Panagiotis Rizomiliotis and Stefanos Gritzalis Dept. of Information and Communication Systems Engineering University of the Aegean, Greece GHB#: A Provably.

Slides:

Advertisements

Similar presentations

1 An Ultra-lightweight Authentication Protocol in RFID Speaker: 魏家惠.

Advertisements

NFC Security What is NFC? NFC Possible Security Attacks. NFC Security Attacks Countermeasures. Conclusion. References.

Technical Issues Regarding Near Field Communication Group 16 Tyler Swofford Matthew Kotan.

Timo Kasper Crete, Greece May 10, 2007 An Embedded System for Practical Security Analysis of Contactless Smartcards Timo Kasper, Dario Carluccio and Christof.

Digital Wallet Alberto Almonte (CPE) Miles Curiotto (CPE) Michael Stross (EE) The new, compact, secure and efficient way to carry all your credit and debit.

Every Bit Counts – Fast and Scalable RFID Estimation Muhammad Shahzad and Alex X. Liu Dept. of Computer Science and Engineering Michigan State University.

1 Dynamic Key-Updating: Privacy- Preserving Authentication for RFID Systems Li Lu, Lei Hu State Key Laboratory of Information Security, Graduate School.

RFID Security CMPE 209, Spring 2009 Presented by:- Snehal Patel Hitesh Patel Submitted to:- Prof Richard Sinn.

11 WIRELESS SECURITY by Prof. Russell Jones. WIRELESS COMMUNICATION ISSUES  Wireless connections are becoming popular.  Network data is transmitted.

Information Security of Embedded Systems : Communication, wireless remote access Prof. Dr. Holger Schlingloff Institut für Informatik und Fraunhofer.

#1 Privacy in pervasive computing What can technologists do? David Wagner U.C. Berkeley In collaboration with David Molnar, Andrea Soppera, Ari Juels.

Wireless Sensor Network Security Anuj Nagar CS 590.

RFID Cardinality Estimation with Blocker Tags

RFID in Mobile Commerce and Security Concerns Chassica Braynen April 25, 2007.

Real World Applications of RFID Mr. Mike Rogers Bryan Senior High School Omaha, NE.

R R FID Authentication : M inimizing Tag Computation CHES2006 Rump Session, Yokohama. Japan Ph.D. Jin Kwak Kyushu University, JAPAN

Lecture Notes #7 Radio Frequency Identification (RFID)

RFID Radio frequency identification,or RFID,is an Auto-ID technology that uses radio waves to identify a physical object. Tags ReaderAntenna.

David Molnar, David Wagner - Authors Eric McCambridge - Presenter.

Chip tag A radio-frequency identification system uses tags readers send a signal to the tag and read its response RFID tags can be either passive active.

Federal Communications Commission Workshop on Radio Frequency Identification (RFID) October 7, 2004 SAMS ys Technologies.

RFID – An Introduction Murari Raghavan UNC-Charlotte.

Presented by: Arpit Jain Guided by: Prof. D.B. Phatak.

Developing RFID Application In Supply Chain

Radio Frequency Identification By Bhagyesh Lodha Vinit Mahedia Vishnu Saran Mitesh Bhawsar.

RFID Last Update Copyright Kenneth M. Chipps Ph.D.

1 POP Method An Approach to Enhance the Security and Privacy of RFID Systems Used in Product Lifecycle with an Anonymous Ownership Transferring Mechanism.

Authenticating Pervasive Devices with Human Protocols Presented by Xiaokun Mu.

NEAR FIELD COMMUNICATION. WHAT IS NFC??? NFC or Near Field Communication is a short range high frequency wireless communication technology. A radio communication.

- 1 - RFID Security and Privacy: A Research Survey Ari Juels RSA Laboratories IEEE Journal on Selected Areas in Communication (J-SAC) in 2006 Taesung Kim.

EPCglobal Training Suite

MIXNET for Radio Frequency Identification Jaanus Uudmae, Harshitha Sunkara, Dale R. Thompson, Sean Bruce, and Jayamadhuri.

CS3900 Richard Emerson1 Radio Frequency ID Tags Smart labels that send/receive data via radio waves Usually works like a barcode – contains a product code.

Ignite Presentation: Near Field Communication Harry Yang.

R F I D Presented by Kerry Wong. What is RFID? Radio Frequency IDentification –Analogous to electronic barcode –Uses radio waves to send info Serial numbers.

