PPS: Privacy-preserving statistics using RFID tags

As RFID applications are entering our daily life, many new security and privacy challenges arise. However, current research in RFID security focuses mainly on simple authentication and privacy-preserving identication. In this paper, we discuss the possibility of widening the scope of RFID security and privacy by introducing a new application scenario. The suggested application consists of computing statistics on private properties of individuals stored in RFID tags. The main requirement is to compute global statistics while preserving the privacy of individual readings. PPS assures the privacy of properties stored in each tag through the combination of homomorphic encryption and aggregation at the readers. Re-encryption is used to prevent tracking of users. The readers scan tags and forward the aggregate of their encrypted readings to the back-end server. The back-end server then decrypts the aggregates it receives and updates the global statistics accordingly. PPS is provably privacypreserving. Moreover, tags can be very simple since they are not required to perform any kind of computation, but only to store data

Health and productivity monitoring of cage-cultured Atlantic halibut (Hippoglossus hippoglossus)

The Atlantic Canadian aquaculture industry is dominated by Atlantic salmon production. In recent years, infectious disease, parasitic infestations, and price fluctuations from international competition have caused disruptions to the industry. Diversification of the industry away from Atlantic salmon production is a potential strategy to insulate the industry from these fish health and market challenges. Atlantic halibut has long been a primary candidate for this diversification. However, the early commercialization of the species over the last 15 years has failed to reach its potential, owning primarily to a lack of information on the biology of the species, best management practices and proven economic feasibility. To address this information gap, a multi-objective Randomized Controlled Trial (RCT) was conducted at a commercial farm on the Bay of Fundy in New Brunswick. The study collected detailed information on the growth and survival of 5000 Atlantic halibut individually identified with Passive Integrated Transponder (PIT) tags and followed over a four year grow-out period. The main objectives of this research were: (1) to evaluate the impact of individual fish characteristics on growth, survival and farm economics, (2) to determine the effects of oil-adjuvanted vaccines on growth performance, survival and vaccine associated lesions, (3) to evaluate the suitability of FT4 Lock-on tags as an external tagging method for individual identification of Atlantic halibut, and (4) to test a Stratified Transport System (STS) as a means of improving fish welfare and the economics of overland halibut transport. A variety of fish level characteristics were found to be important predictors of productivity. Identifying and culling fish with these specific characteristics prior to grow-out was identified as a method to improve overall farm productivity. The side-effects of oil-adjuvanted vaccines were found to be mild in Atlantic halibut, thereby identifying oil-adjuvants as an available tool for future vaccine development. FT4 Lock-on tags were found to be suitable for identifying cage-cultured halibut with the exception of substantial impacts on growth. The STS was demonstrated to reduce post-transport mortality, establishing it as a cost-effective transport solution over currently practiced methods. In conclusion, this research allows producers to make evidence-based management decisions, to strengthen and facilitate the continued development of the Atlantic halibut aquaculture sector in Atlantic Canada

From clinics to methods and back: a tale of amyloid-PET quantification

The in-vivo assessment of cerebral amyloid load is taking a leading role in the early differential diagnosis of neurodegenerative diseases. With the hopefully near introduction of disease-modifying drugs, we expect a paradigm shift in the current diagnostic pathway with an unprecedented surge in the request of exams and detailed analysis

Lower Bounds on Anonymous Whistleblowing

Anonymous transfer, recently introduced by Agrikola, Couteau and Maier [ACM22] (TCC \u2722), allows a sender to leak a message anonymously by participating in a public non-anonymous discussion where everyone knows who said what. This opens up the intriguing possibility of using cryptography to ensure strong anonymity guarantees in a seemingly non-anonymous environment. The work of [ACM22] presented a lower bound on anonymous transfer, ruling out constructions with strong anonymity guarantees (where the adversary\u27s advantage in identifying the sender is negligible) against arbitrary polynomial-time adversaries. They also provided a (heuristic) upper bound, giving a scheme with weak anonymity guarantees (the adversary\u27s advantage in identifying the sender is inverse in the number of rounds) against fine-grained adversaries whose run-time is bounded by some fixed polynomial that exceeds the run-time of the honest users. This leaves a large gap between the lower bound and the upper bound, raising the intriguing possibility that one may be able to achieve weak anonymity against arbitrary polynomial time adversaries, or strong anonymity against fine grained adversaries. In this work, we present improved lower bounds on anonymous transfer, that rule out both of the above possibilities: - We rule out the existence of anonymous transfer with any non-trivial anonymity guarantees against general polynomial time adversaries. - Even if we restrict ourselves to fine-grained adversaries whose run-time is essentially equivalent to that of the honest parties, we cannot achieve strong anonymity, or even quantitatively improve over the inverse polynomial anonymity guarantees (heuristically) achieved by [ACM22]. Consequently, constructions of anonymous transfer can only provide security against fine-grained adversaries, and even in that case they achieve at most weak quantitative forms of anonymity

