Biblio

As the core of the third information revolution, the Internet of things plays an important role in the development of the times. According to the relevant investigation and research, we can find that the research on the Internet of things is still in the stage of LAN and private network, and its open advantages have not been fully utilized[1]. In this context, RFID technology as the core technology of the Internet of things, the security protocol plays an important role in the normal use of the technology. With the continuous development of Internet information technology, the disadvantages of security protocol become more and more obvious. These problems seriously affect the popularity of Internet of things technology. Therefore, in the future work, the relevant staff need to continue to strengthen research, according to the future development plan, effectively play the advantages of technology, and further promote its development.

In recent years, the Internet of Things technology has developed rapidly. RFID technology, as an important branch of the Internet of Things technology, is widely used in logistics, medical, military and other fields. RFID technology not only brings convenience to people's production and life, but also hides many security problems. However, the current research on RFID technology mainly focuses on the technology application, and there are relatively few researches on its security analysis. This paper firstly studies the authentication mechanism and storage mechanism of RFID technology, then analyzes the common vulnerabilities of RFID, and finally gives the security protection suggestions.

Existing methods for home security monitoring depend on expensive custom battery-powered solutions. In this article, we present a battery-free solution that leverages any off-the-shelf passive radio frequency identification (RFID) tag for real-time entry detection. Sensor consists of a printed RFID antenna on paper, coupled to a magnetic reed switch and is affixed on the door. Opening of the door triggers the reed switch causing RFID signal transmission detected by any off-the-shelf passive RFID reader. This paper shows simulation and experimental results for such magnetically-actuated RFID (or magRFID) opening sensor.

Radio-frequency identification (RFID) has become a preferred technology for monitoring in industrial internet of things (IIoT) applications like supply chain, medical industry, vehicle tracking and warehouse monitoring where information is required continually. Typical security threats seen in these applications are denial of service (DOS) attack, transmission attack etc. We propose a novel edge data security schema based on spike modulation along with backscatter communication technique to modulate both sensor and identification (ID) information. It is observed that this data encoding schema works well even in a multi-tag single-reader environment. Further, it uses lower power and offers a low-cost solution for Industrial IoT applications.

Radio frequency identification wireless sensing technology widely adopted and developed from last decade and has been utilized for monitoring and autonomous identification of objects. However, wider utilization of RFID technologies has introduced challenges such as preserving security and privacy of sensitive data while maintaining the high quality of service. Thus, in this work, we will deliberately build up a RFID system by utilizing learning automata based multi agent intelligent system to greatly enhance and secure message transactions and to improve operational efficiency. The incorporation of these two advancements and technological developments will provide maximum benefit in terms of expertly and securely handle data in RFID scenario. In proposed work, learning automata inbuilt RFID tags or assumed players choose their optimal strategy via enlarging its own utility function to achieve long term benefit. This is possible if they transmit their utility securely to back end server and then correspondingly safely get new utility function from server to behave optimally in its environment. Hence, our proposed authentication protocol, expertly transfer utility from learning automata inbuilt tags to reader and then to server. Moreover, we verify the security and privacy of our proposed system by utilizing automatic formal prover Scyther tool.

In recent years, with the rapid development of Internet of things, RFID tags have been widely used, in due to the chip used in radio frequency identification (RFID) tags is more demanding for resources, which also brings a great threat to the safety performance of cryptographic algorithms in differential power analysis (DPA). For this purpose, it is necessary to study the LED lightweight cryptography algorithm of RFID tags in the Internet of things, so as to explore a lightweight and secure cryptographic algorithm which can be applied to RFID Tags. In this paper, through the combination of Piccolo cryptographic algorithm and the new DPA protection technology threshold, we propose a LED lightweight cryptographic algorithm which can be applied to the RFID tag of the Internet of things. With the help of improve d exhaustive search and Boolean expression reconstruction, the two methods share the implementation of the S -box and the InvS-box, thereby effectively solves the burr threat problem of the S-box and the InvS-box in the sharing implementation process, the security performance of the algorithm is evaluated by the DPA attack of FPGA. The results show that the algorithm can achieve lightweight and security performance at the same time, can effectively meet the light and security requirements of RFID tag chip of Internet of things for cryptographic algorithms.

