Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                
Skip to main content
SpringerLink
Log in

An Efficient RFID Authentication Scheme Based on Elliptic Curve Cryptography for Internet of Things

  • Published:
Wireless Personal Communications Aims and scope Submit manuscript

Abstract

With the rapid development of microelectronics devices and the progress in communication and information technologies, many services and technologies are increasingly involved into our daily life. In fact, as the used systems are progressively interconnected and open, this introduce new threats such as more and more hacking, fraud and many other kinds of misuses. Consequently, the security and privacy of the exchanged data information tampering must be addressed most seriously. In this context, recently Elliptic Curve Cryptography (ECC) is widely used in many cryptosystems nowadays especially for those presenting challenging constraints in terms of power consumption, memory, computational cost, etc. It is well-known that the ECC provides high security level with much smaller key sizes. In this paper, we show that an inappropriate use of ECC cryptographic primitives, the lack of experience in designing secure protocols and the unsuitable choice of security verification tools can destroy the whole security of a given ECC-based scheme. Therefore, first we wreck efficient attacks on three most recent proposed ECC-based protocols published in three of well-known scientific journals. Then, an improved protocol that inherits the strengths of Dinarvand and Barati’s protocol and takes into account the discovered flaws is proposed. Via formal and informal security models, we assess that the improved protocol could deliver all the virtues of Dinarvand and Barati’s protocol and resists all known attacks.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1

Similar content being viewed by others

References

  1. Bos, J. W., Halderman, J. A., Heninger, N., Moore, J., Naehrig, M., & Wustrow, E. (2014). In elliptic curve cryptography in practice. International conference on financial cryptography and data security (pp. 157–175). New York: Springer.

    Google Scholar 

  2. Batina, L., Guajardo, J., Kerins, T., Mentens, N., Tuyls, P., & Verbauwhede, I. (2007). In Public-key cryptography for RFID-tags. In: Fifth annual IEEE international conference on pervasive computing and communications workshops (PerComW’07) IEEE, pp. 217–222.

  3. Dinarvand, N., & Barati, H. (2019). An efficient and secure RFID authentication protocol using elliptic curve cryptography. Wireless Networks, 25(1), 415.

    Article  Google Scholar 

  4. Wu, F., Li, X., Xu, L., Kumari, S., Karuppiah, M., & Shen, J. (2017). A lightweight and privacy-preserving mutual authentication scheme for wearable devices assisted by cloud server. Computers and Electrical Engineering, 63, 168.

    Article  Google Scholar 

  5. Alamr, A. A., Kausar, F., Kim, J., & Seo, C. (2018). A secure ECC-based RFID mutual authentication protocol for internet of things. The Journal of Supercomputing, 74(9), 4281.

    Article  Google Scholar 

  6. Lv, C., Li, H., Ma, J., & Zhang, Y. (2012). Vulnerability analysis of elliptic curve cryptography-based RFID authentication protocols. Transactions on Emerging Telecommunications Technologies, 23(7), 618.

    Article  Google Scholar 

  7. Antipa, A., Brown, D., Menezes, A., Struik, R., & Vanstone, S. (2003). Validation of elliptic curve public keys. International workshop on public key cryptography (pp. 211–223). New York: Springer.

    MATH  Google Scholar 

  8. Hankerson, D., & Menezes, A. (2011). Elliptic curve cryptography. New York: Springer.

    MATH  Google Scholar 

  9. Hales, T. C. (2013). The NSA back door to NIST. Notices of the AMS, 61(2), 190.

    MathSciNet  MATH  Google Scholar 

  10. Khoirom, M. S., Laiphrakpam, D. S., & Themrichon, T. (2018). Cryptanalysis of multimedia encryption using elliptic curve cryptography. Optik, 168, 370.

    Article  Google Scholar 

  11. Lee, Y. K., Sakiyama, K., Batina, L., & Verbauwhede, I. (2008). Elliptic-curve-based security processor for RFID. IEEE Transactions on Computers, 57(11), 1514.