Anonymous Point Collection - Improved Models and Security Definitions

This work is a comprehensive, formal treatment of anonymous point collection. The proposed definition does not only provide a strong notion of security and privacy, but also covers features which are important for practical use. An efficient realization is presented and proven to fulfill the proposed definition. The resulting building block is the first one that allows for anonymous two-way transactions, has semi-offline capabilities, yields constant storage size, and is provably secure

An IoT based Virtual Coaching System (VSC) for Assisting Activities of Daily Life

Nowadays aging of the population is becoming one of the main concerns of theworld. It is estimated that the number of people aged over 65 will increase from 461million to 2 billion in 2050. This substantial increment in the elderly population willhave significant consequences in the social and health care system. Therefore, in thecontext of Ambient Intelligence (AmI), the Ambient Assisted Living (AAL) has beenemerging as a new research area to address problems related to the aging of the population. AAL technologies based on embedded devices have demonstrated to be effectivein alleviating the social- and health-care issues related to the continuous growing of theaverage age of the population. Many smart applications, devices and systems have beendeveloped to monitor the health status of elderly, substitute them in the accomplishment of activities of the daily life (especially in presence of some impairment or disability),alert their caregivers in case of necessity and help them in recognizing risky situations.Such assistive technologies basically rely on the communication and interaction be-tween body sensors, smart environments and smart devices. However, in such contextless effort has been spent in designing smart solutions for empowering and supportingthe self-efficacy of people with neurodegenerative diseases and elderly in general. Thisthesis fills in the gap by presenting a low-cost, non intrusive, and ubiquitous VirtualCoaching System (VCS) to support people in the acquisition of new behaviors (e.g.,taking pills, drinking water, finding the right key, avoiding motor blocks) necessary tocope with needs derived from a change in their health status and a degradation of theircognitive capabilities as they age. VCS is based on the concept of extended mind intro-duced by Clark and Chalmers in 1998. They proposed the idea that objects within theenvironment function as a part of the mind. In my revisiting of the concept of extendedmind, the VCS is composed of a set of smart objects that exploit the Internet of Things(IoT) technology and machine learning-based algorithms, in order to identify the needsof the users and react accordingly. In particular, the system exploits smart tags to trans-form objects commonly used by people (e.g., pillbox, bottle of water, keys) into smartobjects, it monitors their usage according to their needs, and it incrementally guidesthem in the acquisition of new behaviors related to their needs. To implement VCS, thisthesis explores different research directions and challenges. First of all, it addresses thedefinition of a ubiquitous, non-invasive and low-cost indoor monitoring architecture byexploiting the IoT paradigm. Secondly, it deals with the necessity of developing solu-tions for implementing coaching actions and consequently monitoring human activitiesby analyzing the interaction between people and smart objects. Finally, it focuses on the design of low-cost localization systems for indoor environment, since knowing theposition of a person provides VCS with essential information to acquire information onperformed activities and to prevent risky situations. In the end, the outcomes of theseresearch directions have been integrated into a healthcare application scenario to imple-ment a wearable system that prevents freezing of gait in people affected by Parkinson\u2019sDisease

