article

A Secure RFID Tag Authentication Protocol with Privacy Preserving in Telecare Medicine Information System

Authors:

Cheng-Chi LeeAuthors Info & Claims

Journal of Medical Systems, Volume 39, Issue 8

Pages 1 - 8

https://doi.org/10.1007/s10916-015-0260-0

Published: 01 August 2015 Publication History

Abstract

Radio Frequency Identification (RFID) based solutions are widely used for providing many healthcare applications include patient monitoring, object traceability, drug administration system and telecare medicine information system (TMIS) etc. In order to reduce malpractices and ensure patient privacy, in 2015, Srivastava et al. proposed a hash based RFID tag authentication protocol in TMIS. Their protocol uses lightweight hash operation and synchronized secret value shared between back-end server and tag, which is more secure and efficient than other related RFID authentication protocols. Unfortunately, in this paper, we demonstrate that Srivastava et al.'s tag authentication protocol has a serious security problem in that an adversary may use the stolen/lost reader to connect to the medical back-end server that store information associated with tagged objects and this privacy damage causing the adversary could reveal medical data obtained from stolen/lost readers in a malicious way. Therefore, we propose a secure and efficient RFID tag authentication protocol to overcome security flaws and improve the system efficiency. Compared with Srivastava et al.'s protocol, the proposed protocol not only inherits the advantages of Srivastava et al.'s authentication protocol for TMIS but also provides better security with high system efficiency.

References

[1]

Azevedo, S.G., and Ferreira, J.J., Radio frequency identification: a case study of healthcare organisations. Int. J. Secur. Netw. 5(2/3):147---155, 2010.

[2]

Chang, Y.F., Yu, S.H., Shiao, D.R., A uniqueness-and-anonymity-preserving remote user authentication scheme for connected health care. J. Med. Syst. 37:9902, 2013.

[3]

Chen, Y.Y., Huang, D.C., Tsai, M.L., Jan, J.K., A design of tamper resistant prescription RFID access control system. J. Med. Syst. 36(5):2795---2801, 2012.

Digital Library

[4]

Chien, H.Y., Yang, C.C., Wu, T.C., Lee, C.F., Two RFID-based solutions to enhance inpatient medication safety. J. Med. Syst. 35(3):369---375, 2011.

Digital Library

[5]

Cho, J.S., Yeo, S.S., Kim, S.K., Securing against brute-force attack: A hash-based RFID mutual authentication protocol using a secret value. Comput. Commun. 34(3):391---397, 2011.

Digital Library

[6]

Dyreson, C.E., and Snodgrass, R.T., Timestamp semantics and representation. Inf. Syst. 18(3):143---166, 1993.

Digital Library

[7]

He, D., Chen, J., Zhang, R., A more secure authentication scheme for telecare medicine information systems. J. Med. Syst. 36(3):1989---1995, 2012.

Digital Library

[8]

He, D., Kumar, N., Chilamkurti, N., Lee, J.H., Lightweight ECC based RFID authentication integrated with an ID verifier transfer protocol. J. Med. Syst. 38:116, 2014.

Digital Library

[9]

He, D., and Zeadally, S., Authentication protocol for ambient assisted living system. IEEE Commun. Mag. 35(1):71---77, 2015.

Digital Library

[10]

He, D., Kumar, N., Chilamkurti, N., A secure temporal-credential-based mutual authentication and key agreement scheme with pseudo identity for wireless sensor networks. Inf. Sci., 2015.

[11]

He, D., Kumar, N., Chen, J., Robust anonymous authentication protocol for healthcare applications using wireless medical sensor networks. Multimedia Systems 21(1):49---60, 2015.

Digital Library

[12]

Huang, H.H., and Ku, C.Y., A RFID grouping proof protocol for medication safety of inpatient. J. Med. Syst. 33(6):467---474, 2009.

Digital Library

[13]

Kaul, S.D., and Awasthi, A.K., RFID authentication protocol to enhance patient medication safety. J. Med. Syst. 37(6):1---6, 2013.

Digital Library

[14]

Kim, H.S., Enhanced hash-based RFID mutual authentication protocol. Commun. Comput. Inform. Sci. 339:70---77, 2012.

[15]

Kim, H.S., RFID mutual authentication protocol based on synchronized secret. Int. J. Secur. Appl. 7(4):37---50, 2013.

[16]

Lee, C.C., Chen, C.T., Li, C.T., Wu, P.H., A practical RFID authentication mechanism for digital television. Telecommun. Syst. 57(3):239---246, 2014.

Digital Library

[17]

Lee, C.C., Chiu, S.T., Li, C.T., Improving security of a communication-efficient three-party password authenticated key exchange protocol. Int. J. Netw. Secur. 17(1):1---6, 2015.

