You are on page 1of 6

GRD Journals | Global Research and Development Journal for Engineering | International Conference on Innovations in Engineering and Technology

(ICIET) - 2016 | July 2016

e-ISSN: 2455-5703

A Time Efficient RFID Mutual Authentication

Protocol for HealthCare Environments using
Hyper Elliptic curve Cryptosystem
1P.Gowsalya 2D.

Pravin Kumar
PG Student Associate Professor
Department of Computer Science & Engineering
K.L.N College of Engineering Pottapalayam, Sivagangai 630612, India

RFID is a transformative technology in the healthcare industry. By applying RFID tags in healthcare environments, for locating
and tracking of staff, equipments and patients made easy. However the potential security and running time of the systems are
remains, challengeable in RFID system. In this thesis, a new design called mutual authentication protocol for RFID, based on
Hyper elliptic curve cryptosystem was introduced. This methodology provides same level of security compared to the existing
scheme with lower number of bits. The protocol can provide better efficiency, because it uses pre-computing method within tags
communication. In terms of security, the protocol can achieve confidentiality, unforgetability, mutual authentication, tags
anonymity, availability and forward security. The protocol can overcome the weakness of the existing protocols .It also reduce the
computation cost and communication overhead.
Keyword- Hyper elliptic curve, Mutual Authentication, Pre-Computing, Security, Running Time

Internet of Things (IoT) has emerged as most powerful paradigms. It provides the unique identifiers to people and objects. That
allows them to communicate with other objects without requiring human to human or human to computer interaction. Atzori et al
(2010) Proposed in the IoT environment, all the objects in our daily life become part of the internet because of their communication
and computing capabilities that allows them to communicate with other objects. IoT extends the concept of the Internet and makes
it more pervasive.
Weinstein (2005) proposed Radio-frequency identification (RFID) is one of the most important technologies used in the
IoT, as it can store sensitive data, provides wireless communication with other objects, and to identify/track objects automatically.
Compared to the traditional barcode, RFID could be applied to objects with rough surfaces, can do both read/write capability,
requires no line-of-sight contact with RFID readers, and can read many RFID tags simultaneously. All these benefits make RFID
a superior technology compared to the traditional barcode system.


Jonathan et al (2014) proposed the enhancement of security in RFID using RSA algorithm. This algorithm is based on factoring
large prime numbers. This system works on public and private key system. The public key is made available to everyone. A user
can encrypt the data but cannot decrypt data it .The person who possess the private key can decrypt it .The advantage is to improve
the data security. The drawback of this algorithm is to use large prime numbers and using RSA mathematical calculation becomes
time consuming because of modular exponential. It increases the storage cost and computational time of the system. Pham et al
(2012) proposed the mutual authentication protocol for passive tag which is based on cryptographic hash function and then
implementing one way encryption using AES algorithm on RFID passive tags. This algorithm between the reader and the tag to
satisfy the strict timing requirement and also prevent the DE synchronization between a reader and a tag. The advantage of this
algorithm is to protect against the many types of attack such as information leakage, tag tracking etc. The drawback of the algorithm
is to use permutation on each cycle. So AES algorithm is time consuming and increases the time complexity of the system. Ohkubo
et al(2003) proposed the cryptographic approach to privacy friendly RFID tags. In this paper they use the symmetric key based
authentication which prevents privacy protection scheme for RFID relying on low cost hash chain. The secret key of an RFID tag
is renewed using one way hash function after the tag response to the readers query. They proposed a new security requirement is
called backward untraceability, which prevents a tag to be identified in the past communication sessions. Even if an strong
adversary compromise the tag and acquires the knowledge of the current secret key. It is impossible to reveal the past secret key
and then identify the tag due to the property of hash chain. The drawback of the method is the protocol does not protect the system

