A Novel Security Authentication Protocol Based on Physical Unclonable Function for RFID Healthcare Systems

The Radio Frequency Identification (RFID) technology has been integrated into healthcare systems for the purpose of improving healthcare management. However, people have concerns about the security and privacy of this kind of RFID systems. In order to solve the security problems faced by RFID-based healthcare systems, a novel security authentication protocol based on Physical Unclonable Function (PUF) and Advanced Encryption Standard (AES) encryption algorithm is designed. The protocol uses PUF technology to output unique and random responses to different excitation inputs, encrypts the authentication information sent by the tag, and uses the AES encryption algorithm to encrypt the authentication information between the cloud database and the reader. At the same time, in the authentication process, once the communicating entity completes the identity authentication of the other two entities, it immediately starts to update the key. The security analysis and formal analysis of BAN (proposed by Burrows et al.) logic prove the security and correctness of the protocol. Analysis results show that the computation cost and security performance of the proposed protocol are better than the compared protocols. Our findings will contribute to further enhancing the security for RFID healthcare systems.