Prototype Device With Lightweight Protocol for Secure RFID Communication Without Reliable Connectivity

The increased use of radio frequency identification (RFID) technology has made it difficult to maintain secure operations in RFID environments. In addition, establishing a secure system when the internet is unavailable and finding a secure method to share keys are challenges that must be addressed....

Full description

Bibliographic Details
Main Authors: Ahmed Alamer, Ben Soh, Ahmed H. Alahmadi, David E. Brumbaugh
Format: Article
Language:English
Published: IEEE 2019-01-01
Series:IEEE Access
Subjects:
Online Access:https://ieeexplore.ieee.org/document/8905992/
Description
Summary:The increased use of radio frequency identification (RFID) technology has made it difficult to maintain secure operations in RFID environments. In addition, establishing a secure system when the internet is unavailable and finding a secure method to share keys are challenges that must be addressed. Considering the limitations of RFID tagging in terms of space, power, and storage, there is a need for practical low-power hardware microcontrollers with lightweight encryption methods suitable for implementation. Our secure system, which is based on the use of hardware-embedded RFID tags, is a novel approach that employs four initialization vectors (IVs) and key pairs to develop solutions for the secure storage, distribution, and alteration of the IVs and keys for use with the MICKEY 2.0 stream cipher. We propose the use of a low-power RFID-compatible device to provide a secure solution for exchanging and storing IVs and key pairs in the absence of an internet or wireless connection. We call this device the near-field secure data extractor (NFSDE). In addition, we demonstrate its operation in a practical eHealth scenario. Software emulation of the device is used to test the related processes and evaluate their efficiency and security. The use of this simple RFID-compatible prototype device with a lightweight encryption system, which provides public-key-like security but is not internet-dependent, alleviates healthcare security issues and encourages the development of similar tools that can be adapted for use in other fields that require sensitive data to be securely handled.
ISSN:2169-3536