wide strong private rf identification based on zero
play

Wide Strong Private RF IDentification based on Zero-Knowledge Roel - PowerPoint PPT Presentation

Feb 08, 2023 •234 likes •501 views

Wide Strong Private RF IDentification based on Zero-Knowledge Roel Peeters and Jens Hermans Provable Privacy Workshop, 10 July 2012 RFID Privacy Wig model #4456 (cheap polyester) Replacement hip medical part #459382 Das Kapital and

  1. Wide Strong Private RF IDentification based on Zero-Knowledge Roel Peeters and Jens Hermans Provable Privacy Workshop, 10 July 2012

  2. RFID Privacy Wig model #4456 (cheap polyester) Replacement hip medical part #459382 Das Kapital and Communist-party handbook 500 Euros in wallet Serial numbers: 597387,389473… 30 items of lingerie

  3. RFID Privacy 41126751 Wig model #4456 (cheap polyester) 93479122 Replacement hip medical part #459382 Das Kapital and 54872164 Communist-party handbook 500 Euros in wallet 55542390 Serial numbers: 09840921 597387,389473… 30 items of lingerie

  4. RFID Privacy Model Weak Adversary DrawTag SendTag SendReader FreeTag ! Result

  5. RFID Privacy Model Forward Adversary DrawTag SendTag SendReader Corrupt FreeTag ! Result

  6. RFID Privacy Model Forward Adversary Secret

  7. RFID Privacy Model Strong Adversary DrawTag SendTag SendReader Corrupt FreeTag ! Result

  8. RFID Privacy Model Strong Adversary DrawTag SendTag SendReader Secret FreeTag ! Result

  9. Private Identification Protocol ! Requirements } ! Correct Should not be neglected ! ! Sound ! Private Not sound Not correct

  10. Design Goals ! RFID Identification protocol that is: ! Secure ! Wide-strong private ! Efficient ! Compact hardware

  11. Design Goals ! Secure, wide-strong private protocols require Public Key Cryptography ! Elliptic Curve Cryptography coprocessor can be implemented on RFID [LBSV’07] [WH’11] ! Limit the number of cryptographic building blocks, e.g. ideally no hash functions

  12. Secure, wide-strong protocols ! Two known protocols: ! Vaudenay’s Public Key Encryption ! Canard et al.’s Hashed ElGamal ! Both based on (variant) IND-CCA2

  13. Vaudenay’s Public Key Encryption Tag ( ID, K, PK ) Reader ( sk, DB ) a DHIES 2 EC mult IND-CCA2 1 Hash b = ENC PK (ID !! K !! a) 1 MAC 1 symm enc ID* !! K* !! a* = DEC sk (b) a* == a " (ID*, K*) # DB ?

  14. Canard et al.’s Hashed ElGamal Tag ( ID, K, Y ) Reader ( y, DB ) a 2 EC mult T 0 = MAC K (a !! b) 1 Hash T 1 = (T 0 !! ID !! b) $ H(rY) 1 MAC T 2 = rP T 1 , T 2 T 0 * !! ID* !! b* = T 1 $ H(rT 2 ) ID* # DB ? T 0 = MAC K* (a !! b*)?

  15. Randomized Schnorr Tag ( x, Y ) Reader ( y, DB ) R 1 = r 1 P, R 2 = r 2 Y e s = ex + r 1 + r 2 X* = e -1 (sP - R 1 - y -1 R 2 ) # DB ?

  16. Randomized Schnorr not wide-weak Tag ( x, Y ) Reader ( y, DB ) R 1 , R 2 , e, s R 1 = r 1 P, R 2 = r 2 Y R 1 + R 1 , R 2 + R 2 e - e e s = (e - e)x + r 1 + r 2 s + s = ex + r 1 + r 1 + r 2 + r 2 X* = e -1 (s*P - R 1 * - y -1 R 2 *) # DB ? result

  17. Randomized Hashed GPS Tag ( x, Y ) Reader ( y, DB ) R 1 = r 1 P, R 2 = r 2 Y h = H(R 1 ,R 2 ) e R 1 , R 2 , s = ex + r 1 + r 2 h = H(R 1 ,R 2 ) " X* = e -1 (sP - R 1 - y -1 R 2 ) # DB ?

