Top

Published in:

01-07-2016 | Patient Facing Systems

A Provably Secure RFID Authentication Protocol Based on Elliptic Curve for Healthcare Environments

Authors: Mohammad Sabzinejad Farash, Omer Nawaz, Khalid Mahmood, Shehzad Ashraf Chaudhry, Muhammad Khurram Khan

Published in: Journal of Medical Systems | Issue 7/2016

Abstract

To enhance the quality of healthcare in the management of chronic disease, telecare medical information systems have increasingly been used. Very recently, Zhang and Qi (J. Med. Syst. 38(5):47, 32), and Zhao (J. Med. Syst. 38(5):46, 33) separately proposed two authentication schemes for telecare medical information systems using radio frequency identification (RFID) technology. They claimed that their protocols achieve all security requirements including forward secrecy. However, this paper demonstrates that both Zhang and Qi’s scheme, and Zhao’s scheme could not provide forward secrecy. To augment the security, we propose an efficient RFID authentication scheme using elliptic curves for healthcare environments. The proposed RFID scheme is secure under common random oracle model.

Burmester, M., Le, T. V., Medeiros, B. D., Tsudik, G., Universally composable RFID identification and authentication protocols. ACM Trans. Inf. Syst. Secur.(TISSEC) 12(4):21, 2009.CrossRef

Juels, A., and Weis, S.: Defining Strong Privacy for RFID. Cryptology ePrint Archive Report 2006/137 (2006)

Cai, S., Li, Y., Li, T., Deng, R. H.: Attacks and improvements to an RIFD mutual authentication protocol and its extensions. In: Proceedings of the second ACM conference on wireless network security, pp 51-58 (2009)

Song, B., and Mitchell C. J., Scalable RFID security protocols supporting tag ownership transfer. Comput. Commun. 34(4):556–566, 2011.CrossRef

Niu, B., Zhu, X., Chi, H., Li, H., Privacy and authentication protocol for mobile RFID systems. Wirel. Pers. Commun., 2014. doi:http://dx.doi.org/10.1007/s11277-014-1605-6.

Shao-hui, W., Zhijie, H., Sujuan, L., Dan-wei, C., Security analysis of two lightweight RFID authentication protocols. annals of telecommunications-annales des tlcommunications, 2013. doi:10.1007/s12243-013-0361-z.

Dehkordi, M. H., and Farzaneh, Y., Improvement of the hash-based RFID mutual authentication protocol. Wirel. Pers. Commun., 2013. doi:10.1007/s11277-013-1358-7.

Safkhani, M., Peris-Lopez, P., Hernandez-Castro, J. C., Bagheri, N., Cryptanalysis of the Cho others. protocol: A hash-based RFID tag mutual authentication protocol. J. Comput. Appl. Math. 259(1):571–577, 2014.CrossRef

Alagheband, M. R., and Aref, M. R., Simulation-Based Traceability analysis of RFID authentication protocols. Wirel. Pers. Commun., 2013. doi:10.1007/s11277-013-1552-7.

10.

Chen, C. L., Huang, Y. C., Shih, T. F., A Novel Mutual Authentication Scheme for RFID conforming EPCglobal Class 1 Generation 2 Standards. Information Technology And Control 41(3):220–228, 2012.CrossRef

11.

Kuo, W. C., Chen, B. L., Wuu, L. C., Secure Indefinite-Index RFID Authentication scheme with Challenge-Response strategy. Information Technology And Control 42(2):124–130, 2013.CrossRef

12.

Alagheband, M. R., and Aref, M. R., Unified privacy analysis of newfound RFID authentication protocols. Security and Communication Networks 6(8):999–1009, 2013.CrossRef

13.

Farash M.S., Cryptanalysis and improvement of an efficient mutual authentication RFID scheme based on elliptic curve cryptography. J. Supercomput. 70(2):987–1001, 2014.CrossRef

14.

Hein, D., Wolkerstorfer, J., Felber, N.: ECC Is ready for RFID - a proof in silicon. In: Selected areas in cryptography, LNCS 5381, pp 401413 (2009)

15.

Lee, Y. K., Sakiyama, K., Batina, L., Verbauwhede, I., Elliptic curve based security processor for RFID. IEEE Trans. Comput. 57(11):1514–1527, 2008.CrossRef

16.

of Standards, N.N.I.: Technology: Cryptographic Hash Algorithm Competition. http://csrc.nist.gov/groups/ST/hash/sha-3/index.html

17.

Ning, H., Liu, H., Mao, J., Zhang, Y., Scalable and distributed key array authentication protocol in radio frequency identification-based sensor systems. IET Commun. 5(12):1755–1768, 2011.CrossRef

18.

Alomair, B., Clark, A., Cuellar, J., Poovendran, R., Scalable RFID systems: a privacy-preserving protocol with constant-time identification. IEEE Trans. Parallel Distrib. Syst. 23(8):1536–1550, 2012.CrossRef

19.

Alomair, B., and Poovendran, R., Privacy versus scalability in radio frequency identification systems. Comput. Commun. 33(18):2155–2163, 2010.CrossRef

20.

Song, B., and Mitchell, C. J., Scalable RFID Security protocols supporting tag ownership transfer. Comput. Commun. 34(4):556–566, 2011.CrossRef

21.

Batina, L., Lee, Y. K., Seys, S., Singele, D., Verbauwhede, I., Extending ECC-based RFID authentication protocols to privacy-preserving multi-party grouping proofs. Pers. Ubiquit. Comput. 16(3):323–335, 2012.CrossRef

22.

