The Radio Frequency Identification (RFID) system is vulnerable to malicious attacks in the wireless channel and the privacy of the tag owners is often violated. In order to solve the problems, a lightweight RFID authentication protocol supporting anonymity was proposed. Firstly, the random number generator was used to generate the unpredictable sequence for specifying the lightweight operators participating in the protocol. Then, the seed was specified to achieve the key negotiation between the reader and the tag. Finally, the mutual authentication and information updating were achieved. The comparison results with some representative lightweight schemes show that the proposed scheme saves the the tag storage overhead by up to 42% compared with the similar lightweight protocols, and the has the communication overhead also maintained at the low level of similar schemes at the same time, and is able to support the multiple security requirements. The proposed scheme is suitable for low-cost RFID systems.

Focusing on the large decryption overhead of the resource limited edge devices and the lack of effective user tracking and revocation in attribute-based encryption, a traceable and revocable Ciphertext-Policy Attribute-Based Encryption (CP-ABE) scheme supporting cloud-fog computing was proposed. Firstly, through the introduction of fog nodes, the ciphertext storage and outsourcing decryption were able to be carried out on fog nodes near the users, which not only effectively protected users' private data, but also reduced users' computing overhead. Then, in response to the behaviors such as user permission changes, users intentionally or unintentionally leaking their own keys in the attribute-based encryption system, user tracking and revocation functions were added. Finally, after the identity of malicious user with the above behaviors was tracked through the algorithm, the user would be added to the revocation list, so that user's access right was cancelled. The performance analysis shows that the decryption overhead at the user end is reduced to one multiplication and one exponential operation, which can save large bandwidth and decryption time for users; at the same time, the proposed scheme supports the tracking and revocation of malicious users. Therefore, the proposed scheme is suitable for data sharing of devices with limited computing resources in cloud-fog environment.

Focusing on the problem that open and insecure wireless channel between reader and tag in Radio Frequency IDentification (RFID) system is vulnerable to multiple malicious attacks, a new ultra-lightweight RFID Mutual Authentication Protocol based on Regeneration (RRMAP) was proposed. Firstly, the regeneration transformation of the first-stage reverse sequence self-combination transformation on two binary arrays was performed to achieve its own bit confusion effect. Secondly, the result of first-stage was used for the second-stage parity adjacent crossover-XOR operation, thus whole regeneration transformation was completed. Finally, through new definition of regeneration transformation, the left circular shift operation and modular 2^ m addition operation were combined to construct secret communication messages during authentication process, which could effectively solve security problems existing in RFID system currently. The BAN (Burrows-Abadi-Needham) logic formal proof was given to show the availability of protocol. The security analysis and performance comparison show that RRMAP has strong security and privacy protection attributes which can resist some common malicious attacks.

Most of the existing Ciphertext-Policy Attribute-Based Encryption (CP-ABE) schemes cannot support multi-state representation of attributes, and the computation overhead of encryption and decryption phase is huge. In order to solve the problems, a CP-ABE scheme with Weighted Attribute Revocation (CPABEWAR) was proposed. On the one hand, the expression ability of attribute was improved by introducing the concept of weighted attribute. On the other hand, in order to reduce the computation cost, part calculation tasks were outsourced to Cloud Service Provider (CSP) under the premise of ensuring data securer. The analysis results show that, the proposed CPABEWAR is proved to be Chosen Plaintext Secure (CPS) under the Decisional Bilinear Diffie-Hellman (DBDH) assumption. The proposed scheme simplifies the access tree structure at the cost of a small amount of storage space and improves system efficiency and flexibility of access control, which is suitable for cloud users with limited computing power.