{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,10]],"date-time":"2026-02-10T01:16:57Z","timestamp":1770686217607,"version":"3.49.0"},"reference-count":38,"publisher":"MDPI AG","issue":"17","license":[{"start":{"date-parts":[[2020,8,27]],"date-time":"2020-08-27T00:00:00Z","timestamp":1598486400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"funder":[{"DOI":"10.13039\/501100005374","name":"Nanjing University of Posts and Telecommunications","doi-asserted-by":"publisher","award":["NY216016"],"award-info":[{"award-number":["NY216016"]}],"id":[{"id":"10.13039\/501100005374","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100001809","name":"National Natural Science Foundation of China","doi-asserted-by":"publisher","award":["61902196"],"award-info":[{"award-number":["61902196"]}],"id":[{"id":"10.13039\/501100001809","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100001809","name":"National Natural Science Foundation of China","doi-asserted-by":"publisher","award":["61872196"],"award-info":[{"award-number":["61872196"]}],"id":[{"id":"10.13039\/501100001809","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100001809","name":"National Natural Science Foundation of China","doi-asserted-by":"publisher","award":["61602261"],"award-info":[{"award-number":["61602261"]}],"id":[{"id":"10.13039\/501100001809","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100001809","name":"National Natural Science Foundation of China","doi-asserted-by":"publisher","award":["61672296"],"award-info":[{"award-number":["61672296"]}],"id":[{"id":"10.13039\/501100001809","id-type":"DOI","asserted-by":"publisher"}]},{"name":"Scientific and Technological Support Project of Jiangsu Province","award":["BE2017166"],"award-info":[{"award-number":["BE2017166"]}]},{"name":"Scientific and Technological Support Project of Jiangsu Province","award":["BE2019740"],"award-info":[{"award-number":["BE2019740"]}]},{"name":"Major Natural Science Research Projects in Colleges and Universities of Jiangsu Province","award":["18KJA520008"],"award-info":[{"award-number":["18KJA520008"]}]},{"name":"Six Talent Peaks Project of Jiangsu Province","award":["RJFW-111"],"award-info":[{"award-number":["RJFW-111"]}]}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Sensors"],"abstract":"<jats:p>The Internet of Things (IoT) has been integrated into legacy healthcare systems for the purpose of improving healthcare processes. As one of the key technologies of IoT, radio frequency identification (RFID) technology has been applied to offer services like patient monitoring, drug administration, and medical asset tracking. However, people have concerns about the security and privacy of RFID-based healthcare systems, which require a proper solution. To solve the problem, recently in 2019, Fan et al. proposed a lightweight RFID authentication scheme in the IEEE Network. They claimed that their scheme can resist various attacks in RFID systems with low implementation cost, and thus is suitable for RFID-based healthcare systems. In this article, our contributions mainly consist of two parts. First, we analyze the security of Fan et al.\u2019s scheme and find out its security vulnerabilities. Second, we propose a novel lightweight authentication scheme to overcome these security weaknesses. The security analysis shows that our scheme can satisfy the necessary security requirements. Besides, the performance evaluation demonstrates that our scheme is of low cost. Thus, our scheme is well-suited for practical RFID-based healthcare systems.<\/jats:p>","DOI":"10.3390\/s20174846","type":"journal-article","created":{"date-parts":[[2020,8,27]],"date-time":"2020-08-27T08:05:18Z","timestamp":1598515518000},"page":"4846","update-policy":"https:\/\/doi.org\/10.3390\/mdpi_crossmark_policy","source":"Crossref","is-referenced-by-count":21,"title":["A Novel Lightweight Authentication Scheme for RFID-Based Healthcare Systems"],"prefix":"10.3390","volume":"20","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-7129-1082","authenticated-orcid":false,"given":"Feng","family":"Zhu","sequence":"first","affiliation":[{"name":"School of Computer Science, Nanjing University of Posts and Telecommunications, Nanjing 210023, China"},{"name":"Jiangsu High Technology Research Key Laboratory for Wireless Sensor Networks, Nanjing 