The applications of Radio Frequency Identification (RFID) technology has been rapidly developed to be used in different fields that require automatic identification of objects and managing information. The advantage of employing RFID systems is to facilitate automatic identification of objects from distance without any interaction with tagged objects and without using a line of sight as compared with barcode. However, security and privacy constitute a challenge to RFID system as RFID systems use the wireless communication. Many researchers have introduced elliptical curve cryptographic (ECC) solutions to the security and privacy in RFID system as an ideal cryptosystem to be implemented with RFID technology. However, most of these solutions do not have provide adequate protection. Moreover, in terms of integrity and confidentiality level, most of these authentication protocols still vulnerable to some of security and privacy attacks. Based on these facts, this paper proposes a mutual authentication protocol that aims at enhancing an existing RFID authentication protocol that suffers from tracking attack and man-in-the-middle attack (MITM). The enhancement is accomplished by improving the security and privacy level against MITM, tracking attack and other related attacks. The proposed protocol is dependent on use the elliptical curve version of Schnorr identification protocol in combination with Keccak hash function. This combination leads to enhance the confidentiality and integrity level of the RFID authentication system and increase the privacy protection.

In this paper, we propose a novel PHY layer security technique in radio frequency identification (RFID) backscatter communications system. In order to protect the RFID tag information confidentiality from the eavesdroppers attacks, the proposed technique deploys beam steering (BS) using a one dimensional (1-D) antenna array in the tag side in addition to noise injection from the reader side. The performance analysis and simulation results show that the new technique outperforms the already-existing noise injection security technique and overcomes its design limitations.

With the continuous development of the Internet of Things, intelligent manufacturing has gradually entered the application stage, which urgently needs to solve the problem of information transmission security. In order to realize data security with transmission encryption, the UHF RFID tag based on domestic cryptographic algorithm SM7 is proposed. By writing the anti-counterfeiting authentication identification code when the tag leaves the factory, verifying the identification code when the tag is issued, and using the authentication code of the tag to participate in the sectoral key dispersion, the purpose of data security protection is achieved. Through this scheme, the security of tag information and transmission is guaranteed, and a new idea is provided for the follow-up large-scale extension of intelligent manufacturing.

The security problem of RFID system is a great potential security hazard in its application. Due to the limitation of hardware conditions, traditional public key cryptography can not be directly used in security mechanism. Compared with the traditional RSA public key cryptography, the elliptic curve cryptography has the advantages of shorter key, faster processing speed and smaller storage space, which is very suitable for use in the RFID system.

Smart Farming is driven by the emergence of precise positioning systems and Internet of Things technologies which have already enabled site-specific applications, sustainable resource management, and interconnected machinery. Nowadays, so-called Farm Management Information Systems (FMISs) enable farm-internal interconnection of agricultural machines and implements and, thereby, allow in-field data exchange and the orchestration of collaborative agricultural processes. Machine data is often directly logged during task execution. Moreover, interconnection of farms, agricultural contractors, and marketplaces ease the collaboration. However, current FMISs lack in security and particularly in user authentication. In this paper, we present a security architecture for a decentralized, manufacturer-independent, and open-source FMIS. Special attention is turned on the Radio Frequency Identification (RFID)-based continuous user authentication which greatly improves security and credibility of automated documentation, while at the same time preserves usability in practice.

The use of Knuth's Rule and Bayesian Blocks constant piecewise models for characterization of RFID traffic has been proposed already. This study presents an evaluation of the application of those two modeling techniques for various RFID traffic patterns. The data sets used in this study consist of time series of binned RFID command counts. More specifically., we compare the shape of several empirical plots of raw data sets we obtained from experimental RIFD readings., against the constant piecewise graphs produced as an output of the two modeling algorithms. One issue limiting the applicability of modeling techniques to RFID traffic is the fact that there are a large number of various RFID applications available. We consider this phenomenon to present the main motivation for this study. The general expectation is that the RFID traffic traces from different applications would be sequences with different histogram shapes. Therefore., no modeling technique could be considered universal for modeling the traffic from multiple RFID applications., without first evaluating its model performance for various traffic patterns. We postulate that differences in traffic patterns are present if the histograms of two different sets of RFID traces form visually different plot shapes.

Since radio frequency identification (RFID) technology has been used in various scenarios such as supply chain, access control system and credit card, tremendous efforts have been made to improve the authentication between tags and readers to prevent potential attacks. Though effective in certain circumstances, these existing methods usually require a server to maintain a database of identity related information for every tag, which makes the system vulnerable to the SQL injection attack and not suitable for distributed environment. To address these problems, we now propose a novel blockchain-based mutual authentication security protocol. In this new scheme, there is no need for the trusted third parties to provide security and privacy for the system. Authentication is executed as an unmodifiable transaction based on blockchain rather than database, which applies to distributed RFID systems with high security demand and relatively low real-time requirement. Analysis shows that our protocol is logically correct and can prevent multiple attacks.