All rights reserved by


A Time Efficient RFID Mutual Authentication Protocol for HealthCare Environments using Hyper Elliptic curve Cryptosystem
(GRDJE / CONFERENCE / ICIET - 2016 / 031)

against replay attack. Lee et al. (2008) proposed a provably secure ECC based RFID authentication scheme. However, Bringer et
al.(2008) found that Lee et al.s scheme cannot withstand tracking attack (the adversary could track the tags action) and the tag
impersonation attack (where the adversary can impersonate the tag to the server). To withstand those two attacks, Bringer et
al.(2008) proposed a new RFID authentication scheme called randomized Schnorr scheme. Later, Lee et al.(2009) also proposed
an ECC-based RFID authentication scheme to withstand the tracking attack and the tag impersonation attack against their previous
schemes [36]. However, Deursen and Radomirovi (2009) pointed out that all of Lee et al.s(2009) schemes cannot withstand the
man-in-the-middle attack and the tracking attack. Liao and Hsiao (2013) proposed a new efficient ECC-based RFID authentication.
However, Zhao et al. (2014) pointed out that Liao and Hsiaos scheme suffered from the key compromise problem, i.e., the
adversary could get secret information stored in the tag. Zhao et al.(2014) also proposed an improved scheme to overcome such a
weakness. Zhang and Qi (2014) proposed an improved scheme to solve the key compromise problem in Chous scheme. Jin et al.
(2015) proposed that elliptic curve based protocol suitable for healthcare environments. As described earlier, several ECC-based
RFID authentication schemes have been proposed for different applications recently. Some of these schemes use only elliptic curve
operations. Using elliptic curve the running time is high. So in this thesis, we use hyper elliptic curve cryptosystem it reduces the
running time, computational cost.


Assume the communication channel between the tag and reader is not secure. Because an adversary tries to modify/delete the
information stored in the tag/reader. Then also assume that Communicational channel between the reader and Database is secure.
In this thesis, we have considered the security features between the tag and reader only.

Fig. 1: Communication Channel of RFID Authentication

In above Literature review, the authors proposed the different type of protocol, that protocols are suffered from different
attacks and key- compromise problem. The above schemes has longer running time because number of bits is more.


In this thesis, Hyper elliptic curve based mutual authentication protocol was proposed which achieves the same level of security
using lower number of bits. This scheme reduces the running time of the system and the computation cost also reduced.
Communications overhead are minimized because Number of bits are lower compared to the existing scheme. This Scheme is
applied to the healthcare environment for improve the security.
A. Methodologies
1) Hyper Elliptic Curve Cryptosystem
A hyper elliptic curve C of genus g defined over a field Fq of characteristic p is given by an equation of form
Y2 + h(x)y = f(x)
Where h(x) and f(x) are polynomials with coefficients in Fq with degree of h(x) g and degree of f(x) = 2g + 1.
An additional requirement is that the curve should not be a singular curve. The condition that there are no x any y in the
algebraic closure of Fq that satisfy the equation of the curve and the two partial derivatives 2y + h(x) = 0, h(x)y f(x) = 0.
As opposed to the case of elliptic curves, there is no natural way to provide C(K) with a group structure. Instead one can
introduce different object related to C, which to each field extension K of Fq associates a group. This object is called the Jacobian
of C.

All rights reserved by


A Time Efficient RFID Mutual Authentication Protocol for HealthCare Environments using Hyper Elliptic curve Cryptosystem
(GRDJE / CONFERENCE / ICIET - 2016 / 031)

The set of all divisors is denoted by Divc(L). Given two divisors D = pCp[P] and D = PCP[P] the sum D + D is defined as D +
D = P(CP + CP)[P]. This gives Divc(L) a group structure.
2) Hash Function
A hash function H is a one-way function, which accepts a large input m, and produces a small fixed-size output h. The purpose of
hash function is to generate hash value of file, message and other data blocks. It can be mainly applied in message authentication
and digital signature.
3) Hyper Elliptic Curve Discrete Logarithm Problem (HECDLP)
Hyperelliptic curve of genus g over a finite field Fq, a point P J C(K) of order n, a point Q < P >, find an integer l [0, n-1]
such that Q = lP.
4) Computational Diffie-Hellman Problem (CDHP)
Given an elliptic curve E defined over a finite field Fq, a point P E(Fq ) of order n. The computational Diffie-Hellman problem
is to compute abP given (P, aP, bP) with a, b Zn*.

