14 views

Uploaded by GRD Journals

RFID is a transformative technology in the healthcare industry. By applying RFID tags in healthcare environments, for locating and tracking of staff, equipments and patients made easy. However the potential security and running time of the systems are remains, challengeable in RFID system. In this thesis, a new design called mutual authentication protocol for RFID, based on Hyper elliptic curve cryptosystem was introduced. This methodology provides same level of security compared to the existing scheme with lower number of bits. The protocol can provide better efficiency, because it uses pre-computing method within tag’s communication. In terms of security, the protocol can achieve confidentiality, unforgetability, mutual authentication, tag’s anonymity, availability and forward security. The protocol can overcome the weakness of the existing protocols .It also reduce the computation cost and communication overhead
Citation: P.Gowsalya, K.L.N.College of Engineering; D.Pravin Kumar ,. "A Time Efficient RFID Mutual Authentication Protocol for HealthCare Environments Using Hyper Elliptic curve Cryptosystem." Global Research and Development Journal For Engineering : 187 - 192.

- Key-Aggregate Cryptosystem for Scalable Data Sharing in Cloud Storage
- Answer CCNA Security Chapter 7 Test – CCNAS v1.1 _ Invisible Algorithm
- IRJET-Coordinates based Keying Scheme for WSN Security
- FinalReportPS2
- The Security and Efficiency in Attribute-Based Data Sharing
- group2-loyaltycard.pdf
- Public – Private Key Encryption Using OpenSSL
- e Commerce
- A Novel Mechanism for Searching Keyword in Cloud by Using Dual-Server Public-Key Encryption
- Cyber security_VT.ppt
- RSA
- RSA.pdf
- Securing User’s Data in HDFS
- 34173566 Network Security Intro
- 13 Crypto
- Cryptography
- Ubuntu Administration
- Security Tutorial
- Secure Data Sharing Algorithm for Data Retrieval In Military Based Networks
- 10.1.1.88.328

You are on page 1of 6

e-ISSN: 2455-5703

Protocol for HealthCare Environments using

Hyper Elliptic curve Cryptosystem

1P.Gowsalya 2D.

Pravin Kumar

PG Student Associate Professor

1,2

Department of Computer Science & Engineering

1,2

K.L.N College of Engineering Pottapalayam, Sivagangai 630612, India

1

Abstract

RFID is a transformative technology in the healthcare industry. By applying RFID tags in healthcare environments, for locating

and tracking of staff, equipments and patients made easy. However the potential security and running time of the systems are

remains, challengeable in RFID system. In this thesis, a new design called mutual authentication protocol for RFID, based on

Hyper elliptic curve cryptosystem was introduced. This methodology provides same level of security compared to the existing

scheme with lower number of bits. The protocol can provide better efficiency, because it uses pre-computing method within tags

communication. In terms of security, the protocol can achieve confidentiality, unforgetability, mutual authentication, tags

anonymity, availability and forward security. The protocol can overcome the weakness of the existing protocols .It also reduce the

computation cost and communication overhead.

Keyword- Hyper elliptic curve, Mutual Authentication, Pre-Computing, Security, Running Time

__________________________________________________________________________________________________

I. INTRODUCTION

Internet of Things (IoT) has emerged as most powerful paradigms. It provides the unique identifiers to people and objects. That

allows them to communicate with other objects without requiring human to human or human to computer interaction. Atzori et al

(2010) Proposed in the IoT environment, all the objects in our daily life become part of the internet because of their communication

and computing capabilities that allows them to communicate with other objects. IoT extends the concept of the Internet and makes

it more pervasive.

Weinstein (2005) proposed Radio-frequency identification (RFID) is one of the most important technologies used in the

IoT, as it can store sensitive data, provides wireless communication with other objects, and to identify/track objects automatically.

Compared to the traditional barcode, RFID could be applied to objects with rough surfaces, can do both read/write capability,

requires no line-of-sight contact with RFID readers, and can read many RFID tags simultaneously. All these benefits make RFID

a superior technology compared to the traditional barcode system.