  18. Randomized Hashed GPS not wide-strong Tag ( x, Y ) Reader ( y, DB ) x h = H(R 1 ,R 2 ) h e - 1 e R 1 , R 2 , s = (e-1)x + r 1 + r 2 R 1 , R 2 , s + x = ex + r 1 + r 2 h = H(R 1 ,R 2 ) " X* = e -1 (sP - R 1 - y -1 R 2 ) # DB ? result

  19. New Protocol Tag ( x, Y ) Reader ( y, DB ) R 1 = r 1 P, R 2 = r 2 P e d = x-coord(x-coord( r 2 Y ) P ) s = dx + er 1 d* = x-coord(x-coord( yR 2 ) P ) X* = d* -1 (sP - eR 1 ) # DB ?

  20. New Protocol Tag ( x, Y ) Reader ( y, DB ) R 1 = r 1 P, R 2 = r 2 P e One More Discrete Logarithm, just like Schnorr d = x-coord(x-coord( r 2 Y ) P ) s = dx + er 1 d* = x-coord(x-coord( yR 2 ) P ) X* = d* -1 (sP - eR 1 ) # DB ?

  21. New Protocol Tag ( x, Y ) Reader ( y, DB ) R 1 = r 1 P, R 2 = r 2 P e Diffie Hellman One More Discrete Logarithm, just like Schnorr d = x-coord(x-coord( r 2 Y ) P ) s = dx + er 1 d* = x-coord(x-coord( yR 2 ) P ) X* = d* -1 (sP - eR 1 ) # DB ?

  22. New Protocol Tag ( x, Y ) Reader ( y, DB ) R 1 = r 1 P, R 2 = r 2 P e Diffie Hellman One More Discrete Logarithm, just like Schnorr d = x-coord(x-coord( r 2 Y ) P ) s = dx + er 1 Oracle Diffie Hellman d* = x-coord(x-coord( yR 2 ) P ) ECC-based, no hash to X* = d* -1 (sP - eR 1 ) # DB ? keep HW design compact

  23. More Efficient Variant Tag ( x, Y ) Reader ( y, DB ) R = rP e d = x-coord( rY ) s = dx + er d* = x-coord( yR ) X* = d* -1 (sP - eR) # DB ?

  24. Conclusions ! Proven security and wide-strong privacy ! Efficient : only 2 EC multiplications ! Compact HW: no hash function

  25. Full paper on ePrint ! http://eprint.iacr.org/2012/389

Recommend

Game Bot Identification Game Bot Identification based on Manifold Learning based on Manifold

Game Bot Identification Game Bot Identification based on Manifold Learning based on Manifold

Game Bot Identification Game Bot Identification based on Manifold Learning based on Manifold Learning Kuan Ta Chen Academia Sinica Hsing Kuo Pao NTUST Hong Chung Chang NTUST ACM NetGames 2008 Game Bots Game bots: automated AI programs

371 views • 36 slides
Forensic Body Fluid Identification o Body fluid identification can provide information linking

Forensic Body Fluid Identification o Body fluid identification can provide information linking

Genome-wide methylation profiling and a multiplex construction for the identification of body fluids using epigenetic markers Hwan Young Lee, Ja Hyun An, Sang-Eun Jung, Yu Na Oh, Eun Young Lee, Ajin Choi, Woo Ick Yang, Kyoung-Jin Shin

232 views • 10 slides
& Development Esther Chia Lawrence Ho Sophia Sim Building strong movement foundations

& Development Esther Chia Lawrence Ho Sophia Sim Building strong movement foundations

Talent Identification & Development Esther Chia Lawrence Ho Sophia Sim Building strong movement foundations What is Physical Literacy? Physical Literacy is the ability to move with competence and confidence in a wide variety of physical

634 views • 45 slides
Extent- -based Incremental Identification based Incremental Identification Extent of Reaction

Extent- -based Incremental Identification based Incremental Identification Extent of Reaction

LABORATOIRE DAUTOMATIQUE AUTOMATIC CONTROL LABORATORY Extent- -based Incremental Identification based Incremental Identification Extent of Reaction Kinetics from Spectroscopic Data of Reaction Kinetics from Spectroscopic Data XIII

428 views • 23 slides
Identification of Human Gait Why Fourier-Based . . . Why Fourier-Based . . . in

Identification of Human Gait Why Fourier-Based . . . Why Fourier-Based . . . in

Introduction Formulation of the . . . Straightforward . . . Identification of Human Gait Why Fourier-Based . . . Why Fourier-Based . . . in Neuro-Rehabilitation: Shift Detection: . . . Towards Efficient Algorithms General Case Conclusions

502 views • 10 slides
THE PROBLEM OF PRIVATE IDENTIFICATION PROTOCOLS Ruxandra F. Olimid and Stig F. Mjlsnes Dept.

