Project

RFID Authentication

Goal: We are trying to implement RFID authentication algorithms using ECC for passive tags in serverless model.

Updates
0 new
0
Recommendations
0 new
0
Followers
0 new
6
Reads
0 new
172

Project log

Abdelshakour Abuzneid
added a research item
Internet of Things (IoT) is a new paradigm that has been evolving into the wireless sensor networks to expand the scope of networked devices (or things). This evolution drives communication engineers to design secure and reliable communication at a low cost for many network applications such as radio frequency identification (RFID). In the RFID system, servers, readers, and tags communicate wirelessly. Therefore, mutual authentication is necessary to ensure secure communication. Normally, a central server supports the authentication of readers and tags by distributing and managing the credentials. Recent lightweight RFID authentication protocols have been proposed to satisfy the security features of RFID networks. Using a serverless RFID system is an alternative solution to using a central server. In this model, both the reader and the tag perform mutual authentication without the need for the central server. However, many security challenges arise from implementing lightweight authentication protocols in serverless RFID systems. We propose a new secure serverless RFID authentication protocol based on the famous elliptic curve cryptography (ECC). The protocol also maintains the confidentiality and privacy of the messages, tag information, and location. Although most of the current serverless protocols assume secure channels in the setup phase, we assume an insecure environment during the setup phase between the servers, readers, and tags. We ensure that the credentials can be renewed by any checkpoint server in the mobile RFID network. Thus, we implement ECC in the setup phase (renewal phase), to transmit and store the communication credentials of the server to multiple readers so that the tags can perform the mutual authentication successfully while far from the server. The proposed protocol is compared with other serverless frameworks proposed in the literature in terms of computation cost and attacks resistance.
Rania Baashirah
added a research item
Radio frequency identification (RFID) is the fastest growing and widely emerging technology in the world today. Thus, wireless communication between single/multiple tags and readers became an integral part of retail products, library books, passports, driver licenses, medical devices, and so on. The RFID system can provide security features to the data transferred along the network to maintain data privacy, integrity, and confidentiality. Elliptic Curve Cryptography (ECC) is widely used in RFID authentication protocols to improve communication security. Zhao proposed an RFID authentication protocol using ECC. The reader generates a unique access list for tags with a unique identifier of the reader to elevate the security level. In this paper, we analyze the Zhao protocol and show that it can withstand most of the RFID security attacks but has a very high computation cost. We further improve his protocol to propose a new RFID authentication protocol by reducing the computation cost almost to the half of that is in Zhao's. Our proposed protocol shows significant improvement in the computation cost.
Rania Baashirah
added a research item
Medication errors are now rapidly increasing that result in a serious impact on patients Safety. A lot of automated techniques have come up using the Radio-Frequency Identification (RFID) Technology that has now been successfully implemented in hospitals and healthcare institutions. The data that is being transmitted is highly sensitive and has to be authenticated between the server and the tag. Such a mutual authentication is highly necessary to enhance the safety protocols. An RFID authentication protocol using Elliptical Curve Cryptography could overcome security weaknesses and eventually lead to better performance. In order to achieve better security and quicker runtime, ECC must have smaller keys compared to non-ECC. In this paper, elliptic curves over a finite field are being structured that belongs to the category of public-key cryptography. This proposed protocol system not only increases the security to a greater extent but also enhances the performance by enabling large-scale implementations. As security is an instrumental aspect of cryptography, such a proposed system is effectual.
Abdelshakour Abuzneid
added 2 research items
Wireless sensor network (WSN) consists of many hosts called sensors. These sensors can sense a phenomenon (motion, temperature, humidity, average, max, min, etc.) and represent what they sense in a form of data. There are many applications for WSNs including object tracking and monitoring where in most of the cases these objects need protection. In these applications, data privacy itself might not be as important as the privacy of source location. In addition to the source location privacy, sink location privacy should also be provided. Providing an efficient end-to-end privacy solution would be a challenging task to achieve due to the open nature of the WSN. The key schemes needed for end-to-end location privacy are anonymity, observability, capture likelihood, and safety period. We extend this work to allow for countermeasures against multi-local and global adversaries. We present a network model protected against a sophisticated threat model: passive /active and local/multi-local/global attacks. This work provides a solution for end-to-end anonymity and location privacy as well. We will introduce a framework called fortified anonymous communication (FAC) protocol for WSN.
Abstract: Abstract: There are many articles presented in the literature on teaching e-Learning courses. However, teaching a course in computer science and engineering where it involves hardware is a bit innovative. This work presents a complete Distance Learning (DL) course to teach Internet of Things (IoT). We propose a course that can fit both undergraduates and graduates. The course is divided into modules which could be taught separately and jointly. We will propose a methodology for assessment to achieve the set-forth outcomes.
Abdelshakour Abuzneid
added a research item
Radio Frequency Identification (RFID) is one of the leading technologies in the Internet of Things (IoT) to create an efficient and reliable system to securely identify objects in many environments such as business, health, and manufacturing areas. Recent RFID authentication protocols have been proposed to satisfy the security features of RFID communication. In this article, we identify and review some of the most recent and enhanced authentication protocols that mainly focus on the authentication between a reader and a tag. However, the scope of this survey includes only passive tags protocols, due to the large scale of the RFID framework. We examined some of the recent RFID protocols in term of security requirements, computation, and attack resistance. We conclude that only five protocols resist all of the major attacks, while only one protocol satisfies all of the security requirements of the RFID system.
Abdelshakour Abuzneid
added a research item
Source anonymity in wireless sensor networks (WSNs) becomes a real concern in several applications such as tracking and monitoring. A global adversary that has sophisticated resources, high computation and full view of the network is an obvious threat to such applications. The network and applications need to be protected and secured to provide the expected outcome. Source anonymity is one of the fundamental WSNs security issues. It is all about preventing the adversary from reaching the origin by analyzing the traffic of the network. There are many methods to provide source anonymity, which is also known as Source Location Privacy (SLP). One of these methods is based on dummy packets. The basic notion is to inject the network with dummy packets to confuse the adversary about the location of the transmitting source node. This paper provides a survey of protocols for anonymity that use dummy packet injections. We discuss each technique from the point of their advantages and disadvantages. Further, We provide a comparison for the most promising techniques provided in the literature which use dummy packet injections. A comparison for the adversary assumptions and capabilities will be provided as well.
Abdelshakour Abuzneid
added a project goal
We are trying to implement RFID authentication algorithms using ECC for passive tags in serverless model.