Methods Of RFID Authentication In Internet Of Things

The Internet of Things(Io T)enables multiple objects communicate with others via connecting them to the Internet by sensors,such as radio frequency identification(RFID),infrared sensors,laser scanners,etc.,aiming at achieving intelligent data analysis and processing.With the advantage of non-contact automatic identification and its low cost,RFID has become a main means of data collecting in Io T and it has found wide applications in many fields,including smart healthcare and inventory management.Although the openness of RFID systems facilitates the data acquisition in Io T,it also increases concerns about the security and privacy in RFID systems.Unauthorized access to the system messages by illegal entity will cause the privacy disclosure,even undermine the security and availability of the system.Authentication can confirm the legality of entities before the communication,which is the first step to ensure the security of the RFID system.To solve the security and privacy issues in the RFID system,two lightweight RFID authentication schemes are proposed in the paper,the first scheme is for the healthcare systems,and the other one is for the inventory management systems.Medical data such as personal health data is closely related to personal privacy.Therefore,the proposed lightweight RFID authentication scheme for smart health environment is aimed at protecting the private information in the system.To ensure the data privacy of the system,the combination of many operations,such as XOR,cyclic shift and quadratic residue,are involved in the scheme to protect the secret data transmitted on the public channel.In addition,the cloud server stores encrypted data.Thus,neither the adversary nor the semi-trusted cloud server can access the secret data of the system.The security analysis and BAN logic proof of the scheme show the proposed scheme can not only achieve the mutual authentication in the system,but also ensure the privacy of the system.In addition,the hardware simulation on the operations performed by the tags are performed through vivado and the simulation result shows all operations performed by tags are lightweight,which means the proposed scheme is suitable for low-cost tags with limited resources,reducing the deployment cost of the system.The comparison of the proposed scheme with some existing authentication schemes shows the proposed scheme can ensure the privacy of the secret data of the system,while small increases of communication overhead areinvolved,which is suitable for the smart healthcare system.The deployment cost,security and availability are important in the design of the RFID authentication scheme for the inventory management system.In the proposed scheme,the decrease of the deployment cost is achieved through reducing the computing cost of the tags.Tags perform the combination of bitwise XOR and cyclic shift operation on the secret data transmitted on the public channel,which ensures both the privacy of the secret data and the low computing overhead of the tags.In addition,tag's secret data are not revealed to the RFID reader during the authentication,which avoids the illegal access to tag's secret data of the system by the compromised reader.To ensure the availability of the system,the backend server stores the secret keys used in the last successful authentication,which can resist the de-synchronization attack.The security analysis and BAN logic proof of the proposed scheme shows it satisfies the security acquirements of the system.Furthermore,the hardware simulation of the proposed scheme is performed on vivado.The result shows that the scheme has approximately the same overhead as the existing ultra-lightweight authentication scheme,and provides a secure and ultra-lightweight authentication solution for the inventory management system.