    Article  MathSciNet  Google Scholar 

  12. Kaya, S. V., Savaş, E., Levi, A., & Erçetin, Ö. (2009). Public key cryptography based privacy preserving multi-context RFID infrastructure. Ad Hoc Networks, 7(1), 136.

    Article  Google Scholar 

  13. Tuyls, P., & Batina, L. (2006). In RFID-tags for anti-counterfeiting. Cryptographers’ track at the RSA conference (pp. 115–131). New York: Springer.

    Google Scholar 

  14. Lee, Y. K., Batina, L., & Verbauwhede, I. (2008). In EC-RAC (ECDLP based randomized access control): provably secure RFID authentication protocol. In: Proceedings of the 2008 IEEE international conference on RFID IEEE, pp. 97–104.

  15. Liao, Y. P., & Hsiao, C. M. (2014). A secure ECC-based RFID authentication scheme integrated with ID-verifier transfer protocol. Ad Hoc Networks, 18, 133.

    Article  Google Scholar 

  16. Zhao, Z. (2014). A secure RFID authentication protocol for healthcare environments using elliptic curve cryptosystem. Journal of Medical Systems, 38(5), 46.

    Article  Google Scholar 

  17. Chou, J. (2014). A secure RFID authentication protocol to enhance patient medication safety using elliptic curve cryptography. Journal of Supercomputer,. https://doi.org/10.1007/s11227-013-1073-x.

    Article  Google Scholar 

  18. Zhang, Z., & Qi, Q. (2014). An efficient RFID authentication protocol to enhance patient medication safety using elliptic curve cryptography. Journal of Medical Systems, 38(5), 47.

    Article  Google Scholar 

  19. He, D., Kumar, N., Chilamkurti, N., & Lee, J. H. (2014). Lightweight ECC based RFID authentication integrated with an ID verifier transfer protocol. Journal of Medical Systems, 38(10), 116.

    Article  Google Scholar 

  20. Qu, J., & Tan, X. L. (2014). Two-factor user authentication with key agreement scheme based on elliptic curve cryptosystem. Journal of Electrical and Computer Engineering, 2014

  21. Huang, B., Khan, M. K., Wu, L., Muhaya, F. T. B., & He, D. (2015). An efficient remote user authentication with key agreement scheme using elliptic curve cryptography. Wireless Personal Communications, 85(1), 225.

    Article  Google Scholar 

  22. Chaudhry, S. A., Naqvi, H., Mahmood, K., Ahmad, H. F., & Khan, M. K. (2017). An improved remote user authentication scheme using elliptic curve cryptography. Wireless Personal Communications, 96(4), 5355.

    Article  Google Scholar 

  23. Chen, Y., & Chou, J. S. (2015). ECC-based untraceable authentication for large-scale active-tag RFID systems. Electronic Commerce Research, 15(1), 97.

    Article  Google Scholar 

  24. Shen, H., Shen, J., Khan, M. K., & Lee, J. H. (2017). Efficient RFID authentication using elliptic curve cryptography for the internet of things. Wireless Personal Communications, 96(4), 5253.

    Article  Google Scholar 

  25. Jin, C., Xu, C., Zhang, X., & Zhao, J. (2015). A secure RFID mutual authentication protocol for healthcare environments using elliptic curve cryptography. Journal of Medical Systems, 39(3), 24.

    Article  Google Scholar 

  26. Luo, M., Zhang, Y., Khan, M. K., & He, D. (2017). A secure and efficient identity-based mutual authentication scheme with smart card using elliptic curve cryptography. International Journal of Communication Systems, 30(16), e3333.

    Article  Google Scholar 

  27. Islam, S. H., & Biswas, G. (2014). Dynamic id-based remote user mutual authentication scheme with smartcard using elliptic curve cryptography. Journal of Electronics (China), 31(5), 473.

    Article  Google Scholar 

  28. Madhusudhan, R., Hegde, M., & Memon, I. (2018). A secure and enhanced elliptic curve cryptography-based dynamic authentication scheme using smart card. International Journal of Communication Systems, 31(11).

