1,828 research outputs found
Low-complexity and Reliable Transforms for Physical Unclonable Functions
Noisy measurements of a physical unclonable function (PUF) are used to store
secret keys with reliability, security, privacy, and complexity constraints. A
new set of low-complexity and orthogonal transforms with no multiplication is
proposed to obtain bit-error probability results significantly better than all
methods previously proposed for key binding with PUFs. The uniqueness and
security performance of a transform selected from the proposed set is shown to
be close to optimal. An error-correction code with a low-complexity decoder and
a high code rate is shown to provide a block-error probability significantly
smaller than provided by previously proposed codes with the same or smaller
code rates.Comment: To appear in IEEE International Conference on Acoustics, Speech, and
Signal Processing 202
Secure and Reliable Key Agreement with Physical Unclonable Functions
Different transforms used in binding a secret key to correlated
physical-identifier outputs are compared. Decorrelation efficiency is the
metric used to determine transforms that give highly-uncorrelated outputs.
Scalar quantizers are applied to transform outputs to extract uniformly
distributed bit sequences to which secret keys are bound. A set of transforms
that perform well in terms of the decorrelation efficiency is applied to ring
oscillator (RO) outputs to improve the uniqueness and reliability of extracted
bit sequences, to reduce the hardware area and information leakage about the
key and RO outputs, and to maximize the secret-key length. Low-complexity
error-correction codes are proposed to illustrate two complete key-binding
systems with perfect secrecy, and better secret-key and privacy-leakage rates
than existing methods. A reference hardware implementation is also provided to
demonstrate that the transform-coding approach occupies a small hardware area.Comment: An extra term in the last page due to the mismatch between the Arxiv
compiler and MDPI template is eliminated. No other change
A Formal Analysis of 5G Authentication
Mobile communication networks connect much of the world's population. The
security of users' calls, SMSs, and mobile data depends on the guarantees
provided by the Authenticated Key Exchange protocols used. For the
next-generation network (5G), the 3GPP group has standardized the 5G AKA
protocol for this purpose. We provide the first comprehensive formal model of a
protocol from the AKA family: 5G AKA. We also extract precise requirements from
the 3GPP standards defining 5G and we identify missing security goals. Using
the security protocol verification tool Tamarin, we conduct a full, systematic,
security evaluation of the model with respect to the 5G security goals. Our
automated analysis identifies the minimal security assumptions required for
each security goal and we find that some critical security goals are not met,
except under additional assumptions missing from the standard. Finally, we make
explicit recommendations with provably secure fixes for the attacks and
weaknesses we found.Comment: Categories (ACM class 2012): Security and privacy - Formal methods
and theory of security -- Security requirements -- Formal security models --
Logic and verification; Network protocols - Protocol correctness -- Formal
specifications; Security and privacy - Network security -- Mobile and
wireless security - Security services -- Privacy-preserving protocol
Bringing data minimization to digital wallets at scale with general-purpose zero-knowledge proofs
Today, digital identity management for individuals is either inconvenient and
error-prone or creates undesirable lock-in effects and violates privacy and
security expectations. These shortcomings inhibit the digital transformation in
general and seem particularly concerning in the context of novel applications
such as access control for decentralized autonomous organizations and
identification in the Metaverse. Decentralized or self-sovereign identity (SSI)
aims to offer a solution to this dilemma by empowering individuals to manage
their digital identity through machine-verifiable attestations stored in a
"digital wallet" application on their edge devices. However, when presented to
a relying party, these attestations typically reveal more attributes than
required and allow tracking end users' activities. Several academic works and
practical solutions exist to reduce or avoid such excessive information
disclosure, from simple selective disclosure to data-minimizing anonymous
credentials based on zero-knowledge proofs (ZKPs). We first demonstrate that
the SSI solutions that are currently built with anonymous credentials still
lack essential features such as scalable revocation, certificate chaining, and
integration with secure elements. We then argue that general-purpose ZKPs in
the form of zk-SNARKs can appropriately address these pressing challenges. We
describe our implementation and conduct performance tests on different edge
devices to illustrate that the performance of zk-SNARK-based anonymous
credentials is already practical. We also discuss further advantages that
general-purpose ZKPs can easily provide for digital wallets, for instance, to
create "designated verifier presentations" that facilitate new design options
for digital identity infrastructures that previously were not accessible
because of the threat of man-in-the-middle attacks
Multi-party authentication protocols for web services
The Web service technology allows the dynamic composition of a workflow (or a business flow) by composing a set of existing Web services scattered across the Internet. While a given Web service may have multiple service instances taking part in several workflows simultaneously, a workflow often involves a set of service instances that belong to different Web services. In order to establish trust relationships amongst service instances, new security protocols are urgently needed. Hada and Maruyama [HAD02] presented a session-oriented, multi-party authentication protocol to resolve this problem. Within a session the protocol provides a common session secret shared by all the service instances, thereby distinguishing the instances from those of other sessions. However, individual instances cannot be distinguished and identified by the session secret. This leads to vulnerable session management and poor threat containment. In this thesis, we present a new design for a multi-party authentication protocol. In this protocol, each service instance is provided with a unique identifier. The Diffie-Hellman Key Agreement scheme is employed to generate the trust relationship between service instances within the same flow. The Coordinated Atomic Action scheme is exploited for achieving an improved level of threat containment. The new protocol was implemented in Java and evaluated by a combined use of experiments and model-based analysis. The results show that the time consumption for multi-party authentication increases linearly as the number of service instances that are introduced into a session increases. Our solution is therefore potentially applicable for Web service flow with a large number of participants. Various public key algorithms are also compared and evaluated during the experiments in order to select the most suitable one for our new protocol
- …