Sujuan Liu

Bio: Sujuan Liu is an academic researcher from Nanjing University of Posts and Telecommunications. The author has contributed to research in topics: Authentication protocol & Key-agreement protocol. The author has an hindex of 3, co-authored 4 publications receiving 56 citations.

Security Analysis and Improvement on Two RFID Authentication Protocols

Abstract: Several lightweight RFID authentication protocols have been proposed to settle the security and privacy problems. Nevertheless, most of these protocols are analyzed and they are not successful in their attempt to achieve the claimed security objectives. In this paper, we consider the security of two recently proposed typical RFID authentication protocols: RAPLT protocol and SRP+ protocol. RAPLT protocol is a new ultra-lightweight RFID protocol based on two new operations named $$merge$$merge and $$separation$$separation. Utilizing the linear property of the $$merge$$merge operation, we present a passive disclosure attack on RAPLT protocol, and we can deduce the shared secrets with overwhelming probability after eavesdropping about 100 round authentication sessions. SRP+ protocol is a novel secure RFID authentication protocol conforming to the EPC C-1 G-2 standard, and we present efficient de-synchronization attack and passive disclosure attack through exhaustive search. Our disclosure attack only needs one run of the protocol, and the attack complexity is $$O(2^{16})$$O(216) evaluation of the PRNG function in off-line analysis mode. In addition, to counteract the vulnerabilities, we propose a new modified version of SRP+ protocol, denoted by $$ SRP ^{++}$$SRP++, conforming to the EPC C-1 G-2 standard. Our security analysis demonstrates that $$ SRP ^{++}$$SRP++ protocol can resist the exhaustive search attack with the complexity $$O(2^{32})$$O(232), which is the optimal security bound.

Security Analysis of RAPP An RFID Authentication Protocol based on Permutation.

Abstract: One of the key problems in Radio Frequency Identification(RFID) is security and privacy. Many RFID authentication protocols have been proposed to preserve security and privacy of the system. Nevertheless, most of these protocols are analyzed and it is shown that they can not provide security against some RFID attacks. RAPP is a new ultralightweight authentication protocol with permutation. In RAPP, only three operations are involved: bitwise XOR, left rotation and permutation. In this paper, we give an active attack on RAPP. We first collect some authentication messages through impersonating valid tag and readers; Then we forge valid reader to communicate with the tag about times. Using the property of the left rotation and permutation operation, we can deduce the relationship of bits of random number or secret keys at different positions, thus obtain all the secret shared by the reader and the tag. 30 2

Analysis and Construction of Efficient RFID Authentication Protocol with Backward Privacy

Abstract: Privacy of RFID systems is receiving increasing attentions in the RFID community and an important issue required as to the security of RFID system Backward privacy means the adversary can not trace the tag later even if he reveals the internal states of the tag sometimes before In this paper, we analyze two recently proposed RFID authentication schemes: Randomized GPS and Randomized Hashed GPS scheme We show both of them can not provide backward privacy in Juels and Weis privacy model, which allows the adversary to know whether the reader authenticates the tag successfully or not In addition, we present a new protocol, called Challenge-Hiding GPS, based on the Schnorr identification scheme The challenge is hidden from the eavesdropping through the technique of Diffie-Hellman key agreement protocol The new protocol can satisfy backward privacy, and it has less communication overheads and almost the same computation, compared with the two schemes analyzed

Analysis and Construction of Efficient RFID Authentication Protocol with Backward Privacy.

Abstract: Privacy of RFID systems is receiving increasing attentions in the RFID community and an important issue required as to the security of RFID system. Backward privacy means the adversary can not trace the tag later even if he reveals the internal states of the tag sometimes before. In this paper, we analyze two recently proposed RFID authentication schemes: Randomized GPS and Randomized Hashed GPS scheme. We show both of them can not provide backward privacy in Juels and Weis privacy model, which allows the adversary to know whether the reader authenticates the tag successfully or not. In addition, we present a new protocol, called Challenge-Hiding GPS, based on the Schnorr identification scheme. The challenge is hidden from the eavesdropping through the technique of Diffie-Hellman key agreement protocol. The new protocol can satisfy backward privacy, and it has less communication overheads and almost the same computation, compared with the two schemes analyzed.

An Analysis of RFID Authentication Schemes for Internet of Things in Healthcare Environment Using Elliptic Curve Cryptography

Abstract: Advances in information and communication technologies have led to the emergence of Internet of Things (IoT). In the healthcare environment, the use of IoT technologies brings convenience to physicians and patients as they can be applied to various medical areas (such as constant real-time monitoring, patient information management, medical emergency management, blood information management, and health management). The radio-frequency identification (RFID) technology is one of the core technologies of IoT deployments in the healthcare environment. To satisfy the various security requirements of RFID technology in IoT, many RFID authentication schemes have been proposed in the past decade. Recently, elliptic curve cryptography (ECC)-based RFID authentication schemes have attracted a lot of attention and have been used in the healthcare environment. In this paper, we discuss the security requirements of RFID authentication schemes, and in particular, we present a review of ECC-based RFID authentication schemes in terms of performance and security. Although most of them cannot satisfy all security requirements and have satisfactory performance, we found that there are three recently proposed ECC-based authentication schemes suitable for the healthcare environment in terms of their performance and security.