A. Patient Identification Tracking
Hospitals are complex institution in nature. Instead of names to prevent any misidentification with already existing patient names.
Here we implement the patient identifier using RFID tag. Before the messages can be encrypted, these messages need to be
embedded on the points over the hyper elliptic curve .Here, we use map- to-point algorithm which converts the arbitrary bit string
into hyper elliptic curve point.
1) The Proposed Protocol
In this protocol have three participants, tag issuer I, tag Ti and a reader R and it is connected to the backend server. Here we
assume that tag and readers is not secure, and then also assume that connection between reader and database are secure.
Notations used in the protocol:
q, n:
Two large prime numbers.
A Generator with order n.
Finite field
Hyper Elliptic curve
Divisor operation
Identity of the tag i.
(SR, PR):
The private/public key of reader
The private/public key of tag
H1,H2 :
Hash functions
In RFID mutual authentication protocol has two phases: First, Setup phase and Second is Authentication phase. These
phases are explained detail as follows,
B. Setup Phase
In this Phase, The key is generated for both tag and Reader.
1) For Reader R,The issuer` selects a random value SR Zn* as its private key and computes PR=sR D as its public key.
2) For each tag Ti, the issuer chooses a random value sTi Zn* as its private key and computes PTi= sTi D as its public key.
3) Scalar multiplication is the main cryptographic operation in HECC. Due to the limited computational capabilities of tag, in
order to reduce the amount of computations to be performed by tag, I pre-computes r = kP, K = kPR.


In this authentication phase, the encryption/decryption of message between the reader and the tag is done .Then tag and reader
authenticated successfully.

All rights reserved by


A Time Efficient RFID Mutual Authentication Protocol for HealthCare Environments using Hyper Elliptic curve Cryptosystem
(GRDJE / CONFERENCE / ICIET - 2016 / 031)

Tag Ti

Reader R
t Z*

s=(STi e+k)mod n
C=EK(IDTi ||r||s||z)
(ID Ti || r ||s ||z )= DK (C)
If z z or r r
R reject the session
e =H1(r,z )
if r =s P+(-e )PTi
The tag is authenticated
Then e1=H2(IDTi,r,C,z )
S1e1sR+t mod n
If s1Pe1PR + z mod n
The reader is authenticated
Fig. 2: The RFID Mutual Authentication Protocol

1) Initially the R generates a random value t Zn*, computes

z = t P and sends z to Ti.
2) Ti chooses a random value k Zn*, uses the binary method to pre-compute r = kP , K = kPR . Then Ti computes e = H1(r, z),
s (sTi e + k) mod n, C=EK(IDTi ||r||s||z), and sends (r,C) to R.
3) Upon receiving (r, C), R computes K= sR r , decrypts C using K, then it can get ID Ti|| r ||s ||z .If z z or r r , R rejects the
session; Otherwise, R searches ID Ti from its back- end database. In this case, if IDTi is no found. Ti is considered
illegitimate; otherwise, R obtains the corresponding item (ID Ti, PTi), computes e =H1(r,z ).Then R checks whether r =s P+(e )PTi or not. If they are equal, the tag Ti is authenticated. Then R computes e1=H2(ID Ti ,r ,s,|z ), s1 sR e1 + t mod n and
sends s1 to Ti.
4) Upon receiving s1, Ti first computes e1=H2(IDTi,r,C,z), then it sets a=s1P , e=e1,PR and uses the binary method to check
whether a b+z mod n or not. If they are equal, the reader R is authenticated.



The RFID Mutual authentication protocol for the healthcare environment was designed. Compared to existing protocols, the Hyper
elliptic curve based protocol reduces the running time of the system. Therefore the communication cost is also reduced. In this
thesis, we also compare our result with the result of Zhao et al. (2014), Zhang and Qi(2014) and He et al.(2012) proposed protocols.

