Trusted and Privacy-preserving Embedded Systems: Advances in Design, Analysis and Application of Lightweight Privacy-preserving Authentication and Physical Security Primitives

Radio Frequency Identification (RFID) enables RFID readers to perform fully automatic wireless identification of objects labeled with RFID tags and is widely deployed to many applications, such as access control, electronic tickets and payment as well as electronic passports. This prevalence of RFID technology introduces various risks, in particular concerning the privacy of its users and holders. Despite the privacy risk, classical threats to authentication and identification systems must be considered to prevent the adversary from impersonating or copying (cloning) a tag. This thesis summarizes the state of the art in secure and privacy-preserving authentication for RFID tags with a particular focus on solutions based on Physically Unclonable Functions (PUFs). It presents advancements in the design, analysis and evaluation of secure and privacy-preserving authentication protocols for RFID systems and PUFs. Formalizing the security and privacy requirements on RFID systems is essential for the design of provably secure and privacy-preserving RFID protocols. However, existing RFID security and privacy models in the literature are often incomparable and in part do not reflect the capabilities of real-world adversaries. We investigate subtle issues such as tag corruption aspects that lead to the impossibility of achieving both mutual authentication and any reasonable notion of privacy in one of the most comprehensive security and privacy models, which is the basis of many subsequent works. Our results led to the refinement of this privacy model and were considered in subsequent works on privacy-preserving RFID systems. A promising approach to enhance the privacy in RFID systems without lifting the computational requirements on the tags are anonymizers. These are special devices that take off the computational workload from the tags. While existing anonymizer-based protocols are subject to impersonation and denial-of-service attacks, existing RFID security and privacy models do not include anonymizers. We present the first security and privacy framework for anonymizer-enabled RFID systems and two privacy-preserving RFID authentication schemes using anonymizers. Both schemes achieve several appealing features that were not simultaneously achieved by any previous proposal. The first protocol is very efficient for all involved entities, achieves privacy under tag corruption. It is secure against impersonation attacks and forgeries even if the adversary can corrupt the anonymizers. The second scheme provides for the first time anonymity and untraceability of tags against readers as well as secure tag authentication against collisions of malicious readers and anonymizers using tags that cannot perform public-key cryptography (i.e., modular exponentiations). The RFID tags commonly used in practice are cost-efficient tokens without expensive hardware protection mechanisms. Physically Unclonable Functions (PUFs) promise to provide an effective security mechanism for RFID tags to protect against basic hardware attacks. However, existing PUF-based RFID authentication schemes are not scalable, allow only for a limited number of authentications and are subject to replay, denial-of-service and emulation attacks. We present two scalable PUF-based authentication schemes that overcome these problems. The first protocol supports tag and reader authentication, is resistant to emulation attacks and highly scalable. The second protocol uses a PUF-based key storage and addresses an open question on the feasibility of destructive privacy, i.e., the privacy of tags that are destroyed during tag corruption. The security of PUFs relies on assumptions on physical properties and is still under investigation. PUF evaluation results in the literature are difficult to compare due to varying test conditions and different analysis methods. We present the first large-scale security analysis of ASIC implementations of the five most popular electronic PUF types, including Arbiter, Ring Oscillator, SRAM, Flip-Flop and Latch PUFs. We present a new PUF evaluation methodology that allows a more precise assessment of the unpredictability properties than previous approaches and we quantify the most important properties of PUFs for their use in cryptographic schemes. PUFs have been proposed for various applications, including anti-counterfeiting and authentication schemes. However, only rudimentary PUF security models exist, limiting the confidence in the security claims of PUF-based security mechanisms. We present a formal security framework for PUF-based primitives, which has been used in subsequent works to capture the properties of image-based PUFs and in the design of anti-counterfeiting mechanisms and physical hash functions

On the Privacy of Two Tag Ownership Transfer Protocols for RFIDs

In this paper, the privacy of two recent RFID tag ownership transfer protocols are investigated against the tag owners as adversaries. The first protocol called ROTIV is a scheme which provides a privacy-preserving ownership transfer by using an HMAC-based authentication with public key encryption. However, our passive attack on this protocol shows that any legitimate owner which has been the owner of a specific tag is able to trace it either in the past or in the future. Tracing the tag is also possible via an active attack for any adversary who is able to tamper the tag and extract its information. The second protocol called, Chen et al.'s protocol, is an ownership transfer protocol for passive RFID tags which conforms EPC Class1 Generation2 standard. Our attack on this protocol shows that the previous owners of a particular tag are able to trace it in future. Furthermore, they are able even to obtain the tag's secret information at any time in the future which makes them capable of impersonating the tag