THE PROBLEM OF PRIVATE IDENTIFICATION PROTOCOLS Ruxandra F. Olimid and Stig F. Mjlsnes Dept.

THE PROBLEM OF PRIVATE IDENTIFICATION PROTOCOLS Ruxandra F. Olimid and Stig F. Mjlsnes Dept. of Information Security and Communication Technology, NTNU, Norway Real World Crypto 2018 Zurich, January 10 Motivation - LTE 2 LTE -

661 views • 25 slides
Observing Strategy Considerations for Strong Lensing Science Intro Strong gravitational lensed

Observing Strategy Considerations for Strong Lensing Science Intro Strong gravitational lensed

Observing Strategy Considerations for Strong Lensing Science Intro Strong gravitational lensed are rare events (1 in 10 4 galaxies capable of being a lens) Requirements for general strong lens discovery: Wide area with reasonable

494 views • 15 slides
WIDE Project RFID/Auto-ID activities Yojiro UO Auto-ID Labs, JAPAN WIDE Project Auto-ID

WIDE Project RFID/Auto-ID activities Yojiro UO Auto-ID Labs, JAPAN WIDE Project Auto-ID

WIDE Project RFID/Auto-ID activities Yojiro UO Auto-ID Labs, JAPAN WIDE Project Auto-ID activities in WIDE Why are we working for RFID? RFID (radio frequency Identification) is a one of the key device to glue Real and Virtual space

820 views • 6 slides
Journey Background GM- wide Healthier Together programme, based on hub & non-

Journey Background GM- wide Healthier Together programme, based on hub & non-

Manchester University NHS Foundation Trust Our Surgical AEC Journey Background GM- wide Healthier Together programme, based on hub & non- hub sites. Merger of two large university hospital Trusts with a wide range of

108 views • 6 slides
Person Re-Identification Yiheng Liu Outli line Background Image-Based Person

Person Re-Identification Yiheng Liu Outli line Background Image-Based Person

Person Re-Identification Yiheng Liu Outli line Background Image-Based Person Re-Identification Partial Person Re-identification Video-Based Person Re-Identification Our Methods Outli line Background Image-Based

373 views • 26 slides
From 5-pass MQ -based identification to MQ -based signatures Ming-Shing Chen 1 , 2 , Andreas

From 5-pass MQ -based identification to MQ -based signatures Ming-Shing Chen 1 , 2 , Andreas

From 5-pass MQ -based identification to MQ -based signatures Ming-Shing Chen 1 , 2 , Andreas Hlsing 3 , Joost Rijneveld 4 , Simona Samardjiska 5 , Peter Schwabe 4 National Taiwan University 1 / Academia Sinica 2 , Taipei, Taiwan Eindhoven

710 views • 44 slides
Strong normalization for the parameter-free Strong polymorphic lambda calculus based on the

Strong normalization for the parameter-free Strong polymorphic lambda calculus based on the

Strong Normalization Akiyoshi and Terui Introduction Our Results Strong normalization for the parameter-free Strong polymorphic lambda calculus based on the -rule Normalization Theorem Previous Results Buchholz -Rule Ryota

706 views • 35 slides
Secret Shuffling: A Novel Approach to RFID Private Identification Claude Castelluccia and Mate

Secret Shuffling: A Novel Approach to RFID Private Identification Claude Castelluccia and Mate

Secret Shuffling: A Novel Approach to RFID Private Identification Claude Castelluccia and Mate Soos INRIA, 655 avenue de lEurope, Montbonnot, France { claude.castelluccia, mate.soos } @inrialpes.fr Abstract. This paper considers the problem of

514 views • 12 slides
RFID-based Identification System in a Hospital

RFID-based Identification System in a Hospital

RFID-based Identification System in a Hospital IoT Conference, ETH Zurich 2008 Welcome Internet of Things 2008 Dr.med. Marc Oertle Medical Informatics Agenda

1.4k views • 23 slides
Genome Wide SNP Selection with Entropy Based Methods Zhenqiu Liu University of Maryland