[18]

Li, C.T., and Hwang, M.S., An efficient biometrics-based remote user authentication scheme using smart cards. J. Netw. Comput. Appl. 33(1):1---5, 2010.

Digital Library

[19]

Li, C.T., and Lee, C.C., A novel user authentication and privacy preserving scheme with smart cards for wireless communications. Math. Comput. Model. 55(1-2):35---44, 2012.

[20]

Li, C.T., Lee, C.C., Weng, C.Y., Fan, C.I., A RFID-based macro-payment scheme with security and authentication for retailing services. ICIC Express Letters 6(12):3163---3170, 2012.

[21]

Li, C.T., Lee, C.C., Weng, C.Y., An extended chaotic maps based user authentication and privacy preserving scheme against DoS attacks in pervasive and ubiquitous computing environments. Nonlinear Dyn. 74(4): 1133---1143, 2013.

[22]

Li, C.T., Lee, C.C., Weng, C.Y., A secure chaotic maps and smart cards based password authentication and key agreement scheme with user anonymity for telecare medicine information systems. J. Med. Syst. 38(9):77, 2014.

Digital Library

[23]

Mishra, D., Srinivas, J., Mukhopadhyay, S., A secure and efficient chaotic map-based authenticated key agreement scheme for telecare medicine information systems. J. Med. Syst. 38:120, 2015.

[24]

Peris-Lopez, P., Orfila, A., Mitrokotsaand, A., van der Lubbe, J. C. A., A comprehensive RFID solution to enhance inpatient medication safety. Int. J. Med. Inform. 80(1):13---24, 2011.

[25]

Ramasamy, R., and Muniyandi, A.P., An efficient password authentication scheme for smart card. Int. J. Netw. Secur. 14(3):180---186, 2012.

[26]

National Institute of Standards and Technology: US department of commerce, secure hash standard, US Federal Information Processing Standard Publication (2002)

[27]

Sun, P.R., Wang, B.H., Wu, F., A new method to guard inpatient medication safety by the implementation of RFID. J. Med. Syst. 32(4):327---332, 2008.

Digital Library

[28]

Srivastava, K., Awasthi, A.K., Kaul, S.D., Mittal, R.C., A hash based mutual RFID tag authentication protocol in telecare medicine information system. J. Med. Syst. 39:153, 2015.

Digital Library

[29]

Wu, S., Chen, K., Zhu, Y., A secure lightweight RFID binding proof protocol for medication errors and patient safety. J. Med. Syst. 36(5):2743---2749, 2012.

Digital Library

[30]

Wyld, D., Preventing the worst case scenario: an analysis of RFID technology and infant protection in hospitals. The Internet Journal of Healthcare Administration 7(1), 2009.

[31]

Yang, L., Ma, J.F., Jiang, Q., Mutual authentication scheme with smart cards and password under trusted computing. Int. J. Netw. Secur. 14(3):156---163, 2012.

[32]

Yen, Y.C., Lo, N.W., Wu, T.C., Two RFID-based solutions for secure inpatient medication administration. J. Med. Syst. 36(5):2769---2778, 2012.

Digital Library

[33]

Yu, Y., Houand, T., Chiang, T., Low cost RFID real lightweight binding proof protocol for medication errors and patient safety. J. Med. Syst. 36(2):823---828, 2012.

Digital Library

Cited By

Saleem MLi XMahmood KTariq TAlenazi MDas A(2024)Secure RFID-Assisted Authentication Protocol for Vehicular Cloud Computing EnvironmentIEEE Transactions on Intelligent Transportation Systems10.1109/TITS.2024.337146425:9(12528-12537)Online publication date: 18-Mar-2024
https://dl.acm.org/doi/10.1109/TITS.2024.3371464
Yupapin PMeshram CBarve SIbrahim RAkbar M(2023)An efficient provably secure verifier-based authentication protocol using fractional chaotic maps in telecare medicine information systemsSoft Computing - A Fusion of Foundations, Methodologies and Applications10.1007/s00500-023-07889-427:10(6033-6047)Online publication date: 1-May-2023
https://dl.acm.org/doi/10.1007/s00500-023-07889-4
Maurya PBagchi S(2022)Quadratic residue-based unilateral authentication protocol for RFID systemMultimedia Tools and Applications10.1007/s11042-022-14170-782:11(16533-16554)Online publication date: 15-Nov-2022
https://dl.acm.org/doi/10.1007/s11042-022-14170-7
Show More Cited By

A Secure RFID Tag Authentication Protocol with Privacy Preserving in Telecare Medicine Information System
1. Security and privacy
  1. Security services

