Lightweight, ECC based RFID Authentication Scheme for WLAN

Lightweight, ECC based RFID Authentication Scheme for WLAN

Amit Kumar (Department of Computer Science and Engineering, Indian School of Mines, Dhanbad, India) and Hari Om (Department of Computer Science and Engineering, Indian School of Mines, Dhanbad, India)
DOI: 10.4018/IJBDCN.2016070106

Abstract

Wireless local area networks (WLANs), like IEEE 802.11, are right now very common in numerous outdoor or indoor environments for providing wireless communication among WiFi-enabled devices by accessing an Access Point (infrastructure mode) or through peer to peer connections (ad hoc mode). Authentication is one among the most primary research challenges for the realization of the envisioned mobile and wireless Internet. This is mainly due to the latency delay introduced during the authentication process, which are of major concern for real-time applications and media streaming application. In the same way, it is also crucial for WLANs to authenticate clients and build secure channels with them. In the historical researches, the traditional authentication mechanisms frequently adopted the names and passwords of clients as login authentication. However, these Single Factor Authentication mechanisms are proved to be defective. In virtue of enhancing security, recent researches on authentication are built on Two-Factor authentication schemes. In this paper, the authors proposed a two factor, lightweight RFID authentication scheme based on elliptic curve cryptography (ECC) for WLAN. The analytic comparison demonstrates the research not just reduces the expense of proposed authentication schemes, yet gives security similarly as smart card technology. In addition, the performance of the proposed authentication scheme will analyze in terms of computational cost, communications cost, and storage cost.
Article Preview

1. Introduction

To provide clients with comfort brought by portability, recent wireless network technology accomplish development and the establishment and usage of Wireless Local Area Network become universal furthermore. Before giving services, network system demands that clients should finish the authentication method in order to verify the resources are appropriately utilized. Authentication is the method of checking client’ identities when they want to access resources from WLAN. Normally, a client provides his authentication element to the authentication server (AS), and afterwards the AS checks them. If the factors are right, the client is approved to gain the access right to the resources provided by the AS, and the AS produces a session-key material that is shared with the client. Essentially, it is likewise critical for WLANs to authenticate clients and build secure channels with them. IEEE 802.11 (Anirudh et la., 2006), the most broadly used standard, contains definitions for the operations of WLANs. The original design in the standard gives just some essential authentication techniques, for example, pre-shared key establishment and password verification implemented between a client and the AS, called Wired Equivalent Privacy (WEP) (Zhao, 2007). WEP is not secure in light of the fact that an attacker can acquire unapproved access during intercepted messages. The security of IEEE 802.11 was later corrected to include Wi-Fi Protected Access (WPA) and WPA2 (Pacheco de Carvalho et al., 2013). WLAN based on 802.11 standards are vulnerable to attack if weak encryption key or no authentication is used. Additionally, man-in-the-middle (MiM) attack becomes a more distress for clients and owners in WLAN. Several kinds of attacks have been reported and been studied extensively by analysts around the world. While attempts are continuously being created to deal with the security problems in the later forms of 802.11, security of WLAN remains demanding. The traditional authentication techniques normally use the names and passwords of clients as login authentication. On the other hand, these Single Factor authentication techniques are proven to be imperfect. In virtue of improving security, recent researches on authentication are built on Two-Factor authentication schemes. To handle above issues, we will introduce a Radio Frequency Identification (RFID) (Guo et al., 2011) secure authentication technique in WLAN in this paper. The proposal applies the low-cost passive RFID tag along with the names and passwords of clients as login identification, and proceeds without secure channel assumption. Through analytic examination, this research not just solely decreases the expense of Two-Factor Authentication schemes, still, provides security similarly as smart cards. The radio frequency identification (RFID) is an innovation that enables the non-contact, automatic and unique identification of objects using radio waves so that it is regarded as the quality alternative of the conventional barcode technology (Juels, 2006). The RFID technology has been adopted in a broad variety of industries and being more and more utilized as a part of numerous area, for example, supply chain management, industrial manufacturing management, e-passports, stock control management and so forth. In this paper, a new elliptic curve cryptography (ECC) (He et al., 2014) based RFID authentication scheme is presented that removes security problems of existing authentication schemes while requiring lower computation cost and low communicational cost. Our primary necessity comprises in giving an ECC based RFID authentication to manage who connects to the WLAN. A secure channel should be set up on every link on a client basis. The corresponding authentication policy will have to make certain security level and should consider client credentials renewal and strength.

Complete Article List

Search this Journal:
Reset
Open Access Articles: Forthcoming
Volume 15: 2 Issues (2019): Forthcoming, Available for Pre-Order
Volume 14: 2 Issues (2018)
Volume 13: 2 Issues (2017)
Volume 12: 2 Issues (2016)
Volume 11: 2 Issues (2015)
Volume 10: 4 Issues (2014)
Volume 9: 4 Issues (2013)
Volume 8: 4 Issues (2012)
Volume 7: 4 Issues (2011)
Volume 6: 4 Issues (2010)
Volume 5: 4 Issues (2009)
Volume 4: 4 Issues (2008)
Volume 3: 4 Issues (2007)
Volume 2: 4 Issues (2006)
Volume 1: 4 Issues (2005)
View Complete Journal Contents Listing