Chou, J., S.,an efficient mutual authentication RFID scheme based on elliptic curve cryptography. J. Supercomput., 2013. doi:10.1007/s11227-013-1073-x.

23.

Tuyls, P., and Batina, L.: RFID-Tags for Anti-Counterfeiting. In: Topics in cryptology (CT-RSA’06), LNCS 3860, pp 115-131 (2006)

24.

Schnorr, C. P., Efficient identification and signatures for smart cards. In Advances in Cryptology (CRYPTO’89), 239–252 , 1990.

25.

Batina, L, Guajardo, J, Kerins, T, Mentens, N, Tuyls, P, Verbauwhede, I.: Public-key cryptography for RFID-tags. In: Fifth annual IEEE 2007. International Conference on Pervasive Computing and Communications Workshops, (PerCom Workshops’07), pp 217-222 (2007)

26.

Okamoto, T.: Provably secure and practical identification schemes and corresponding signature schemes. In: Advances in Cryptology (CRYPTO’92), pp 31-53 (1993)

27.

Lee, Y. K., Batina, L., Verbauwhede, I.: EC-RAC (ECDLP Based randomized access control): provably secure RFID authentication protocol. In: IEEE International conference on RFID, pp. 97-104 (2008)

28.

O’Neill, M, and Robshaw, M J, Low-cost digital signature architecture suitable for radio frequency identification tags. Comput. Digital Tech. IET 4(1):14–26, 2010.CrossRef

29.

Godor, G., Giczi, N., Imre, S.: Elliptic curve cryptography based mutual authentication protocol for low computational capacity RFID systems-performance analysis by simulations. In: IEEE International conference on wireless communications, networking and information security (WCNIS), pp 650-657 (2010)

30.

Liao, Y., and Hsiao, C., A secure ECC-based RFID authentication scheme integrated with ID-verifier transfer protocol. Ad Hoc Netw., 2013. doi:10.1016/j.adhoc.2013.02.004.

31.

Peeters, R., and Hermans, J.: Attack on Liao and Hsiao’s Secure ECC-based RFID Authentication Scheme integrated with ID-Verifier Transfer Protocol. http://eprint.iacr.org/2013/399 (2013)

32.

Zhang, Z., and Qi, Q., An Efficient RFID Authentication protocol to enhance patient medication safety using elliptic curve cryptography. J. Med. Syst. 38(5):47, 2014. doi:10.1007/s10916-014-0047-8.CrossRefPubMed

33.

Zhao, Z., A Secure RFID Authentication protocol for healthcare environments using elliptic curve cryptosystem. J. Med. Syst. 38(5):46, 2014. doi:10.1007/s10916-014-0046-9.CrossRefPubMed

34.

Guo, P., Wang, J., Li, B., Lee, S., A variable threshold value authentication architecture for wireless mesh networks. J. Internet Technol. 15(6):929–936, 2014.

35.

Shen, J., Tan, H., Wang, J., et al., A novel routing protocol providing good transmission reliability in underwater sensor networks. J. Internet Technol. 16(1):171–178, 2015.

36.

He, D., and Wang, D., Robust biometrics-based authentication scheme for multi-server environment. IEEE Syst. J. 9(3):816–823, 2015.CrossRef

37.

He, D., and Zeadally, S., Authentication protocol for an ambient assisted living system. IEEE Commun. Mag. 53(1):71–77, 2015.CrossRef

38.

He, D., An efficient remote user authentication and key agreement protocol for mobile clientserver environment from pairings. Ad Hoc Netw. 10(6):1009–1016, 2012.CrossRef

39.

Farash M.S., Cryptanalysis and improvement of ‘an improved authentication with key agreement scheme on elliptic curve cryptosystem for global mobility networks’. International Journal of Network Management 25(1):31–51, 2015.CrossRef

40.

Li, C T, Weng, C Y, Lee, C. C., A secure RFID tag authentication protocol with privacy preserving in telecare medicine information system. J. Med. Syst. 39(8):1–8, 2015.CrossRef

41.

Srivastava, K, Awasthi, A K, Kaul, S D, Mittal, R. C., A hash based mutual RFID tag authentication protocol in telecare medicine information system. J. Med. Syst. 39(1):1–5, 2015.CrossRef

Title: A Provably Secure RFID Authentication Protocol Based on Elliptic Curve for Healthcare Environments
Authors: Mohammad Sabzinejad Farash
Omer Nawaz
Khalid Mahmood
Shehzad Ashraf Chaudhry
Muhammad Khurram Khan
Publication date: 01-07-2016
Publisher: Springer US
Published in: Journal of Medical Systems / Issue 7/2016
Print ISSN: 0148-5598
Electronic ISSN: 1573-689X
DOI: https://doi.org/10.1007/s10916-016-0521-6

At a glance: The STEP trials

Springer Medicine

A Provably Secure RFID Authentication Protocol Based on Elliptic Curve for Healthcare Environments

Abstract

At a glance: The STEP trials

Springer Medicine

Abstract

Please log in to get access to this content

Other articles of this Issue 7/2016

Distributed Denial of Service Attack Source Detection Using Efficient Traceback Technique (ETT) in Cloud-Assisted Healthcare Environment

Data–Driven Multimodal Sleep Apnea Events Detection

Massive Access Control Aided by Knowledge-Extraction for Co-Existing Periodic and Random Services over Wireless Clinical Networks

Efficient Fine Arrhythmia Detection Based on DCG P-T Features

Analysis of the process of representing clinical statements for decision-support applications: a comparison of openEHR archetypes and HL7 virtual medical record

Psychiatric Patients Tracking Through a Private Social Network for Relatives: Development and Pilot Study