A Scalable and Secure Protocol for RFID Based on “Advanced Encryption Standard” and Elliptic Curve Cryptography
Resumo
Radio frequency identification systems are widely used to uniquely identify objects in many applications such as magnetic cards, security tags, and logistic management systems. Despite these advantages provided by the RFID system, there remain a multitude of security concerns related to spoofing and espionage that are all concerned with radio frequency interception. Current research analysis is promising, particularly the work of Ibrahim and Dalkiliç. Their findings are, however, limited by the amount of tags that can be processed—which under certain circumstances can exhaust the server. We designed our new protocol and conducted a performance analysis. When compared to the Ibrahim and Dalkiliç's protocol, our results revealed a drastic reduction in the communication cost that was proportional to the amount of tags authenticated. Once the results were tallied, we modeled our proposed protocol in a discrete event simulation. As a proof of concept, our protocol was then implemented in software and analyzed through an experiment whose metrics were: tag identity search speed in the back-end database and amount of tags. Our results show that the proposed protocol offers better performance compared to current standard iterations of similar technology.
Referências
Arslan, A., Aldirmaz, S., and Erturk, S. (2021). A secure and privacy friendly ECC based RFID authentication protocol for practical applications. Wireless Personal Communications, 120.
Basha, M., Alalak, S., and Idrees, A. (2019). Secret key generation in wireless sensor network using public key encryption. In ICICT 2019, © 2019 Association for Computing Machinery. ACM.
Blakley, G. R. (1979). Safeguarding cryptographic keys. In 1979 International Workshop on Managing Requirements Knowledge (MARK), pages 313-318.
Chou, J.-S. (2014). An efficient mutual authentication RFID scheme based on elliptic curve cryptography. The Journal of Supercomputing ¿ Issue 1/2014, pages 75-94.
Couto, C., Couto, G. C. K., and da Cunha. A. E. C. (2020a). Análise da segurança de redes em sistemas de automação e controle industriais: estudo de caso com a planta mecatrime. In VIII Simpósio Brasileiro de Sistemas Elétricos.
Couto, C., Couto, G. C. K., and da Cunha. A. E. C. (2020b). Modelagem da segurança da informação em sistemas de automação e controle industriais: estudo de caso com a planta mecatrime. In VIII Simpósio Brasileiro de Sistemas Elétricos.
Couto, C., Couto. G. C. K., and da Cunha. A. E. C. (2020c). Rumo a conformidade da segurança da informação em sistemas de automação e controle industriais: estudo de caso com a planta mecatrime. In XXII Congresso de Computação e Sistemas de Informação (ENCOINFO).
Couto, C., Salles. R. M., de Souza Dias, G. M, and Couto. G. C. K. (2021). Cryptography applications in protocols for rfid systems. In XV Simpósio Brasileiro de Automação Inteligente.
Deursen, T. and Radomirovic, S. (2008). Attacks on RFID protocols. IACR Cryptology ePrint Archive, -:310.
Hsi, C.-T., Lien, Y.-H., Hui, C., and Chang, H. (2015). Solving scalability problems on secure rfid grouping-proof protocol. Wireless Personal Communication:, 84.
Ibrahim, A. and Dalkiliç, G. (2017). An advanced encryption standard powered mutual authentication protocol based on elliptic curve cryptography for RFID, proven on WISP. Journal of Sensors. 2017:2367312:1-2367312:10. Acesso em: 08-12-2021.
Kösemen, C., Dalkiliç, G., and Aydin. O. (2018). Genetic programming based pseudo-random number generator for wireless identification and sensing platform. Turkish Journal of Electrical Engineering and Computer Sciences. 26:-.
Liao, Y., P. and Hsiao, C.-M. (2014). A secure ECC-based RFID authentication scheme integrated with id-verifier transfer protocol. Ad Hoc Networks. 18:133-146.
Román, L., Gondim, P., and Lopes, A. (2020). A lightweight authentication protocol for advanced metering infrastructure in smart grid. In Anais do XII Simpósio Brasileiro de Computação Ubíqua e Pervasiva, pages 21-30, Porto Alegre, RS. Brasil. SBC.
Standards for Efficient Cryptography Group. Sec 2. standards for efficient cryptography group: Recommended elliptic curve domain parameters. Acess in: 08-12-2021.
Zhang, Z. and Qingqing, Q. (2014). An efficient REID authentication protocol to enhance patient medication safety using elliptic curve cryptography. Journal of medical systems sot 38.5 (2014): 47.
Zhao, Z. (2014). A secure RFID authentication protocol for healthcare environments using elliptic curve cryptosystem. Journal Medical Systems, page 38(5):46.