  29. Truong, T. T., Tran, M. T., & Duong, A. D. (2014). Enhanced dynamic authentication scheme (edas). Information Systems Frontiers, 16(1), 113.

    Article  Google Scholar 

  30. Liu, G., Zhang, H., Kong, F., & Zhang, L. (2018). A novel authentication management RFID protocol based on elliptic curve cryptography. Wireless Personal Communications, 101(3), 1445.

    Article  Google Scholar 

  31. Adhikari, S., Ray, S., Biswas, G. P., & Obaidat, M. S. (2019). Efficient and secure business model for content centric network using elliptic curve cryptography. International Journal of Communication Systems, 32(1), e3839.

    Article  Google Scholar 

  32. Naresh, V. S., Sivaranjani, R., & Murthy, N. V. E. S. (2018). Provable secure lightweight hyper elliptic curve-based communication system for wireless sensor networks. International Journal of Communication Systems, 31(15), e3763.

    Article  Google Scholar 

  33. Qi, M., & Chen, J. (2018). New robust biometrics-based mutual authentication scheme with key agreement using elliptic curve cryptography. Multimedia Tools and Applications, 77, 1.

    Article  Google Scholar 

  34. Sahoo, S. S., Mohanty, S., & Majhi, B. (2019). Improved biometric-based mutual authentication and key agreement scheme using ECC. Wireless Personal Communications, 111, 1–27.

    Google Scholar 

  35. Naeem, M. Chaudhry, S. A., Mahmood, K., Karuppiah, M. & Kumari, S. (2019). A scalable and secure RFID mutual authentication protocol using ECC for internet of things. International Journal of Communication Systems, p. e3906.

  36. Jager, T., Schwenk, J., & Somorovsky, J. (2015). In practical invalid curve attacks on TLS-ECDH. European Symposium on research in computer security (pp. 407–425). New York: Springer.

    Google Scholar 

  37. Benssalah, M., Djeddou, M., & Drouiche, K. (2017). A provably secure RFID authentication protocol based on elliptic curve signature with message recovery suitable for m-health environments. Transactions on Emerging Telecommunications Technologies, 28(11), e3166.

    Article  Google Scholar 

  38. Marzouqi, H., Al-Qutayri, M., & Salah K. (2013). In an FPGA implementation of NIST 256 prime field ECC processor. In: Proceedings of the 2013 IEEE 20th international conference on electronics, circuits, and systems (ICECS) IEEE, pp. 493–496.

  39. Abadi, M., & Needham, R. (1996). Prudent engineering practice for cryptographic protocols. IEEE Transactions on Software Engineering, 22(1), 6.

    Article  Google Scholar 

  40. Joye, M., & Quisquater, J. J. (2001). Hessian elliptic curves and side-channel attacks. International workshop on cryptographic hardware and embedded systems (pp. 402–410). New York: Springer.

    MATH  Google Scholar 

  41. Canetti, R., Goldreich, O., & Halevi, S. (2004). The random oracle methodology, revisited. Journal of the ACM (JACM), 51(4), 557.

    Article  MathSciNet  Google Scholar 

  42. Jin, C., Xu, C., Zhang, X., & Li, F. (2016). A secure ECC-based RFID mutual authentication protocol to enhance patient medication safety. Journal of Medical Systems, 40(1), 12.

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Laboratoire Traitement du Signal, ’Ecole Militaire Polytechnique, BP 17 Bordj El Bahri, 16111, Algiers, Algeria

    Mustapha Benssalah & Izza Sarah

  2. LIK Neuville Sur Oise, Cergy Pontoise University, Cergy-Pontoise CEDEX, France

    Karim Drouiche

Authors
  1. Mustapha Benssalah
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Izza Sarah
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Karim Drouiche
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Mustapha Benssalah.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Benssalah, M., Sarah, I. & Drouiche, K. An Efficient RFID Authentication Scheme Based on Elliptic Curve Cryptography for Internet of Things. Wireless Pers Commun 117, 2513–2539 (2021). https://doi.org/10.1007/s11277-020-07992-x

Download citation

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11277-020-07992-x

Keywords

Search

Navigation