In this time of ubiquitous computing and the evolution of the Internet of Things (IoT), the deployment and development of Radio Frequency Identification (RFID) is becoming more extensive. Proving the simultaneous presence of a group of RFID tagged objects is a practical need in many application areas within the IoT domain. Security, privacy, and efficiency are central issues when designing such a grouping-proof protocol. This work is motivated by our serial-dependent and Sundaresan et al.'s grouping-proof protocols. In this paper, we propose a light, improved offline protocol: parallel-dependency grouping-proof protocol (PDGPP). The protocol focuses on security, privacy, and efficiency. PDGPP tackles the challenges of including robust privacy mechanisms and accommodates missing tags. It is scalable and complies with EPC C1G2.

The RFID based communication between objects within the framework of IoT is potentially very efficient in terms of power requirements and system complexity. The new design incorporating the emerging chipless RFID tags has the potential to make the system more efficient and simple. However, these systems are prone to privacy and security risks and these challenges associated with such systems have not been addressed appropriately in the broader IoT framework. In this context, a lightweight collision free algorithm based on n-bit pseudo random number generator, X-OR hash function, and rotations for chipless RFID system is presented. The algorithm has been implemented on an 8-bit open-loop resonator based chipless RFID tag based system and is validated using BASYS 2 FPGA board based platform. The proposed scheme has been shown to possess security against various attacks such as Denial of Service (DoS), tag/reader anonymity, and tag impersonation.

In the context of emerging applications such as IoT, an RFID framework that can dynamically incorporate, identify, and seamlessly regulate the RFID tags is considered exciting. Earlier RFID frameworks developed using the older web technologies were limited in their ability to provide complete information about the RFID tags and their respective locations. However, the new and emerging web technologies have transformed this scenario and now framework can be developed to include all the required flexibility and security for seamless applications such as monitoring of RFID tags. This paper revisits and proposes a generic scenario of an RFID framework built using latest web technology and demonstrates its ability to customize using an application for tracking of personal user objects. This has been shown that the framework based on newer web technologies can be indeed robust, uniform, unified, and integrated.

The RFID technology is now widely used and combined with everyday life. RFID Tag is a wireless device used to identify individuals and objects, in fact, it is a combination of the chip and antenna that sends the necessary information to an RFID Reader. On the other hand, an RFID Reader converts received radio waves into digital information and then provides facilities such as sending data to the computer and processing them. Radio frequency identification is a comprehensive processing technology that has led to a revolution in industry and medicine as an alternative to commercial barcodes. RFID Tag is used to tracking commodities and personal assets in the chain stores and even the human body and medical science. However, security and privacy problems have not yet been solved satisfactorily. There are many technical and economic challenges in this direction. In this paper, some of the latest technical research on privacy and security problems has been investigated in radio-frequency identification and security bit method, and it has been shown that in order to achieve this level of individual security, multiple technologies of RFID security development should combine with each other. These solutions should be cheap, efficient, reliable, flexible and long-term.

This paper presents a survey on the main security problems that affect the communication protocols in the context of Internet of Things, in order to identify possible threats and vulnerabilities. The protocols RFID, NFC, 6LoWPAN, 6TiSCH, DTSL, CoAP and MQTT, for a better organization, were explored and categorized in layers according to the TCP / IP reference model. At the end, a summary is presented in tabular form with the security modes used for each protocol is used.

To protect the security of IoT devices, Tewari and Gupta proposed an ultralightweight mutual-authentication protocol for an RFID system. In the protocol, only two simple bitwise operations (XOR and rotation) are used to achieve two-pass mutual authentication. Although the protocol is efficient, we observe that the protocol has a security vulnerability. This security weakness could cause the leaking of all secrets in RFID tags. Compared with other researches that also proposed attacks for Tewari and Gupta's protocol, our attack needs less time and smaller space complexity to implement. The time complexity of our attack is O(1), and the attack can successfully crack the protocol with 100% probability.

