Abstract. This paper critically examines some recently proposed RFID privacy models. It shows that some models suffer from weaknesses such as insufficient generality and unrealistic assumptions regarding the adversary's ability to corrupt tags. We propose a new RFID privacy model that is based on the notion of indistinguishability and that does not suffer from the identified drawbacks. We demonstrate the easy applicability of our model by applying it to multiple existing RFID protocols.
In this paper NTRUEncrypt is implemented for the first time on a GPU using the CUDA platform. As is shown, this operation lends itself perfectly for parallelization and performs extremely well compared to similar security levels for ECC and RSA giving speedups of around three to five orders of magnitude. The focus is on achieving a high throughput, in this case performing a large number of encryptions/decryptions in parallel. Using a modern GTX280 GPU a throughput of up to 200000 encryptions per second can be reached at a security level of 256 bits. This gives a theoretical data throughput of 47.8 MB/s. Comparing this to a symmetric cipher (not a very common comparison), this is only around 20 times slower than a recent AES implementation on a GPU.
We propose a new distance bounding protocol, which builds upon the private RFID authentication protocol by Peeters and Hermans [25]. In contrast to most distance-bounding protocols in literature, our construction is based on publickey cryptography. Public-key cryptography (specifically Elliptic Curve Cryptography) can, contrary to popular belief, be realized on resource constrained devices such as RFID tags. Our protocol is wide-forward-insider private, achieves distance-fraud resistance and near-optimal mafia-fraud resistance. Furthermore, it provides strong impersonation security even when the number of time-critical rounds supported by the tag is very small. The computational effort for the protocol is only four scalar-EC point multiplications. Hence the required circuit area is minimal because only an ECC coprocessor is needed: no additional cryptographic primitives need to be implemented.
We approach RFID privacy both from modelling and protocol point of view. Our privacy model avoids the drawbacks of several proposed RFID privacy models that either suffer from insufficient generality or put forward unrealistic assumptions regarding the adversary's ability to corrupt tags. Furthermore, our model can handle multiple readers and introduces two new privacy notions to capture the recently discovered insider attackers. We analyse multiple existing RFID protocols, demonstrating the easy applicability of our model, and propose a new wideforward-insider private RFID authentication protocol. This protocol provides sufficient privacy guarantees for most practical applications and is the most efficient of its kind, it only requires two scalar-EC point multiplications.
We present two attacks on the security of the private grouping proof by Batina et al. [1]. We introduce the first formal models for yoking proofs. One model incorporates the aspect time, ensuring that the grouping proofs were generated at a specific time. A more general variant only provides a proof that tags were together at some time. Based on these models we propose two new protocols to generate sound yoking proofs that can trivially be extended to multiple parties and that attain narrow-strong privacy. 1 Introduction Juels [9] introduced the concept of yoking 1 proofs, also referred to as grouping proofs. These proofs allow the reader to claim afterwards (i.e. off-line) to a trusted party, that two RFID tags were scanned roughly at the same time and communicated to each other. Tags do not contain clocks and cannot communicate to each other directly, they communicate via the potentially untrusted reader. Note that these proofs give no guarantee that the RFID tags were physically close to each other, although close timing makes it harder for an adversary to obtain a yoking proof from two tags that are far apart. At the same time tag privacy should be considered: apart from the trusted party that is able to verify the yoking proof, no information should be gained on the tags' identities. Several papers have proposed constructions to generate yoking proofs, also generalising the setting to groupings of more than two tags. Most proposed proof systems [3,5,9,12,13,14] are based on symmetric cryptographic primitives. Lee et al. [11] and Hein et al. [7] showed that it is also possible to deploy public key cryptography on RFID tags, more specifically Elliptic Curve Cryptography. Towards tag privacy, symmetric cryptographic solutions are not scalable and only provide some basic privacy protection. Vaudenay [16] showed that public key cryptography is necessary to provide strong privacy guarantees for the tags such that no identifiable information leaks from the messages sent by the tags. Thus far, only Batina et al. [1] proposed two yoking proof systems ⋆ Joking with Yoking: Two Protocols in Front of a Circus :-) 1 From the verb to yoke, meaning to join together.
Abstract. In this paper we present an algorithm for parallel exhaustive search for short vectors in lattices. This algorithm can be applied to a wide range of parallel computing systems. To illustrate the algorithm, it was implemented on graphics cards using CUDA, a programming framework for NVIDIA graphics cards. We gain large speedups compared to previous serial CPU implementations. Our implementation is almost 5 times faster in high lattice dimensions.Exhaustive search is one of the main building blocks for lattice basis reduction in cryptanalysis. Our work results in an advance in practical lattice reduction.
In this paper we show how to break the most recent version of EC-RAC with respect to privacy. We show that both the ID-Transfer and ID&PWD-Transfer schemes from EC-RAC do not provide the claimed privacy levels by using a man-in-the-middle attack. The existence of these attacks voids the presented privacy proofs for EC-RAC.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
hi@scite.ai
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.