Jonathan et al (2014) proposed the enhancement of security in RFID using RSA algorithm. This algorithm is based on factoring

large prime numbers. This system works on public and private key system. The public key is made available to everyone. A user

can encrypt the data but cannot decrypt data it .The person who possess the private key can decrypt it .The advantage is to improve

the data security. The drawback of this algorithm is to use large prime numbers and using RSA mathematical calculation becomes

time consuming because of modular exponential. It increases the storage cost and computational time of the system. Pham et al

(2012) proposed the mutual authentication protocol for passive tag which is based on cryptographic hash function and then

implementing one way encryption using AES algorithm on RFID passive tags. This algorithm between the reader and the tag to

satisfy the strict timing requirement and also prevent the DE synchronization between a reader and a tag. The advantage of this

algorithm is to protect against the many types of attack such as information leakage, tag tracking etc. The drawback of the algorithm

is to use permutation on each cycle. So AES algorithm is time consuming and increases the time complexity of the system. Ohkubo

et al(2003) proposed the cryptographic approach to privacy friendly RFID tags. In this paper they use the symmetric key based

authentication which prevents privacy protection scheme for RFID relying on low cost hash chain. The secret key of an RFID tag

is renewed using one way hash function after the tag response to the readers query. They proposed a new security requirement is

called backward untraceability, which prevents a tag to be identified in the past communication sessions. Even if an strong

adversary compromise the tag and acquires the knowledge of the current secret key. It is impossible to reveal the past secret key

and then identify the tag due to the property of hash chain. The drawback of the method is the protocol does not protect the system

187

A Time Efficient RFID Mutual Authentication Protocol for HealthCare Environments using Hyper Elliptic curve Cryptosystem

(GRDJE / CONFERENCE / ICIET - 2016 / 031)

against replay attack. Lee et al. (2008) proposed a provably secure ECC based RFID authentication scheme. However, Bringer et

al.(2008) found that Lee et al.s scheme cannot withstand tracking attack (the adversary could track the tags action) and the tag

impersonation attack (where the adversary can impersonate the tag to the server). To withstand those two attacks, Bringer et

al.(2008) proposed a new RFID authentication scheme called randomized Schnorr scheme. Later, Lee et al.(2009) also proposed

an ECC-based RFID authentication scheme to withstand the tracking attack and the tag impersonation attack against their previous

schemes [36]. However, Deursen and Radomirovi (2009) pointed out that all of Lee et al.s(2009) schemes cannot withstand the

man-in-the-middle attack and the tracking attack. Liao and Hsiao (2013) proposed a new efficient ECC-based RFID authentication.

However, Zhao et al. (2014) pointed out that Liao and Hsiaos scheme suffered from the key compromise problem, i.e., the

adversary could get secret information stored in the tag. Zhao et al.(2014) also proposed an improved scheme to overcome such a

weakness. Zhang and Qi (2014) proposed an improved scheme to solve the key compromise problem in Chous scheme. Jin et al.

(2015) proposed that elliptic curve based protocol suitable for healthcare environments. As described earlier, several ECC-based

RFID authentication schemes have been proposed for different applications recently. Some of these schemes use only elliptic curve

operations. Using elliptic curve the running time is high. So in this thesis, we use hyper elliptic curve cryptosystem it reduces the

running time, computational cost.

Assume the communication channel between the tag and reader is not secure. Because an adversary tries to modify/delete the

information stored in the tag/reader. Then also assume that Communicational channel between the reader and Database is secure.

In this thesis, we have considered the security features between the tag and reader only.

In above Literature review, the authors proposed the different type of protocol, that protocols are suffered from different

attacks and key- compromise problem. The above schemes has longer running time because number of bits is more.

In this thesis, Hyper elliptic curve based mutual authentication protocol was proposed which achieves the same level of security

using lower number of bits. This scheme reduces the running time of the system and the computation cost also reduced.

Communications overhead are minimized because Number of bits are lower compared to the existing scheme. This Scheme is

applied to the healthcare environment for improve the security.

A. Methodologies

1) Hyper Elliptic Curve Cryptosystem

A hyper elliptic curve C of genus g defined over a field Fq of characteristic p is given by an equation of form

Y2 + h(x)y = f(x)

Where h(x) and f(x) are polynomials with coefficients in Fq with degree of h(x) g and degree of f(x) = 2g + 1.

