ESLRAS: A Lightweight RFID Authentication Scheme with High Efficiency and Strong Security for Internet of Things

Radio Frequency Identification (RFID) is one of the key technologies for Internet of Things (IoT). Due to the limitations of processing capability, storage space and power supply of RFID tag, the traditional security mechanisms cannot be used directly. In addition, the existing security threats become more severe towards RFID authentication scheme. In this paper, we propose an Efficient Secure Lightweight RFID Authentication Scheme based on challenge-response model, named ESLRAS. To achieve authentication efficiency, the key of the tag is chosen to reduce the number of hash computing in database. Furthermore, the key is stored in database and updated constantly with the tag to prevent the tracking attack and the synchronization attack. The correctness of ESLRAS has been proved using GNY logic, and the performance of ESLRAS in terms of security and efficiency is evaluated. Compared with other existing approaches, ESLRAS achieves stronger security and higher efficiency.

[1]  Jian Huang,et al.  An approach to security and privacy of RFID system for supply chain , 2004, IEEE International Conference on E-Commerce Technology for Dynamic E-Business.

[2]  Daniel W. Engels,et al.  RFID Systems and Security and Privacy Implications , 2002, CHES.

[3]  David A. Wagner,et al.  Privacy and security in library RFID: issues, practices, and architectures , 2004, CCS '04.

[4]  M. Aigner Secure Symmetric Authentication for RFID Tags , 2005 .

[5]  Pin-Han Ho,et al.  PPAB: A Privacy-Preserving Authentication and Billing Architecture for Metropolitan Area Sharing Networks , 2009, IEEE Transactions on Vehicular Technology.

[6]  Li Gong,et al.  Reasoning about belief in cryptographic protocols , 1990, Proceedings. 1990 IEEE Computer Society Symposium on Research in Security and Privacy.

[7]  Shi Guo-chuan An Identity-Based Authenticated Key Agreement Protocol , 2011 .

[8]  Weihua Zhuang,et al.  Exploiting prediction to enable Secure and Reliable routing in Wireless Body Area Networks , 2012, 2012 Proceedings IEEE INFOCOM.

[9]  Stephen A. Weis Security and Privacy in Radio-Frequency Identification Devices , 2003 .

[10]  M. Feldhofer An authentication protocol in a security layer for RFID smart tags , 2004, Proceedings of the 12th IEEE Mediterranean Electrotechnical Conference (IEEE Cat. No.04CH37521).

[11]  Xiaohui Liang,et al.  BECAN: A Bandwidth-Efficient Cooperative Authentication Scheme for Filtering Injected False Data in Wireless Sensor Networks , 2012, IEEE Transactions on Parallel and Distributed Systems.

[12]  Yingjiu Li,et al.  Protecting RFID communications in supply chains , 2007, ASIACCS '07.

[13]  Dongho Won,et al.  Challenge-Response Based RFID Authentication Protocol for Distributed Database Environment , 2005, SPC.

[14]  Christian Damsgaard Jensen,et al.  Zero-knowledge Device Authentication: Privacy & Security Enhanced RFID preserving Business Value and Consumer Convenience , 2004, PST.

[15]  Paul Müller,et al.  Hash-based enhancement of location privacy for radio-frequency identification devices using varying identifiers , 2004, IEEE Annual Conference on Pervasive Computing and Communications Workshops, 2004. Proceedings of the Second.