Abstract: The security of embedded devices often relies on the secrecy of proprietary cryptographic algorithms. These algorithms and their weaknesses are frequently disclosed through reverse-engineering software, but it is commonly thought to be too expensive to reconstruct designs from a hardware implementation alone. This paper challenges that belief by presenting an approach to reverse-engineering a cipher from a silicon implementation. Using this mostly automated approach, we reveal a cipher from an RFID tag that is not known to have a software or micro-code implementation. We reconstruct the cipher from the widely used Mifare Classic RFID tag by using a combination of image analysis of circuits and protocol analysis. Our analysis reveals that the security of the tag is even below the level that its 48-bit key length suggests due to a number of design flaws. Weak random numbers and a weakness in the authentication protocol allow for pre-computed rainbow tables to be used to find any key in a matter of seconds. Our approach of deducing functionality from circuit images is mostly automated, hence it is also feasible for large chips. The assumption that algorithms can be kept secret should therefore to be avoided for any type of silicon chip.

Abstract: Secure wireless communications is a challenging problem due to the shared nature of the wireless medium. Most existing security protocols apply cryptographic techniques for bit scrambling at the application layer by exploiting a shared secret key between pairs of communicating nodes. However, more recent research argues that multipath propagation - a salient feature of wireless channels - provides a physical resource for secure communications. In this context, we propose a protocol that exploits the inherent randomness in multipath wireless channels for generating secret keys through channel estimation and quantization. Our approach is particularly attractive in wideband channels which exhibit a large number of statistically independent degrees of freedom (DoF), thereby enabling the generation of large, more-secure, keys. We show that the resulting keys are distinct for distinct pairwise links with a probability that increases exponentially with the key-size/channel DoF. We also characterize the probability that the two users sharing a common link generate the same key. This characterization is used to analyze the energy consumption in successful acquisition of a secret key by the two users. For a given key size, our results show that there is an optimum transmit power, and an optimum quantization strategy, that minimizes the energy consumption. The proposed approach to secret key generation through channel quantization also obviates the problem of key pre-distribution inherent to many existing cryptographic approaches.

Abstract: System security has emerged as a premier design requirement. While there has been an enormous body of impressive work on testing integrated circuits (ICs) desiderata such as manufacturing correctness, delay, and power, there is no reported effort to systematically test IC security in hardware. Our goal is to provide an impetus for this line of research and development by introducing techniques and methodology for rigorous testing of physically unclonable functions (PUFs). Recently, PUFs received a great deal of attention as security mechanisms due to their flexibility to form numerous security protocols and intrinsic resiliency against physical and side channels attacks. We study three classes of PUFs properties to design pertinent test methods: (i) predictability, (ii) sensitivity to component accuracy, and (iii) susceptibility to reverse engineering. As our case studies, we analyze two popular PUF structures, linear and feed-forward, and show that their security is not adequate from several points of view. The technical highlights of the paper are the first non-destructive technique for PUF reverse engineering and a new PUF structure that is capable of passing our security tests.

Abstract: We present an architecture and tools for verifying implementations of security protocols. Our implementations can run with both concrete and symbolic implementations of cryptographic algorithms. The concrete implementation is for production and interoperability testing. The symbolic implementation is for debugging and formal verification. We develop our approach for protocols written in Fn, a dialect of ML, and verify them by compilation to ProVerif, a resolution-based theorem prover for cryptographic protocols. We establish the correctness of this compilation scheme, and we illustrate our approach with protocols for Web Services security.

