Secured authentication of radio-frequency identification system using PRESENT block cipher

ABSTRACT

light-weight algorithm-based RFID MA protocol using physical unclonable function (PUF). The design includes tag identification, mutual authentication, and the updation process. The light-weight algorithm provides a detailed verification process for the single RFID-tag. The tag identifies the reader identified the Tag information in the tag identification process. The RFID-tag and reader are mutually authenticated in the MA process. The new key is updated to verify the tag and reader process in the updation stage. The work analyzes the computational and storage cost of RFID tags and reader. Ibrahim and Dalkılıç [20] present advanced encryption standards (AES) and ECC algorithms based on MA protocol designed for RFID systems and proved on wireless identification and sensing platform (WISP). The work includes the AES and ECC algorithms incorporated into the RFID tag-reader process. The results are discussed for communication cost and response time with comparison. Naeem et al. [21] explain the ECC-based scalable RFID-MA protocol for the IoT environment. The work suggests and corrects the scalability problems. The protocol describes the initialization and authentication process in detail using ECC. The results also check with the BAN logic process for authentication proof.

LIGHT-WEIGHT PRESENT-80/128/256 ALGORITHMS
In this work, the lightweight PRESENT block cipher is designed with different key sizes like 80-bit, 128-bit, and 256-bit. The PRESENT cipher is simple, easy to design, and uses arithmetic-logical and shifting operations to construct the hardware architecture. The PRESENT-algorithm mainly performs three operations: i) encryption, ii) decryption, and iii) key updation unit (KUU) operations. The PRESENT encryption/decryption operation processes parallel with KUU, reducing computational complexity and chip area utilization. The list of abbreviations used in this work is tabulated in Table 1.

PRESENT-80/128/256 encryption operation
The PRESENT algorithm is a block cipher light-weight cryptographic algorithm that works with 64-bit data size and variable keys (80/128). In this work, the 256-bit key operation is considered additionally for both PRESENT encryption/decryption operations to strengthen the security in IoT devices. The PRESENT-80/128/256 algorithm uses 32 rounds for either encryption or decryption. The PRESENT architecture is designed in a reconfigurable manner to support 16 or 64 rounds of operations for both encryption/decryption operations. The PRESENT-80/128/256 design process is represented in algorithm 1.
The algorithm mainly has three stages of operations: initialization stage, round operation, key process operation in parallel, and output stage. The PRESENT encryption process has 64-bit input text (IT), 80/128/256-bit key (K), and control signals like load (ld) and key load (kld) at the input side. The 64-bit cipher text (CT), 80/128/256-bit updated_key (U_K), is obtained at the output side.
First, initialize the registers (64-bit State, 80/128/256-bit Key_Reg) by performing the reset (rst) operation. If the load (ld) is activated, then consider input text (IT); else, permutation layer output (PL_out) as state output. Similarly, If the key load (kld) is activated, then consider key (K); else, updated key register output (UKR_out) as key register (Key_Reg) output. In the next stage, perform round operations that contain XOR, S-BOX, and permutation layer operations. The 5-bit round counter (R_C) counts the number of rounds. First, complete the XOR operation of the state register with Key_Reg and store the results in Sbox_in. The SBOX operation followed by the permutation layer (PL_out) operation is performed to generate each round operation output. After the 31 st round, The R_C is reset to zero. Similarly, the key

PRESENT-80/128/256 decryption operation
The PRESENT-80/128/256 decryption process is the same as the encryption process with few changes. The inverse SBOX and inverse Permutation layer operations are used around the operation and inverse key updation unit (IKUU) operation. After the 31 st round, the State register generates the 64-bit output text (OT), and the inverse key register generates the 80/128/256-bit inverse updated_key register (IUKR_out) output.

PRESENT-80/128/256 key updation operation
The PRESENT-256 key updation operation is represented in algorithm 2. The key updation unit (KUU) and inverse KUU (IKUU) are used for encryption and decryption. For the PRESENT-256 encryption algorithm, initially, the key register (Key_Reg) performs a left shift operation 195 times, stores the results in the temporary register (K_S), and then processes the key updation operation. In the updation process, perform XOR operation for 5-bit round counter (

PRESENT-80/128/256 at ECB mode
The electronic codebook (ECB) mode is one of the block cipher modes to provide confidentiality by performing encryption or decryption of one fixed-length block. The ECB mode offers the simplest form of encryption by dividing the input text into blocks, and each block performs encryption or decryption separately. The PRESENT-80/128/256 algorithm at ECB mode performs mutual authentication between Tag and Reader for IoT-based RFID systems. At EBC mode, The PRESENT -80/128/256 algorithm consists of two 64-bit Input Text (IT1, IT2), 80/128/256-bit Key (K) at the input side, and two 64-bit cipher texts (CT1, CT 2 ), 64-bit Output Text (OT 1 , OT 2 ) at the output side. The PRESENT 80/128/256 algorithm performs the encryption (ENC) and decryption (DEC) at ECB mode as in (1) and (2), respectively. The two times of PRESENT-80/128/256 encryption or decryption are performed parallel to generate corresponding ciphertexts or output texts. :

