Skip to main content

Advertisement

SpringerLink
Log in

A provably secure RFID authentication protocol based on ECQV for the medical internet of things

  • Published:
Peer-to-Peer Networking and Applications Aims and scope Submit manuscript

Abstract

Radio Frequency Identification (RFID) is an emerging technology that is used for the unique identification of objects. RFID can be used in different application domains, including Health-care systems, where the safety of patient-sensitive data is a primary concern. Since the RFID technology is used in various medicine sectors, particularly real-time patient monitoring, patient medicine Information, medical emergency, and drug administration system, the use of RFID raises severe security and privacy concerns. In order to cope with these security issues, we propose an Elliptic curve based authentication protocol for RFID. The proposed model uses an implicit certificate concept to secure health-care data. We prove this claim for secure communication using the formal security analysis, i.e., BAN logic, security analysis based on the mathematical model, i.e., ROR model, formal verification using AVISPA tool, and informal security analysis. We review some of the RFID authentication schemes based on ECC in terms of performance and security. Our analysis indicates that the proposed protocol provides mobility, scalability, security, and privacy in the health care environment.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1

Similar content being viewed by others

References

  1. Hunt VD, Puglia A, Puglia M (2007) RFID: a guide to radio frequency identification. Wiley, New York

    Book  Google Scholar 

  2. Juels A, Weis SA (2009) Defining strong privacy for RFID. ACM Trans Inf Sys Sec (TISSEC) 13(1):7

    Google Scholar 

  3. Cai S, Li Y, Li T, Deng RH (2009) Attacks and improvements to an RIFD mutual authentication protocol and its extensions. In: Proceedings of the second ACM conference on wireless network security. ACM, pp 51–58

  4. Atzori L, Iera A, Morabito G (2010) The internet of things: a survey. Comput Netw 54 (15):2787–2805

    Article  Google Scholar 

  5. Jin C, Xu C, Zhang X, Zhao J (2015) A secure RFID mutual authentication protocol for healthcare environments using elliptic curve cryptography. J Med Sys 39(3):24

    Article  Google Scholar 

  6. Chien HY (2009) The study of RFID authentication protocols and security of some popular RFID tags. In: Development and implementation of RFID technology IntechOpen

  7. Wu F, Xu L, Kumari S, Li X, Das AK, Shen J (2018) A lightweight and anonymous RFID tag authentication protocol with cloud assistance for e-healthcare applications. J Ambient Intell Hum Comput 9(4):919–930

    Article  Google Scholar 

  8. Yang J, Park J, Lee H, Ren K, Kim K (2005) Mutual authentication protocol for low-cost RFID. In: Workshop on RFID and lightweight crypto. WRLC, pp 17–24

  9. Piramuthu S (2011) RFID mutual authentication protocols. Decis Sup Sys 50(2):387–393

    Article  Google Scholar 

  10. Liao YP, Hsiao CM (2014) A secure ECC-based RFID authentication scheme integrated with ID-verifier transfer protocol. Ad Hoc Netw 18:133–146

    Article  Google Scholar 

  11. Zhao Z (2014) A secure RFID authentication protocol for healthcare environments using elliptic curve cryptosystem. J Med Sys 38(5):46

    Article  Google Scholar 

  12. Chou JS (2014) An efficient mutual authentication RFID scheme based on elliptic curve cryptography. J Supercomput 70(1):75–94

    Article  MathSciNet  Google Scholar 

  13. Zhang Z, Qi Q (2014) An efficient RFID authentication protocol to enhance patient medication safety using elliptic curve cryptography. J Med Sys 38(5):47

    Article  Google Scholar 

  14. Farash MS (2014) Cryptanalysis and improvement of an efficient mutual authentication RFID scheme based on elliptic curve cryptography. J Supercomput 70(2):987–1001

    Article  MathSciNet  Google Scholar 

  15. Agrahari AK, Varma S (2020) Authentication in RFID Scheme Based on Elliptic Curve Cryptography. Safety, Security, and Reliability of Robotic Systems: Algorithms, Applications, and Technologies, 217.