An additional requirement is that the curve should not be a singular curve. The condition that there are no x any y in the

algebraic closure of Fq that satisfy the equation of the curve and the two partial derivatives 2y + h(x) = 0, h(x)y f(x) = 0.

As opposed to the case of elliptic curves, there is no natural way to provide C(K) with a group structure. Instead one can

introduce different object related to C, which to each field extension K of Fq associates a group. This object is called the Jacobian

of C.

188

A Time Efficient RFID Mutual Authentication Protocol for HealthCare Environments using Hyper Elliptic curve Cryptosystem

(GRDJE / CONFERENCE / ICIET - 2016 / 031)

The set of all divisors is denoted by Divc(L). Given two divisors D = pCp[P] and D = PCP[P] the sum D + D is defined as D +

D = P(CP + CP)[P]. This gives Divc(L) a group structure.

2) Hash Function

A hash function H is a one-way function, which accepts a large input m, and produces a small fixed-size output h. The purpose of

hash function is to generate hash value of file, message and other data blocks. It can be mainly applied in message authentication

and digital signature.

3) Hyper Elliptic Curve Discrete Logarithm Problem (HECDLP)

Hyperelliptic curve of genus g over a finite field Fq, a point P J C(K) of order n, a point Q < P >, find an integer l [0, n-1]

such that Q = lP.

4) Computational Diffie-Hellman Problem (CDHP)

Given an elliptic curve E defined over a finite field Fq, a point P E(Fq ) of order n. The computational Diffie-Hellman problem

is to compute abP given (P, aP, bP) with a, b Zn*.

V. MODULES

A. Patient Identification Tracking

Hospitals are complex institution in nature. Instead of names to prevent any misidentification with already existing patient names.

Here we implement the patient identifier using RFID tag. Before the messages can be encrypted, these messages need to be

embedded on the points over the hyper elliptic curve .Here, we use map- to-point algorithm which converts the arbitrary bit string

into hyper elliptic curve point.

1) The Proposed Protocol

In this protocol have three participants, tag issuer I, tag Ti and a reader R and it is connected to the backend server. Here we

assume that tag and readers is not secure, and then also assume that connection between reader and database are secure.

Notations used in the protocol:

q, n:

Two large prime numbers.

P:

A Generator with order n.

F(q):

Finite field

E:

Hyper Elliptic curve

D:

Divisor operation

IDTi:

Identity of the tag i.

(SR, PR):

The private/public key of reader

(STi,,PTi):

The private/public key of tag

H1,H2 :

Hash functions

In RFID mutual authentication protocol has two phases: First, Setup phase and Second is Authentication phase. These

phases are explained detail as follows,

B. Setup Phase

In this Phase, The key is generated for both tag and Reader.

1) For Reader R,The issuer` selects a random value SR Zn* as its private key and computes PR=sR D as its public key.

2) For each tag Ti, the issuer chooses a random value sTi Zn* as its private key and computes PTi= sTi D as its public key.

3) Scalar multiplication is the main cryptographic operation in HECC. Due to the limited computational capabilities of tag, in

order to reduce the amount of computations to be performed by tag, I pre-computes r = kP, K = kPR.

In this authentication phase, the encryption/decryption of message between the reader and the tag is done .Then tag and reader

authenticated successfully.

189

A Time Efficient RFID Mutual Authentication Protocol for HealthCare Environments using Hyper Elliptic curve Cryptosystem

(GRDJE / CONFERENCE / ICIET - 2016 / 031)

Tag Ti

(STi,PTi,IDTi,PR)

Reader R

(SR,PR)

t Z*

z=tP

z

kZ*n

r=kP

K=kPR

e=H1(r,z)

s=(STi e+k)mod n

C=EK(IDTi ||r||s||z)

(r,C)

K=SRr

(ID Ti || r ||s ||z )= DK (C)

If z z or r r

R reject the session

Other

e =H1(r,z )

if r =s P+(-e )PTi

The tag is authenticated

Then e1=H2(IDTi,r,C,z )

S1e1sR+t mod n

S1

e1=H2(IDTi,r,C,z)

If s1Pe1PR + z mod n

The reader is authenticated

Fig. 2: The RFID Mutual Authentication Protocol

z = t P and sends z to Ti.

