Title: Enhanced secure low-level reader protocol based on session key update mechanism for RFID in IoT

Authors: Jun Yang; Pengpeng Yang; Ziyue Wang; Jianbin Li

Addresses: School of Computer Science and Technology, Beijing University of Posts and Telecommunications, Beijing 100876, China; National Engineering Laboratory for Mobile Network Security, Beijing 100876, China ' School of Computer Science and Technology, Beijing University of Posts and Telecommunications, Beijing 100876, China; National Engineering Laboratory for Mobile Network Security, Beijing 100876, China ' School of Computer Science and Technology, Beijing University of Posts and Telecommunications, Beijing 100876, China; National Engineering Laboratory for Mobile Network Security, Beijing 100876, China ' Research Institute of Information Security and Big Data, Central South University, Changsha, Hunan 410083, China

Abstract: Radio Frequency Identification (RFID) is at the core of the IoT (Internet-of-Things) technology. The security risks associated with RFID are also accompanied by a growing number of advantages. This paper focuses on the security of the Low Level Reader Protocol (LLRP) released by EPCglobal and designs an enhanced secure mechanism for LLRP that consists of the handshake protocol of the authentication and session key update protocols. The encryption is applied to the communication of the entire LLRP protocol; therefore, the session key should be regularly updated. Because the requirements for session key update are different under different scenarios, a two-round key update protocol and a four-round key update protocol are designed to ensure the security of the protocol. Two types of key update methods with different difficulty coefficients are developed to meet practical requirements. This paper concludes with a performance evaluation of the mechanism.

Keywords: IoT; internet of things; RFID; radio frequency identification; LLRP security; handshake protocol; session key update; low-level reader protocol; authentication; encryption; cryptography.

DOI: 10.1504/IJWGS.2017.083386

International Journal of Web and Grid Services, 2017 Vol.13 No.2, pp.207 - 227

Published online: 25 Mar 2017 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article