Genome Wide SNP Selection with Entropy Based Methods Zhenqiu Liu University of Maryland

Genome Wide SNP Selection with Entropy Based Methods Zhenqiu Liu University of Maryland Greenebaum Cancer Center Genome Wide SNP Selection with Entropy Based Methods p. 1/40 The Genetic Diversity in Humane Any two unrelated people are 99%

606 views • 50 slides
LudgerT ag V-T ag for N-glycan profiling and identification Highlights of the V-Tag System

LudgerT ag V-T ag for N-glycan profiling and identification Highlights of the V-Tag System

LudgerT ag V-T ag for N-glycan profiling and identification Highlights of the V-Tag System V-Tag labeling Allows glycan identification and quantitation using (U)HPLC. Provides data comparable to gold-standard glycoprofiling method based on

175 views • 15 slides
N8 Policing Research Partnership: Early Identification of Honour-Based Abuse Det. Sgt. Pal Singh,

N8 Policing Research Partnership: Early Identification of Honour-Based Abuse Det. Sgt. Pal Singh,

N8 Policing Research Partnership: Early Identification of Honour-Based Abuse Det. Sgt. Pal Singh, staff officer to: Commander Ivan Balhatchet National Police Lead for Honour-Based Abuse: Forced Marriage and Female Genital Mutilation 21 st May

381 views • 35 slides
RISK IDENTIFICATION Everything your competitor knows about Risk Identification on Software

RISK IDENTIFICATION Everything your competitor knows about Risk Identification on Software

RISK IDENTIFICATION Everything your competitor knows about Risk Identification on Software projects David OBrien | PMI Ireland Chapter 23 03 2020 Let Risk identification is your super-power Risk Identification 30 MARCH 2020 2 RISK

375 views • 22 slides
Identification and Monitoring of Identification and Monitoring of Complex Networks Based on

Identification and Monitoring of Identification and Monitoring of Complex Networks Based on

Identification and Monitoring of Identification and Monitoring of Complex Networks Based on Complex Networks Based on Synchronization Synchronization Wallace Tang Wallace Tang Department of Electronic Engineering Department of Electronic

925 views • 74 slides
Private Equity & Venture Capital www.charltonslaw.com 0 Professional Experience

Private Equity & Venture Capital www.charltonslaw.com 0 Professional Experience

Private Equity & Venture Capital www.charltonslaw.com 0 Professional Experience Charltons has wide experience in assisting private equity groups in relation to the establishment of investment funds, private equity investments,

235 views • 19 slides
Core Quality Measures Collaborative Why Core Quality Measures? Wide variability in use of

Core Quality Measures Collaborative Why Core Quality Measures? Wide variability in use of

Core Quality Measures Collaborative Why Core Quality Measures? Wide variability in use of measures across private payers and between public and private programs * Creates fragmentation in provider quality improvement efforts Too much

328 views • 10 slides
Disclosure Identification and Evidenced Based Intervention Barbara L Bentley PsyD, MS Ed I

Disclosure Identification and Evidenced Based Intervention Barbara L Bentley PsyD, MS Ed I

Fetal Alcohol Spectrum Disorders (FASD) Disclosure Identification and Evidenced Based Intervention Barbara L Bentley PsyD, MS Ed I have nothing to disclose. Pediatric Psychologist Stanford Childrens Health Clinical Associate Professor

652 views • 12 slides
Measurement Activities at WIDE Kenjiro Cho IIJ/WIDE Project November 23 2009 WIDE Project

Measurement Activities at WIDE Kenjiro Cho IIJ/WIDE Project November 23 2009 WIDE Project

Measurement Activities at WIDE Kenjiro Cho IIJ/WIDE Project November 23 2009 WIDE Project WIDE: Widely Integrated Distributed Environment a research consortium in Japan since 1988 about 100 sponsor companies 40 universities 200

664 views • 28 slides
GLIF Akira Kato Univ. of Tokyo/WIDE Project kato@wide.ad.jp

GLIF Akira Kato Univ. of Tokyo/WIDE Project kato@wide.ad.jp

GLIF Akira Kato Univ. of Tokyo/WIDE Project kato@wide.ad.jp Dark Fiber based Networks National Lambda Rail is operational in U.S. http://www.nlr.net/ Dark Fibers from Level3

1.02k views • 27 slides

More recommend