A Secure RFID Application Revocation Scheme for IoT

Abstract

Radio Frequency Identification (RFID) plays a crucial role in IoT development. With the extensive use of RFID, the fact that a single RFID tag integrates multiple applications has become a mainstream. To facilitate users to use the multi-application RFID tag and revoke some applications in the tag securely and efficiently, a secure RFID application revocation scheme is proposed in this paper. In the scheme, each response for the challenge between tag and reader is different, and a group has the feature of many tags. Even if the group index number and corresponding group are revealed, a specific tag does not be precisely found and tracked. Users are anonymous completely. The scheme also allows users to set the validity period for an application or some applications. If the application contains the validity period and expires, the server will remove the validity period and revoke the application automatically in the tag when the RFID tag accesses server again. The proposed scheme cannot only be used in multi-application RFID tag but also be used in one-application RFID tag. Furthermore, compared with other existing schemes, the scheme provides a higher level of security and has an advantage of performance. Our scheme has the ability of mutual authentication and Anti-replay by adding a random number r₂, and it is easy to against synchronization attack. Security proof is given in our paper and performance advantage are mainly reflected in the following points such as forward security, synchronization, storage complexity, computational complexity, etc. Finally, the proposed scheme can be used in multi-application RFID tag to promote the development of the IoT.