A Review of RFID in Supply Chain Management: 2000–2015

Abstract: This paper presents a systematic literature review of papers that were published in academic journals on the applications of radio frequency identification (RFID) in supply chain management between the years 2000 and 2015. As the literature on RFID is not confined to specific disciplines or repositories, this paper proposes a discipline-based framework for classifying RFID literature. Five main classification categories are used in this paper: technology, supply chain management, research methodology, application industries, and social aspects. The paper then focuses on the category of supply chain management and reviews 1187 articles that were published between 2000 and 2015 in rated journals. All the papers reviewed are further classified into eight subclasses under this category of supply chain management. The review yields useful insights into the anatomy of RFID literature in supply chain management, enhances evidence-based knowledge, and contributes to informing practice, policymaking and future research. The review reveals that even presently, despite technical and cost challenges, enormous potential exists for the application of RFID in several areas of supply chain management and the prospects are likely to grow into the future. Since RFID solutions have emerged primarily over only the past 20 years, significant research opportunities exist and would need to be addressed to continue to support the technology’s maturation, evaluation, adoption, implementation, and diffusion.

A lightweight and anonymous RFID tag authentication protocol with cloud assistance for e-healthcare applications

Abstract: As an important part of Internet of Things, Radio Frequency Identification (RFID) system employs low-cost RFID tag to communicate with everything containing animate and inanimate objects. This technology is widely used in the e-healthcare applications. However, the malicious communication environment makes people more and more worried. In order to overcome the hazards in the network, RFID authentication schemes for e-healthcare have been proposed by researchers. But since the computation ability of the tag is relatively weak, it is necessary to put forward a lightweight and secure scheme for medical systems. Moreover, cloud is widely accepted by people and used in many kinds of systems. So we propose a novel and lightweight RFID authentication scheme with cloud for e-healthcare applications. We use an enhanced formal security model to prove the security of our scheme. In this model the channel between the server and the reader is considered to be insecure and informal analysis is used to prove the security of the proposed scheme. Through the formal and informal analysis, our scheme not only resists the common attacks, but also keeps mutual authentication, information integrity, forward untraceability and backward untraceability. Moreover, both the tag and the reader can reach the anonymity. Our scheme is only hash-based and suitable to realize various security requirements. Compared to recent schemes of the same sort, it is more applicable in e-healthcare.

RCIA: A New Ultralightweight RFID Authentication Protocol Using Recursive Hash

Abstract: RFID is one of the most protuberant systems in the field of ubiquitous computing. Since RFID tags have limited computation capabilities, numerous ultralightweight authentication protocols have been proposed to provide privacy and security. However all the previously proposed ultralightweight mutual authentication protocols have some security apprehensions and are vulnerable to various desynchronization and full disclosure attacks. This paper proposes a new ultralightweight mutual authentication protocol to provide robust confidentiality, integrity, and authentication (RCIA) in a cost effective manner. RCIA introduces a new ultralightweight primitive recursive hash, which efficiently detects the message tempering and also avoids all possible desynchronization attacks. RCIA involves only bitwise operations such as XOR, AND, left rotation, and recursive hash. Performance evaluation illustrates that RCIA requires less resources on tag in terms of on-chip memory, communication cost, and computational operations.

A New Ultralightweight RFID Authentication Protocol for Passive Low Cost Tags: KMAP

Abstract: Radio Frequency IDentification (RFID) is one of the most promising identification schemes in the field of pervasive systems. Unique identification and non-line of sight capabilities make RFID systems more protuberant than its contending systems. As RFID systems incorporate wireless channel, there are some allied security threats and apprehensions to the systems from malicious adversaries. In order to make the system reliable and secure, numerous Ultralightweight Mutual Authentication Protocols (UMAPs) have been proposed which involve only simple bitwise logical operations (AND, XOR & OR etc.) in their designs. However, almost all of the previously proposed UMAPs are reported to be vulnerable against various security attacks (Desynchronization and Full disclosure attacks etc.). In this paper, we propose a new pseudo-Kasami code based Mutual Authentication Protocol (KMAP). The proposed protocol, KMAP, avoids unbalanced logical operations (OR, AND) and introduces a new Ultralightweight primitive: pseudo-Kasami code (Kc). The newly proposed primitive (pseudo-Kasami code) enhances the diffusion properties of the protocol messages and makes hamming weight of the secrets unpredictable and irreversible. The security analysis illustrates that the KMAP provides excellent protocol functionalities and is also highly resistive against all possible attacks. The performance evaluation shows that the KMAP requires fewer resources on the tag in terms of on-chip memory, communication cost and computational operations.