Abstract
In conventional authentication process, the legitimacy of communicating entity is directly checked with Authentication Server. This process is found efficient; however, it allows an illegitimate entity to get his/her attempts checked upon the authentication database (e.g. password table). In this paper, we present a two-layer entity authentication protocol in which the attempt by an illegitimate entity gets discarded at the first layer with the help of a negative filtering database. To filter illegitimate attempts 100% out the negative database is constructed such that no information about the positive database that stores the credentials of legitimate users can be obtained even if the negative database gets compromised. The proposed protocol is analytically simulated with a tag-reader authentication system, which provides mutual authentication and resists relay, impersonation and replay attacks.
R. Kachhia and P. Agrawal—contributed equally to this work who worked for this project during their final year of undergrad study at DA-IICT, Gandhinagar.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
Bertino, E., Choo, K.R., Georgakopolous, D., Nepal, S.: Internet of Things (IoT): smart and secure service delivery. ACM Trans. Internet Technol. 16(4), 22 (2016)
Jannati, H., Falahati, A.: An RFID search protocol secured against relay attack based on distance bounding approach. Wireless Pers. Commun. 85(3), 711–726 (2015)
Das, M.L.: Strong security and privacy of RFID system for Internet of Things infrastructure. In: Gierlichs, B., Guilley, S., Mukhopadhyay, D. (eds.) SPACE 2013. LNCS, vol. 8204, pp. 56–69. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-41224-0_5
Tan, C.C., Sheng, B., Li, Q.: Secure and serverless RFID authentication and search protocols. IEEE Trans. Wireless Commun. 7(4), 1400–1407 (2008)
Hancke, G.P., Mayes, K.E., Markantonakis, K.: Confidence in smart token proximity: relay attacks revisited. Comput. Secur. 28(7), 615–627 (2009)
Lee, Y.K., Batina, L., Verbauwhede, I.: Untraceable RFID authentication protocols: revision of EC-RAC. In: Proceedings of the IEEE International Conference on RFID, pp. 178-185 (2009)
Songhela, R., Das, M.L.: Yet another strong privacy-preserving RFID mutual authentication protocol. In: Chakraborty, R.S., Matyas, V., Schaumont, P. (eds.) SPACE 2014. LNCS, vol. 8804, pp. 171–182. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-12060-7_12
Gope, P., Hwang, T.: A realistic lightweight authentication protocol preserving strong anonymity for securing RFID system. Comput. Secur. 55(C), 271–280 (2015)
Dasgupta, D., Saha, S.: Password security through negative filtering. In: Proceedings of International Conference on Emerging Security Technologies, pp. 83–89 (2010)
Dasgupta, D., Azeem, R.: A negative authentication system. Technical report, The University of Memphis: CS-07-001 (2007)
Esponda, F.: Everything that is not important: negative databases. IEEE Comput. Intell. Mag. 3(2), 60–63 (2008)
Esponda, F., Ackley, E.S., Helman, P., Jia, H., Forrest, S.: Protecting data privacy through hard-to-reverse negative databases. In: Katsikas, S.K., López, J., Backes, M., Gritzalis, S., Preneel, B. (eds.) ISC 2006. LNCS, vol. 4176, pp. 72–84. Springer, Heidelberg (2006). https://doi.org/10.1007/11836810_6
Esponda, F., Forrest, S., Helman, P.: Enhancing privacy through negative representations of data. Technical report, University of New, Mexico (2004)
González, F., Dasgupta, D., Niño, L.F.: A randomized real-valued negative selection algorithm. In: Timmis, J., Bentley, P.J., Hart, E. (eds.) ICARIS 2003. LNCS, vol. 2787, pp. 261–272. Springer, Heidelberg (2003). https://doi.org/10.1007/978-3-540-45192-1_25
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Switzerland AG
About this paper
Cite this paper
Kachhia, R., Agrawal, P., Das, M.L. (2019). Tag-Reader Authentication System Guarded by Negative Identifier Filtering and Distance Bounding. In: Fahrnberger, G., Gopinathan, S., Parida, L. (eds) Distributed Computing and Internet Technology. ICDCIT 2019. Lecture Notes in Computer Science(), vol 11319. Springer, Cham. https://doi.org/10.1007/978-3-030-05366-6_28
Download citation
DOI: https://doi.org/10.1007/978-3-030-05366-6_28
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-05365-9
Online ISBN: 978-3-030-05366-6
eBook Packages: Computer ScienceComputer Science (R0)