A control theoretic approach for security of cyber-physical systems

In this dissertation, several novel defense methodologies for cyber-physical systems have been proposed. First, a special type of cyber-physical system, the RFID system, is considered for which a lightweight mutual authentication and ownership management protocol is proposed in order to protect the data confidentiality and integrity. Then considering the fact that the protection of the data confidentiality and integrity is insufficient to guarantee the security in cyber-physical systems, we turn to the development of a general framework for developing security schemes for cyber-physical systems wherein the cyber system states affect the physical system and vice versa. After that, we apply this general framework by selecting the traffic flow as the cyber system state and a novel attack detection scheme that is capable of capturing the abnormality in the traffic flow in those communication links due to a class of attacks has been proposed. On the other hand, an attack detection scheme that is capable of detecting both sensor and actuator attacks is proposed for the physical system in the presence of network induced delays and packet losses. Next, an attack detection scheme is proposed when the network parameters are unknown by using an optimal Q-learning approach. Finally, this attack detection and accommodation scheme has been further extended to the case where the network is modeled as a nonlinear system with unknown system dynamics --Abstract, page iv

Reduced Self-Aggregation and Improved Stability of Silica-Coated Fe3O4/Ag SERS-Active Nanotags Functionalized With 2-Mercaptoethanesulfonate

Nanocomposites combining magnetic and plasmonic properties are very attractive within the field of surface-enhanced Raman scattering (SERS) spectroscopy. Applications presented so far take advantage of not only the cooperation of both components but also synergy (enhanced properties), leading to multi-approach analysis. While many methods were proposed to synthesize such plasmonic-magnetic nanoparticles, the issue of their collective magnetic behavior, inducing irreversible self-aggregation, has not been addressed yet. Thus, here we present a simple and fast method to overcome this problem, employing 2-mercaptoethanesulfonate (MES) ions as both a SERS tag and primer molecules in the silica-coating process of the previously fabricated Fe3O4/Ag nanocomposite. The use of MES favored the formation of silica-coated nanomaterial comprised of well-dispersed small clusters of Fe3O4/Ag nanoparticles. Furthermore, adsorbed MES molecules provided a reliable SERS response, which was successfully detected after magnetic assembly of the Fe3O4/Ag@MES@SiO2 on the surface of the banknote. Improved chemical stability after coating with a silica layer was also found when the nanocomposite was exposed to suspension of yeast cells. This work reports on the application of 2-mercaptoethanesulfonate not only providing a photostable SERS signal due to a non-aromatic Raman reporter but also acting as a silica-coating primer and a factor responsible for a substantial reduction of the self-aggregation of the plasmonic-magnetic nanocomposite. Additionally, here obtained Fe3O4/Ag@MES@SiO2 SERS nanotags showed the potential as security labels for the authentication purposes, retaining its original SERS performance after deposition on the banknote

Trusted and Privacy-preserving Embedded Systems: Advances in Design, Analysis and Application of Lightweight Privacy-preserving Authentication and Physical Security Primitives

Radio Frequency Identification (RFID) enables RFID readers to perform fully automatic wireless identification of objects labeled with RFID tags and is widely deployed to many applications, such as access control, electronic tickets and payment as well as electronic passports. This prevalence of RFID technology introduces various risks, in particular concerning the privacy of its users and holders. Despite the privacy risk, classical threats to authentication and identification systems must be considered to prevent the adversary from impersonating or copying (cloning) a tag. This thesis summarizes the state of the art in secure and privacy-preserving authentication for RFID tags with a particular focus on solutions based on Physically Unclonable Functions (PUFs). It presents advancements in the design, analysis and evaluation of secure and privacy-preserving authentication protocols for RFID systems and PUFs. Formalizing the security and privacy requirements on RFID systems is essential for the design of provably secure and privacy-preserving RFID protocols. However, existing RFID security and privacy models in the literature are often incomparable and in part do not reflect the capabilities of real-world adversaries. We investigate subtle issues such as tag corruption aspects that lead to the impossibility of achieving both mutual authentication and any reasonable notion of privacy in one of the most comprehensive security and privacy models, which is the basis of many subsequent works. Our results led to the refinement of this privacy model and were considered in subsequent works on privacy-preserving RFID systems. A promising approach to enhance the privacy in RFID systems without lifting the computational requirements on the tags are anonymizers. These are special devices that take off the computational workload from the tags. While existing anonymizer-based protocols are subject to impersonation and denial-of-service attacks, existing RFID security and privacy models do not include anonymizers. We present the first security and privacy framework for anonymizer-enabled RFID systems and two privacy-preserving RFID authentication schemes using anonymizers. Both schemes achieve several appealing features that were not simultaneously achieved by any previous proposal. The first protocol is very efficient for all involved entities, achieves privacy under tag corruption. It is secure against impersonation attacks and forgeries even if the adversary can corrupt the anonymizers. The second scheme provides for the first time anonymity and untraceability of tags against readers as well as secure tag authentication against collisions of malicious readers and anonymizers using tags that cannot perform public-key cryptography (i.e., modular exponentiations). The RFID tags commonly used in practice are cost-efficient tokens without expensive hardware protection mechanisms. Physically Unclonable Functions (PUFs) promise to provide an effective security mechanism for RFID tags to protect against basic hardware attacks. However, existing PUF-based RFID authentication schemes are not scalable, allow only for a limited number of authentications and are subject to replay, denial-of-service and emulation attacks. We present two scalable PUF-based authentication schemes that overcome these problems. The first protocol supports tag and reader authentication, is resistant to emulation attacks and highly scalable. The second protocol uses a PUF-based key storage and addresses an open question on the feasibility of destructive privacy, i.e., the privacy of tags that are destroyed during tag corruption. The security of PUFs relies on assumptions on physical properties and is still under investigation. PUF evaluation results in the literature are difficult to compare due to varying test conditions and different analysis methods. We present the first large-scale security analysis of ASIC implementations of the five most popular electronic PUF types, including Arbiter, Ring Oscillator, SRAM, Flip-Flop and Latch PUFs. We present a new PUF evaluation methodology that allows a more precise assessment of the unpredictability properties than previous approaches and we quantify the most important properties of PUFs for their use in cryptographic schemes. PUFs have been proposed for various applications, including anti-counterfeiting and authentication schemes. However, only rudimentary PUF security models exist, limiting the confidence in the security claims of PUF-based security mechanisms. We present a formal security framework for PUF-based primitives, which has been used in subsequent works to capture the properties of image-based PUFs and in the design of anti-counterfeiting mechanisms and physical hash functions