Abstract: Hash Function Cryptanalysis.- Security of MD5 Challenge and Response: Extension of APOP Password Recovery Attack.- Cryptanalysis of a Hash Function Based on Quasi-cyclic Codes.- Linear-XOR and Additive Checksums Don't Protect Damgard-Merkle Hashes from Generic Attacks.- Cryptographic Building Blocks.- Efficient Fully-Simulatable Oblivious Transfer.- Separation Results on the "One-More" Computational Problems.- Fairness in Secure Computation.- An Efficient Protocol for Fair Secure Two-Party Computation.- Efficient Optimistic Fair Exchange Secure in the Multi-user Setting and Chosen-Key Model without Random Oracles.- Legally-Enforceable Fairness in Secure Two-Party Computation.- Message Authentication Codes.- Security of NMAC and HMAC Based on Non-malleability.- Aggregate Message Authentication Codes.- Improved AES Implementations.- Boosting AES Performance on a Tiny Processor Core.- A Fast and Cache-Timing Resistant Implementation of the AES.- Public Key Encryption with Special Properties.- Identity-Based Threshold Key-Insulated Encryption without Random Oracles.- CCA2 Secure IBE: Standard Model Efficiency through Authenticated Symmetric Encryption.- Public-Key Encryption with Non-interactive Opening.- Side Channel Cryptanalysis.- A Vulnerability in RSA Implementations Due to Instruction Cache Analysis and Its Demonstration on OpenSSL.- Fault Analysis Study of IDEA.- Susceptibility of UHF RFID Tags to Electromagnetic Analysis.- Cryptography for Limited Devices.- Online/Offline Signature Schemes for Devices with Limited Computing Capabilities.- RFID Security: Tradeoffs between Security and Efficiency.- Invited Talk.- Program Obfuscation and One-Time Programs.- Key Exchange.- Efficient Two-Party Password-Based Key Exchange Protocols in the UC Framework.- Beyond Secret Handshakes: Affiliation-Hiding Authenticated Key Exchange.- Cryptanalysis.- Improving the Efficiency of Impossible Differential Cryptanalysis of Reduced Camellia and MISTY1.- Small Secret Key Attack on a Variant of RSA (Due to Takagi).- Cryptographic Protocols.- Super-Efficient Verification of Dynamic Outsourced Databases.- A Latency-Free Election Scheme.

Abstract: Operational and security requirements for RFID systems such as system scalability, anonymity and anti-cloning are difficult to obtain due to constraints in area, memory, etc. Due to scarceness of resources most of the proposed protocols were designed using symmetric key cryptographic algorithms. However, it has been shown that it is inevitable to use public-key cryptographic algorithms to satisfy these requirements [1]. Moreover, general public-key cryptography based authentication protocols are vulnerable in terms of anonymity, which is shown in this paper. Accordingly, we design a new authentication protocol named EC-RAC using EC (Elliptic Curve) cryptography. EC-RAC can be proved for its security in the generic group model and is carefully designed to minimize its computational workload. Moreover, we present the implementation results of EC-RAC to show its feasibility for RFID systems.

Abstract: We devise an abstraction of zero-knowledge protocols that is accessible to a fully mechanized analysis. The abstraction is formalized within the applied pi-calculus using a novel equational theory that abstractly characterizes the cryptographic semantics of zero-knowledge proofs. We present an encoding from the equational theory into a convergent rewriting system that is suitable for the automated protocol verifier ProVerif. The encoding is sound and fully automated. We successfully used ProVerif to obtain the first mechanized analysis of (a simplified variant of) the Direct Anonymous Attestation (DAA) protocol. This required us to devise novel abstractions of sophisticated cryptographic security definitions based on interactive games. The analysis reported a novel attack on DAA that was overlooked in its existing cryptographic security proof. We propose a revised variant of DAA that we successfully prove secure using ProVerif.

Abstract: Low cost devices such as RFIDs, sensor network nodes, and smartcards are crucial for building the next generation pervasive and ubiquitous networks. The inherent power and footprint limitations of such networks, prevent us from employing standard cryptographic techniques for authentication which were originally designed to secure high end systems with abundant power. Furthermore, the sharp increase in the number, diversity and strength of physical attacks which directly target the implementation may have devastating consequences in a network setting creating a single point of failure. A compromised node may leak a master key, or may give the attacker an opportunity for injecting faulty messages. In this paper we present a lightweight challenge response authentication scheme based on noisy physical unclonable functions (PUF) that allows for extremely efficient implementations. Furthermore, the inherent properties of PUFs provide cryptographically strong tamper resilience. In a network setting this means that a tampered device will no longer authenticate and in a sense will be isolated from the network.

