public key cyryptosystem and signature scheme based on discrete logarithms , 1985 .

[22]  Marc Langheinrich,et al.  RFID Privacy Using Spatially Distributed Shared Secrets , 2007, UCS.

[23]  Ingrid Verbauwhede,et al.  Privacy Challenges in RFID Systems , 2010, IOT 2010.

[24]  Sasa Radomirovic,et al.  Untraceable RFID protocols are not trivially composable: Attacks on the revision of EC-RAC , 2009, IACR Cryptol. ePrint Arch..

[25]  L. Batina,et al.  EC-RAC (ECDLP Based Randomized Access Control): Provably Secure RFID authentication protocol , 2008, 2008 IEEE International Conference on RFID.

[26]  Xiaoqi Jia,et al.  Efficient Secret Sharing Schemes , 2011, STA.

[27]  Ben Niu,et al.  Security Analysis of a Privacy-preserving ECC-based Grouping-proof Protocol , 2011 .

[28]  Mihir Bellare,et al.  Towards Plaintext-Aware Public-Key Encryption Without Random Oracles , 2004, ASIACRYPT.

[29]  Jean-Luc Danger,et al.  Security, Privacy, and Applied Cryptography Engineering , 2017, Lecture Notes in Computer Science.

[30]  Jeong Hyun Yi,et al.  Development of privacy-preserving RFID authentication system using mobile devices , 2011, ICTC 2011.

[31]  Michel Barbeau,et al.  Proactive Threshold Cryptosystem for EPC Tags , 2011, Ad Hoc Sens. Wirel. Networks.

[32]  Fangguo Zhang,et al.  ECC-Based Grouping-Proof RFID for Inpatient Medication Safety , 2011, Journal of Medical Systems.

[33]  Tassos Dimitriou,et al.  A Lightweight RFID Protocol to protect against Traceability and Cloning attacks , 2005, First International Conference on Security and Privacy for Emerging Areas in Communications Networks (SECURECOMM'05).

[34]  Ingrid Verbauwhede,et al.  Privacy-Preserving ECC-Based Grouping Proofs for RFID , 2010, ISC.

[35]  Lejla Batina,et al.  Untraceable RFID authentication protocols: Revision of EC-RAC , 2009, 2009 IEEE International Conference on RFID.

[36]  Julien Bringer,et al.  Cryptanalysis of EC-RAC, a RFID Identification Protocol , 2008, CANS.

[37]  Ingrid Verbauwhede,et al.  Low-cost untraceable authentication protocols for RFID , 2010, WiSec '10.

[38]  Andreas Enge,et al.  Elliptic Curves and Their Applications to Cryptography , 1999, Springer US.

[39]  Martin Stanek,et al.  On Ciphertext Undetectability , 2007, IACR Cryptol. ePrint Arch..

[40]  Ted Taekyoung Kwon,et al.  Strong and Robust RFID Authentication Enabling Perfect Ownership Transfer , 2006, ICICS.

[41]  Marc Langheinrich,et al.  Practical Minimalist Cryptography for RFID Privacy , 2007, IEEE Systems Journal.