IEEE Open Journal of the Computer Society (Jan 2024)
ECC-PDGPP: ECC-Based Parallel Dependency RFID-Grouping-Proof Protocol Using Zero-Knowledge Property in the Internet of Things Environment
Abstract
Radio Frequency Identification (RFID) promotes the fundamental tracking procedure of the Internet of Things (IoT) network due to its autonomous data collection as well as transfer incurring low costs. To overcome the insecure exchange of tracking data and to prevent unauthorized access, parallel dependency RFID grouping-proof protocol is applied by the reader to authenticate tags simultaneously. However, conventional grouping-proof authentication schemes are not sufficient for the memory constraint RFID tags due to the recurrent utilization of a 128-bit PRNG (Pseudo Random Number Generator) function. Alternatively, the existing parallel-dependency grouping-proof schemes are not able to overcome numerous limitations regarding session establishment, efficient key management, and multicast message communication within the specified group. In this research, a lightweight, secure, and efficient communication protocol is proposed to overcome the aforementioned limitations using Elliptic Curve Cryptography (ECC) and Zero-Knowledge property to establish a session key among the participated tags, reader, and remote server. The proposed scheme can work in offline mode. The proposed ECC-based parallel dependency grouping-proof scheme is referred to as ECC-PDGPP which abides by the rules of the EPC class-1 gen-2 (C1 G2) standard of RFID tags. Finally, the proposed protocol is analyzed using a formal random oracle model and simulated using a well-known AVISPA simulation tool that shows the proposed scheme is well protected against all potential security threats.
Keywords