Abstract: In this paper, we present and analyze a variant of Burmester-Desmedt group key agreement protocol (BD) and enhance it to dynamic setting where a set of users can leave or join the group at any time during protocol execution with updated keys. In contrast to BD protocol, let us refer to our protocol as DB protocol. Although the DB protocol is similar to BD protocol, there are subtle differences between them: 1) Key computation in DB protocol is different and simpler than in BD protocol with same complexity of BD protocol; 2) Number of rounds required in our authenticated DB protocol is one less than that in authenticated BD protocol introduced by Katz-Yung; 3) DB protocol is more flexible than BD protocol in the sense that DB protocol is dynamic. The reusability of user's precomputed data in previous session enables the join and leave algorithms of our DB protocol to reduce most user's computation complexities which can be useful in real life applications; and 4) DB protocol has the ability to detect the presence of corrupted group members, although one can not detect who among the group members are behaving improperly.

Abstract: We present a model checking technique for security protocols based on a reduction to propositional logic. At the core of our approach is a procedure that, given a description of the protocol in a multi-set rewriting formalism and a positive integer k, builds a propositional formula whose models (if any) correspond to attacks on the protocol. Thus, finding attacks on protocols boils down to checking a propositional formula for satisfiability, problem that is usually solved very efficiently by modern SAT solvers. Experimental results indicate that the approach scales up to industrial strength security protocols with performance comparable with (and in some cases superior to) that of other state-of-the-art protocol analysers.

Abstract: Privacy is a major concern in RFID systems, especially with widespread deployment of wireless-enabled interconnected personal devices e.g. PDAs and mobile phones, credit cards, e-passports, even clothing and tires. An RFID authentication protocol should not only allow a legitimate reader to authenticate a tag but it should also protect the privacy of the tag against unauthorized tracing: an adversary should not be able to get any useful information about the tag for tracking or discovering the tag's identity. In this paper, we analyze the privacy of some recently proposed RFID authentication protocols (2006 and 2007) and show attacks on them that compromise their privacy. Our attacks consider the simplest adversaries that do not corrupt nor open the tags. We describe our attacks against a general untraceability model; from experience we view this endeavour as a good practice to keep in mind when designing and analyzing security protocols.

Abstract: Key distribution in wireless sensor networks (WSNs) is challenging. Symmetric cryptosystems can perform it efficiently, but they often do not provide a perfect trade-off between resilience and storage. Further, even though conventional public key and elliptic curve cryptosystem are computationally feasible on sensor nodes, protocols based on them are not. They require exchange and storage of large keys and certificates, which is expensive. Using pairing-based cryptography (PBC) protocols, conversely, parties can agree on keys without any interaction. In this work, we (i) show how security in WSNs can be bootstrapped using an authenticated identity based non-interactive protocol and (ii) present TinyPBC, to our knowledge, the most efficient implementation of PBC primitives for an 8-bit processor. TinyPBC is able to compute pairings in about 5.5s on an ATmega128L clocked at 7.3828-MHz (the MICA2 and MICAZ node microcontroller).

Abstract: Body area networks (BAN) can play a major role in monitoring the health of soldiers in a battlefield. Securing BANs is essential to ensure safety of the soldiers. This paper presents a novel key agreement protocol called Photoplethysmogram PPGbased based key agreement (PKA) which allows sensors in a BAN to agree to a common key using PPG values obtained from the subject (soldier) they are deployed on. Using the stimuli which the sensors are designed to monitor directly for cryptographic purposes, enables administrators to provide security for BANs with minimal initial setup. The principal contributions of this paper are: (1) demonstration of the viability of the PPG signals for agreeing upon common symmetric cryptographic keys between two nodes in BAN, and (2) analysis of the security, performance and quality of the keys produced by PKA.

Abstract: While symmetric-key schemes are efficient in processing time for sensor networks, they generally require complicated key management, which may introduce large memory and communication overhead. On the contrary, public-key based schemes have simple and clean key management, but cost more computational time. The recent progress of elliptic curve cryptography (ECC) implementation on sensors motivates us to design a public-key scheme and compare its performance with the symmetric-key counterparts. This paper builds the user access control on commercial off-the-shelf sensor devices as a case study to show that the public-key scheme can be more advantageous in terms of the memory usage, message complexity, and security resilience. Meanwhile, our work also provides insights in integrating and designing public-key based security protocols for sensor networks.

Abstract: Many security properties are naturally expressed as indistinguishability between two versions of a protocol. In this paper, we show that computational proofs of indistinguishability can be considerably simplified, for a class of processes that covers most existing protocols. More precisely, we show a soundness theorem, following the line of research launched by Abadi and Rogaway in 2000: computational indistinguishability in presence of an active attacker is implied by the observational equivalence of the corresponding symbolic processes. We prove our result for symmetric encryption, but the same techniques can be applied to other security primitives such as signatures and public-key encryption. The proof requires the introduction of new concepts, which are general and can be reused in other settings.

