Abstract
In supply chain management applications, detection of a large object is made efficient by attaching multiple RFID tags in that object. Each part contains an RFID tag attached by the corresponding vendor. In order to check the availability of the object, it is compulsory to ensure all the parts are existing as well. The RFID tags can be interrogated by any reader deployed in the department. This approach enhances the object detection probability for each object but increases security and privacy risks. The communication between RFID readers and the tags in the same department is to be authenticated by preserving the privacy of both reader and the tag. Several researchers have developed variants of grouping protocol for authentication and for searching the tags. In this article, Shen et al.’s scheme for authenticating multiple tags in a group is analyzed and found that secret parameters are leaked in that scheme and it is not applicable for dynamic inclusion of tags. Also, an efficient authentication protocol for the multi-tag scenario to overcome the above mentioned issues is designed and analyzed in this paper. We propose an authentication protocol for communication between an object attached with multiple tags and RFID reader deployed in the department. We store the details about the object and its associated tags, and the readers in the cloud. Cloud storage provides scalability and anywhere anytime access. The communication between the reader and the cloud server is also authenticated. The proposed protocol is formally analyzed using GNY logic to prove the mutual authentication. Informal analysis proves the efficiency of the proposed protocol against known attacks. We also analyze our protocol using automatic cryptographic protocol verifier tool ProVerif version 1.96.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
Anandhi, S., Anitha, R., & Sureshkumar, V. (2019). Iot enabled rfid authentication and secure object tracking system for smart logistics. Wireless Personal Communications, 104(2), 543–560.
Baruah, B., & Dhal, S. (2019). An iot based secure object tracking system. Wireless Personal Communications, 106, 1209–1242.
Batina, L., Guajardo, J., Kerins, T., Mentens, N., Tuyls, P., & Verbauwhede, I. (2007). Public-key cryptography for RFID-tags. In Fifth annual IEEE international conference on pervasive computing and communications workshops (PerComW’07) (pp. 217–222). IEEE.
Batina, L., Lee, Y. K., Seys, S., Singelée, D., & Verbauwhede, I. (2012). Extending ECC-based RFID authentication protocols to privacy-preserving multi-party grouping proofs. Personal and Ubiquitous Computing, 16(3), 323–335.
Bolotnyy, L., Krize, S., & Robins, G. (2007). The practicality of multi-tag RFID systems. In IWRT (pp. 100–116).
Chou, J. S. (2014). An efficient mutual authentication RFID scheme based on elliptic curve cryptography. The Journal of Supercomputing, 70(1), 75–94.
Dhal, S., & Gupta, I. S. (2014). A new authentication protocol for RFID communication in multi-tag arrangement. In 2014 International conference on computing for sustainable global development (Indiacom) (pp. 668–673). IEEE.
Farash, M. S. (2014). Cryptanalysis and improvement of an efficient mutual authentication RFID scheme based on elliptic curve cryptography. The Journal of Supercomputing, 70(2), 987–1001.
Gódor, G., Giczi, N., & Imre, S. (2010). Elliptic curve cryptography based mutual authentication protocol for low computational capacity RFID systems-performance analysis by simulations. In 2010 IEEE international conference on wireless communications, networking and information security (pp. 650–657). IEEE
Gong, L., Needham, R., & Yahalom, R. (1990). Reasoning about belief in cryptographic protocols. In 1990 IEEE Computer society symposium on research in security and privacy, proceedings (pp. 234–248). IEEE.
Journal, R. (2012). How does anti-collision work? https://www.rfidjournal.com/blogs/experts/entry?9271. Accessed 27 Nov 2019.
Juels, A. (2004). “yoking-proofs” for RFID tags. In Proceedings of the second IEEE annual conference on pervasive computing and communications workshops, 2004 (pp. 138–143). IEEE.
Lee, Y. K., Batina, L., & Verbauwhede, I. (2008). EC-RAC (ECDLP based randomized access control): Provably secure RFID authentication protocol. In 2008 IEEE international conference on RFID (pp. 97–104). IEEE.
Liu, H., Ning, H., Zhang, Y., He, D., Xiong, Q., & Yang, L. T. (2013). Grouping-proofs-based authentication protocol for distributed RFID systems. IEEE Transactions on Parallel and Distributed Systems, 24(7), 1321–1330.
Maurya, P. K., & Bagchi, S. (2018). A secure PUF-based unilateral authentication scheme for RFID system. Wireless Personal Communications, 103(2), 1699–1712.
Molnar, D., & Wagner, D. (2004). Privacy and security in library RFID: Issues, practices, and architectures. In Proceedings of the 11th ACM conference on computer and communications security (pp. 210–219). ACM.
Munilla, J., Burmester, M., & Peinado, A. (2016). Attacks on ownership transfer scheme for multi-tag multi-owner passive RFID environments. Computer Communications, 88, 84–88.
O’Neill, M., & Robshaw, M. J. (2010). Low-cost digital signature architecture suitable for radio frequency identification tags. IET Computers and Digital Techniques, 4(1), 14–26.
Piramuthu, S., & Doss, R. (2017). On sensor-based solutions for simultaneous presence of multiple RFID tags. Decision Support Systems, 95, 102–109.
Sarma, S. E., Weis, S. A., & Engels, D. W. (2002). RFID systems and security and privacy implications. In International workshop on cryptographic hardware and embedded systems (pp. 454–469). Springer.
Shen, J., Tan, H., Zhang, Y., Sun, X., & Xiang, Y. (2017). A new lightweight RFID grouping authentication protocol for multiple tags in mobile environment. Multimedia Tools and Applications, 76, 22761–22783.
Sun, H., Su, C., & Chen, S. P. (2018). A high security RFID system authentication protocol design base on cloud computer. Wireless Personal Communications, 102(2), 1255–1267.
Sundaresan, S., Doss, R., Zhou, W., & Piramuthu, S. (2015). Secure ownership transfer for multi-tag multi-owner passive RFID environment with individual-owner-privacy. Computer Communications, 55, 112–124.
Tuyls, P., & Batina, L. (2006). RFID-tags for anti-counterfeiting. In Cryptographers’ track at the RSA conference (pp. 115–131). Springer.
Wang, P., & Zhou, Z. (2018). An improved RFID authentication protocol based on group anonymous model. Wireless Personal Communications, 103(4), 2811–2831.
Zhou, Z., Liu, P., Liu, Q., & Wang, G. (2018). An anonymous offline RFID grouping-proof protocol. Future Internet, 10(1), 2.
Author information
Authors and Affiliations
Corresponding author
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
About this article
Cite this article
Anandhi, S., Anitha, R. & Sureshkumar, V. An Authentication Protocol to Track an Object with Multiple RFID Tags Using Cloud Computing Environment. Wireless Pers Commun 113, 2339–2361 (2020). https://doi.org/10.1007/s11277-020-07330-1
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11277-020-07330-1