An anonymous mutual authentication scheme for healthcare RFID systems

Radio Frequency Identification (RFID) is widely deployed nowadays in many applications, such as toll road collection, access control, asset tracking, and supply chain, in order to identify, track, and locate mobile objects with high accuracy. However, the RFID tags are vulnerable to anonymity and location privacy threats due to the ID-query replies transmitted from those tags. Accordingly, in this paper and based on keyed hash functions, we propose an anonymous mutual authentication scheme, which achieves anonymity, unlinkability, untraceability, and location privacy for RFID tags. Security analysis shows that our proposed scheme thwarts illicit tracking, replay, relay, Dos, and backward secrecy attacks. Additionally, our scheme can be implemented in healthcare RFID systems because it employs lightweight security operations, and it achieves up to 21% and 84% less communication and communication overheads, respectively, compared to those in current anonymous authentication schemes.

[1]  Hal Berghel,et al.  A Survey of RFID Deployment and Security Issues , 2011, J. Inf. Process. Syst..

[2]  Hugo Krawczyk,et al.  Keying Hash Functions for Message Authentication , 1996, CRYPTO.

[3]  Jain-Shing Wu,et al.  Protect mobile RFID location privacy using dynamic identity , 2008, 2008 7th IEEE International Conference on Cognitive Informatics.

[4]  Masoud Hadian Dehkordi,et al.  Improvement of the Hash-Based RFID Mutual Authentication Protocol , 2014, Wirel. Pers. Commun..

[5]  Walid I. Khedr SRFID: A hash-based security scheme for low cost RFID systems , 2013 .

[6]  Li Liu,et al.  RFID Application in Hospitals: A Case Study on a Demonstration RFID Project in a Taiwan Hospital , 2006, Proceedings of the 39th Annual Hawaii International Conference on System Sciences (HICSS'06).

[7]  Roy Want,et al.  An introduction to RFID technology , 2006, IEEE Pervasive Computing.

[8]  Ju-Chuan Wu,et al.  A Reliable RFID Mutual Authentication Scheme for Healthcare Environments , 2013, Journal of Medical Systems.

[9]  Liaojun Pang,et al.  Secure and efficient mutual authentication protocol for RFID conforming to the EPC C-1 G-2 standard , 2013, 2013 IEEE Wireless Communications and Networking Conference (WCNC).

[10]  Benjamin P. Rosenbaum,et al.  Radio Frequency Identification (RFID) in Health Care: Privacy and Security Concerns Limiting Adoption , 2014, Journal of Medical Systems.