Lightweight privacy-protection RFID protocol for IoT environment

IF 6 3区计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

Internet of Things Pub Date : 2025-01-25 DOI:10.1016/j.iot.2025.101490

Kuo-Yu Tsai, You-Lin Wei, Po-Shen Chi

{"title":"Lightweight privacy-protection RFID protocol for IoT environment","authors":"Kuo-Yu Tsai, You-Lin Wei, Po-Shen Chi","doi":"10.1016/j.iot.2025.101490","DOIUrl":null,"url":null,"abstract":"<div><div>The rapid growth of the Internet of Things (IoT for short) has expanded its applications across diverse domains, including smart healthcare, smart homes, and smart factories. Among the key technologies driving this evolution, Radio Frequency Identification (RFID for short) plays a pivotal role in IoT ecosystems due to its automation, identity recognition, and portability attributes. These features make RFID essential for simplifying device management and enhancing traceability in practical scenarios, particularly in healthcare, where it optimizes the management of patient medical records. However, frequent information exchanges within RFID systems pose a significant challenge, as inadequate authentication mechanisms can lead to unintended exposure of sensitive personal data. Fan <em>et al</em>. propose a lightweight RFID authentication protocol in IEEE Transactions on Industrial Informatics to address this issue. Unfortunately, our analysis finds several security vulnerabilities in their protocol, including susceptibility to impersonation, traceability, and secret disclosure attacks. In this paper, we develop a new lightweight privacy-protection RFID protocol, building upon Fan <em>et al</em>.’s framework. Our security evaluation demonstrates that the proposed protocol effectively mitigates these threats, ensuring the confidentiality and integrity of sensitive data in RFID-enabled systems.</div></div>","PeriodicalId":29968,"journal":{"name":"Internet of Things","volume":"30 ","pages":"Article 101490"},"PeriodicalIF":6.0000,"publicationDate":"2025-01-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Internet of Things","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S2542660525000034","RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 0

Abstract

The rapid growth of the Internet of Things (IoT for short) has expanded its applications across diverse domains, including smart healthcare, smart homes, and smart factories. Among the key technologies driving this evolution, Radio Frequency Identification (RFID for short) plays a pivotal role in IoT ecosystems due to its automation, identity recognition, and portability attributes. These features make RFID essential for simplifying device management and enhancing traceability in practical scenarios, particularly in healthcare, where it optimizes the management of patient medical records. However, frequent information exchanges within RFID systems pose a significant challenge, as inadequate authentication mechanisms can lead to unintended exposure of sensitive personal data. Fan et al. propose a lightweight RFID authentication protocol in IEEE Transactions on Industrial Informatics to address this issue. Unfortunately, our analysis finds several security vulnerabilities in their protocol, including susceptibility to impersonation, traceability, and secret disclosure attacks. In this paper, we develop a new lightweight privacy-protection RFID protocol, building upon Fan et al.’s framework. Our security evaluation demonstrates that the proposed protocol effectively mitigates these threats, ensuring the confidentiality and integrity of sensitive data in RFID-enabled systems.

查看原文本刊更多论文

求助全文

约1分钟内获得全文求助全文

来源期刊

Internet of Things Multiple-

CiteScore

3.60

自引率

5.10%

发文量

115

审稿时长

37 days

期刊介绍： Internet of Things; Engineering Cyber Physical Human Systems is a comprehensive journal encouraging cross collaboration between researchers, engineers and practitioners in the field of IoT & Cyber Physical Human Systems. The journal offers a unique platform to exchange scientific information on the entire breadth of technology, science, and societal applications of the IoT. The journal will place a high priority on timely publication, and provide a home for high quality. Furthermore, IOT is interested in publishing topical Special Issues on any aspect of IOT.