Providing health care was far simpler than it is today. But, advent of legislation,
technology and reimbursement charges has forced the entire healthcare system to shift
the way care is provided. However, there are opportunities to improve patient expe-
rience. Historically, physicians did not have access to a holistic view of the patients’
health so they were forced to make treatment decisions, with limited or partial data.
Soon the trend shifted from this to Electronic Medical Records (EMR) by which it is
possible to collect complete medical records of a patient. When data from such EMR
systems and consumer wearables are merged, it is possible to organize and process data
beyond typical clinical scenarios. At the same time, advances in technology provided
new and low cost ways to detect diseases. When all these combine, the pa tients and
physicians benefit from more comprehensive views of patient health and treatment
progress enabling physicians to more accurately adjust treatments. Hospitals may not
have the resources to monitor everyone and people with such resources cannot monitor
themselves. Meanwhile, funding constraints depend on optimization solutions to
effectively and efficiently distribute and manage equipment. So, facilities need to rely
on pervasive technologies like passive RFID tags to supplement monitoring and
management efforts.
The RFID Implant System mentioned in the proposed work is a resource con-
strained system which has three main compo nents – Implantable RFID tag which is a
passive tag (almost the size of a rice grain) implanted into the patient’s body, RFID
Reader which communicates with both the tag and the back-en d server, and a Back-end
server which stores the information about the patient. The communication channel
between the reader and the back end server is secure. But, the wireless communication
channel between the reader and the tag is found to be insecure and hence, may be
vulnerable to attacks like unauthorize d location tracking, eavesdropping attack,
impersonation attack, replay attack etc. Hence, both the tag and the reader must be
assured that the other end is legitimate. In the healthcare scenario, providing robust and
secure data communication is crucial so, the authentication of tag by reader is just not
enough because the information about a particular patient, which the tag shares with the
reader, is highly sensiti ve. So before sharing such sensitive data, the tag must make
sure that the reader is legitimate. For this, a two way authentication or mutual
authentication mechanism between the tag and the reader is essential. Hence in this
work, we propose a mutual authentication mechanism to authenticate the communi-
cation between, RFID Reader and the RFID Tag.
As mentioned before, RFID Implant System is a resource constrained system since,
the implanted RFID tag has only very less processing power. Hence, it requires efficient
and optimized security solutions. The mutual authentication based on elliptic curve
cryptography (ECC) or non-ECC mechanisms so far implemented for RFID systems in
general are not adequately optimized to operate in resource constrained environments.
So, in this work, we combine the concepts of Hyper-elliptic curves (HECC) and
D-Quark hash algorithm to formulate an optimized and efficient mechanism for mutual
authentication of RFID Reader and Tag.
The remainder of this paper is organized as follows: Sect. 2 provides an overview
of related work and literature. Section 3 presents the proposed HECC-based mutual
authentication scheme for the RFID implant systems. Section 4 provides a co mpre-
hensive security and computational performance analysis of our scheme. In this
Mutual Authentication Based on HECC for RFID Implant Systems 19