The Rise of Passive RFID RTLS Solutions in Industry 5.0.

In today's competitive landscape, manufacturing companies must embrace digital transformation. This study asserts that integrating Internet of Things (IoT) technologies for the deployment of real-time location systems (RTLS) is crucial for better monitoring of critical assets. Despite the challenge of selecting the right technology for specific needs from a wide range of indoor RTLS options, this study provides a solution to assist manufacturing companies in exploring and implementing IoT technologies for their RTLS needs. The current academic literature has not adequately addressed this industrial reality. This paper assesses the potential of Passive UHF RFID-RTLS in Industry 5.0, addressing the confusion caused by the emergence of new 'passive' RFID solutions that compete with established 'active' solutions. Our research aims to clarify the real-world performance of passive RTLS solutions and propose an updated classification of RTLS systems in the academic literature. We have thoroughly reviewed both the academic and industry literature to remain up to date with the latest market advancements. Passive UHF RFID has been proven to be a valuable addition to the RTLS domain, capable of addressing certain challenges. This has been demonstrated through the successful implementation in two industrial sites, each with different types of tagged objects.

Designing secure PUF-based authentication protocols for constrained environments.

Physical Unclonable Functions (PUFs) are widely used in cryptographic authentication and key-agreement protocols due to their unique physical properties. This article presents a comprehensive cryptanalysis of two recently developed authentication protocols, namely PLAKE and EV-PUF, both relying on PUFs. Our analysis reveals significant vulnerabilities in these protocols, including susceptibility to impersonation and key leakage attacks, which pose serious threats to the security of the underlying systems. In the case of PLAKE, we propose an attack that can extract the shared secret key with negligible complexity by eavesdropping on consecutive protocol sessions. Similarly, we demonstrate an efficient attack against EV-PUF that enables the determination of the shared key between specific entities. Furthermore, we highlight the potential for a single compromised client in the EV-PUF protocol to compromise the security of the entire network, leaving it vulnerable to pandemic attacks. These findings underscore the critical importance of careful design and rigorous evaluation when developing PUF-based authentication protocols. To address the identified vulnerabilities, we present an improved PUF-based authentication protocol that ensures robust security against all the attacks described in the context of PLAKE and EV-PUF. Through this research, we contribute to the field by exposing vulnerabilities in existing PUF-based authentication protocols and offering an improved protocol that enhances security and safeguards against various attack vectors. This work serves as a valuable reference for researchers and practitioners involved in the design and implementation of secure authentication schemes for IoT systems and dynamic charging systems for electric vehicles.

ECG Identification Based on the Gramian Angular Field and Tested with Individuals in Resting and Activity States.

In the last decade, biosignals have attracted the attention of many researchers when designing novel biometrics systems. Many of these works use cardiac signals and their representation as electrocardiograms (ECGs). Nowadays, these solutions are even more realistic since we can acquire reliable ECG records by using wearable devices. This paper moves in that direction and proposes a novel approach for an ECG identification system. For that, we transform the ECG recordings into Gramian Angular Field (GAF) images, a time series encoding technique well-known in other domains but not very common with biosignals. Specifically, the time series is transformed using polar coordinates, and then, the cosine sum of the angles is computed for each pair of points. We present a proof-of-concept identification system built on a tuned VGG19 convolutional neural network using this approach. We confirm our proposal's feasibility through experimentation using two well-known public datasets: MIT-BIH Normal Sinus Rhythm Database (subjects at a resting state) and ECG-GUDB (individuals under four specific activities). In both scenarios, the identification system reaches an accuracy of 91%, and the False Acceptance Rate (FAR) is eight times higher than the False Rejection Rate (FRR).

IoT in medical & pharmaceutical: Designing lightweight RFID security protocols for ensuring supply chain integrity.