Attacks and Improvements to an RFID Mutual Authentication Protocol and its Extensions Shaoying Cai 1 Yingjiu Li 1 Tieyan Li 2 Robert H. Deng 1 1 Singapore.

Modulation and Data Transfer February 21, References gy-Article.asp?ArtNum=2

Shanti Bramhacharya and Nick McCarty. This paper deals with the vulnerability of RFIDs A Radio Frequency Identifier or RFID is a small device used to.

Low-Cost Untraceable Authentication Protocols for RFID Yong Ki Lee, Lejla Batina, Dave Singelée, Ingrid Verbauwhede BCRYPT workshop on RFID Security February.

Overall: 9/10. GOODWORK ON  Good information  Very detailed  Nice Introduction  RFID has many similarities with barcoding but with the unique characteristics.

RFID (Radio Frequency Identification) T.F.G.P.POLYTECHNICH - ADIPUR (KUTCH) HITESH C.PATEL SHAHGULAM KHWAJAJI.

ASIACCS 2007 Protecting RFID Communications in Supply Chains Yingjiu Li & Xuhua Ding School of Information Systems Singapore Management University.

THE INTERNET OF THINGS (IOT). THE INTERNET OF THINGS Objects can transmit and share information without any human intervention.

Security Issues in Distributed Sensor Networks Yi Sun Department of Computer Science and Electrical Engineering University of Maryland, Baltimore County.

Hoda Jannati School of Computer Science

Computer Science Department of University of Virginia  Voltage on a tag Radio Frequency Identification Systems New Ideas and Algorithms Introduction to.

Chapter 8 – Tree-based Anti-Collision Protocols for RFID tags

Radio Frequency Identification (RFID)

1 Protecting Your Privacy with a Mobile Agent Device in RFID Environment Authors: Sang-Soo Yeo, Soo-Cheol Kim, Sung Kwon Kim, Gilcheol Park, Seok Soo Kim,

Secure positioning in Wireless Networks Srdjan Capkun, Jean-Pierre Hubaux IEEE Journal on Selected area in Communication Jeon, Seung.

CONTACTLESS SMART CARD Betty Yu. What is contactless smart card? A contactless smart card is a contactless MHz credential whose dimensions are credit-card.

Near Field Communication Armando Octavio Yesenia Sunny Nidia.

I’m back ! Had a nice Holiday? I’m back ! Had a nice Holiday? Today we are talking PROXIMITY TECHNOLOGY Today we are talking PROXIMITY TECHNOLOGY.

RFID Mike Treon CPSC 310. What is RFID? Radio Frequency Identification Wireless link to transmit data and collect stored information. (EPC) Allows for.

RFID TAG READER TAG READER Abdullah Al-Faifi ) ) ) ) )

RADIO FREQUENCY IDENTIFICATION (RFID) FOR LIBRARIES

A Dynamic ID-Based Generic Framework for Anonymous Authentication Scheme for Roaming Service in Global Mobility Networks Source: Wireless Personal Communications,

Zahra Ahmadian Recursive Linear and Differential Cryptanalysis of Ultra-lightweight Authentication Protocols Zahra Ahmadian

RFID Security & Privacy at both Physical and System Levels - Presentation to IoT-GSI 26th August 2011 Robert H. Deng & Yingjiu Li School of Information.

Team 7 Technical Presentation

Revisting Unpredictability-Based RFID Privacy Models

Abstract Radio-frequency identification (RFID) is an emerging technology, which promises to advance the modern industrial practices in object identification.

Randomized PRF Tree Walking Algorithm for Secure RFID

An Improved Novel Key Management Protocol for RFID Systems

Security Implementation Using Present-Puffin Protocol

N-ID Definition Proposal

RFID used for real-time tracking Physics 490 seminar 4/15/2019

Privacy Protection for E-Health Systems by

Henri Gilbert1, Matthew Robshaw1, and Hervé Sibert2

Presentation transcript:

Panagiotis Rizomiliotis and Stefanos Gritzalis Dept. of Information and Communication Systems Engineering University of the Aegean, Greece GHB#: A Provably Secure HB-like Lightweight Authentication Protocol June 26-29, Singapore 1 ACNS 2012

Contents  Motivation - RFID  The HB family  The HB# protocol Design Security  The GHB# protocol Design Security  Implementation issues  Conclusions June 26-29, Singapore 2 ACNS 2012

Motivation - RFID June 26-29, Singapore ACNS Radio Frequency Identification A technology that enables the electronic and wireless labeling and identification of objects, humans and animals Replaces barcodes Electronic device that can store and transmit data to a reader in a contactless manner using radio waves  Microchip  Antenna

Applications June 26-29, Singapore ACNS Practically everywhere Auto Immobilizers Automated Vehicle Id Animal Tracking Conveyor Belt Forklift Dock Door Handheld Point of Sale Smart Shelves Credit Card Electronic Identity

Main Challenges June 26-29, Singapore ACNS Security  Confidentiality of stored data  Integrity/authenticity  Impersonation Privacy  Anonymity  Untraceability Normally, cryptography can solve all these problems. Restrictions: Low cost Limited hardware and energy We need new lightweight algorithms!!

