Abstract
As an important part of Internet of Things, Radio Frequency Identification (RFID) system employs low-cost RFID tag to communicate with everything containing animate and inanimate objects. This technology is widely used in the e-healthcare applications. However, the malicious communication environment makes people more and more worried. In order to overcome the hazards in the network, RFID authentication schemes for e-healthcare have been proposed by researchers. But since the computation ability of the tag is relatively weak, it is necessary to put forward a lightweight and secure scheme for medical systems. Moreover, cloud is widely accepted by people and used in many kinds of systems. So we propose a novel and lightweight RFID authentication scheme with cloud for e-healthcare applications. We use an enhanced formal security model to prove the security of our scheme. In this model the channel between the server and the reader is considered to be insecure and informal analysis is used to prove the security of the proposed scheme. Through the formal and informal analysis, our scheme not only resists the common attacks, but also keeps mutual authentication, information integrity, forward untraceability and backward untraceability. Moreover, both the tag and the reader can reach the anonymity. Our scheme is only hash-based and suitable to realize various security requirements. Compared to recent schemes of the same sort, it is more applicable in e-healthcare.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
Explore related subjects
Discover the latest articles, news and stories from top researchers in related subjects.References
Akgün M, Bayrak AO, Ça\(\ddot{{\rm g}}\)layan MU (2015) Attacks and improvements to chaotic map-based rfid authentication protocol. Secur Commun Netw. doi:10.1002/sec.1319
Alagheband MR, Aref MR (2014) Simulation-based traceability analysis of RFID authentication protocols. Wireless Person Commun 77(2):1019–1038
Amendola S, Lodato R, Manzari S, Occhiuzzi C, Marrocco G (2014) Rfid technology for iot-based personal healthcare in smart spaces. IEEE Internet Things J 1(2):144–152
Avoine G, Coisel I, Martin T (2010) Time measurement threatens privacy-friendly RFID authentication protocols. In: Radio frequency identification: security and privacy issues. Springer, Berlin, pp 138–157
Benssalah M, Djeddou M, Drouiche K (2014) Security enhancement of the authenticated rfid security mechanism based on chaotic maps. Secur Commun Netw 7(12):2356–2372
Burmester M, De Medeiros B, Motta R (2008) Anonymous rfid authentication supporting constant-cost key-lookup against active adversaries. Int J Appl Cryptogr 1(2):79–90
Chen L, Ji J, Zhang Z (2013) Wireless network security: theories and applications. Springer Science and Business Media, New York
Chen Y, Chou JS (2015) Ecc-based untraceable authentication for large-scale active-tag rfid systems. Electron Commerce Res 15(1):97–120
Cho JS, Yeo SS, Kim SK (2011) Securing against brute-force attack: a hash-based rfid mutual authentication protocol using a secret value. Comput Commun 34(3):391–397
Fernando H, Abawajy J (2011) Mutual authentication protocol for networked rfid systems. In: 2011 IEEE 10th international conference on trust, security and privacy in computing and communications (TrustCom), IEEE, pp 417–424
Fu Z, Sun X, Liu Q, Zhou L, Shu J (2015) Achieving efficient cloud search services: multi-keyword ranked search over encrypted cloud data supporting parallel computing. IEICE Trans Commun 98(1):190–200
Fu Z, Huang F, Sun X, Vasilakos A, Yang CN (2016) Enabling semantic search based on conceptual graphs over encrypted outsourced data. IEEE Trans Serv Comput. doi:10.1109/TSC.2016.2622697
Fu Z, Ren K, Shu J, Sun X, Huang F (2016b) Enabling personalized search over encrypted outsourced data with efficiency improvement. IEEE Trans Parallel Distrib Syst 27(9):2546–2559
Fu Z, Sun X, Ji S, Xie G (2016c) Towards efficient content-aware search over encrypted outsourced data in cloud. In: IEEE INFOCOM 2016—the 35th annual IEEE international conference on computer communications, IEEE. doi:10.1109/INFOCOM.2016.7524606
Fu Z, Wu X, Guan C, Sun X, Ren K (2016d) Toward efficient multi-keyword fuzzy search over encrypted outsourced data with accuracy improvement. IEEE Trans Inf Forensics Secur 11(12):2706–2716
Ghaemmaghami SSS, Mirmohseni M, Haghbin A (2015) A privacy preserving improvement for SRTA in telecare systems. arXiv:151004197
Gope P, Hwang T (2015) A realistic lightweight authentication protocol preserving strong anonymity for securing rfid system. Comput Secur 55:271–280
He D, Kumar N, Chilamkurti N, Lee JH (2014) Lightweight ECC based RFID authentication integrated with an ID verifier transfer protocol. J Med Syst 38(10):1–6
He D, Zeadally S, Wu L (2015) Certificateless public auditing scheme for cloud-assisted wireless body area networks. IEEE Syst J. doi:10.1109/JSYST.2015.2428620
Huang HF, Yu PK, Liu KC (2014) A privacy and authentication protocol for mobile RFID system. In: 2014 IEEE international symposium on independent computing (ISIC), IEEE, pp 1–6
Jiang Q, Khan MK, Lu X, Ma J, He D (2016) A privacy preserving three-factor authentication protocol for e-health clouds. J Supercomput 72(10):3826–3849
