| Radio Frequency Identification (RFID) has potential for application in the new field of telemedicine, as the use of radio waves offers advantages over traditional optical technology such as bar codes. Radio waves are not limited by line of sight, they can penetrate objects and communicate in a wireless fashion. However, the same advantage is also the inherent weakness, as radio waves are susceptible to attack. Ongoing efforts have identified forward secure chain hashing as a viable security protocol for RFID authentication. Today's typical RFID communications take place with the "host-reader-tag" arrangement where the computational requirements are performed by a back end server system which holds all the intelligence and houses all records for an entire facility. One server can easily utilize multiple readers, but a compromise of this single system could have serious ramifications. Why not make a smaller system that is more robust and tolerant of intrusion. This can be achieved by implementing a stand alone reader that relies only on itself. We propose a server-less system that can accomplish the same results. Because our enhanced reader does not require a server to perform its function, if any readers are breached it only impacts that specific reader, not the entire server. By eliminating the resource heavy server device, we can yield a more robust overall system. We have selected a forward secure protocol to implement on an embedded platform that will be able to authenticate a tag without the resources of a back end server. |
