GRD Journals | Global Research and Development Journal for Engineering | International Conference on Innovations in Engineering and Technology (ICIET) - 2016 | July 2016
e-ISSN: 2455-5703
A Time Efficient RFID Mutual Authentication Protocol for HealthCare Environments using Hyper Elliptic curve Cryptosystem 1P.Gowsalya 2D.
Pravin Kumar PG Student Associate Professor 1,2 Department of Computer Science & Engineering 1,2 K.L.N College of Engineering Pottapalayam, Sivagangai 630612, India 1
2
Abstract RFID is a transformative technology in the healthcare industry. By applying RFID tags in healthcare environments, for locating and tracking of staff, equipments and patients made easy. However the potential security and running time of the systems are remains, challengeable in RFID system. In this thesis, a new design called mutual authentication protocol for RFID, based on Hyper elliptic curve cryptosystem was introduced. This methodology provides same level of security compared to the existing scheme with lower number of bits. The protocol can provide better efficiency, because it uses pre-computing method within tag’s communication. In terms of security, the protocol can achieve confidentiality, unforgetability, mutual authentication, tag’s anonymity, availability and forward security. The protocol can overcome the weakness of the existing protocols .It also reduce the computation cost and communication overhead. Keyword- Hyper elliptic curve, Mutual Authentication, Pre-Computing, Security, Running Time __________________________________________________________________________________________________
I. INTRODUCTION Internet of Things (IoT) has emerged as most powerful paradigms. It provides the unique identifiers to people and objects. That allows them to communicate with other objects without requiring human to human or human to computer interaction. Atzori et al (2010) Proposed in the IoT environment, all the objects in our daily life become part of the internet because of their communication and computing capabilities that allows them to communicate with other objects. IoT extends the concept of the Internet and makes it more pervasive. Weinstein (2005) proposed Radio-frequency identification (RFID) is one of the most important technologies used in the IoT, as it can store sensitive data, provides wireless communication with other objects, and to identify/track objects automatically. Compared to the traditional barcode, RFID could be applied to objects with rough surfaces, can do both read/write capability, requires no line-of-sight contact with RFID readers, and can read many RFID tags simultaneously. All these benefits make RFID a superior technology compared to the traditional barcode system.
II. LITERATURE REVIEW Jonathan et al (2014) proposed the enhancement of security in RFID using RSA algorithm. This algorithm is based on factoring large prime numbers. This system works on public and private key system. The public key is made available to everyone. A user can encrypt the data but cannot decrypt data it .The person who possess the private key can decrypt it .The advantage is to improve the data security. The drawback of this algorithm is to use large prime numbers and using RSA mathematical calculation becomes time consuming because of modular exponential. It increases the storage cost and computational time of the system. Pham et al (2012) proposed the mutual authentication protocol for passive tag which is based on cryptographic hash function and then implementing one way encryption using AES algorithm on RFID passive tags. This algorithm between the reader and the tag to satisfy the strict timing requirement and also prevent the DE synchronization between a reader and a tag. The advantage of this algorithm is to protect against the many types of attack such as information leakage, tag tracking etc. The drawback of the algorithm is to use permutation on each cycle. So AES algorithm is time consuming and increases the time complexity of the system. Ohkubo et al(2003) proposed the cryptographic approach to privacy friendly RFID tags. In this paper they use the symmetric key based authentication which prevents privacy protection scheme for RFID relying on low cost hash chain. The secret key of an RFID tag is renewed using one way hash function after the tag response to the readers query. They proposed a new security requirement is called backward untraceability, which prevents a tag to be identified in the past communication sessions. Even if an strong adversary compromise the tag and acquires the knowledge of the current secret key. It is impossible to reveal the past secret key and then identify the tag due to the property of hash chain. The drawback of the method is the protocol does not protect the system
All rights reserved by www.grdjournals.com
187
A Time Efficient RFID Mutual Authentication Protocol for HealthCare Environments using Hyper Elliptic curve Cryptosystem (GRDJE / CONFERENCE / ICIET - 2016 / 031)
against replay attack. Lee et al. (2008) proposed a provably secure ECC based RFID authentication scheme. However, Bringer et al.(2008) found that Lee et al.’s scheme cannot withstand tracking attack (the adversary could track the tag’s action) and the tag impersonation attack (where the adversary can impersonate the tag to the server). To withstand those two attacks, Bringer et al.(2008) proposed a new RFID authentication scheme called randomized Schnorr scheme. Later, Lee et al.(2009) also proposed an ECC-based RFID authentication scheme to withstand the tracking attack and the tag impersonation attack against their previous schemes [36]. However, Deursen and Radomirovi (2009) pointed out that all of Lee et al.’s(2009) schemes cannot withstand the man-in-the-middle attack and the tracking attack. Liao and Hsiao (2013) proposed a new efficient ECC-based RFID authentication. However, Zhao et al. (2014) pointed out that Liao and Hsiao’s scheme suffered from the key compromise problem, i.e., the adversary could get secret information stored in the tag. Zhao et al.(2014) also proposed an improved scheme to overcome such a weakness. Zhang and Qi (2014) proposed an improved scheme to solve the key compromise problem in Chou’s scheme. Jin et al. (2015) proposed that elliptic curve based protocol suitable for healthcare environments. As described earlier, several ECC-based RFID authentication schemes have been proposed for different applications recently. Some of these schemes use only elliptic curve operations. Using elliptic curve the running time is high. So in this thesis, we use hyper elliptic curve cryptosystem it reduces the running time, computational cost.