2) Ti chooses a random value k Zn*, uses the binary method to pre-compute r = kP , K = kPR . Then Ti computes e = H1(r, z),

s (sTi e + k) mod n, C=EK(IDTi ||r||s||z), and sends (r,C) to R.

3) Upon receiving (r, C), R computes K= sR r , decrypts C using K, then it can get ID Ti|| r ||s ||z .If z z or r r , R rejects the

session; Otherwise, R searches ID Ti from its back- end database. In this case, if IDTi is no found. Ti is considered

illegitimate; otherwise, R obtains the corresponding item (ID Ti, PTi), computes e =H1(r,z ).Then R checks whether r =s P+(e )PTi or not. If they are equal, the tag Ti is authenticated. Then R computes e1=H2(ID Ti ,r ,s,|z ), s1 sR e1 + t mod n and

sends s1 to Ti.

4) Upon receiving s1, Ti first computes e1=H2(IDTi,r,C,z), then it sets a=s1P , e=e1,PR and uses the binary method to check

whether a b+z mod n or not. If they are equal, the reader R is authenticated.

VII.

The RFID Mutual authentication protocol for the healthcare environment was designed. Compared to existing protocols, the Hyper

elliptic curve based protocol reduces the running time of the system. Therefore the communication cost is also reduced. In this

thesis, we also compare our result with the result of Zhao et al. (2014), Zhang and Qi(2014) and He et al.(2012) proposed protocols.

190

(GRDJE / CONFERENCE / ICIET - 2016 / 031)

Chatterjee et al. (2013) Compared to the elliptic curve based protocol, Hyper elliptic curve based mutual authentication

protocol use less number of bits to achieve the same level of security.

VIII. CONCLUSION

The Mutual authentication protocol for RFID using Hyper elliptic curve cryptography is designed. Here the pre-computing concept

within the tags communication process was used, to avoid the timeconsuming scalar multiplication. Since the tag has limited

computational capabilities. Thus the proposed protocol has better efficiency. In terms of security, this protocol has achieved lot of

security properties such as confidentiality, availability, Mutual authentication ,Tags anonymity, etc and withstand many common

attacks . This protocol overcome the weakness in existing protocol and also reduces the communication cost and computational

overhead. This protocol is more suitable for healthcare environments.

REFERENCES

[1] Atzori.L, Iera.A, and Morabito.G(2010), The Internet of Things: A survey, Computer Network, vol. 54, no. 15, pp. 2787

2805.

[2] Bringer.J, Chabanne .H, and Icart .T,(2008) Cryptanalysis of EC-RAC, a RFID identification protocol, in Proc. 7th

International Conference on Cryptgraphica. Network Security(CNS08), pp. 149161.

[3] Chunhua Jin , Chunxiang Xu , Xiaojun Zhang ,Jining Zhao (2015), A Secure RFID Mutual Authentication Protocol for

Healthcare Environments Using Elliptic CurveCryptography, Journal of medical system ,39: 24,pp.1-8.

191

(GRDJE / CONFERENCE / ICIET - 2016 / 031)

[4] Deursen .T and Radomirovic .S(2009), Untraceable RFID protocols are not trivially composable: Attacks on the revision of

EC-RAC, Cryptology ePrint Archive, Report, 2009/332.

[5] He D., Chen Y., and Chen, J.(2012), Cryptanalysis and improvement of an extended chaotic mapsbased key agreement

protocol. Nonlinear Dynamics. 69(3):11491157.

[6] Jonathan Sangoro, Waweru Mwangi, Michael Kimwele (2014), Enhancement of Security in RFID using RSA Algorithm,

Vol 5,no.10,pp. 2222-2871.

[7] Kakali Chatterjee, Asok De, and Daya Gupta,(2013) Mutual Authentication Protocol Using Hyperelliptic Curve

Cryptosystem in Constrained Devices, International Journal of Network Security, Vol.15, No.1, PP.9-15.

