1,795 research outputs found
Formal Verification of Safety Properties for Ownership Authentication Transfer Protocol
In ubiquitous computing devices, users tend to store some valuable
information in their device. Even though the device can be borrowed by the
other user temporarily, it is not safe for any user to borrow or lend the
device as it may cause private data of the user to be public. To safeguard the
user data and also to preserve user privacy we propose and model the technique
of ownership authentication transfer. The user who is willing to sell the
device has to transfer the ownership of the device under sale. Once the device
is sold and the ownership has been transferred, the old owner will not be able
to use that device at any cost. Either of the users will not be able to use the
device if the process of ownership has not been carried out properly. This also
takes care of the scenario when the device has been stolen or lost, avoiding
the impersonation attack. The aim of this paper is to model basic process of
proposed ownership authentication transfer protocol and check its safety
properties by representing it using CSP and model checking approach. For model
checking we have used a symbolic model checker tool called NuSMV. The safety
properties of ownership transfer protocol has been modeled in terms of CTL
specification and it is observed that the system satisfies all the protocol
constraint and is safe to be deployed.Comment: 16 pages, 7 figures,Submitted to ADCOM 201
A Fault Analytic Method against HB+
The search for lightweight authentication protocols suitable for low-cost
RFID tags constitutes an active and challenging research area. In this context,
a family of protocols based on the LPN problem has been proposed: the so-called
HB-family. Despite the rich literature regarding the cryptanalysis of these
protocols, there are no published results about the impact of fault analysis
over them. The purpose of this paper is to fill this gap by presenting a fault
analytic method against a prominent member of the HB-family: HB+ protocol. We
demonstrate that the fault analysis model can lead to a flexible and effective
attack against HB-like protocols, posing a serious threat over them
A framework for analyzing RFID distance bounding protocols
Many distance bounding protocols appropriate for the RFID technology have been proposed recently. Unfortunately, they are commonly designed without any formal approach, which leads to inaccurate analyzes and unfair comparisons. Motivated by this need, we introduce a unied framework that aims to improve analysis and design of distance bounding protocols. Our framework includes a thorough terminology about the frauds, adversary, and prover, thus disambiguating many misleading terms. It also explores the adversary's capabilities and strategies, and addresses the impact of the prover's ability to tamper with his device. It thus introduces some new concepts in the distance bounding domain as the black-box and white-box models, and the relation between the frauds with respect to these models. The relevancy and impact of the framework is nally demonstrated on a study case: Munilla-Peinado distance bounding protocol
KEDGEN2: A key establishment and derivation protocol for EPC Gen2 RFID systems
International audienceThe EPC Class-1 Generation-2 (Gen2 for short) is a Radio Frequency IDentification (RFID) technology that is gaining a prominent place in several domains. However, the Gen2 standard lacks verifiable security functionalities. Eavesdropping attacks can, for instance, affect the security of applications based on the Gen2 technology. To address this problem, RFID tags must be equipped with a robust mechanism to authenticate readers before authorising them to access their data. In this paper, we propose a key establishment and derivation protocol, which is applied at both identification phase and those remainder operations requiring security. Our solution is based on a pseudorandom number generator that uses a low computational workload, while ensuring long term secure communication to protect the secrecy of the exchanged data. Mutual authentication of the tag and the sensor and strong notions of secrecy such as forward and backward secrecy are analysed, and we prove formally that after being amended, our protocol is secure with respect to these properties
- âŠ