43 research outputs found

    Securely computing a similarity measure

    Get PDF
    The present invention relates to a method and a system of securely computing a measure of similarity for at least two sets of data. A basic idea of the present invention is to securely compare two sets of encrypted data to determine whether the two sets of data resemble each other to a sufficient extent. If the measure of similarity complies with predetermined criteria, the two sets of data from which the encrypted sets of data originate are considered to be identical

    Secure key storage with PUFs

    Get PDF
    Nowadays, people carry around devices (cell phones, PDAs, bank passes, etc.) that have a high value. That value is often contained in the data stored in it or lies in the services the device can grant access to (by using secret identification information stored in it). These devices often operate in hostile environments and their protection level is not adequate to deal with that situation. Bank passes and credit cards contain a magnetic stripe where identification information is stored. In the case of bank passes, a PIN is additionally required to withdraw money from an ATM (Automated Teller Machine). At various occasions, it has been shown that by placing a small coil in the reader, the magnetic information stored in the stripe can easily be copied and used to produce a cloned card. Together with eavesdropping the PIN (by listening to the keypad or recording it with a camera), an attacker can easily impersonate the legitimate owner of the bank pass by using the cloned card in combination with the eavesdropped PIN

    ALGSICS - Combining physics and cryptography to enhance security and privacy in RFID systems

    Get PDF
    In this paper, we introduce several new mechanisms that are cheap to implement or integrate into RFID tags and that at the same time enhance their security and privacy properties. Our aim is to provide solutions that make use of existing (or expected) functionality on the tag or that are inherently cheap and thus, enhance the privacy friendliness of the technology "almost" for free. Our proposals, for example, make use of environmental information (presence of light temperature, humidity, etc.) to disable or enable the RFID tag. A second possibility that we explore is the use of delays in revealing a secret key used to later establish a secure communication channel. We also introduce the idea of a "sticky tag," which can be used to re-enable a disabled (or killed) tag whenever the user considers it to be safe. We discuss the security and describe usage scenarios for all solutions. Finally, we review previous works that use physical principles to provide security and privacy in RFID systems

    Computationally secure authentication with noisy data

    No full text
    In this chapter we discuss authentication techniques involving data such as biometrics, which are assumed to be typical (essentially unique) for a particular person (or physical object). The data are captured by a sensor or measuring device, which is an imperfect process introducing some noise. Upon enrollment of a user, a sample of the noisy data is captured and stored as a template. Later, during authentication, another sample of the noisy data is captured and matched against the stored template

    Private profile matching

    No full text
    Without abstract

    Secret key generation from classical physics : Physical Uncloneable Functions (Chapter 6.4)

    No full text
    In this chapter we explain why security is important in an ambient intelligent (AmI) environment. In order to achieve trust and security in this environment not only cryptographic algorithms are needed, but also secure methods for generation and storage of secret keys. Physical uncloneable functions (PUFs) can be used to this end, because they have built in security properties, such as uncloneability and tamper evidence. We show that cryptographic keys can be extracted securely from PUFs. This enables one to go beyond simple identification applications. In particular, more advanced protocols, such as authentication, key exchange, certified execution, and proofs of execution, can be based on PUFs

    An efficient fuzzy extractor for limited noise

    Get PDF
    A fuzzy extractor is a security primitive that allows for reproducible extraction of an almost uniform key from a noisy non-uniform source. We analyze a fuzzy extractor scheme that uses universal hash functions for both information reconciliation and privacy amplification. This is a useful scheme when the number of error patterns likely to occur is limited, regardless of the error probabilities. We derive a sharp bound on the uniformity of the extracted key, making use of the concatenation property of universal hash functions and a recent tight formulation of the leftover hash lemma
    corecore