All rights reserved by


A Time Efficient RFID Mutual Authentication Protocol for HealthCare Environments using Hyper Elliptic curve Cryptosystem
(GRDJE / CONFERENCE / ICIET - 2016 / 031)

Fig. 3: Communication cost of tag

Chatterjee et al. (2013) Compared to the elliptic curve based protocol, Hyper elliptic curve based mutual authentication
protocol use less number of bits to achieve the same level of security.

Fig. 4: Communication Overhead

The Mutual authentication protocol for RFID using Hyper elliptic curve cryptography is designed. Here the pre-computing concept
within the tags communication process was used, to avoid the timeconsuming scalar multiplication. Since the tag has limited
computational capabilities. Thus the proposed protocol has better efficiency. In terms of security, this protocol has achieved lot of
security properties such as confidentiality, availability, Mutual authentication ,Tags anonymity, etc and withstand many common
attacks . This protocol overcome the weakness in existing protocol and also reduces the communication cost and computational
overhead. This protocol is more suitable for healthcare environments.

[1] Atzori.L, Iera.A, and Morabito.G(2010), The Internet of Things: A survey, Computer Network, vol. 54, no. 15, pp. 2787
[2] Bringer.J, Chabanne .H, and Icart .T,(2008) Cryptanalysis of EC-RAC, a RFID identification protocol, in Proc. 7th
International Conference on Cryptgraphica. Network Security(CNS08), pp. 149161.
[3] Chunhua Jin , Chunxiang Xu , Xiaojun Zhang ,Jining Zhao (2015), A Secure RFID Mutual Authentication Protocol for
Healthcare Environments Using Elliptic CurveCryptography, Journal of medical system ,39: 24,pp.1-8.

All rights reserved by


A Time Efficient RFID Mutual Authentication Protocol for HealthCare Environments using Hyper Elliptic curve Cryptosystem
(GRDJE / CONFERENCE / ICIET - 2016 / 031)

[4] Deursen .T and Radomirovic .S(2009), Untraceable RFID protocols are not trivially composable: Attacks on the revision of
EC-RAC, Cryptology ePrint Archive, Report, 2009/332.
[5] He D., Chen Y., and Chen, J.(2012), Cryptanalysis and improvement of an extended chaotic mapsbased key agreement
protocol. Nonlinear Dynamics. 69(3):11491157.
[6] Jonathan Sangoro, Waweru Mwangi, Michael Kimwele (2014), Enhancement of Security in RFID using RSA Algorithm,
Vol 5,no.10,pp. 2222-2871.
[7] Kakali Chatterjee, Asok De, and Daya Gupta,(2013) Mutual Authentication Protocol Using Hyperelliptic Curve
Cryptosystem in Constrained Devices, International Journal of Network Security, Vol.15, No.1, PP.9-15.
[8] Lee Y., Batina L., and Verbauwhede I.(2008), EC-RAC (ECDLP based randomized access control): Provably secure RFID
authentication protocol,iProc. IEEE Inernational. Conference on RFID, pp. 97104.
[9] Liao ,Y and Hsiao .C(2014), A secure ECC-based RFID authentication scheme integrated with ID-verifier transfer protocol,
Ad Hoc Network, vol. 18,pp. 133146.
[10] Ohkubo M. , Suzuki K. , and Kinoshita S. (2003), Cryptographic Approachto Privacy-Friendly Tags, Proc. Radio
Frequency Identification (RFID)Privacy Workshop.
[11] Tuan Anh Pham, Mohammad S. Hasan and HongnianYu (2012), A RFID mutual authentication protocol based on AES
Algorithm, IEEE, pp. 997-999.
[12] Weinstein .R(2005), RFID: A technical overview and its application to the enterprise, IEEE IT Prof., vol. 7, no. 3, pp. 27
[13] Zhang .Z and Qi .Q(2014), An efficient RFID authentication protocol to enhance patient medication safety using elliptic
curve cryptography, Journal of Medical System., vol. 38, no. 5, doi: 10.1007/s10916-014-0047-8.
[14] Zhao .Z(2014), A secure RFID authentication protocol for healthcare environments using elliptic curve cryptosystem,
Journal of Medical System., vol. 38, no. 5, doi: 10.1007/s10916-014-0046-9.

All rights reserved by