A Lightweight Authentication Scheme for Cloud-Based RFID Healthcare Systems

Cloud-based RFID provides a new solution for the smart healthcare environment, and cloudbased RFID healthcare systems have many advantages over traditional healthcare systems, such as efficient medical assets management and medical information sharing. However, in the cloudbased RFID healthcare system, the untrusted cloud server manages private medical information, and these private data are transmitted on the public wireless channel, which exposes them to a high risk of leakage. Furthermore, attacks on the system may lead to serious consequences. Assuming a tag is implanted in an artificial organ and doctors use readers to monitor and control it, an attacker's tampering with these data may pose a risk to the life of this patient. Thus, privacy and security issues need to be considered in the cloud-based RFID healthcare environment. In this article, we propose a lightweight authentication scheme based on quadratic reSIDuals and pseudo random number generator to guarantee the security of the cloud-based RFID healthcare system. It ensures data privacy and is resistant to typical attacks in mobile communication. Compared to other RFID authentication schemes, the proposed scheme provides strong security with fewer resources, thereby achieving a compromise between costs and security requirements of the smart healthcare system.

[1]  Wanlei Zhou,et al.  A practical quadratic residues based scheme for authentication and privacy in mobile RFID systems , 2013, Ad Hoc Networks.

[2]  Cédric Lauradoux,et al.  When Compromised Readers Meet RFID , 2009, WISA.

[3]  Chen Zhang,et al.  Cloud-based RFID authentication , 2013, 2013 IEEE International Conference on RFID (RFID).

[4]  Ju-Chuan Wu,et al.  A Reliable RFID Mutual Authentication Scheme for Healthcare Environments , 2013, Journal of Medical Systems.

[5]  Alfredo De Santis,et al.  On Ultralightweight RFID Authentication Protocols , 2011, IEEE Transactions on Dependable and Secure Computing.

[6]  Yanan Li,et al.  Formal Analysis and Verification for an Ultralightweight Authentication Protocol RAPP of RFID , 2017, NCTCS.

[7]  Daniel W. Engels,et al.  I. Radio-Frequency Identification: Security Risks and Challenges , 2003 .

[8]  Chia-Sheng Wu,et al.  An enhanced ultralightweight RFID authentication protocol , 2009, 2009 Joint Conferences on Pervasive Computing (JCPC).

[9]  Hung-Yu Chien,et al.  SASI: A New Ultralightweight RFID Authentication Protocol Providing Strong Authentication and Strong Integrity , 2007, IEEE Transactions on Dependable and Secure Computing.

[10]  Chandra Sekhar Vorugunti,et al.  A Realistic Lightweight Authentication Protocol for Securing Cloud Based RFID System , 2016, 2016 IEEE International Conference on Cloud Computing in Emerging Markets (CCEM).

[11]  Yun Tian,et al.  A New Ultralightweight RFID Authentication Protocol with Permutation , 2012, IEEE Communications Letters.

[12]  Ronald L. Rivest,et al.  Security and Privacy Aspects of Low-Cost Radio Frequency Identification Systems , 2003, SPC.

[13]  Shin-Yan Chiou,et al.  An enhanced authentication scheme in mobile RFID system , 2018, Ad Hoc Networks.