Skip to main content
SpringerLink
Log in

Enhancing Privacy and Security of RFID System with Serverless Authentication and Search Protocols in Pervasive Environments

  • Published:
Wireless Personal Communications Aims and scope Submit manuscript

Abstract

One of the recent realms that gathered attention of researchers is the security issues of Radio Frequency Identification (RFID) systems that have tradeoff between controlled costs and improved efficiency. Evolvement and benefits of RFID technology signifies that it can be low-cost, efficient and secured solution to many pervasive applications. But RFID technology will not intermingle into human lives until prevailing and flexible privacy mechanisms are conceived. However, ensuring strong privacy has been an enormous challenge due to extremely inadequate computational storage of typical RFID tags. So in order to relieve tags from responsibility, privacy protection and security assurance was guaranteed by central server. In this paper, we suggest serverless, forward secure and untraceable authentication protocol for RFID tags. This authentication protocol safeguards both tag and reader against almost all major attacks without the intervention of server. Though it is very critical to guarantee untraceability and scalability simultaneously, here we are proposing a scheme to make our protocol more scalable via ownership transfer. To the best of our knowledge this feature is incorporated in the serverless system for the first time in pervasive environments. One extension of RFID authentication is RFID tag searching, which has not been given much attention so far. But we firmly believe that in near future tag searching will be a significant issue RFID based pervasive systems. So in this paper we propose a serverless RFID tag searching protocol in pervasive environments. This protocol can search a particular tag efficiently without server’s intervention. Furthermore they are secured against major security threats.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

References

  1. Ahamed, S. I., Rahman, F., Hoque, E., Kawsar, F., Nakajima, T., et al. (2008). S3PR: Secure serverless search protocols for RFID. In The proceedings of second IEEE international conference on information security and assurance (ISA 2008), Busan, Korea, pp. 187–192.

  2. Ahamed, S. I., Rahman, F., Hoque, E., Kawsar, F., Nakajima, T., et al. (2008). YA-SRAP: Yet another serverless RFID authentication protocol. In The 4th IET international conference on intelligent environment (IE08), Seattle, USA, pp. 1–8.

  3. Avoine, G., Oechslin., P., et al. (2005). A scalable and provably secure hash based RFID protocol. In International workshop on pervasive computing and communication security (PerSec ‘05) (pp. 110–114). Kauai Island, Hawaii, USA: IEEE Computer Society Press.

  4. Burmester, M., Le, T. V., de Medeiros, B., et al. (2006). Provably secure ubiquitous systems: Universally composable RFID authentication protocols. In Conference on security and privacy for emerging areas in communication networks (SecureComm) (pp. 1–9). Baltimore, Maryland, USA: IEEE.

  5. Conti, M., Pietro, R. D., Mancini, L. V., Spognardi, A., et al. (2007). RIPP-FS: An RFID identification, privacy preserving protocol with forward secrecy. In International workshop on pervasive computing and communication security (PerSec ‘07) (pp. 229–234). New York, USA: IEEE Computer Society Press.

  6. Cui, Y., Kobara, K., Matsuura, K., Imai, H., et al. (2007). Lightweight asymmetric privacy-preserving authentication protocols secure against active attack. In International workshop on pervasive computing and communication security (PerSec ‘07) (pp. 223–228). New York, USA: IEEE Computer Society Press.

  7. Feldhofer, M., Rechberger, C., et al. (2006). A case against currently used hash functions in RFID protocols. In On the move to meaningful internet systems 2006: OTM 2006 workshops, pp. 372–381.

  8. Juels A. (2006) RFID security and privacy: A research survey. Journal of Selected Areas in Communications 24(2): 381–394

    Article  MathSciNet  Google Scholar 

  9. Juels, A., Weis, S., et al. (2007). Defining strong privacy for RFID. In Pervasive computing and communications workshops, 2007. PerCom Workshops ‘07, pp. 342–347.

  10. Molnar, D., Soppera, A., Wagner, D., et al. (2005). A scalable, delegatable pseudonym protocol enabling owner-ship transfer of RFID tags. In Proceedings of selected areas in cryptography (SAC 2005) (Vol. 3897, pp. 276–290). Kingston, Canada: Springer-Verlag.

  11. Molnar, D., Wagner, D., et al. (2004). Privacy and security in library RFID: Issues, practices, and architectures. In Proceedings of the 11th ACM conference on computer and communications security, Washington DC, USA, pp. 210–219.

  12. Ohkubo, M., Suzuki, K., Kinoshita, S., et al. (2003). Cryptographic approach to “privacy-friendly” tags. In RFID privacy workshop. MA, USA: MIT.

  13. Rieback M., Crispo B., Tanenbaum A. et al (2006) The evolution of RFID security. Journal of IEEE Pervasive Computing 5(1): 62–69

    Article  Google Scholar 

  14. Seo, Y., Kim, K., et al. (2006). Scalable and untraceable authentication protocol for RFID. In International workshop on security in ubiquitous computing systems—Secubiq 2006, Lecture Notes in Computer Science, Seoul, Korea.

  15. Seo, Y., Lee, H., Kim, K., et al. (2006). A lightweight authentication protocol based on universal re-encryption of RFID tags. http://caislab.icu.ac.kr/Paper/paper_files/2006/CISC_1115_Youngjoon.pdf Last accessed 2009.

  16. Solanas A., Domingo-Ferrer J., Martínez-Ballesté A., Daza V. et al (2007) A distributed architecture for scalable private RFID tag identification. Journal of Computer Networks 51(9): 2268–2279

    Article  MATH  Google Scholar 

  17. Tan, C. C., Sheng, B., Li, Q., et al. (2007). Severless search and authentication protocols for RFID. In Proceedings of the fifth annual IEEE international conference on pervasive computing and communications (PerCom ‘07), New York, USA, pp. 3–12.

  18. Tsudik, G. (2006). YA-TRAP: Yet another trivial RFID authentication protocol. In International conference on pervasive computing and communications (PerCom ‘06). Pisa, Italy: IEEE Computer Society, pp. 643.

  19. Vajda, I., Buttyán, L., et al. (2003). Lightweight authentication protocols for low-cost RFID tags. In Second workshop on security in ubiquitous computing (Ubicomp ‘03), Seattle, WA, USA.

  20. Weis, S. A., Sarma, S. E., Rivest, R. L., Engels, D. W., et al. (2003). Security and privacy aspects of low-cost radio frequency identification systems. In International conference on security in pervasive computing—SPC 2003 (Vol. 2802, pp. 454–469). Boppard, Germany: Springer.

Download references

Author information

Authors and Affiliations

  1. Ubicomp lab, Marquette University, Milwaukee, WI, USA

    Md. Endadul Hoque, Farzana Rahman & Sheikh I. Ahamed

  2. Department of Computer Science and Engineering, Kyungnam University, Kyungnam, Korea

    Jong Hyuk Park

Authors
  1. Md. Endadul Hoque
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Farzana Rahman
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Sheikh I. Ahamed
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Jong Hyuk Park
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Sheikh I. Ahamed.

Rights and permissions

Reprints and permissions

About this article

Cite this article

Hoque, M.E., Rahman, F., Ahamed, S.I. et al. Enhancing Privacy and Security of RFID System with Serverless Authentication and Search Protocols in Pervasive Environments. Wireless Pers Commun 55, 65–79 (2010). https://doi.org/10.1007/s11277-009-9786-0

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11277-009-9786-0

Keywords

Search

Navigation