III. PROBLEM STATEMENT Assume the communication channel between the tag and reader is not secure. Because an adversary tries to modify/delete the information stored in the tag/reader. Then also assume that Communicational channel between the reader and Database is secure. In this thesis, we have considered the security features between the tag and reader only.
Fig. 1: Communication Channel of RFID Authentication
In above Literature review, the authors proposed the different type of protocol, that protocols are suffered from different attacks and key- compromise problem. The above scheme’s has longer running time because number of bits is more.
IV. PROPOSED SYSTEM In this thesis, Hyper elliptic curve based mutual authentication protocol was proposed which achieves the same level of security using lower number of bits. This scheme reduces the running time of the system and the computation cost also reduced. Communications overhead are minimized because Number of bits are lower compared to the existing scheme. This Scheme is applied to the healthcare environment for improve the security. A. Methodologies 1) Hyper Elliptic Curve Cryptosystem A hyper elliptic curve C of genus g defined over a field Fq of characteristic p is given by an equation of form Y2 + h(x)y = f(x) Where h(x) and f(x) are polynomials with coefficients in Fq with degree of h(x) ≤ g and degree of f(x) = 2g + 1. An additional requirement is that the curve should not be a singular curve. The condition that there are no x any y in the algebraic closure of Fq that satisfy the equation of the curve and the two partial derivatives 2y + h(x) = 0, h’(x)y – f’(x) = 0. As opposed to the case of elliptic curves, there is no natural way to provide C(K) with a group structure. Instead one can introduce different object related to C, which to each field extension K of Fq associates a group. This object is called the Jacobian of C.
All rights reserved by www.grdjournals.com
188
A Time Efficient RFID Mutual Authentication Protocol for HealthCare Environments using Hyper Elliptic curve Cryptosystem (GRDJE / CONFERENCE / ICIET - 2016 / 031)
The set of all divisors is denoted by Divc(L). Given two divisors D = ΣpCp[P] and D = ΣPCP’[P] the sum D + D’ is defined as D + D’ = ΣP(CP + CP’)[P]. This gives Divc(L) a group structure. 2) Hash Function A hash function H is a one-way function, which accepts a large input m, and produces a small fixed-size output h. The purpose of hash function is to generate hash value of file, message and other data blocks. It can be mainly applied in message authentication and digital signature. 3) Hyper Elliptic Curve Discrete Logarithm Problem (HECDLP) Hyperelliptic curve of genus g over a finite field Fq, a point P ɛ J C(K) of order n, a point Q ɛ < P >, find an integer l ɛ [0, n-1] such that Q = lP. 4) Computational Diffie-Hellman Problem (CDHP) Given an elliptic curve E defined over a finite field Fq, a point P ∈ E(Fq ) of order n. The computational Diffie-Hellman problem is to compute abP given (P, aP, bP) with a, b ∈ Zn*.