[8] Lee Y., Batina L., and Verbauwhede I.(2008), EC-RAC (ECDLP based randomized access control): Provably secure RFID

authentication protocol,iProc. IEEE Inernational. Conference on RFID, pp. 97104.

[9] Liao ,Y and Hsiao .C(2014), A secure ECC-based RFID authentication scheme integrated with ID-verifier transfer protocol,

Ad Hoc Network, vol. 18,pp. 133146.

[10] Ohkubo M. , Suzuki K. , and Kinoshita S. (2003), Cryptographic Approachto Privacy-Friendly Tags, Proc. Radio

Frequency Identification (RFID)Privacy Workshop.

[11] Tuan Anh Pham, Mohammad S. Hasan and HongnianYu (2012), A RFID mutual authentication protocol based on AES

Algorithm, IEEE, pp. 997-999.

[12] Weinstein .R(2005), RFID: A technical overview and its application to the enterprise, IEEE IT Prof., vol. 7, no. 3, pp. 27

33.

[13] Zhang .Z and Qi .Q(2014), An efficient RFID authentication protocol to enhance patient medication safety using elliptic

curve cryptography, Journal of Medical System., vol. 38, no. 5, doi: 10.1007/s10916-014-0047-8.

[14] Zhao .Z(2014), A secure RFID authentication protocol for healthcare environments using elliptic curve cryptosystem,

Journal of Medical System., vol. 38, no. 5, doi: 10.1007/s10916-014-0046-9.

192

- Key-Aggregate Cryptosystem for Scalable Data Sharing in Cloud StorageUploaded byJAYAPRAKASH
- Answer CCNA Security Chapter 7 Test – CCNAS v1.1 _ Invisible AlgorithmUploaded byIcostyle
- IRJET-Coordinates based Keying Scheme for WSN SecurityUploaded byIRJET Journal
- FinalReportPS2Uploaded byKetan Karkare
- The Security and Efficiency in Attribute-Based Data SharingUploaded byInternational Journal for Scientific Research and Development - IJSRD
- group2-loyaltycard.pdfUploaded byAlireza Firoozian
- Public – Private Key Encryption Using OpenSSLUploaded bybedorlehacker
- e CommerceUploaded bysyedg8
- A Novel Mechanism for Searching Keyword in Cloud by Using Dual-Server Public-Key EncryptionUploaded byLOGIC SYSTEMS
- Cyber security_VT.pptUploaded bysanket mahapatra
- RSAUploaded by4gen_7
- RSA.pdfUploaded byRoseri Sinaga
- Securing User’s Data in HDFSUploaded byseventhsensegroup
- 34173566 Network Security IntroUploaded bySatyam Gupta
- 13 CryptoUploaded byBùi Văn Thủ
- CryptographyUploaded bymaaadu
- Ubuntu AdministrationUploaded bybedorlehacker
- Security TutorialUploaded byNina Libidov
- Secure Data Sharing Algorithm for Data Retrieval In Military Based NetworksUploaded byijtetjournal
- 10.1.1.88.328Uploaded byMansi Agarwal
- An Efficient Scheme for Data Sharing Among Dynamic Cloud MembersUploaded byAnonymous kw8Yrp0R5r
- uiUploaded byEfrhoni Ndruru
- Adida MastersUploaded byankur881120
- [IJCST-V3I2P35]: Balaji M, Rajashekar S AUploaded byEighthSenseGroup
- nhuikjliuUploaded byNandhini Haribabu
- EncryptionUploaded bySumiti Malhotra
- UntitledUploaded byLavanya Menon
- 794713132491542Uploaded byArihant Pawariya
- IRJET-A study on encryption algorithm for pilot signal transmissionUploaded byIRJET Journal
- Networksecurity 141205090441 Conversion Gate02 (1)Uploaded byPhoneix12