Abstract: We study the security of the widely deployed Secure Session Layer/Transport Layer Security (TLS) key agreement protocol. Our analysis identifies, justifies, and exploits the modularity present in the design of the protocol: the application keys offered to higher level applications are obtained from a master key , which in turn is derived, through interaction, from a pre-master key . Our first contribution consists of formal models that clarify the security level enjoyed by each of these types of keys. The models that we provide fall under well established paradigms in defining execution, and security notions. We capture the realistic setting where only one of the two parties involved in the execution of the protocol (namely the server) has a certified public key, and where the same master key is used to generate multiple application keys. The main contribution of the paper is a modular and generic proof of security for the application keys established through the TLS protocol. We show that the transformation used by TLS to derive master keys essentially transforms an arbitrary secure pre-master key agreement protocol into a secure master-key agreement protocol. Similarly, the transformation used to derive application keys works when applied to an arbitrary secure master-key agreement protocol. These results are in the random oracle model. The security of the overall protocol then follows from proofs of security for the basic pre-master key generation protocols employed by TLS.

Abstract: The GSM network with the greatest worldwide number of users, succumbs to several security vulnerabilities. The short message service (SMS) is one of its superior and well-tried services with a global availability in the GSM networks. The main contribution of this paper is to introduce a new secure application layer protocol, called SSMS, to efficiently embed the desired security attributes in the SMS messages to be used as a secure bearer in the m-payment systems. SSMS efficiently embeds the confidentiality, integrity, authentication, and non-repudiation in the SMS messages. It provides an elliptic curve-based public key solution that uses public keys for the secret key establishment of a symmetric encryption. It also provides the attributes of public verification and forward secrecy. It efficiently makes the SMS messaging suitable for the m-payment applications where the security is the great concern.

Abstract: Secure communications guaranteeing reliability and privacy (without unproven assumptions) in networks with active adversaries has been an important research issue. It has been studied for point to point networks by Dolev-Dwork-Waarts-Yung (J. ACM 1993), Desmedt-Wang (Eurocrypt 2002), and Srinathan-Narayanan-Rangan (Crypto 2004). Dolev-Dwork-Waarts-Yung gave necessary and sufficient conditions for secure communication in networks with the condition that (1) all the channels are two-way; or (2) all the channels are one-way from the sender to the receiver. In this paper, we study the general case with a network modeled by a directed graph. In this general case, there are communication channels from the sender to the receiver and there are feedback channels from the receiver to the sender. We give necessary and sufficient bounds on the number of channels that are required from sender to receiver given a number of ldquofeedbackrdquo channels from receiver to sender. We give these bounds for the case reliability is perfect, as well as for the case it is not perfect.

Abstract: Oblivious transfer, first introduced by Rabin, is one of the basic building blocks of cryptographic protocols. In an oblivious transfer (or more exactly, in its 1-out-of-2 variant), one party known as the sender has a pair of messages and the other party known as the receiver obtains one of them. Somewhat paradoxically, the receiver obtains exactly one of the messages (and learns nothing of the other), and the sender does not know which of the messages the receiver obtained. Due to its importance as a building block for secure protocols, the efficiency of oblivious transfer protocols has been extensively studied. However, to date, there are almost no known oblivious transfer protocols that are secure in the presence of malicious adversaries under the real/ideal model simulation paradigm (without using general zero-knowledge proofs). Thus, efficient protocols that reach this level of security are of great interest. In this paper we present efficient oblivious transfer protocols that are secure according to the ideal/real model simulation paradigm. We achieve constructions under the DDH, Nth residuosity and quadratic residuosity assumptions, as well as under the assumption that homomorphic encryption exists.

