Abstract
Aiming at the security and privacy, and authentication efficiency shortages of existing RFID authentication protocol, an improved scheme is proposed based on Alavi et al.’s protocol. Firstly, in order to resist against replay attack, we add the timestamp generator to the reader side and use hash function to encrypt the reader identification, the random number and timestamp generated by the reader; meanwhile, to solve the data integrity problem in the original scheme, the reader matches the decrypted data with the server side message to ensure that it can detect if the data is tampered with by the attacker. Finally, the improved group anonymous authentication model is used to improve the back-end server’s authentication efficiency. Theoretical analysis and experimental results show that the improved protocol effectively solves the security problems and reduces the back-end server’s authentication time. In addition, this paper simulates the impact of group number on system privacy level and authentication efficiency through experiments. In practical applications, the group number can be adjusted appropriately according to different privacy and efficiency requirements, so the privacy and authentication efficiency of the system will be well-balanced.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
Irshad, A., Sher, M., Nawaz, O., et al. (2017). A secure and provable multi-server authenticated key agreement for TMIS based on Amin et al. scheme. Multimedia Tools and Applications, 76(15), 16463–16489.
Khan, I., Chaudhry, S. A., Sher, M., et al. (2018). An anonymous and provably secure biometric-based authentication scheme using chaotic maps for accessing medical drop box data. The Journal of Supercomputing, 74(8), 3685–3703.
Akgün, M., & Çaǧlayan, M. U. (2015). Providing destructive privacy and scalability in RFID systems using PUFs. Ad Hoc Networks, 32(9), 32–42.
Su, C., Santoso, B., Li, Y., et al. (2017). Universally composable RFID mutual authentication. IEEE Transactions on Dependable and Secure Computing, 14(1), 83–94.
Srivastava, K., Awasthi, A. K., Kaul, S. D., et al. (2015). A hash based mutual RFID tag authentication protocol in telecare medicine information system. Journal of Medical Systems, 39(1), 153–157.
Li, C. T., Weng, C. Y., & Lee, C. C. (2015). A secure RFID tag authentication protocol with privacy preserving in telecare medicine information system. Journal of Medical Systems, 39(8), 77–84.
Wu, F., Xu, L., Kumari, S., et al. (2018). A lightweight and anonymous RFID tag authentication protocol with cloud assistance for e-healthcare applications. Journal of Ambient Intelligence and Humanized Computing, 9(4), 919–930.
Cho, J. S., Jeong, Y. S., & Park, S. O. (2015). Consideration on the brute-force attack cost and retrieval cost: A hash-based radio-frequency identification (RFID) tag mutual authentication protocol. Computers and Mathematics with Applications, 69(1), 58–65.
Dehkordi, M. H., & Farzaneh, Y. (2014). Improvement of the hash-based RFID mutual authentication protocol. Wireless Personal Communications, 75(1), 219–232.
Alavi, S. M., Baghery, K., & Abdolmaleki, B. (2015). Traceability analysis of recent RFID authentication protocols. Wireless Personal Communications, 83(3), 1663–1682.
Fan, K., Gong, Y., Liang, C., et al. (2016). Lightweight and ultralightweight RFID mutual authentication protocol with cache in the reader for IoT in 5G. Security and Communication Networks, 9(16), 3095–3104.
Aghili, S. F., Ashouri-Talouki, M., & Mala, H. (2018). DoS, impersonation and de-synchronization attacks against an ultra-lightweight RFID mutual authentication protocol for IoT. The Journal of Supercomputing, 74(1), 509–525.
Farash, M. S., Nawaz, O., Mahmood, K., et al. (2016). A provably secure RFID authentication protocol based on elliptic curve for healthcare environments. Journal of Medical Systems, 40(7), 165–171.
Sundaresan, S., Doss, R., Piramuthu, S., et al. (2015). Secure tag search in RFID systems using mobile readers. IEEE Transactions on Dependable and Secure Computing, 12(2), 230–242.
Jannati, H., & Bahrak, B. (2016). Security analysis of an RFID tag search protocol. Information Processing Letters, 116(10), 618–622.
Pourpouneh, M., Ramezanian, R., & Salahi, F. (2014). An improvement over a server-less RFID authentication protocol. International Journal of Computer Network and Information Security, 7(1), 31–37.
Shahrbabak, M. M., & Abdolmaleky, S. (2016). SRMAP and ISLAP authentication protocols: Attacks and improvements. IACR Cryptology ePrint Archive, 2016, 731–741.
Shen, J., Tan, H., Zhang, Y., et al. (2017). A new lightweight RFID grouping authentication protocol for multiple tags in mobile environment. Multimedia Tools and Applications, 76(21), 22761C22783.
Avoine, G., Bingöl, M. A., Carpent, X., et al. (2013). Privacy-friendly authentication in RFID systems: on sublinear protocols based on symmetric-key cryptography. IEEE Transactions on Mobile Computing, 12(10), 2037–2049.
Li, T., Luo, W., Mo, Z., et al. (2012). Privacy-preserving RFID authentication based on cryptographical encoding. In 2012 Proceedings IEEE INFOCOM (pp. 2174–2182).
Deng, G., Li, H., Zhang, Y., et al. (2013). Tree-LSHB+: An LPN-based lightweight mutual authentication RFID protocol. Wireless Personal Communications, 72(1), 159–174.
Avoine, G., Buttyant, L., Holczer, T., et al. (2007). Group-based private authentication. In IEEE international symposium on world of wireless, mobile and multimedia networks (WoWMoM) (pp. 1–6).
Rahman, F., Hoque, M. E., & Ahamed, S. I. (2017). Anonpri: A secure anonymous private authentication protocol for RFID systems. Information Sciences, 379(2), 195–210.
Sun, M. T., Sakai, K., & Ku, W. S. (2016). Private and secure tag access for large-scale RFID systems. IEEE Transactions on Dependable and Secure Computing, 13(6), 657–671.
Vaudenay, S. (2007). On privacy models for RFID. In 13th international conference on the theory and application of cryptology and information security (pp. 68–87).
Cao, T., Chen, X., Doss, R., et al. (2016). RFID ownership transfer protocol based on cloud. Computer Networks, 105(8), 47–59.
He, D., & Zeadally, S. (2015). An analysis of RFID authentication schemes for internet of things in healthcare environment using elliptic curve cryptography. IEEE Internet of Things Journal, 2(1), 72–83.
Ibrahim, A., & Dalkilic, G. (2017). Review of different classes of RFID authentication protocols. Wireless Networks, 2017(4), 1–14.
Author information
Authors and Affiliations
Corresponding author
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
About this article
Cite this article
Wang, P., Zhou, Z. An Improved RFID Authentication Protocol Based on Group Anonymous Model. Wireless Pers Commun 103, 2811–2831 (2018). https://doi.org/10.1007/s11277-018-5964-2
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11277-018-5964-2