SECURED AUTHENTICATION OF IoT-BASED RFID SYSTEM
The RFID system is the default option in most cases to communicate between two or more IoT devices. The secured authentication is established mutually between RFID tag and reader using light-weight PRESENT-80/128/256 cipher for IoT-based system. The secured authentication is specified in two stages: i) tag recognition from reader and ii) secured mutual authentication between tag and reader using a PRESENT cipher.
In the 1 st stage, the reader requests the tag for communication establishment. The tag module will not accept the reader easily and generates the identification data using a random number. The tag module performs PRESENT encryption for identification data and sends the encrypted form data to the reader module. The reader module performs a PRESENT decryption operation and generates the reader's data. If the reader's data and identification data match, then the tag module is recognized from the reader module.
The secured authentication (SA) between tag and reader is performed for the IoT-based RFID system, represented in Figure 1 and algorithm 3. The SA operation is processed only after verifying the tag from reader. The SA of an IoT-based RFID system mainly contains an 80/128/256-bit key at the input side and 1-bit reader authentication (R_A), tag authentication (T_A) signals outside. Define the 64-bit three random numbers (R1, R2, and R3) to process tag and reader SA operation. The reader sends a communication request for the tag module. The tag responds with a Random number (R1). The reader receives the R1 and uses one more random number (R2) to create a challenge operation (Ch1,2) by performing the PRESENT-80/128/256 decryption operation.
The tag module performs the PRESENT-80/128/256 encryption operation using the challenge data (Ch1,2) and generates the tag challenge data (Tag_Ch1,2). If the Tag_Ch2 equals the R1 data, the reader is authenticated successfully. The tag is ready to respond to the reader by performing PRESENT-80/128/256 encryption operation with Tag_Ch1 and R1 and storing the results as RS1,2. The reader starts performing the PRESENT-80/128/256 decryption operation using RS1,2 and stores the results as RR1,2. If the RR1 equals the R2 data, the tag is authenticated successfully. Once both the tag and reader are authenticated, then mutual communication is established for further communication.

RESULTS AND DISCUSSION
The secure authentication (SA) of IoT-based RFID system results is analyzed in this section. The discussion includes simulation and FPGA verified results, synthesis results, and comparative discussion with existing similar approaches. The secure authentication of the IoT-based RFID system is simulated on ModelSim 6.5c simulator and verified on results on Artix-7 using the Chipscope-pro tool. The PRESENT-80/128/256 modules, PRESENT cipher at ECB mode, and SA of IoT-based RFID system utilization summary are obtained after synthesis operation using Artix-7 FPGA. The simulation results of SA of IoTbased RFID system are represented in Figure 2. The PRESENT-128 at ECB mode is considered to block cipher for SA simulation between RFID tag and reader. The global clock (clk) is activated with an active-low reset (rst). Initially, define three 64-bit random numbers (RN1, RN2, and RN3) used in SA between tag and reader. The control signals like key load (kld1 and kld2) and load (ld1 and ld2) are active low to start the SA process.
After performing the PRESENT-128 decryption operation, the reader challenge values (Reader_cha1 and Reader_Cha2) are obtained. The tag accepts the challenges and performs the PRESENT-128 encryption operation to obtain the two tag challenge values (Tag_Cha1 and Tag_Cha2). The reader is authenticated if the random number (RN1) equals the Tag_Cha1 value (Reader_Auth). Perform PRESENT-128 encryption with tag values and obtains the two tag responses (Tag_Resp1 and Tag_Resp2) to establish tag authentication. The RFID reader responds to the tag response value by performing the PRESENT-128 decryption operation and generates the reader response values (Reader_Resp1 and Reader_Resp2). The tag is authenticated if the random number (RN2) equals the Reader_Resp1 value (Tag_Auth). So mutual authentication between RFID tag and reader is established for further communication securely. The SA of an IoT-based RFID system takes 1.285 µs to complete the authentication process between Tag and Reader.  The PRESENT-256 cipher consumes 711 slices and 617 LUTs and utilizes 0.191 W total power on Artix-7 FPGA. The PRESENT-80/128/256 ciphers work at 410.7 MHz frequency and obtain the Throughput of 822 Mbps on Artix-7 FPGA. The hardware efficiency is calculated based on obtained Throughput per slice. The PRESENT-80/128/256 cipher receives 2.29, 1.8, and 1.15 Mbps/slice hardware efficiency on Artix-7 FPGA. If the key size of the PRESENT cipher increases, the resource utilization (Area (Slices, LUTs) and power) is increased by decreasing the hardware efficiency.