Jin C, Xu C, Zhang X, Li F (2016) A secure ECC-based RFID mutual authentication protocol to enhance patient medication safety. J Med Syst 40(1):1–6
Kumar N, Kaur K, Misra SC, Iqbal R (2015) An intelligent rfid-enabled authentication scheme for healthcare applications in vehicular mobile cloud. Peer-to-Peer Netw Appl. doi:10.1007/s12083-015-0332-4
Li CT, Weng CY, Lee CC (2015a) A secure rfid tag authentication protocol with privacy preserving in telecare medicine information system. J Med Syst 39(8):1–8
Li N, Mu Y, Susilo W, Guo F, Varadharajan V (2014) Privacy-preserving authorized RFID authentication protocols. In: Radio frequency identification: security and privacy issues. Springer, Berlin, pp 108–122
Li N, Mu Y, Susilo W, Guo F, Varadharajan V (2015b) Vulnerabilities of an ECC-based RFID authentication scheme. Secur Commun Netw. doi:10.1002/sec.1250
Lim CH, Kwon T (2006) Strong and robust RFID authentication enabling perfect ownership transfer. In: Information and communications security. Springer, Berlin, pp 1–20
Ma T, Zhou J, Tang M, Tian Y, Al-dhelaan A, Al-rodhaan M, Lee S (2015) Social network and tag sources based augmenting collaborative recommender system. IEICE Trans Inf Syst 98(4):902–910
Ng CY, Susilo W, Mu Y, Safavi-Naini R (2008) Rfid privacy models revisited. In: Computer security-ESORICS 2008. Springer, Berlin, pp 251–266
Ng CY, Susilo W, Mu Y, Safavi-Naini R (2009) New privacy results on synchronized rfid authentication protocols against tag tracing. In: Computer security—ESORICS 2009. Springer, Berlin, pp 321–336
Niu B, Zhu X, Chi H, Li H (2014) Privacy and authentication protocol for mobile RFID systems. Wireless Person Commun 77(3):1713–1731
Paise RI, Vaudenay S (2008) Mutual authentication in RFID: security and privacy. In: Proceedings of the 2008 ACM symposium on information, computer and communications security, ACM, pp 292–299
Piramuthu S (2011) RFID mutual authentication protocols. Decis Support Syst 50(2):387–393
rfidjournalcom (2013) Differences between active and passive tags. https://www.rfidjournal.com/faq/show?68 (online; accessed 23 Sept 2015)
Ryu EK, Kim DS, Yoo KY (2015) On elliptic curve based untraceable RFID authentication protocols. In: Proceedings of the 3rd ACM workshop on information hiding and multimedia security, ACM, pp 147–153
Safkhani M, Peris-Lopez P, Hernandez-Castro JC, Bagheri N (2014) Cryptanalysis of the Cho et al. protocol: a hash-based RFID tag mutual authentication protocol. J Comput Appl Math 259:571–577
Srivastava K, Awasthi AK, Kaul SD, Mittal R (2015) A hash based mutual RFID tag authentication protocol in telecare medicine information system. J Med Syst 39(1). doi:10.1007/s10916-014-0153-7
Vaudenay S (2007) On privacy models for RFID. In: Advances in cryptology—ASIACRYPT 2007. Springer, Berlin, pp 68–87
Wamba SF, Anand A, Carter L (2013) A literature review of RFID-enabled healthcare applications and issues. Int J Inf Manag 33(5):875–891
Wang S, Liu S, Chen D (2015) Security analysis and improvement on two RFID authentication protocols. Wireless Person Commun 82(1):21–33
Wu F, Xu L, Kumari S, Li X (2016) A privacy-preserving and provable user authentication scheme for wireless sensor networks based on internet of things security. J Ambient Intell Hum Comput. doi:10.1007/s12652-016-0345-8
Wu S, Chen K, Zhu Y (2012) A secure lightweight RFID binding proof protocol for medication errors and patient safety. J Med Syst 36(5):2743–2749
Xia Z, Wang X, Zhang L, Qin Z, Sun X, Ren K (2016) A privacy-preserving and copy-deterrence content-based image retrieval scheme in cloud computing. IEEE Trans Inf Forensics Secur 11(11):2594–2608
Yang J, Park J, Lee H, Ren K, Kim K (2005) Mutual authentication protocol. In: Workshop on RFID and lightweight crypto, pp 17–24
Yu YC, Hou TW, Chiang TC (2012) Low cost RFID real lightweight binding proof protocol for medication errors and patient safety. J Med Syst 36(2):823–828
Yuan C, Sun X, Lv R (2016) Fingerprint liveness detection based on multi-scale LPQ and PCA. China Commun 13(7):60–65
Zhang Y, Sun X, Wang B (2016) Efficient algorithm for k-barrier coverage based on integer linear programming. China Commun 13(7):16–23
Zhu H, Zhao Y, Ding S, Jin B (2011) An improved forward-secure anonymous rfid authentication protocol. In: 2011 7th international conference on wireless communications, networking and mobile computing (WiCOM), IEEE, pp 1–5
Acknowledgements
This research is supported by Fujian Education and Scientific Research Program for Young and Middle-aged Teachers under Grant No. JA14369, University Distinguished Young Research Talent Training Program of Fujian Province (Year 2016), and the this work was supported by the National Natural Science Foundation of China under Grant No. 61300220, and the Scientific Research Fund of Hunan Provincial Education Department under Grant No. 16B089. Also, it is supported by PAPD and CICAEET. Moreover, Dr. Saru Kumari is sponsored by the University Grants Commission, India through UGC-BSR Start-up grant under Grant No. 3(A)(60)31.
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Wu, F., Xu, L., Kumari, S. et al. A lightweight and anonymous RFID tag authentication protocol with cloud assistance for e-healthcare applications. J Ambient Intell Human Comput 9, 919–930 (2018). https://doi.org/10.1007/s12652-017-0485-5
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s12652-017-0485-5