210003, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-5026-5347","authenticated-orcid":false,"given":"Peng","family":"Li","sequence":"additional","affiliation":[{"name":"School of Computer Science, Nanjing University of Posts and Telecommunications, Nanjing 210023, China"},{"name":"Jiangsu High Technology Research Key Laboratory for Wireless Sensor Networks, Nanjing 210003, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-2809-2237","authenticated-orcid":false,"given":"He","family":"Xu","sequence":"additional","affiliation":[{"name":"School of Computer Science, Nanjing University of Posts and Telecommunications, Nanjing 210023, China"},{"name":"Jiangsu High Technology Research Key Laboratory for Wireless Sensor Networks, Nanjing 210003, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Ruchuan","family":"Wang","sequence":"additional","affiliation":[{"name":"School of Computer Science, Nanjing University of Posts and Telecommunications, Nanjing 210023, China"},{"name":"Jiangsu High Technology Research Key Laboratory for Wireless Sensor Networks, Nanjing 210003, China"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"1968","published-online":{"date-parts":[[2020,8,27]]},"reference":[{"key":"ref_1","doi-asserted-by":"crossref","first-page":"88","DOI":"10.1109\/JIOT.2016.2619679","article-title":"S2M: A Lightweight Acoustic Fingerprints-based Wireless Device Authentication Protocol","volume":"4","author":"Chen","year":"2016","journal-title":"IEEE Internet Things J."},{"key":"ref_2","doi-asserted-by":"crossref","first-page":"1294","DOI":"10.1109\/COMST.2015.2388550","article-title":"Security for the Internet of Things: A Survey of Existing Protocols and Open Research Issues","volume":"17","author":"Granjal","year":"2015","journal-title":"IEEE Commun. Surv. Tutor."},{"key":"ref_3","doi-asserted-by":"crossref","first-page":"2787","DOI":"10.1016\/j.comnet.2010.05.010","article-title":"The Internet of Things: A Survey","volume":"54","author":"Atzori","year":"2010","journal-title":"Comput. Netw."},{"key":"ref_4","doi-asserted-by":"crossref","first-page":"3095","DOI":"10.1002\/sec.1314","article-title":"Lightweight and Ultralightweight RFID Mutual Authentication Protocol with Cache in the Reader for IoT in 5G","volume":"9","author":"Fan","year":"2016","journal-title":"Secur. Commun. Netw."},{"key":"ref_5","doi-asserted-by":"crossref","first-page":"381","DOI":"10.1109\/JSAC.2005.861395","article-title":"RFID Security and Privacy: A Research Survey","volume":"24","author":"Juels","year":"2006","journal-title":"IEEE J. Sel. Areas Commun."},{"key":"ref_6","doi-asserted-by":"crossref","first-page":"3507","DOI":"10.1007\/s10916-011-9789-8","article-title":"The Adoption and Implementation of RFID Technologies in Healthcare: A Literature Review","volume":"36","author":"Yao","year":"2012","journal-title":"J. Med. Syst."},{"key":"ref_7","doi-asserted-by":"crossref","first-page":"513","DOI":"10.1093\/qjmed\/hcp052","article-title":"Medication Errors: What They Are, How They Happen, and How to Avoid Them","volume":"102","author":"Aronson","year":"2009","journal-title":"QJM Int. J. Med."},{"key":"ref_8","unstructured":"U.S. Food and Drug Administration (2020, August 20). Working to Reduce Medication Errors, Available online: https:\/\/www.fda.gov\/drugs\/drug-information-consumers\/working-reduce-medication-errors."},{"key":"ref_9","doi-asserted-by":"crossref","first-page":"339","DOI":"10.1016\/j.future.2016.06.001","article-title":"A Privacy Preserving Framework for RFID Based Healthcare Systems","volume":"72","author":"Rahman","year":"2017","journal-title":"Future Gener. Comput. Syst."},{"key":"ref_10","doi-asserted-by":"crossref","first-page":"1656","DOI":"10.1109\/TII.2018.2794996","article-title":"Lightweight RFID Protocol for Medical Privacy Protection in IoT","volume":"14","author":"Fan","year":"2018","journal-title":"IEEE Trans. Ind. Inform."},{"key":"ref_11","unstructured":"EPCglobal Inc. (2020, July 07). Class-1 Generation-2 UHF RFID Protocol for Communications at 860MHz\u2013960 MHz Version 1.2.0, in: EPC Radio-Frequency Identity Protocols. Available online: https:\/\/www.gs1.org\/sites\/default\/files\/docs\/epc\/uhfc1g2_1_2_0-standard-20080511.pdf."