Contributions to privacy protection for ubiquitous computing

El desenvolupament de noves tecnologies ha introduït el concepte de Computació Ubiqua, a on els objectes que ens envolten poden tenir processadors integrats i establir la comunicació amb altres sistemes, amb la finalitat d'oferir serveis personalitzats per ajudar-nos amb les nostres tasques habituals. No obstant això, a causa de que és possible tenir ordinadors en gairebé qualsevol lloc o objecte, això ha obert noves discussions sobre temes tals com la privadesa i la seguretat, considerats des de diferents punts de vista, com el desenvolupaments jurídics, socials, econòmics i tecnològics, amb una importància cada vegada major al món actual. En aquesta tesi discutim i analitzem algunes de les principals qüestions de seguretat i privadesa a les tecnologies actuals, tals com a telèfons intel·ligents, dispositius RFID o ciutats intel·ligents, i proposem alguns protocols per fer front a aquests temes garantint la privadesa dels usuaris a tot moment.El desarrollo de nuevas tecnologías ha introducido el concepto de Computación Ubicua , en donde los objetos que nos rodean pueden tener procesadores integrados y establecer la comunicación con otros sistemas, con el fin de ofrecer servicios personalizados para ayudarnos con nuestras tareas habituales. Sin embargo, debido a que es posible tener ordenadores en casi cualquier lugar u objeto, esto ha abierto nuevas discusiones sobre temas tales como la privacidad y la seguridad, considerado desde diferentes puntos de vista, como el desarrollos jurídicos, sociales, económicos y tecnológicos, con una importancia cada vez mayor en el mundo actual. En esta tesis discutimos y analizamos algunas de las principales cuestiones de seguridad y privacidad en las tecnologías actuales, tales como teléfonos inteligentes, dispositivos RFID o ciudades inteligentes, y proponemos algunos protocolos para hacer frente a estos temas garantizando la privacidad de los usuarios en todo momento.The development of new technologies has introduced the concept of Ubiquitous Computing, whereby the objects around us can have an embedded computer and establish communications with each other, in order to provide personalized services to assist with our tasks. However, because it is possible to have computers almost anywhere and within any object, this has opened up new discussions on issues such as privacy and security, considered from many different views, such as the legal, social, economic and technological development perspectives, all taking an increasingly significant importance in today’s world. In this dissertation we discuss and analyze some of the main privacy and security issues in current technologies, such as smartphones, RFIDs or smart cities, and we propose some protocols in order to face these issues guarantying users' privacy anytime