Recommendations

Secure Privacy-Preserving Biometric Authentication Scheme for Telecare Medicine Information Systems

Healthcare delivery services via telecare medicine information systems (TMIS) can help patients to obtain their desired telemedicine services conveniently. However, information security and privacy protection are important issues and crucial challenges ...
Subtle Flaws in the Secure RFID Tag Searching Protocol: SRTS

Secure RFID searching emerged as a new application field in RFID systems finds out whether a specific RFID tag is nearby within a group of tags in a secure manner. Although numerous RFID authentication protocols have been proposed in different studies, ...
Extending ECC-based RFID authentication protocols to privacy-preserving multi-party grouping proofs

Since the introduction of the concept of grouping proofs by Juels, which permit RFID tags to generate evidence that they have been scanned simultaneously, various new schemes have been proposed. Their common property is the use of symmetric-key ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image Journal of Medical Systems

Journal of Medical Systems Volume 39, Issue 8

August 2015

107 pages

ISSN:0148-5598

Issue’s Table of Contents

Copyright © Copyright © 2015 Springer Science+Business Media New York.

Publisher

Plenum Press

United States

Publication History

Published: 01 August 2015

Author Tags

Qualifiers

Article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

22
Total Citations
View Citations
0
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 28 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

Saleem MLi XMahmood KTariq TAlenazi MDas A(2024)Secure RFID-Assisted Authentication Protocol for Vehicular Cloud Computing EnvironmentIEEE Transactions on Intelligent Transportation Systems10.1109/TITS.2024.337146425:9(12528-12537)Online publication date: 18-Mar-2024
https://dl.acm.org/doi/10.1109/TITS.2024.3371464
Yupapin PMeshram CBarve SIbrahim RAkbar M(2023)An efficient provably secure verifier-based authentication protocol using fractional chaotic maps in telecare medicine information systemsSoft Computing - A Fusion of Foundations, Methodologies and Applications10.1007/s00500-023-07889-427:10(6033-6047)Online publication date: 1-May-2023
https://dl.acm.org/doi/10.1007/s00500-023-07889-4
Maurya PBagchi S(2022)Quadratic residue-based unilateral authentication protocol for RFID systemMultimedia Tools and Applications10.1007/s11042-022-14170-782:11(16533-16554)Online publication date: 15-Nov-2022
https://dl.acm.org/doi/10.1007/s11042-022-14170-7
Nasr Esfahani MShahgholi Ghahfarokhi BEtemadi Borujeni S(2021)End-to-end privacy preserving scheme for IoT-based healthcare systemsWireless Networks10.1007/s11276-021-02652-927:6(4009-4037)Online publication date: 1-Aug-2021
https://dl.acm.org/doi/10.1007/s11276-021-02652-9
Yavari MSafkhani MKumari SKumar SChen C(2020)An Improved Blockchain-Based Authentication Protocol for IoT Network ManagementSecurity and Communication Networks10.1155/2020/88362142020Online publication date: 1-Jan-2020
https://dl.acm.org/doi/10.1155/2020/8836214
Moazami FSafkhani M(2020)SEOTP: a new secure and efficient ownership transfer protocol based on quadric residue and homomorphic encryptionWireless Networks10.1007/s11276-020-02397-x26:7(5285-5306)Online publication date: 1-Oct-2020
https://dl.acm.org/doi/10.1007/s11276-020-02397-x
Kaur HKumar NBatra S(2019)ClaMPPThe Journal of Supercomputing10.1007/s11227-018-2691-075:6(3046-3075)Online publication date: 1-Jun-2019
https://dl.acm.org/doi/10.1007/s11227-018-2691-0
Gerault DLafourcade P(2019)Towards Secure TMIS ProtocolsFoundations and Practice of Security10.1007/978-3-030-45371-8_21(337-344)Online publication date: 5-Nov-2019
https://dl.acm.org/doi/10.1007/978-3-030-45371-8_21
Wang PZhou Z(2018)An Improved RFID Authentication Protocol Based on Group Anonymous ModelWireless Personal Communications: An International Journal10.1007/s11277-018-5964-2103:4(2811-2831)Online publication date: 1-Dec-2018
https://dl.acm.org/doi/10.1007/s11277-018-5964-2
Bagheri NSafkhani MNamin MRostampour S(2018)An improved low-cost yoking proof protocol based on Kazahaya's flawsThe Journal of Supercomputing10.1007/s11227-017-2200-x74:5(1934-1948)Online publication date: 1-May-2018
https://dl.acm.org/doi/10.1007/s11227-017-2200-x
Show More Cited By

View Options

View options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Media

Figures

Other

Tables

View Issue’s Table of Contents