Request
The resource utilization results are obtained after place, and route operation for secure authentication of IoT-based RFID system using PRESENT-80/128/256 at ECB mode is tabulated in Table 3. The SA of the IoT-based RFID system utilizes 754 slices, 1086 LUTs using PRESENT-80, 945 slices, 1276 LUTs using PRESENT-128, 1457 slices, and 1783 LUTs using PRESENT-256 cipher at ECB mode. The SA of the IoT-based RFID system consumes a total power of 0.107 W, 0.112 W, and 0.114 W using PRESENT-80/128/256. The performance parameters comparison of light-weight block cipher PRESENT-80/128 (only encryption) operation with existing similar PRESENT ciphers [23]- [26] is tabulated in Table 4. The data size is fixed to 64-bit with variable keys (80-bit and 128-bit) compared to FPGA (Virtex-5 and Artix-7) devices. The chip area (Slices, LUTs, and FFs), maximum frequency (Fmax), latency in terms of clock cycles (CC), Throughput, and efficiency parameters are considered for comparison. The existing PRESENT [23]- [25] ciphers are implemented on Virtex-5 FPGA, which consumes more latency (clock cycles) and obtains less Throughput (Mbps) than the proposed PRESENT-80/128 ciphers. The Throughput is estimated using data size, latency, and maximum frequency parameters. The existing PRESENT [26] is implemented on Artix-7, which consumes more chip area (Slices, LUTs, and FFs), less operating frequency, moderate throughput, and more efficiency than the proposed PRESENT-80 cipher. Table 4. Performance comparison of PRESENT cipher with existing PRESENT approaches [23]- [26] PRESENT Ciphers Ref [23] Ref [23] Ref [24] Ref [24] Ref [25] Ref [25] Ref [26] This Work The proposed PRESENT-80/128 cipher with existing lightweight cipher approaches [27]- [30] are compared concerning the performance resources on Spartan-3 FPGA, tabulated in Table 5. The existing lightweight ciphers like SPECK [27], SIMON [27], XTEA-1 [28], XTEA-3 [28], and LED [29], [30] are considered for comparison. The 64-bit data and 128-bit keys are used in all the existing ciphers [27]- [30], and all are implemented on Spartan -3 FPGA devices. The area (slices), throughput (Mbps), and hardware efficiency parameters are considered for comparison. The proposed PRESENT-80/128/256 ciphers obtain better throughput (Mbps) and efficiency (Kbps/slice) than the existing lightweight ciphers [27]- [30] on Spartan -3 FPGA. The resource comparison of SA-based IoT-based RFID systems with an existing similar approach [31] is tabulated in Table 6. The current mutual authentication methods of RFID systems use lightweight ciphers like Hummingbird (HB), XTEA, and PRESENT to compare the same Spartan -3E FPGA device. The RFID-MA using HB [31] uses a 16-bit data size, and a 256-bit key utilizes 2,411 slice-FFs and works at 40.1 MHz. The proposed SA of an IoT-based RFID system operates fewer slice-FFs and works at a better frequency than the existing RFID-MA approach using Hummingbird (HB), XTEA, and PRESENT ciphers [31]. The proposed PRESENT-80/128/256 encryption/decryption operation works parallel with the key updation mechanism, which reduces the execution time (Latency). The encryption and decryption operations are designed with simple XOR, logical operations, and sequential circuits, giving better throughput and reducing the hardware complexity.

CONCLUSION AND FUTURE WORK
The lightweight PRESENT-80/128/256 block cipher algorithm is used to develop an efficient and cost-effective secure authentication mechanism for IoT-based RFID systems. In electronic codebook (ECB) mode, the PRESENT-80/128/256 block cipher performs block-wise encryption and decryption. The RFID Tag and Reader are authenticated securely for data communication using the PRESENT-80/128/256 block cipher. The simulation findings are functionally confirmed when compared to FPGA results. The synthesis results are tabulated for the PRESENT-80/128/256 block cipher and its secured authentication modules. On the Artix-7 FPGA, the secured authentication protocol uses 2% slices, runs at 403.1 MHz, and costs 0.12 W total power. The PRESENT-80/128/256 cipher outperforms similar PRESENT ciphers and other lightweight algorithms regarding chip area and throughput. The secure authentication of IoT-based RFID system using PRESENT is compared with existing RFID-MA protocols with a reduction of 50% in slice-FFs and 68% in operating frequency. The PRESENT-80/128/256 cipher is used further to analyze the security by concerning the different attacks to know the data/key availability and complexity.