Survey and Systematization of Secure Device Pairing

Secure Device Pairing (SDP) schemes have been developed to facilitate secure communications among smart devices, both personal mobile devices and Internet of Things (IoT) devices. Comparison and assessment of SDP schemes is troublesome, because each scheme makes different assumptions about out-of-band channels and adversary models, and are driven by their particular use-cases. A conceptual model that facilitates meaningful comparison among SDP schemes is missing. We provide such a model. In this article, we survey and analyze a wide range of SDP schemes that are described in the literature, including a number that have been adopted as standards. A system model and consistent terminology for SDP schemes are built on the foundation of this survey, which are then used to classify existing SDP schemes into a taxonomy that, for the first time, enables their meaningful comparison and analysis.The existing SDP schemes are analyzed using this model, revealing common systemic security weaknesses among the surveyed SDP schemes that should become priority areas for future SDP research, such as improving the integration of privacy requirements into the design of SDP schemes. Our results allow SDP scheme designers to create schemes that are more easily comparable with one another, and to assist the prevention of persisting the weaknesses common to the current generation of SDP schemes.Comment: 34 pages, 5 figures, 3 tables, accepted at IEEE Communications Surveys & Tutorials 2017 (Volume: PP, Issue: 99

Efficient and Low-Cost RFID Authentication Schemes

Security in passive resource-constrained Radio Frequency Identification (RFID) tags is of much interest nowadays. Resistance against illegal tracking, cloning, timing, and replay attacks are necessary for a secure RFID authentication scheme. Reader authentication is also necessary to thwart any illegal attempt to read the tags. With an objective to design a secure and low-cost RFID authentication protocol, Gene Tsudik proposed a timestamp-based protocol using symmetric keys, named YA-TRAP*. Although YA-TRAP* achieves its target security properties, it is susceptible to timing attacks, where the timestamp to be sent by the reader to the tag can be freely selected by an adversary. Moreover, in YA-TRAP*, reader authentication is not provided, and a tag can become inoperative after exceeding its pre-stored threshold timestamp value. In this paper, we propose two mutual RFID authentication protocols that aim to improve YA-TRAP* by preventing timing attack, and by providing reader authentication. Also, a tag is allowed to refresh its pre-stored threshold value in our protocols, so that it does not become inoperative after exceeding the threshold. Our protocols also achieve other security properties like forward security, resistance against cloning, replay, and tracking attacks. Moreover, the computation and communication costs are kept as low as possible for the tags. It is important to keep the communication cost as low as possible when many tags are authenticated in batch-mode. By introducing aggregate function for the reader-to-server communication, the communication cost is reduced. We also discuss different possible applications of our protocols. Our protocols thus capture more security properties and more efficiency than YA-TRAP*. Finally, we show that our protocols can be implemented using the current standard low-cost RFID infrastructures.Comment: 21 pages, Journal of Wireless Mobile Networks, Ubiquitous Computing, and Dependable Applications (JoWUA), Vol 2, No 3, pp. 4-25, 201

Cryptographic Approaches To Security and Privacy Issues In Pervasive Computing

Technological innovation has enabled tiny devices to participate in pervasive com- puting. Such devices are particularly vulnerable to security and privacy threats, because of their limited computing resources and relatively weak physical security. We investigate possible cryptographic solutions to security and privacy problems arising in two kinds of emerging pervasive computing networks: Personal Area Net- works (PANs) and the EPCglobal Network. A number of key management schemes have been proposed for use in PANs, but these schemes only support key management within a PAN. However, as people are increasingly equipped with multiple wireless devices, PANs are likely to be intercon- nected to share information or services. We introduce a term, iPANs, to name such interconnected PANs. We define system models and design goals for key manage- ment in iPANs, and propose a novel security initialisation scheme for use in iPANs. The proposed scheme achieves desirable security and efficiency properties by making use of the unique characteristics of PANs. The EPCglobal Network is designed to give efficiency and cost savings in and beyond the supply chain using Radio Frequency Identification (RFID) technology; however, privacy threats affecting such networks are particularly serious. We construct a formal privacy model for RFID systems accurately reflecting adversarial threats and power. We then give brief privacy analysis for the existing privacy-enhanced RFID schemes which have received wide attention in the literature. We then construct a secure refresh-based RFID system based on re-encryption techniques, and prove its privacy using the defined privacy model. Finally, we show that the proposed scheme can greatly enhance the security and privacy of EPC tags, making the maximum use of given tag functionalities as specified in the standards