V. MODULES A. Patient Identification Tracking Hospitals are complex institution in nature. Instead of names to prevent any misidentification with already existing patient names. Here we implement the patient identifier using RFID tag. Before the messages can be encrypted, these messages need to be embedded on the points over the hyper elliptic curve .Here, we use map- to-point algorithm which converts the arbitrary bit string into hyper elliptic curve point. 1) The Proposed Protocol In this protocol have three participants, tag issuer I, tag Ti and a reader R and it is connected to the backend server. Here we assume that tag and readers is not secure, and then also assume that connection between reader and database are secure. Notations used in the protocol: q, n: Two large prime numbers. P: A Generator with order n. F(q): Finite field E: Hyper Elliptic curve D: Divisor operation IDTi: Identity of the tag i. (SR, PR): The private/public key of reader (STi,,PTi): The private/public key of tag H1,H2 : Hash functions In RFID mutual authentication protocol has two phases: First, Setup phase and Second is Authentication phase. These phases are explained detail as follows, B. Setup Phase In this Phase, The key is generated for both tag and Reader. 1) For Reader R,The issuer` selects a random value SR Zn* as its private key and computes PR=sR D as its public key. 2) For each tag Ti, the issuer chooses a random value sTi Zn* as its private key and computes PTi= sTi D as its public key. 3) Scalar multiplication is the main cryptographic operation in HECC. Due to the limited computational capabilities of tag, in order to reduce the amount of computations to be performed by tag, I pre-computes r = kP, K = kPR.
VI. AUTHENTICATION PHASE In this authentication phase, the encryption/decryption of message between the reader and the tag is done .Then tag and reader authenticated successfully.
All rights reserved by www.grdjournals.com
189
A Time Efficient RFID Mutual Authentication Protocol for HealthCare Environments using Hyper Elliptic curve Cryptosystem (GRDJE / CONFERENCE / ICIET - 2016 / 031)
Tag Ti (STi,PTi,IDTi,PR)
Reader R (SR,PR) t Z* z=tP z
k€Z*n r=kP K=kPR e=H1(r,z) s=(STi e+k)mod n C=EK(IDTi ||r||s||z) (r,C) K’=SRr (ID́ Tí || ŕ ||ś ||ź )= DḰ́ (C) If ź ≠ z or ŕ ≠ r R reject the session Other é́ =H1(ŕ,ź́ ) if ŕ =ś P+(-é )PTi The tag is authenticated Then e1=H2(IDTi,ŕ,C,ź ) S1≡e1sR+t mod n S1 e1=H2(IDTi,r,C,z) If s1P≡e1PR + z mod n The reader is authenticated Fig. 2: The RFID Mutual Authentication Protocol
1) Initially the R generates a random value t ∈ Zn*, computes z = t P and sends z to Ti. 2) Ti chooses a random value k ∈ Zn*, uses the binary method to pre-compute r = kP , K = kPR . Then Ti computes e = H1(r, z), s ≡ (sTi e + k) mod n, C=EK(IDTi ||r||s||z), and sends (r,C) to R. 3) Upon receiving (r, C), R computes Ḱ= sR r , decrypts C using Ḱ, then it can get ID́ Ti|| ŕ ||ś ||ź .If ź ≠ z or ŕ ≠ r , R rejects the session; Otherwise, R searches ID́ Tí from its back- end database. In this case, if IDTi’ is no found. Ti is considered illegitimate; otherwise, R obtains the corresponding item (ID́ Ti, ṔTi), computes é́ =H1(ŕ,ź́ ).Then R checks whether ŕ =ś P+(é )PTi or not. If they are equal, the tag Ti is authenticated. Then R computes e1=H2(ID́ Tí ,ŕ ,ś,|ź ), s1≡ sR e1 + t mod n and sends s1 to Ti. 4) Upon receiving s1, Ti first computes e1=H2(IDTi,r,C,z), then it sets a=s1P , e=e1,PR and uses the binary method to check whether a≡ b+z mod n or not. If they are equal, the reader R is authenticated.
VII.
RESULT AND DISCUSSION
The RFID Mutual authentication protocol for the healthcare environment was designed. Compared to existing protocols, the Hyper elliptic curve based protocol reduces the running time of the system. Therefore the communication cost is also reduced. In this thesis, we also compare our result with the result of Zhao et al. (2014), Zhang and Qi(2014) and He et al.(2012) proposed protocols.
