Skip to main content
Key Specialties
Cardiology Diabetology Endocrinology Gastroenterology Geriatrics and Gerontology Gynecology and Obstetrics Hematology Infectious Disease Internal Medicine Nephrology Neurology Oncology Pediatrics Respiratory Medicine Rheumatology Surgery
Congress Coverage
2024 ACC Congress 2023 ESMO Congress 2023 EASD Congress 2023 ERS Congress 2023 ESC Congress
Clinical Collections
Advances in Alzheimer’s

At a glance: The ONWARDS insulin icodec trials

A round-up of the ONWARDS phase 3 clinical trials evaluating the novel weekly insulin icodec in people with diabetes.
ADVANCED SEARCH
Log in
Top
Journal of Medical Systems
Published in: Journal of Medical Systems 5/2014

01-05-2014 | Systems-Level Quality Improvement

A Secure RFID Authentication Protocol for Healthcare Environments Using Elliptic Curve Cryptosystem

Author: Zhenguo Zhao

Published in: Journal of Medical Systems | Issue 5/2014

Login to get access

Abstract

With the fast advancement of the wireless communication technology and the widespread use of medical systems, the radio frequency identification (RFID) technology has been widely used in healthcare environments. As the first important protocol for ensuring secure communication in healthcare environment, the RFID authentication protocols derive more and more attentions. Most of RFID authentication protocols are based on hash function or symmetric cryptography. To get more security properties, elliptic curve cryptosystem (ECC) has been used in the design of RFID authentication protocol. Recently, Liao and Hsiao proposed a new RFID authentication protocol using ECC and claimed their protocol could withstand various attacks. In this paper, we will show that their protocol suffers from the key compromise problem, i.e. an adversary could get the private key stored in the tag. To enhance the security, we propose a new RFID authentication protocol using ECC. Detailed analysis shows the proposed protocol not only could overcome weaknesses in Liao and Hsiao’s protocol but also has the same performance. Therefore, it is more suitable for healthcare environments.
Literature
1.
Juels, A., RFID security and privacy: a research survey. IEEE J. Sel Areas Commun 24:381–394, 2006.CrossRef
2.
Wang, S. W., Chen, W. H., Ong, C. S., Liu, L., and Chuang, Y. W., RFID application in hospitals: a case study on a demonstration RFID project in a Taiwan hospital. In: Hawaii International Conference on System Sciences. IEEE, pp. 184–194, 2006.
3.
Najera, P., Lopez, J., and Roman, R., Real-time location and inpatient care systems based on passive RFID. J. Netw. Comput. Appl. 34(3):980–989, 2011.CrossRef
4.
Hung, Y. K., The study of adopting RFID technology in medical institute with the perspectives of cost benefit. International Medical Informatics Symposium in Taiwan, Taiwan, 2007.
5.
Katz, J. E., and Rice, R. E., Public views of mobile medical devices and services: A US national survey of consumer sentiments towards RFID healthcare technology. Int. J. Med. Inform. 78(2):104–114, 2009.CrossRef
6.
Leu, J. G., The benefit analysis of RFID use in the health management center—the experience in Shin Kong Wu Ho-Su Memorial Hospital: National Taiwan University, 2010.
7.
Yu, C., Chen, C., Liao, P., and Lee, Y., RFID-based operation room and medicare system for patient safety enhancement—a case study of keelung branch. J. Inf. Manag. 15:97–122, 2008.
8.
Juels, A., Rivest, R. L., and Szudlo, M., The blocker tag: selective blocking of rfid tags for consumer privacy. The 8th ACM Conference on Computer and Communications Security, 103–111, 2003.
9.
Weis, S. A., Sarma, S. E., Rivest, R. L., and Engles, D. W., Security and privacy aspects of low-cost radio frequency identification systems. Security in Pervasive Computing - SPC 2003, Springer-Verlag. 2802:201–212, 2003.
10.
Okhubo, M., Suzuki, K., and Kinoshita, S., Cryptographic approach to privacy friendly tags. RFID Privacy Workshop, 2003.
11.
Henrici, D., and Muller, P., Hash based enhancement of location privacy for radio frequency identification devices using varying identifiers. International Workshop on Pervasive Computing and Communication Security—PerSec 2004, IEEE Computer Society, 149–153, 2004.
12.
Lim, C., and Kwon, T., Strong and robust rfid authentication enabling perfect ownership transfer. Information and Communications Security, Lecture Notes in Computer Science, Springer, 4307:1–20, 2006.
13.
Peris-Lopez, P., Hernandez-Castro, J. C., Estevez-Tapiador, J. M., and Ribagorda, A., EMAP, an efficient mutual authentication protocol for low cost rfid tags. In: Proc. of IS’06: Springer Verlag. 4277:352–361, 2006.
14.