- Survey on Image Fusion TechniquesUploaded byGRD Journals
- Design and Static Structural Analysis of Aircraft Floor BeamUploaded byGRD Journals
- Conceptual Design of Vertical Axis Wind Turbine and Moulding through FiberglassUploaded byGRD Journals
- Feasibility Study of Cow Dung Ash as a Disinfectant in WaterUploaded byGRD Journals
- Trends in Virtual ClassroomsUploaded byGRD Journals
- Oscillating Heat Pipe & Synthesis of Nano Fluid - ReviewUploaded byGRD Journals
- Implementation of Data Mining Algorithms using RUploaded byGRD Journals
- Go Green MarketUploaded byGRD Journals
- Barriers and Opportunities in Circular Economy in the Construction Industry in IndiaUploaded byGRD Journals
- Impact of Digital Currency in E-commerceUploaded byGRD Journals
- Investigation on Severity Level for Diabetic Maculopathy based on the Location of LesionsUploaded byGRD Journals
- Forest Fire Detection using Zigbee Wireless Sensor NetworksUploaded byGRD Journals
- A Survey on Routing Protocol for Low-Power Lossy Network (RPL) in IoTUploaded byGRD Journals
- Multipurpose Electronic wheelchair for indoor navigation (E-WHEELS)Uploaded byGRD Journals
- GRDCF013073.pdfUploaded byGRD Journals
- Speech Enhancement using DUET & Weiner Filter TechniqueUploaded byGRD Journals
- Movie Success Prediction using Data MiningUploaded byGRD Journals
- Emerging Trends in Wireless Charging of Electric VehiclesUploaded byGRD Journals
- Solar Powered Automatic Cabin Cooling SystemUploaded byGRD Journals
- Monitoring and Theft Detection in Utility Lines using IoTUploaded byGRD Journals
- Hybrid Inverter with Solar Battery ChargingUploaded byGRD Journals
- Enchanced Security ATM Transaction Using Iris, Fingerprint, OTP AuthenticationUploaded byGRD Journals
- Development of IoT based Emergency Rescue Life Hacking Band for Human SafetyUploaded byGRD Journals
- Modelling of Smart Mass Rapid Transport (MRT) Empty Seat LocatorUploaded byGRD Journals
- Development of Real Time based Medicine Dispensing System for Elderly PeopleUploaded byGRD Journals

- Approximation of Pi Using the Monte Carlo MethodUploaded byapi-3798769
- Ugc Final ListUploaded byMehdi Azad
- Shopee Mall Manual Return Label (Id)-3Uploaded byKelik Wagiyanto
- Digital Control System-1Uploaded byKaradias
- 10.1.1.158.534Uploaded byakashmavle
- 2 DifferenceEqtnUploaded byHeng Choc
- Dsp Integrated Circuits 4Uploaded bybrindkowsi
- The Conway Kochen Free Will TheoremUploaded byYash
- ACC11Uploaded byjesusinsbose
- h Method and p MethodUploaded byGurwinder Singh
- Error Correction Codes With Based on Fault Tolerant Parallel FiltersUploaded bymeena
- Brief Summary of Insertion SortUploaded byYi Lin Lim
- CS-302 (1).pdfUploaded byMaz Har Ul
- CRYPTOOLUploaded byDarko Petrovic
- Discovery of Related Terms in a Corpus Using Reflective Random IndexingUploaded byChuck Rothman
- Chapter 9 Undecidability.pptUploaded byRajesh Salla
- Master ThesisUploaded byshaheerdurrani
- Crypto 101Uploaded byMatthew Phillips
- AnswerKey ALLUploaded byTerronciitow
- Lecture 9. ARIMA ModelsUploaded byPrarthana P
- Audio Fingerprinting Based on MultipleUploaded bykvkumar128
- Social Recommendation System for Real World Online ApplicationUploaded byGRD Journals
- ws_energyUploaded byrosaronceria
- 07a-Klasifikasi Peta.pdfUploaded byNisHu-yunis DxbRo
- Chapter 00Uploaded byricha
- Hierarchical simultaneous vertical fragmentation and allocation using modified Bond Energy Algorithm in distributed databasesUploaded byVian Szz
- Data Hiding in JPEG ImagesUploaded byAhmed Sakr
- infosecUploaded byGaziza Yestemirova
- Method Subtractive CulsteringUploaded bytranthan
- Student Solution Chap 06Uploaded bypriyapati21