Enhancing Security and Privacy in Healthcare Systems Using a Lightweight RFID Protocol

Abstract: Exploiting Radio Frequency Identification (RFID) technology in healthcare systems has become a common practice, as it ensures better patient care and safety. However, these systems are prone to security vulnerabilities that can jeopardize patient privacy and the secure management of patient credentials. This paper aims to advance state-of-the-art approaches by developing more secure and private RFID-based healthcare systems. More specifically, we propose a lightweight RFID protocol that safeguards patients’ pr… Show more

“…• This paper illustrates a secret disclosure attack against two recent authentication protocols, i.e. Sharigh et al [7] protocol (URASP) and Khan et al [8] protocol (KUAJB from now). • This paper addresses [7]'s authentication protocol security flaw and suggests a new authentication protocol.…”

“…It shows that this protocol is a target for conditional traceability. Khan et al [8] recently proposed a protocol to solve the anonymity and traceability difficulties in existing ultra-lightweight protocols. This protocol which we call it KUAJB (the first letters of the designers' last name) benefits from Cross Operation called Cro(x, y) as the source of non-linearity, which has been already introduced in [40].…”

“…The tag's secret value in [7], also known to the server R 1 , R Rotation Operation, x ≪ wt(y) in [8] R 1 ⊕ K and β = R 2 ⊕ K, and sends (Query, α, β) to the tag. 2) step 2: T → R : {IDS, γ L }: Using its key K, the tag extracts R 1 and R 2 from received α and β.…”

“…: FIGURE 4: KUAJB authentication scheme proposed by [8] Because the attacker knows γ L in both cases, the value of ID ⊕ K will almost certainly leak, indicating a secret disclosure attack with the success probability of "1" and also the complexity of three runs of the protocol.…”

An Enhanced Authentication Protocol Suitable for Constrained RFID Systems

“…• This paper illustrates a secret disclosure attack against two recent authentication protocols, i.e. Sharigh et al [7] protocol (URASP) and Khan et al [8] protocol (KUAJB from now). • This paper addresses [7]'s authentication protocol security flaw and suggests a new authentication protocol.…”

“…It shows that this protocol is a target for conditional traceability. Khan et al [8] recently proposed a protocol to solve the anonymity and traceability difficulties in existing ultra-lightweight protocols. This protocol which we call it KUAJB (the first letters of the designers' last name) benefits from Cross Operation called Cro(x, y) as the source of non-linearity, which has been already introduced in [40].…”

“…The tag's secret value in [7], also known to the server R 1 , R Rotation Operation, x ≪ wt(y) in [8] R 1 ⊕ K and β = R 2 ⊕ K, and sends (Query, α, β) to the tag. 2) step 2: T → R : {IDS, γ L }: Using its key K, the tag extracts R 1 and R 2 from received α and β.…”

“…: FIGURE 4: KUAJB authentication scheme proposed by [8] Because the attacker knows γ L in both cases, the value of ID ⊕ K will almost certainly leak, indicating a secret disclosure attack with the success probability of "1" and also the complexity of three runs of the protocol.…”

An Enhanced Authentication Protocol Suitable for Constrained RFID Systems

“…Among the security challenges in IoT, ensuring data privacy, authentication, authorization, and access control are critical [ 7 , 8 ]. Authentication, a fundamental security requirement, is especially challenging in smart home environments due to the resource-constrained nature of the devices [ 9 , 10 ].…”

Fortifying Smart Home Security: A Robust and Efficient User-Authentication Scheme to Counter Node Capture Attacks

Pseudonym revocation system for IoT-based medical applications