The HB family of protocols June 26-29, Singapore ACNS A set of ultra-lightweight authentication protocols initiated by Hopper and Blum’s work (the HB protocol) proposed initially for human identification Then proposed for RFID tags Based on the LPN problem

The HB family June 26-29, Singapore ACNS HB (2001) HB+ (2005) HB++ (2006) HB-MP (2007) HB-MP+(2008) HB* (2007) HB# (2008) Subspace LPN based protocols (2011)

Three attack models (1/3) June 26-29, Singapore ACNS PASSIVE-model 1. Eavesdrop Tag-Reader 2. Impersonate the Tag DET – model 1. Interrogate the Tag (Reader is not present) 2. Impersonate the Tag MIM – model 1. Modify the messages between Tag-Reader (SOS – learn to authentication result) 2. Impersonate the Tag GRS-attack: Modify only the messages send by the Reader

Three attack models (2/3) DET-model June 26-29, Singapore ACNS

Three attack models (3/3) MIM-model June 26-29, Singapore ACNS GRS-attack when ONLY b i can be modified

The HB# protocol June 26-29, Singapore ACNS Gilbert, H., Robshaw, M., Seurin, Y.: HB#: Increasing the Security and Efficiency of HB+. In: Proceedings of Eurocrypt, Springer LNCS, vol. 4965, pp , (2008) 1. Random-HB#: X,Y random 2. HB#: X,Y Toeplitz Matrices

The HB# protocol’s security June 26-29, Singapore ACNS Based on MHB: an extension of the HB puzzle HB# is secure against the PASSIVE, DET, GRS-attack There is a MIM attack  Ouafi, K., Overbeck, R., Vaudenay, S.: On the Security of HB# against a Man- in- the-Middle Attack. In: Proceedings of Asiacrypt, Springer LNCS, vol. 5350, pp (2008)

Vectorial Boolean Functions June 26-29, Singapore ACNS Vectorial Boolean Functions with m inputs and n outputs:

Gold Boolean Functions June 26-29, Singapore ACNS Gold, R.: Maximal recursive sequences with 3-valued recursive crosscorrelation functions. IEEE Transactions on Information Theory, vol. 14, pp , 1968 Power functions on a field where Algebraic Degree = 2 Balanced APN High nonlinearity

The GHB# protocol June 26-29, Singapore ACNS Modify the HB# Φ is a Gold Boolean function!

Complexity and other issues June 26-29, Singapore ACNS Practically the same the behavior as the HB# protocol False acceptance rate False rejection rate Storage complexity. The memory cost for the tag; i.e. the storage for the two secret matrices, is (k X +k Y )m bits. Communication complexity. The protocol requires (k X +k Y + m) bits to be transferred in total.

Security analysis June 26-29, Singapore ACNS Provably PASSIVE, DET and MIM secure It is based on the MHB puzzle like the HB# (Actually, similarly to the HB# proofs our reduction uses rewinding) The resistance against the MIM attacks is due to the APN property of the Gold function

Intuitive approach June 26-29, Singapore ACNS From the presentation of Ouafi, K., Overbeck, R., Vaudenay, S.: On the Security of HB# against a Man- in-the-Middle Attack. In: Proceedings of Asiacrypt, Springer LNCS, vol. 5350, pp (2008) HB# Estimation of the acceptance rate GHB# The acceptance rate is random! Remember Φ is APN!!!!!

Implementation Issues June 26-29, Singapore ACNS Implementation of the Gold function  Optimal normal basis  Requires 2m + 1 AND gates and 2m XOR gates. Complexity Comparison between GHB# and HB#.

Conclusions June 26-29, Singapore ACNS RFID need ultra-lightweight protocols The HB family is the most promising candidate GHB# is provably secure It has the pros and cons of HB# Further research is needed to improve implementation complexity

Thank you for your attention June 26-29, Singapore ACNS Questions??