Secure and Efficient Control Transfer for IoT Devices

The prevalence of Internet of Things (IoT) requires flexible and fine-grained controls over the IoT devices. Existing works rely on specific controllers or programs to remotely control IoT devices, which is inefficient to support intelligent control in IoT environments. In contrast, utilizing a common portal device, for example, smart phone, to control variant IoT devices is a promising solution. However, it is challenging to guarantee the security when transferring the control of IoT devices. In this paper, we design a lightweight protocol to enable secure control transfer among the IoT devices, portal devices, and backend server. We demonstrate the effectiveness of our protocol in defending against mainstream attacks. Experimental results show the efficiency of our protocol in the authentication and key-updating during the control transfer.

[1]  Dong Hoon Lee,et al.  Anti-cloning protocol suitable to EPCglobal Class-1 Generation-2 RFID systems , 2009, Comput. Stand. Interfaces.

[2]  Tsuyoshi Takagi,et al.  An Efficient and Secure RFID Security Method with Ownership Transfer , 2006, 2006 International Conference on Computational Intelligence and Security.

[3]  Ronald L. Rivest,et al.  Security and Privacy Aspects of Low-Cost Radio Frequency Identification Systems , 2003, SPC.

[4]  Tassos Dimitriou,et al.  A secure and efficient RFID protocol that could make big brother (partially) obsolete , 2006, Fourth Annual IEEE International Conference on Pervasive Computing and Communications (PERCOM'06).

[5]  Roberto Di Pietro,et al.  RIPP-FS: An RFID Identification, Privacy Preserving Protocol with Forward Secrecy. , 2007, Fifth Annual IEEE International Conference on Pervasive Computing and Communications Workshops (PerComW'07).

[6]  Juan E. Tapiador,et al.  M2AP: A Minimalist Mutual-Authentication Protocol for Low-Cost RFID Tags , 2006, UIC.

[7]  H. Afifi,et al.  A Simple Delegation Scheme for RFID Systems (SiDeS) , 2007, 2007 IEEE International Conference on RFID.

[8]  Hung-Min Sun,et al.  A Gen2-Based RFID Authentication Protocol for Security and Privacy , 2009, IEEE Transactions on Mobile Computing.

[9]  Radha Poovendran,et al.  Public key based authentication for secure integration of sensor data and RFID , 2008, HeterSanet '08.

[10]  Bo Sheng,et al.  Severless Search and Authentication Protocols for RFID , 2007, Fifth Annual IEEE International Conference on Pervasive Computing and Communications (PerCom'07).

[11]  N. Asokan,et al.  Vibrate-to-unlock: Mobile phone assisted user authentication to multiple personal RFID tags , 2011, 2011 IEEE International Conference on Pervasive Computing and Communications (PerCom).

[12]  Jingde Cheng,et al.  POP method: an approach to enhance the security and privacy of RFID systems used in product lifecycle with an anonymous ownership transferring mechanism , 2007, SAC '07.

[13]  Kwangjo Kim,et al.  A Lightweight Protocol Enabling Ownership Transfer and Granular Data Access of RFID Tags , 2007 .

[14]  Mo Li,et al.  BEST: A Bidirectional Efficiency-Privacy Transferable Authentication Protocol for RFID-Enabled Supply Chain , 2012, ICPADS.

[15]  Mike Burmester,et al.  Lightweight RFID authentication with forward and backward security , 2011, TSEC.

[16]  M. Bárász Passive Attack Against the M 2 AP Mutual Authentication Protocol for RFID Tags ∗ , 2007 .

[17]  Sanjay Singh,et al.  Privacy preserving and ownership authentication in ubiquitous computing devices using secure three way authentication , 2012, 2012 International Conference on Innovations in Information Technology (IIT).

[18]  Srdjan Capkun,et al.  Physical-layer identification of UHF RFID tags , 2010, MobiCom.

[19]  Shigang Chen,et al.  Privacy-preserving RFID authentication based on cryptographical encoding , 2012, 2012 Proceedings IEEE INFOCOM.

[20]  Mike Burmester,et al.  Provably Secure Ubiquitous Systems: Universally Composable RFID Authentication Protocols , 2006, 2006 Securecomm and Workshops.

[21]  Sheikh Iqbal Ahamed,et al.  AnonPri: An efficient anonymous private authentication protocol , 2011, 2011 IEEE International Conference on Pervasive Computing and Communications (PerCom).

[22]  Kouichi Sakurai,et al.  Reassignment Scheme of an RFID Tag's Key for Owner Transfer , 2005, EUC Workshops.

[23]  B. Song RFID Tag Ownership Transfer , 2008 .

[24]  Hung-Yu Chien,et al.  SASI: A New Ultralightweight RFID Authentication Protocol Providing Strong Authentication and Strong Integrity , 2007, IEEE Transactions on Dependable and Secure Computing.

[25]  Ari Juels,et al.  Defining Strong Privacy for RFID , 2007, PerCom Workshops.

[26]  Manik Lal Das,et al.  Two-factor user authentication in wireless sensor networks , 2009, IEEE Transactions on Wireless Communications.

[27]  Ari Juels,et al.  Strengthening EPC tags against cloning , 2005, WiSe '05.

[28]  Yong Guan,et al.  Lightweight Mutual Authentication and Ownership Transfer for RFID Systems , 2010, 2010 Proceedings IEEE INFOCOM.

[29]  Gene Tsudik A Family of Dunces: Trivial RFID Identification and Authentication Protocols , 2007, Privacy Enhancing Technologies.

[30]  Hervé Chabanne,et al.  Noisy Cryptographic Protocols for Low-Cost RFID Tags , 2006, IEEE Transactions on Information Theory.