A Cloud-based RFID Authentication Protocol with Insecure Communication Channels

Hannan Xiao; Awatif  Alshehri; Bruce Christianson

doi:10.1109/TrustCom.2016.0081

A Cloud-based RFID Authentication Protocol with Insecure Communication Channels

Hannan Xiao, Awatif Alshehri, Bruce Christianson

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

13 Citations (Scopus)

483 Downloads (Pure)

Abstract

Radio Frequency Identification (RFID) has becomea widespread technology to automatically identify objects and withthe development of cloud computing, cloud-based RFID systemsattract more research these days. Several cloud-based RFIDauthentication protocols have been proposed to address privacyand security properties in the environment where the cloudprovider is untrusted therefore the tag’s data are encrypted andanonymously stored in the cloud database. However, most of thecloud-based RFID authentication protocols assume securecommunication channels between the reader and the cloud server.To protect data transmission between the reader and the cloudserver without any help from a third party, this paper proposes acloud-based RFID authentication protocol with insecurecommunication channels (cloud-RAPIC) between the reader and the cloud server. The cloud-RAPIC protocol preserves tag privacyeven when the tag does not update its identification. The cloudRAPIC protocol has been analyzed using the UPriv model andAVISPA verification tool which have proved that the protocolpreserves tag privacy and protects data secrecy.

Original language	English
Title of host publication	2016 IEEE Trustcom/BigDataSE/ISPA
Subtitle of host publication	IEEE International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom)
Publisher	Institute of Electrical and Electronics Engineers (IEEE)
Pages	332-339
Number of pages	8
ISBN (Electronic)	9781509032051
ISBN (Print)	9781509032068
DOIs	https://doi.org/10.1109/TrustCom.2016.0081
Publication status	Published - 9 Feb 2017
Event	2016 IEEE Trustcom/BigDataSE/ISPA - Tianjin University, Tianjin, China Duration: 23 Aug 2016 → 26 Aug 2016 Conference number: 38078 http://www.ieee.org/conferences_events/conferences/conferencedetails/index.html?Conf_ID=38078

Conference

Conference	2016 IEEE Trustcom/BigDataSE/ISPA
Country/Territory	China
City	Tianjin
Period	23/08/16 → 26/08/16
Internet address	http://www.ieee.org/conferences_events/conferences/conferencedetails/index.html?Conf_ID=38078

Access to Document

10.1109/TrustCom.2016.0081Licence: Unspecified

Hannan2016TrustCom_camera_ready
© 2016 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.
Accepted author manuscript, 301 KBLicence: Unspecified

Cite this

Xiao, H., Alshehri, A., & Christianson, B. (2017). A Cloud-based RFID Authentication Protocol with Insecure Communication Channels. In 2016 IEEE Trustcom/BigDataSE/ISPA: IEEE International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom) (pp. 332-339). Institute of Electrical and Electronics Engineers (IEEE). https://doi.org/10.1109/TrustCom.2016.0081

@inproceedings{f37f22901d164159bd47e7427f02800d,

title = "A Cloud-based RFID Authentication Protocol with Insecure Communication Channels",

abstract = "Radio Frequency Identification (RFID) has becomea widespread technology to automatically identify objects and withthe development of cloud computing, cloud-based RFID systemsattract more research these days. Several cloud-based RFIDauthentication protocols have been proposed to address privacyand security properties in the environment where the cloudprovider is untrusted therefore the tag{\textquoteright}s data are encrypted andanonymously stored in the cloud database. However, most of thecloud-based RFID authentication protocols assume securecommunication channels between the reader and the cloud server.To protect data transmission between the reader and the cloudserver without any help from a third party, this paper proposes acloud-based RFID authentication protocol with insecurecommunication channels (cloud-RAPIC) between the reader and the cloud server. The cloud-RAPIC protocol preserves tag privacyeven when the tag does not update its identification. The cloudRAPIC protocol has been analyzed using the UPriv model andAVISPA verification tool which have proved that the protocolpreserves tag privacy and protects data secrecy.",

author = "Hannan Xiao and Awatif Alshehri and Bruce Christianson",

note = "{\textcopyright} 2016 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.; 2016 IEEE Trustcom/BigDataSE/ISPA ; Conference date: 23-08-2016 Through 26-08-2016",

year = "2017",

month = feb,

day = "9",

doi = "10.1109/TrustCom.2016.0081",

language = "English",

isbn = "9781509032068",

pages = "332--339",

booktitle = "2016 IEEE Trustcom/BigDataSE/ISPA",

publisher = "Institute of Electrical and Electronics Engineers (IEEE)",

address = "United States",

url = "http://www.ieee.org/conferences_events/conferences/conferencedetails/index.html?Conf_ID=38078",

