Privacy and Reader-first Authentication in Vaudenay\u27s RFID Model with Temporary State Disclosure

Privacy and mutual authentication under corruption with temporary state disclosure are two significant requirements for real-life applications of RFID schemes. No RFID scheme is known so far to meet these two requirements. In this paper we propose two practical RFID schemes that fill this gap. The first one achieves destructive privacy, while the second one narrow destructive privacy, in Vaudenay\u27s model with temporary state disclosure. Both of them provide mutual (reader-first) authentication. In order to achieve these privacy levels we use Physically Unclonable Functions (PUFs) to assure that the internal secret of the tag remains hidden against an adversary with invasive capabilities. Our first RFID scheme cannot be desynchronized for more than one step, while the second one avoids the use of random generators on tags. Detailed security and privacy proofs are provided

New Results on Identity-based Encryption from Quadratic Residuosity

This paper surveys the results obtained so far in designing identity-based encryption (IBE) schemes based on the quadratic residuosity assumption (QRA). We begin by describing the first such scheme due to Cocks, and then we advance to the novel idea of Boneh, Gentry and Hamburg. Major improvements of the Boneh-Gentry-Hamburg scheme are then recalled. The recently revealed algebraic torus structures of the Cocks scheme allows for a better understanding of this scheme, as well as for new applications of it such as homomorphic and anonymous variants of it

On the Distribution of Quadratic Residues and Non-residues Modulo Composite Integers and Applications to Cryptography

We develop exact formulas for the distribution of quadratic residues and non-residues in sets of the form $a+X=\{(a+x)\bmod n\mid x\in X\}$, where $n$ is a prime or the product of two primes and $X$ is a subset of integers with given Jacobi symbols modulo prime factors of $n$. We then present applications of these formulas to Cocks\u27 identity-based encryption scheme and statistical indistinguishability

Petri Net Reactive Modules

In this paper we model (discrete) reactive systems that may interact with each other by Petri net modules which are classical Petri nets together with a distinguished subset of interface places. We consider then an asynchronous composition operation of modules and, closely related to it, a decomposition operation. We show that any process (concurrent execution) of a composition of two modules can be decomposed into processes of "shifted" components for which a p-composition function exists, and vice versa. Based on this result, a compositional semantics of modules is then defined. The concurrent execution of a module inside a system is called a process sample/fragment of the system w.r.t. that module. We show that, in some circumstances, all the process samples of a system can be generated by e-modules which abstract from some parts of the behaviour by collapsing many consecutive steps into a single one. Some applications of process decomposition to replacement techniques of Petri nets, in proving correctness of Petri net structural transformations, and in validation of Petri net models, are further discussed. The last section takes into consideration the model checking problem for Petri net modules. A simulation preoder on Kripke structures with Büchi fairness constraints is considered, which is shown to preserve the delayed version of universal CTL* formulas. Then, the results are transferred to Petri net modules, and discussions on step fairness constraints are provided