Peris-Lopez, P., Hernandez-Castro, J. C., Estevez-Tapiador, J. M., and Ribagorda, A. LMAP: a real lightweight authentication protocol for low cost rfid tags. In Hand of Workshop on RFID and Lightweight Crypto, 2006.
15.
Peris-Lopez, P., Hernandez-Castro, J. C., Estevez-Tapiador, J. M., and Ribagorda, A., M2AP, A minimalist mutual authentication protocol for low cost rfid tags. In: Proc. of UIC’06: Springer Verlag. 4159:912–923, 2006.
16.
Chien, H. Y., SAS1: A new ultralightweight rfid authentication protocol providing strong authentication and strong integrity. IEEE Trans. Dependable Secure Comput. 4(4):337–340, 2007.CrossRef
17.
Juels, A., “yoking proofs” for rfid tags. First International Workshop on Pervasive Computing and Communication Security, IEEE Computer Society, 138–143, 2004.
18.
Sandlin, D., Surgichip—new technology for prevensions of wrong site, wrong procedure, wrong person surgery. J. Perianesth Nurs. 20(2):144–146, 2005.CrossRef
19.
Wu, F., Kuo, F., and Liu, L. W., The application of rfid on drug safety of inpatient nursing healthcare. ICEC’05 Proceedings of the 7th international conference on Electronic commerce, 85–92, 2005.
20.
Sun, P. R., Wang, B. H., and Wu, F., A new method to guard inpatient medication safety by the implementation of rfid. J. Med. Syst. 32(4):327–332, 2008.CrossRefMathSciNet
21.
Lo, N. W., and Yeh, K. H., Anonymous coexistence proofs for rfid tags. J. Inf. Sci. Eng. 26(4):1213–1230, 2010.
22.
Peris-Lopez, P., Hernandez-Castro, J. C., Estevez-Tapiador, J. M., and Ribagorda, A., LMAP: a real lightweight authentication protocol for low cost rfid tags. In: Hand of Workshop on RFID and Lightweight Crypto, 2006.
23.
Chen, Y., Chou, J. S., and Sun, H. M., A novel mutual authentication scheme based on quadratic residues for RFID systems. Comput. Netw. 52(12):2373–2380, 2008.CrossRefMATH
24.
Yeh, T. C., Wu, C. H., and Tseng, Y. M., Improvement of the RFID authentication scheme based on quadratic residues. Comput. Commun. 34(3):337–341, 2011.CrossRef
25.
Doss, R., Sundaresan, S., and Zhou, W., A practical quadratic residues based scheme for authentication and privacy in mobile RFID systems. Ad Hoc Netw. 11(1):383–396, 2013.CrossRef
26.
27.
Batina, L., Guajardo, J., Kerins, T., Mentens, N., Tuyls, P., and Verbauwhede, I., Public-key cryptography for RFID-tags. In: Fifth IEEE International Conference on Pervasive Computing and Communications Workshops, pp. 217–222, 2007.
28.
Lee, Y. K., Batina, L., and Verbauwhede, I., EC-RAC (ECDLP Based Randomized Access Control): Provably Secure RFID Authentication Protocol, IEEE International Conference on RFID, pp. 97–104, 2008.
29.
Bringer, J., Chabanne, H., and Icart, T., Cryptanalysis of EC-RAC, a RFID identification protocol. In: International Conference on Cryptology and Network Security—CANS’08, Lecture Notes in Computer Science: Springer-Verlag, 2008.
30.
31.
He, D., Chen, J., and Zhang, R., A More Secure Authentication Scheme for Telecare Medicine Information Systems. J. Med. Syst. 36(3):1989–1995, 2012.CrossRef
32.
He, D., Chen, Y., and Chen, J., Cryptanalysis and improvement of an extended chaotic maps-based key agreement protocol. Nonlinear Dyn. 69(3):1149–1157, 2012.CrossRefMATHMathSciNet
33.
34.
Zhu, Z., An efficient authentication scheme for telecare medicine information systems. J. Med. Syst. 36(6):3833–3838, 2012.CrossRef
35.
Zhao, Z., An efficient anonymous authentication scheme for wireless body area networks using elliptic curve cryptosystem. J. Med. Syst. 38(2):13, 2014.CrossRef
Metadata
Title
A Secure RFID Authentication Protocol for Healthcare Environments Using Elliptic Curve Cryptosystem
Author
Zhenguo Zhao
Publication date
01-05-2014
Publisher
Springer US
Published in
Journal of Medical Systems / Issue 5/2014
Print ISSN: 0148-5598
Electronic ISSN: 1573-689X
DOI
https://doi.org/10.1007/s10916-014-0046-9

Other articles of this Issue 5/2014

Journal of Medical Systems 5/2014 Go to the issue

MOBILE SYSTEMS

A More Secure Anonymous User Authentication Scheme for the Integrated EPR Information System

MOBILE SYSTEMS

Security Enhancement of a Biometric based Authentication Scheme for Telecare Medicine Information Systems with Nonce

Patient Facing Systems

An Efficient RFID Authentication Protocol to Enhance Patient Medication Safety Using Elliptic Curve Cryptography

Patient Facing Systems

A Stationary Wavelet Transform Based Approach to Registration of Planning CT and Setup Cone beam-CT Images in Radiotherapy

Transactional Processing Systems

Secure Verifier-Based Three-Party Authentication Schemes without Server Public Keys for Data Exchange in Telecare Medicine Information Systems

Education & Training

Chaos Based Encryption System for Encrypting Electroencephalogram Signals