Abstract
Nowadays the sharing of trade in counterfeit and pirated goods is constantly growing and fake products are found in a large number of industries - particularly pharmaceuticals, food, and medical equipment - that can pose serious health and safety risks. With the intention of avoiding any loss of client confidence and any disclosure of sensitive information, Internet of Things (IoT) solutions are increasingly used to fulfill this need for a reliable and secure infrastructure in medical & pharmaceutical industry. When looking at the technologies used to identify products and packaging, balancing security and hardware limitations is often a difficult task and using cost-effective techniques such as bit-oriented lightweight functions is a challenge. In this study, we first assess the security level of a recently proposed protocol and prove its vulnerabilities, due to a lack of complexity in bit-oriented functions. Then, to address these exposed flaws, a lightweight improved protocol based on Authenticated Encryption (AE) cryptosystems is presented. Security analysis results demonstrate that weaknesses of previous efforts have all been adequately addressed; additionally, the improved protocol has a robust security posture in terms of confidentiality and integrity. Moreover, FPGA and ASIC simulations are carried out using five different AE schemes from CAESAR competition to develop three use-cases, in whose best scenario the proposed tag has 731 LUT and needs 3335 gates for the security module.