  16. He D, Kumar N, Chilamkurti N, Lee JH (2014) Lightweight ECC based RFID authentication integrated with an ID verifier transfer protocol. J Med Sys 38(10):116

    Article  Google Scholar 

  17. Lee CI, Chien HY (2015) An elliptic curve cryptography-based RFID authentication securing E-health system. Int J Distrib Sensor Netw 11(12):642425

    Article  Google Scholar 

  18. Farash MS, Nawaz O, Mahmood K, Chaudhry SA, Khan MK (2016) A provably secure RFID authentication protocol based on elliptic curve for healthcare environments. J Med Sys 40(7):165

    Article  Google Scholar 

  19. Alamr AA, Kausar F, Kim J, Seo C (2018) A secure ECC-based RFID mutual authentication protocol for internet of things. J Supercomput 74(9):4281–4294

    Article  Google Scholar 

  20. Naeem M, Chaudhry SA, Mahmood K, Karuppiah M, Kumari S (2020) A scalable and secure RFID mutual authentication protocol using ECC for Internet of Things. Int J Commun Sys 33(13), e3906

  21. Koblitz N (1987) Elliptic curve cryptosystems. Math Comput 48(177):203–209

    Article  MathSciNet  Google Scholar 

  22. Miller VS (1985) Use of elliptic curves in cryptography. In: Conference on the theory and application of cryptographic techniques. Springer, Berlin, pp 417–426

  23. SEC 2 (2010) Recommended elliptic curve domain parameters. Version 2.0. www.secg.org

  24. Barker EB, Kelsey JM (2012) Sp 800-90a. recommendation for random number generation using deterministic random bit generators

  25. SECG. SEC 1: Elliptic Curve Cryptography May 2009. Version 2.0

  26. Burrows M, Abadi M, Needham RM (1989) A logic of authentication. Proc Royal Soc London A Math Phys Sci 426(1871):233–271

    MathSciNet  MATH  Google Scholar 

  27. Dolev D, Yao A (1983) On the security of public key protocols. IEEE Trans Inf Theory 29 (2):198–208

    Article  MathSciNet  Google Scholar 

  28. Koblitz N, Menezes A, Vanstone S (2000) The state of elliptic curve cryptography. Desig Codes Crypt 19(2-3):173–193

    Article  MathSciNet  Google Scholar 

  29. Ibrahim A, Dalkılıc G (2019) Review of different classes of RFID authentication protocols. Wirel Netw 25(3):961–974

    Article  Google Scholar 

  30. Arshad H, Nikooghadam M (2016) An efficient and secure authentication and key agreement scheme for session initiation protocol using ECC. Multimedia Tools Appl 75(1):181–197

    Article  Google Scholar 

  31. Qiu S, Xu G, Ahmad H, Xu G, Qiu X, Xu H (2019) An improved lightweight two-factor authentication and key agreement protocol with dynamic identity based on elliptic curve cryptography. TIIS 13 (2):978–1002

    Google Scholar 

  32. Kilinc HH, Yanik T (2014) A survey of SIP authentication and key agreement schemes. IEEE Commun Surv Tutor 16(2):1005–1023

    Article  Google Scholar 

  33. Bellare P, Rogaway (1993) Random oracles are practical: a paradigm for designing efficient protocols. In: Proceedings of the 1st ACM conference on computer and communications security, in: CCS ’93. ACM, New York, pp 62–73

  34. Reddy G, Das AK, Odelu V, Ahmad A, Shin JS (2019) A privacy preserving three-factor authenticated key agreement protocol for client–server environment. J Ambient Intell Humaniz Comput 10(2):661–68

    Article  Google Scholar 

  35. Srinivas J, Das AK, Kumar N, Rodrigues JJ (2018) Cloud centric authentication for wearable healthcare monitoring system. IEEE Transactions on Dependable Secure Computing, 17(5), 942–956.

  36. AVISPA (2018) Automated validation of internet security protocols and applications, http://www.avispa-project.org. Accessed May 2018

  37. Berenjian S, Hajizadeh S, Atani RE (2019) An incentive security model to provide fairness for peer-to-peer networks. In: 2019 IEEE conference on application, information and network security (AINS). IEEE, pp 71–76

  38. Berenjian S, Shajari M, Farshid N, Hatamian M (2016) Intelligent automated intrusion response system based on fuzzy decision making and risk assessment. In: 2016 IEEE 8th international conference on intelligent systems (IS). IEEE, pp 709–714

  39. Naghizadeh A, Berenjian S, Meamari E, Atani RE (2016) Structural-based tunneling: Preserving mutual anonymity for circular P2P networks. Int J Commun Sys 29(3):602–619

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Indian Institute of Information Technology, Allahabad, Uttar Pradesh, 211012, India

    Abhay Kumar Agrahari & Shirshu Varma

Authors
  1. Abhay Kumar Agrahari
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Shirshu Varma
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Abhay Kumar Agrahari.

Additional information

Publisher’s note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Agrahari, A.K., Varma, S. A provably secure RFID authentication protocol based on ECQV for the medical internet of things. Peer-to-Peer Netw. Appl. 14, 1277–1289 (2021). https://doi.org/10.1007/s12083-020-01069-z

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s12083-020-01069-z

Keywords

Search

Navigation