A Lightweight Authentication Scheme for Transport System Farecards

Yang, ML
Narayanan, A
Parry, D
Wang, X
Item type
Conference Contribution
Degree name
Journal Title
Journal ISSN
Volume Title

Proximity Integrated Circuit Cards (PICC) are widely used for public transport fare collection. The stored contents in the card can only be accessed or modified after the card is able to authenticate the Proximity Coupling Device (PCD) or reader using a shared secret key. We propose a new authentication scheme that is not based on shared secret keys. Instead, authentication is based on the card and reader being able to compute an identical pairwise key using their own private keying material obtained from the same source. The computation is done off-line and does not require the participation of a third party. It uses simple modular arithmetic operations over a small binary extension field, achieving fast computation speed using the limited resources in cards. In addition, should the keys be stolen from the cards or readers, the security of the other parts of the system cannot be compromised.

Authorisation; Cryptography; Integrated circuits; Public transport; Radiofrequency identification; Smart cards; PCD; PICC; Identical pairwise key;lightweight authentication scheme; Private keying material; Proximity coupling device; Proximity integrated circuit cards; Public transport fare collection; Shared secret key; Simple modular arithmetic operations; Small binary extension field; Transport system farecards; Authentication; Companies; Elliptic curve cryptography; Logic gates; Radiofrequency identification; Servers
2016 IEEE International Conference on RFID Technology and Applications (RFID-TA), Foshan, 2016, pp. 150-155. doi: 10.1109/RFID-TA.2016.7750746
Publisher's version
Rights statement
Copyright © 2016 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.