},{"key":"ref_12","doi-asserted-by":"crossref","unstructured":"Kulseng, L., Yu, Z., Wei, Y., and Guan, U. (2010, January 3\u20136). Lightweight Mutual Authentication and Ownership Transfer for RFID Systems. Proceedings of the 29th IEEE International Conference on Computer Communications, San Diego, CA, USA.","DOI":"10.1109\/INFCOM.2010.5462233"},{"key":"ref_13","doi-asserted-by":"crossref","unstructured":"Manifavas, C., Hatzivasilis, G., Fysarakis, K., and Rantos, K. (2013, January 12\u201313). Lightweight Cryptography for Embedded Systems\u2014A Comparative Analysis. Proceedings of the 6th International Workshop on Autonomous and Spontaneous Security, Egham, UK.","DOI":"10.1007\/978-3-642-54568-9_21"},{"key":"ref_14","doi-asserted-by":"crossref","first-page":"44","DOI":"10.1109\/MNET.2019.1800225","article-title":"A Lightweight Authentication Scheme for Cloud-based RFID Healthcare Systems","volume":"33","author":"Fan","year":"2019","journal-title":"IEEE Netw."},{"key":"ref_15","doi-asserted-by":"crossref","first-page":"46","DOI":"10.1007\/s10916-014-0046-9","article-title":"A Secure RFID Authentication Protocol for Healthcare Environments Using Elliptic Curve Cryptosystem","volume":"38","author":"Zhao","year":"2014","journal-title":"J. Med. Syst."},{"key":"ref_16","doi-asserted-by":"crossref","first-page":"47","DOI":"10.1007\/s10916-014-0047-8","article-title":"An Efficient RFID Authentication Protocol to Enhance Patient Medication Safety using Elliptic Curve Cryptography","volume":"38","author":"Zhang","year":"2014","journal-title":"J. Med. Syst."},{"key":"ref_17","doi-asserted-by":"crossref","first-page":"165","DOI":"10.1007\/s10916-016-0521-6","article-title":"A Provably Secure RFID Authentication Protocol Based on Elliptic Curve for Healthcare Environments","volume":"40","author":"Farash","year":"2016","journal-title":"J. Med. Syst."},{"key":"ref_18","doi-asserted-by":"crossref","first-page":"24","DOI":"10.1007\/s10916-015-0213-7","article-title":"A Secure RFID Mutual Authentication Protocol for Healthcare Environments using Elliptic Curve Cryptography","volume":"39","author":"Jin","year":"2015","journal-title":"J. Med. Syst."},{"key":"ref_19","doi-asserted-by":"crossref","first-page":"12","DOI":"10.1007\/s10916-015-0362-8","article-title":"A Secure ECC-based RFID Mutual Authentication Protocol to Enhance Patient Medication Safety","volume":"40","author":"Jin","year":"2016","journal-title":"J. Med. Syst."},{"key":"ref_20","doi-asserted-by":"crossref","first-page":"7452","DOI":"10.1109\/ACCESS.2017.2780124","article-title":"A Robust Mutual Authentication Scheme Based on Elliptic Curve Cryptography for Telecare Medical Information Systems","volume":"6","author":"Qiu","year":"2018","journal-title":"IEEE Access"},{"key":"ref_21","doi-asserted-by":"crossref","first-page":"1328","DOI":"10.1109\/TR.2018.2850966","article-title":"Efficient Design of a Novel ECC-based Public Key Scheme for Medical Data Protection by Utilization of NanoPi Fire","volume":"67","author":"Nikooghadam","year":"2018","journal-title":"IEEE Trans. Reliab."},{"key":"ref_22","doi-asserted-by":"crossref","first-page":"100","DOI":"10.1016\/j.tele.2018.09.001","article-title":"A Secure Elliptic Curve Cryptography Based Mutual Authentication Protocol for Cloud-assisted TMIS","volume":"38","author":"Kumar","year":"2019","journal-title":"Telemat. Inform."},{"key":"ref_23","doi-asserted-by":"crossref","first-page":"129","DOI":"10.1007\/s10207-019-00464-9","article-title":"An Elliptic Curve Cryptography Based Enhanced Anonymous Authentication Protocol for Wearable Health Monitoring Systems","volume":"19","author":"Sowjanya","year":"2020","journal-title":"Int. J. Inf. Secur."},{"key":"ref_24","doi-asserted-by":"crossref","first-page":"153","DOI":"10.1007\/s10916-014-0153-7","article-title":"A Hash Based Mutual RFID Tag Authentication Protocol in Telecare Medicine Information System","volume":"39","author":"Srivastava","year":"2015","journal-title":"J. Med. Syst."},{"key":"ref_25","doi-asserted-by":"crossref","first-page":"77","DOI":"10.1007\/s10916-015-0260-0","article-title":"A Secure RFID Tag Authentication Protocol with Privacy Preserving in Telecare Medicine Information System","volume":"39","author":"Li","year":"2015","journal-title":"J. Med. Syst."},{"key":"ref_26","doi-asserted-by":"crossref","first-page":"6221","DOI":"10.1007\/s11277-017-4474-y","article-title":"Security Analysis and Enhancement of the Most Recent RFID Authentication Protocol for Telecare Medicine Information System","volume":"96","author":"Benssalah","year":"2017","journal-title":"Wirel. Pers. Commun."