A Secure RFID Application Revocation Scheme for IoT

Kai FAN  Zhao DU  Yuanyuan GONG  Yue WANG  Tongjiang YAN  Hui LI  Yintang YANG  

Publication
IEICE TRANSACTIONS on Information and Systems   Vol.E99-D   No.8   pp.2027-2035
Publication Date: 2016/08/01
Online ISSN: 1745-1361
DOI: 10.1587/transinf.2015INP0008
Type of Manuscript: Special Section PAPER (Special Section on Security, Privacy and Anonymity of Internet of Things)
Category: 
Keyword: 
RFID,  authentication,  revocation,  security,  IoT,  

Full Text: PDF(612KB)>>
Buy this Article




Summary: 
Radio Frequency Identification (RFID) plays a crucial role in IoT development. With the extensive use of RFID, the fact that a single RFID tag integrates multiple applications has become a mainstream. To facilitate users to use the multi-application RFID tag and revoke some applications in the tag securely and efficiently, a secure RFID application revocation scheme is proposed in this paper. In the scheme, each response for the challenge between tag and reader is different, and a group has the feature of many tags. Even if the group index number and corresponding group are revealed, a specific tag does not be precisely found and tracked. Users are anonymous completely. The scheme also allows users to set the validity period for an application or some applications. If the application contains the validity period and expires, the server will remove the validity period and revoke the application automatically in the tag when the RFID tag accesses server again. The proposed scheme cannot only be used in multi-application RFID tag but also be used in one-application RFID tag. Furthermore, compared with other existing schemes, the scheme provides a higher level of security and has an advantage of performance. Our scheme has the ability of mutual authentication and Anti-replay by adding a random number r2, and it is easy to against synchronization attack. Security proof is given in our paper and performance advantage are mainly reflected in the following points such as forward security, synchronization, storage complexity, computational complexity, etc. Finally, the proposed scheme can be used in multi-application RFID tag to promote the development of the IoT.