A Lightweight Authentication Scheme for Cloud-Based RFID Healthcare Systems

Cloud-based RFID provides a new solution for the smart healthcare environment, and cloudbased RFID healthcare systems have many advantages over traditional healthcare systems, such as efficient medical assets management and medical information sharing. However, in the cloudbased RFID healthcare system, the untrusted cloud server manages private medical information, and these private data are transmitted on the public wireless channel, which exposes them to a high risk of leakage. Furthermore, attacks on the system may lead to serious consequences. Assuming a tag is implanted in an artificial organ and doctors use readers to monitor and control it, an attacker's tampering with these data may pose a risk to the life of this patient. Thus, privacy and security issues need to be considered in the cloud-based RFID healthcare environment. In this article, we propose a lightweight authentication scheme based on quadratic reSIDuals and pseudo random number generator to guarantee the security of the cloud-based RFID healthcare system. It ensures data privacy and is resistant to typical attacks in mobile communication. Compared to other RFID authentication schemes, the proposed scheme provides strong security with fewer resources, thereby achieving a compromise between costs and security requirements of the smart healthcare system.