},{"key":"ref_27","doi-asserted-by":"crossref","first-page":"23514","DOI":"10.1109\/ACCESS.2019.2896641","article-title":"A New Secure Authentication Protocol for Telecare Medicine Information System and Smart Campus","volume":"7","author":"Safkhani","year":"2019","journal-title":"IEEE Access"},{"key":"ref_28","doi-asserted-by":"crossref","first-page":"621","DOI":"10.1016\/j.future.2019.07.004","article-title":"SecLAP: Secure and Lightweight Rfid Authentication Protocol for Medical IoT","volume":"101","author":"Aghili","year":"2019","journal-title":"Future Gener. Comput. Syst."},{"key":"ref_29","unstructured":"Safkhani, M., Bendavid, Y., Rostampour, S., and Bagheri, N. (2019). On Designing Lightweight RFID Security Protocols for Medical IoT. IACR Cryptol. Eprint Arch., Available online: https:\/\/eprint.iacr.org\/2019\/851.pdf."},{"key":"ref_30","doi-asserted-by":"crossref","first-page":"6220","DOI":"10.1007\/s11227-018-2538-8","article-title":"Implementation of Secret Disclosure Attack Against Two IoT Lightweight Authentication Protocols","volume":"74","author":"Safkhani","year":"2018","journal-title":"J. Supercomput."},{"key":"ref_31","doi-asserted-by":"crossref","first-page":"3603","DOI":"10.1007\/s12652-018-1088-5","article-title":"A Quadratic Residue-based RFID Authentication Protocol with Enhanced Security for TMIS","volume":"10","author":"Zhou","year":"2019","journal-title":"J. Ambient Intell. Humaniz. Comput."},{"key":"ref_32","doi-asserted-by":"crossref","unstructured":"Avoine, G., Coisel, I., and Martin, T. (2010, January 8\u20139). Time Measurement Threatens Privacy-Friendly RFID Authentication Protocols. Proceedings of the 6th International Workshop on Radio Frequency Identification: Security and Privacy Issues, Istanbul, Turkey.","DOI":"10.1007\/978-3-642-16822-2_13"},{"key":"ref_33","doi-asserted-by":"crossref","first-page":"2831","DOI":"10.1109\/TIFS.2018.2832849","article-title":"Lightweight and Practical Anonymous Authentication Protocol for RFID Systems Using Physically Unclonable Functions","volume":"13","author":"Gope","year":"2018","journal-title":"IEEE Trans. Inf. Forensics Secur."},{"key":"ref_34","doi-asserted-by":"crossref","first-page":"79","DOI":"10.1504\/IJACT.2008.021082","article-title":"Anonymous RFID Authentication Supporting Constant-cost Key-lookup Against Active Adversaries","volume":"1","author":"Burmester","year":"2008","journal-title":"Int. J. Appl. Cryptogr."},{"key":"ref_35","doi-asserted-by":"crossref","first-page":"18","DOI":"10.1145\/77648.77649","article-title":"A Logic of Authentication","volume":"8","author":"Burrows","year":"1990","journal-title":"Acm Trans. Comput. Syst."},{"key":"ref_36","doi-asserted-by":"crossref","first-page":"82","DOI":"10.20533\/ijrfidsc.2046.3715.2013.0011","article-title":"Warbler: A Lightweight Pseudorandom Number Generator for EPC C1 Gen2 Passive RFID Tags","volume":"2","author":"Mandal","year":"2013","journal-title":"Int. J. RFID Secur. Cryptogr."},{"key":"ref_37","unstructured":"Bogdanov, A., Kne\u017eevi\u0107, M., Leander, G., Toz, D., Var\u0131c\u0131, K., and Verbauwhede, I. (October, January 28). SPONGENT: A Lightweight Hash Function. Proceedings of the 13th International Workshop on Cryptographic Hardware and Embedded Systems, Nara, Japan."},{"key":"ref_38","doi-asserted-by":"crossref","unstructured":"Burmester, M., De Medeiros, B., and Motta, R. (2008, January 18\u201320). Robust, Anonymous RFID Authentication with Constant Key-lookup. Proceedings of the 2008 ACM Symposium on Information, Computer and Communications Security, Tokyo, Japan.","DOI":"10.1145\/1368310.1368351"}],"container-title":["Sensors"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.mdpi.com\/1424-8220\/20\/17\/4846\/pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,10,11]],"date-time":"2025-10-11T10:07:36Z","timestamp":1760177256000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.mdpi.com\/1424-8220\/20\/17\/4846"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2020,8,27]]},"references-count":38,"journal-issue":{"issue":"17","published-online":{"date-parts":[[2020,9]]}},"alternative-id":["s20174846"],"URL":"https:\/\/doi.org\/10.3390\/s20174846","relation":{},"ISSN":["1424-8220"],"issn-type":[{"value":"1424-8220","type":"electronic"}],"subject":[],"published":{"date-parts":[[2020,8,27]]}}}