Securing Deployed RFIDs by Randomizing the Modulation and the Channel

RFID cards are widely used today in sensitive applications such as access control, payment systems, and asset tracking. Past work shows that an eavesdropper snooping on the communication between a card and its legitimate reader can break their cryptographic protocol and obtain their secret keys. One solution for this problem is to install stronger cryptographic protocols on the cards. However, RFIDs' size, power, and cost limitations do not allow for conventional cryptographic protocols. Further, installing new protocols requires revoking billions of cards in consumers hands and facilities worldwide, which is costly and impractical. In this paper, we ask whether one can secure RFIDs from such attacks without revoking or changing the insecure cards. We propose LocRF, a solution that changes the signal used to read the RFID cards but does not require any changes to the cards themselves. LocRF introduces a new approach that randomizes the modulation of the RFID signal as well as the wireless channel. This design protects RFIDs from eavesdroppers even if they use multi-antenna MIMO receivers. We built a prototype of LocRF on software-defined radios and used it to secure the communication of off-the-shelf cards. Both our analysis and empirical evaluation demonstrate theeffectiveness of LocRF

EFFICIENT AND SCALABLE NETWORK SECURITY PROTOCOLS BASED ON LFSR SEQUENCES

The gap between abstract, mathematics-oriented research in cryptography and the engineering approach of designing practical, network security protocols is widening. Network researchers experiment with well-known cryptographic protocols suitable for different network models. On the other hand, researchers inclined toward theory often design cryptographic schemes without considering the practical network constraints. The goal of this dissertation is to address problems in these two challenging areas: building bridges between practical network security protocols and theoretical cryptography. This dissertation presents techniques for building performance sensitive security protocols, using primitives from linear feedback register sequences (LFSR) sequences, for a variety of challenging networking applications. The significant contributions of this thesis are: 1. A common problem faced by large-scale multicast applications, like real-time news feeds, is collecting authenticated feedback from the intended recipients. We design an efficient, scalable, and fault-tolerant technique for combining multiple signed acknowledgments into a single compact one and observe that most signatures (based on the discrete logarithm problem) used in previous protocols do not result in a scalable solution to the problem. 2. We propose a technique to authenticate on-demand source routing protocols in resource-constrained wireless mobile ad-hoc networks. We develop a single-round multisignature that requires no prior cooperation among nodes to construct the multisignature and supports authentication of cached routes. 3. We propose an efficient and scalable aggregate signature, tailored for applications like building efficient certificate chains, authenticating distributed and adaptive content management systems and securing path-vector routing protocols. 4. We observe that blind signatures could form critical building blocks of privacypreserving accountability systems, where an authority needs to vouch for the legitimacy of a message but the ownership of the message should be kept secret from the authority. We propose an efficient blind signature that can serve as a protocol building block for performance sensitive, accountability systems. All special forms digital signatures—aggregate, multi-, and blind signatures—proposed in this dissertation are the first to be constructed using LFSR sequences. Our detailed cost analysis shows that for a desired level of security, the proposed signatures outperformed existing protocols in computation cost, number of communication rounds and storage overhead