All rights reserved by www.grdjournals.com
190
A Time Efficient RFID Mutual Authentication Protocol for HealthCare Environments using Hyper Elliptic curve Cryptosystem (GRDJE / CONFERENCE / ICIET - 2016 / 031)
Fig. 3: Communication cost of tag
Chatterjee et al. (2013) Compared to the elliptic curve based protocol, Hyper elliptic curve based mutual authentication protocol use less number of bits to achieve the same level of security.
Fig. 4: Communication Overhead
VIII. CONCLUSION The Mutual authentication protocol for RFID using Hyper elliptic curve cryptography is designed. Here the pre-computing concept within the tag’s communication process was used, to avoid the time–consuming scalar multiplication. Since the tag has limited computational capabilities. Thus the proposed protocol has better efficiency. In terms of security, this protocol has achieved lot of security properties such as confidentiality, availability, Mutual authentication ,Tag’s anonymity, etc and withstand many common attacks . This protocol overcome the weakness in existing protocol and also reduces the communication cost and computational overhead. This protocol is more suitable for healthcare environments.
REFERENCES [1] Atzori.L, Iera.A, and Morabito.G(2010), “The Internet of Things: A survey,” Computer Network, vol. 54, no. 15, pp. 2787– 2805. [2] Bringer.J, Chabanne .H, and Icart .T,(2008) “Cryptanalysis of EC-RAC, a RFID identification protocol,” in Proc. 7th International Conference on Cryptgraphica. Network Security(CNS’08), pp. 149–161. [3] Chunhua Jin , Chunxiang Xu , Xiaojun Zhang ,Jining Zhao (2015), „A Secure RFID Mutual Authentication Protocol for Healthcare Environments Using Elliptic CurveCryptography‟, Journal of medical system ,39: 24,pp.1-8.
All rights reserved by www.grdjournals.com
191
A Time Efficient RFID Mutual Authentication Protocol for HealthCare Environments using Hyper Elliptic curve Cryptosystem (GRDJE / CONFERENCE / ICIET - 2016 / 031)
[4] Deursen .T and Radomirovic .S(2009), “Untraceable RFID protocols are not trivially composable: Attacks on the revision of EC-RAC,” Cryptology ePrint Archive, Report, 2009/332. [5] He D., Chen Y., and Chen, J.(2012), “Cryptanalysis and improvement of an extended chaotic maps–based key agreement protocol‟. Nonlinear Dynamics. 69(3):1149–1157. [6] Jonathan Sangoro, Waweru Mwangi, Michael Kimwele (2014), „Enhancement of Security in RFID using RSA Algorithm‟, Vol 5,no.10,pp. 2222-2871. [7] Kakali Chatterjee, Asok De, and Daya Gupta,(2013)” Mutual Authentication Protocol Using Hyperelliptic Curve Cryptosystem in Constrained Devices”, International Journal of Network Security, Vol.15, No.1, PP.9-15. [8] Lee Y., Batina L., and Verbauwhede I.(2008), “EC-RAC (ECDLP based randomized access control): Provably secure RFID authentication protocol,”iProc. IEEE Inernational. Conference on RFID, pp. 97–104. [9] Liao ,Y and Hsiao .C(2014), “A secure ECC-based RFID authentication scheme integrated with ID-verifier transfer protocol,” Ad Hoc Network, vol. 18,pp. 133–146. [10] Ohkubo M. , Suzuki K. , and Kinoshita S. (2003), “Cryptographic Approachto ‘Privacy-Friendly‟ Tags‟, Proc. Radio Frequency Identification (RFID)Privacy Workshop. [11] Tuan Anh Pham, Mohammad S. Hasan and HongnianYu (2012), “A RFID mutual authentication protocol based on AES Algorithm‟, IEEE, pp. 997-999. [12] Weinstein .R(2005), “RFID: A technical overview and its application to the enterprise,” IEEE IT Prof., vol. 7, no. 3, pp. 27– 33. [13] Zhang .Z and Qi .Q(2014), “An efficient RFID authentication protocol to enhance patient medication safety using elliptic curve cryptography, Journal of Medical System., vol. 38, no. 5, doi: 10.1007/s10916-014-0047-8. [14] Zhao .Z(2014), “A secure RFID authentication protocol for healthcare environments using elliptic curve cryptosystem,” Journal of Medical System., vol. 38, no. 5, doi: 10.1007/s10916-014-0046-9.
All rights reserved by www.grdjournals.com
192