Nowadays the sharing of trade in counterfeit and pirated goods is constantly growing and fake products are found in a large number of industries - particularly pharmaceuticals, food, and medical equipment - that can pose serious health and safety risks. With the intention of avoiding any loss of client confidence and any disclosure of sensitive information, Internet of Things (IoT) solutions are increasingly used to fulfill this need for a reliable and secure infrastructure in medical & pharmaceutical industry. When looking at the technologies used to identify products and packaging, balancing security and hardware limitations is often a difficult task and using cost-effective techniques such as bit-oriented lightweight functions is a challenge. In this study, we first assess the security level of a recently proposed protocol and prove its vulnerabilities, due to a lack of complexity in bit-oriented functions. Then, to address these exposed flaws, a lightweight improved protocol based on Authenticated Encryption (AE) cryptosystems is presented. Security analysis results demonstrate that weaknesses of previous efforts have all been adequately addressed; additionally, the improved protocol has a robust security posture in terms of confidentiality and integrity. Moreover, FPGA and ASIC simulations are carried out using five different AE schemes from CAESAR competition to develop three use-cases, in whose best scenario the proposed tag has 731 LUT and needs 3335 gates for the security module.

IoT Device Security: Challenging "A Lightweight RFID Mutual Authentication Protocol Based on Physical Unclonable Function".

With the exponential increase of Internet of things (IoT) connected devices, important security risks are raised as any device could be used as an attack channel. This preoccupation is particularly important with devices featuring limited processing power and memory capabilities for security purposes. In line with this idea, Xu et al. (2018) proposed a lightweight Radio Frequency Identification (RFID) mutual authentication protocol based on Physical Unclonable Function (PUF)-ensuring mutual tag-reader verification and preventing clone attacks. While Xu et al. claim that their security protocol is efficient to protect RFID systems, we found it still vulnerable to a desynchronization attack and to a secret disclosure attack. Hence, guidelines for the improvements to the protocol are also suggested, for instance by changing the structure of the messages to avoid trivial attacks. In addition, we provide an explicit protocol for which our formal and informal security analysis have found no weaknesses.

A note on the security of IS-RFID, an inpatient medication safety.

OBJECTIVE: In this paper we investigate the security level of a comprehensive RFID solution to enhance inpatient medication safety, named IS-RFID, which has been recently proposed by Peris-Lopez et al. METHOD: We analyses the security of the protocol against the known attacks in the context. The main target of this paper is to determine whether the new protocol provides the confidentiality property, which is expected to be provided by such a protocol. RESULTS: It was found that IS-RFID has critical weaknesses. The presented security investigations show that a passive adversary can retrieve secret parameters of patient's tag in cost of O(2(16)) off-line PRNG evaluations. Given the tag's secret parameters, any security claims are ruined. CONCLUSIONS: In this paper we presented an efficient passive secret disclosure attack which retrieves the main secret parameters related to the patient which shows that IS-RFID may put the patient safety on risk. The proposed attacking technique is in light of two vulnerabilities of the protocol: (1) the short length of the used PRNG, which is urged by the target technology, EPC C1 Gen2 ; (2) the message-generating mechanism utilizing PRNG was not carefully scrutinized. While the later point can be fixed by careful designing of the transferred messages between the protocol's party, the earlier point, i.e., the short length of the available PRNG for EPC C1 Gen2 tags, is a limitation which is forced by the technology. In addition, over the last years, schemes based solely on using simple operations or short PRNG (such as IS-RFID) have been shown to offer very low or no security at all. Recent advances in lightweight ciphers, such as PRESENT or Grain , seem a much more appropriate solution rather than relying on short PRNGs. However, such solutions breaks the EPC C1 Gen2 compatibility.

On the designing of a tamper resistant prescription RFID access control system.

Recently, Chen et al. have proposed a novel tamper resistant prescription RFID access control system, published in the Journal of Medical Systems. In this paper we consider the security of the proposed protocol and identify some existing weaknesses. The main attack is a reader impersonation attack which allows an active adversary to impersonate a legitimate doctor, e.g. the patient's doctor, to access the patient's tag and change the patient prescription. The presented attack is quite efficient. To impersonate a doctor, the adversary should eavesdrop one session between the doctor and the patient's tag and then she can impersonate the doctor with the success probability of '1'. In addition, we present efficient reader-tag to back-end database impersonation, de-synchronization and traceability attacks against the protocol. Finally, we propose an improved version of protocol which is more efficient compared to the original protocol while provides the desired security against the presented attacks.