}

Xiao, H, Alshehri, A & Christianson, B 2017, A Cloud-based RFID Authentication Protocol with Insecure Communication Channels. in 2016 IEEE Trustcom/BigDataSE/ISPA: IEEE International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom). Institute of Electrical and Electronics Engineers (IEEE), pp. 332-339, 2016 IEEE Trustcom/BigDataSE/ISPA, Tianjin, China, 23/08/16. https://doi.org/10.1109/TrustCom.2016.0081

A Cloud-based RFID Authentication Protocol with Insecure Communication Channels. / Xiao, Hannan; Alshehri, Awatif ; Christianson, Bruce.
2016 IEEE Trustcom/BigDataSE/ISPA: IEEE International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom). Institute of Electrical and Electronics Engineers (IEEE), 2017. p. 332-339.

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

TY - GEN

T1 - A Cloud-based RFID Authentication Protocol with Insecure Communication Channels

AU - Xiao, Hannan

AU - Alshehri, Awatif

AU - Christianson, Bruce

N1 - Conference code: 38078

PY - 2017/2/9

Y1 - 2017/2/9

N2 - Radio Frequency Identification (RFID) has becomea widespread technology to automatically identify objects and withthe development of cloud computing, cloud-based RFID systemsattract more research these days. Several cloud-based RFIDauthentication protocols have been proposed to address privacyand security properties in the environment where the cloudprovider is untrusted therefore the tag’s data are encrypted andanonymously stored in the cloud database. However, most of thecloud-based RFID authentication protocols assume securecommunication channels between the reader and the cloud server.To protect data transmission between the reader and the cloudserver without any help from a third party, this paper proposes acloud-based RFID authentication protocol with insecurecommunication channels (cloud-RAPIC) between the reader and the cloud server. The cloud-RAPIC protocol preserves tag privacyeven when the tag does not update its identification. The cloudRAPIC protocol has been analyzed using the UPriv model andAVISPA verification tool which have proved that the protocolpreserves tag privacy and protects data secrecy.

AB - Radio Frequency Identification (RFID) has becomea widespread technology to automatically identify objects and withthe development of cloud computing, cloud-based RFID systemsattract more research these days. Several cloud-based RFIDauthentication protocols have been proposed to address privacyand security properties in the environment where the cloudprovider is untrusted therefore the tag’s data are encrypted andanonymously stored in the cloud database. However, most of thecloud-based RFID authentication protocols assume securecommunication channels between the reader and the cloud server.To protect data transmission between the reader and the cloudserver without any help from a third party, this paper proposes acloud-based RFID authentication protocol with insecurecommunication channels (cloud-RAPIC) between the reader and the cloud server. The cloud-RAPIC protocol preserves tag privacyeven when the tag does not update its identification. The cloudRAPIC protocol has been analyzed using the UPriv model andAVISPA verification tool which have proved that the protocolpreserves tag privacy and protects data secrecy.

U2 - 10.1109/TrustCom.2016.0081

DO - 10.1109/TrustCom.2016.0081

M3 - Conference contribution

SN - 9781509032068

SP - 332

EP - 339

BT - 2016 IEEE Trustcom/BigDataSE/ISPA

PB - Institute of Electrical and Electronics Engineers (IEEE)

T2 - 2016 IEEE Trustcom/BigDataSE/ISPA

Y2 - 23 August 2016 through 26 August 2016

ER -

A Cloud-based RFID Authentication Protocol with Insecure Communication Channels

Abstract

Conference

Access to Document

Fingerprint

Cite this