Passive radio frequency identification (RFID) tags are ubiquitous today due to their low cost (a few cents), relatively long communication range (\$$\backslash$sim\$7-11\textasciitildem), ease of deployment, lack of battery, and small form factor. Hence, they are an attractive foundation for environmental sensing. Although RFID-based sensors have been studied in the research literature and are also available commercially, manufacturing them has been a technically-challenging task that is typically undertaken only by experienced researchers. In this paper, we show how even hobbyists can transform commodity RFID tags into sensors by physically altering (`hacking') them using COTS sensors, a pair of scissors, and clear adhesive tape. Importantly, this requires no change to commercial RFID readers. We also propose a new legacy-compatible tag reading protocol called Differential Minimum Response Threshold (DMRT) that is robust to the changes in an RF environment. To validate our vision, we develop RFID-based sensors for illuminance, temperature, touch, and gestures. We believe that our approach has the potential to open up the field of batteryless backscatter-based RFID sensing to the research community, making it an exciting area for future work.

We provide the first solution to an important question, "how a physical-layer RFID authentication method can defend against signal replay attacks". It was believed that if the attacker has a device that can replay the exact same reply signal of a legitimate tag, any physical-layer authentication method will fail. This paper presents Hu-Fu, the first physical layer RFID authentication protocol that is resilient to the major attacks including tag counterfeiting, signal replay, signal compensation, and brute-force feature reply. Hu-Fu is built on two fundamental ideas, namely inductive coupling of two tags and signal randomization. Hu-Fu does not require any hardware or protocol modification on COTS passive tags and can be implemented with COTS devices. We implement a prototype of Hu-Fu and demonstrate that it is accurate and robust to device diversity and environmental changes.

Over the past few decades, radio frequency identification (RFID) technology has been an important factor in securing products along the agri-food supply chain. However, there still exist security vulnerabilities when registering products to a specific RFID tag, particularly regarding the ease at which tags can be cloned. In this paper, a potential attack, labeled the "Hilt Shao attack", is identified which could occur during the initial phases of product registration, and demonstrate the type of attack using UID and CUID tags. Furthermore, a system is proposed using blockchain technology in order for the attacker to hide the cloned tag information. Results show that this attack, if carried out, can negate the profits of distributors along the supply chain, and negatively affect the consumer.

Some lattice-based public key cryptosystems allow one to transform ciphertext from one lattice or ring representation to another efficiently and without knowledge of public and private keys. In this work we explore this lattice transformation property from cryptographic engineering viewpoint. We apply ciphertext transformation to compress Ring-LWE ciphertexts and to enable efficient decryption on an ultra-lightweight implementation targets such as Internet of Things, Smart Cards, and RFID applications. Significantly, this can be done without modifying the original encryption procedure or its security parameters. Such flexibility is unique to lattice-based cryptography and may find additional, unique real-life applications. Ciphertext compression can significantly increase the probability of decryption errors. We show that the frequency of such errors can be analyzed, measured and used to derive precise failure bounds for n-bit error correction. We introduce XECC, a fast multi-error correcting code that allows constant time implementation in software. We use these tools to construct and explore TRUNC8, a concrete Ring-LWE encryption and authentication system. We analyze its implementation, security, and performance. We show that our lattice compression technique reduces ciphertext size by more than 40% at equivalent security level, while also enabling public key cryptography on previously unreachable ultra-lightweight platforms. The experimental public key encryption and authentication system has been implemented on an 8-bit AVR target, where it easily outperforms elliptic curve and RSA-based proposals at similar security level. Similar results have been obtained with a Cortex M0 implementation. The new decryption code requires only a fraction of the software footprint of previous Ring-LWE implementations with the same encryption parameters, and is well suited for hardware implementation.

This research aims to design a hardware random number generator running on wireless identification and sensing platform (WISP), which is a lightweight Internet of things device. The accelerometer sensor on WISP is used as the entropy source. This entropy source is post-processed with de-biasing and extraction methods to provide more uniformly distributed results that can be used in the authentication protocols between a radio frequency identification (RFID) tag and an RFID reader. The obtained random number outputs are tested using the well-known NIST random number test suite. It is seen that the numbers pass all the tests in the NIST randomness test suite.

The Radio Frequency Identification (RFID), as one of the key technologies in sensing layer of the Internet of Things (IoT) framework, has increasingly been deployed in a wide variety of application domains. But the reliability of RFID is still a great concern. This article introduces the group management of RFID passwords method, come up with by YUICHI KOBAYASHI and other researchers, which aimed to reduce the risk of privacy disclosure. But for reason that the password and pass key in the method, which are set to protect the ID, doesn't change and the ID is transmitted directly in the unsafe channel, it causes serious vulnerabilities that may be used by resourceful adversary. Thus, we proposed an improved method by using the random number to encrypt the password and switching the password into the temporally valid information. Besides, the protocol encrypts the ID during to avoid the direct transmission situation significantly increases the reliability.