Abstract: The group signature based security scheme is a promising approach to provision privacy in vehicular ad hoc networks (VANETs). In this paper, we propose a novel distributed key management scheme for group signature based VANETs, which is expected to considerably facilitate the revocation of malicious vehicles, location privacy protection, heterogenous security policies, and maintenance of the system, compared with the centralized key management assumed by the existing group signature schemes. The distributed nature of the proposed scheme is that the road side units (RSUs) will be responsible for distributing group private keys in a localized manner. A brand- new issue induced by the distributed scheme is that the semi-trust RSUs may be compromised. So we develop security protocols for the distributed key management, which are capable of identifying the compromised RSUs and their collusion with the malicious vehicles if any. Details of possible attacks and the corresponding solutions are discussed to demonstrate the performance of the proposed security protocols.

Abstract: Sensor devices have critical resource constraints such as processing speed, memory size and energy supply. Especially, energy consumption affects the network lifetime so that energy efficiency is an important requirement for wireless sensor networks (WSNs). It means that it is a considerable matter to choose the energy- and memory-efficient cryptographic algorithm suitable for wireless sensor networks. Tiny Sec, de facto security architecture for wireless sensor networks, supports traditional cryptographic algorithms such as RC5 and Skipjack while the traditional cryptographic algorithms might be unsuitable for 8-bit computing devices of which wireless sensor networks consist. Accordingly, it is necessary to evaluate the traditional cryptographic algorithms and 8-bit oriented cryptographic algorithm in performance but there is no work in this area. In this paper, we consider another candidate HIGHT, designed to be proper to ubiquitous 8-bit computing devices (e.g. sensor node or RFID tag), for wireless sensor networks. After implementing new lightweight HIGHT on Mica! and analyzing the performance between HIGHT and the traditional cryptographic algorithms, we can conclude that HIGHT, outstanding in security and efficiency, is recommended for TinySec as like traditional cryptographic algorithms on TinySec. Hence, we recommend new lightweight candidate HIGHT to be added to security module in TinySec.

Abstract: In the Horn theory based approach for cryptographic protocol analysis, cryptographic protocols and (Dolev-Yao) intruders are modeled by Horn theories and security analysis boils down to solving the derivation problem for Horn theories. This approach and the tools based on this approach, including ProVerif, have been very successful in the automatic analysis of cryptographic protocols w.r.t. an unbounded number of sessions. However, dealing with the algebraic properties of operators such as the exclusive OR (XOR) has been problematic. In particular, ProVerif cannot deal with XOR.In this paper, we show how to reduce the derivation problem for Horn theories with XOR to the XOR-free case. Our reduction works for an expressive class of Horn theories. A large class of intruder capabilities and protocols that employ the XOR operator can be modeled by these theories. Our reduction allows us to carry out protocol analysis by tools, such as ProVerif, that cannot deal with XOR, but are very efficient in the XOR-free case. We implemented our reduction and, in combination with ProVerif, applied it in the automatic analysis of several protocols that use the XOR operator. In one case, we found a new attack.

Abstract: Random number generators are one of basic cryptographic primitives used in cryptographic protocols Most of true random number generators in field programmable gate arrays (FPGAs) employ the timing jitter from ring oscillator clocks as a source of randomness The paper analyses the jitter generated in ring oscillators and it uses a simple physical model of jitter sources to show that the random jitter accumulates slower than the global and manipulable deterministic jitter This fact, which can be used to attack generators, is not considered even in most recent designs considered to be secure The paper proposes simple but efficient countermeasure against these attacks The method is validated using the proposed behavioral VHDL model and it is shown to be efficient also in hardware

Abstract: PKCS#11 defines an API for cryptographic devices that has been widely adopted in industry. However, it has been shown to be vulnerable to a variety of attacks that could, for example, compromise the sensitive keys stored on the device. In this paper, we set out a formal model of the operation of the API, which differs from previous security API models notably in that it accounts for non-monotonic mutable global state. We give decidability results for our formalism, and describe an implementation of the resulting decision procedure using a model checker. We report some new attacks and prove the safety of some configurations of the API in our model.

Abstract: In the system of quantum key distribution (QKD), errors may occur in the initial keys due to system noise or eavesdropping during the transmission on quantum channel. The goal of information reconciliation is to remove these errors by exchanging messages on an authenticated public channel. In this paper, we discuss the problem of secrete key reconciliation (SKR) in QKD, analyze the cascade protocol used for SKR, then modify it according to our conclusion. Experiments have shown that the modified protocol is of much higher efficiency.

Abstract: We describe reference implementations for selected configurations of the user authentication protocol defined by the Information Card Profile V1.0. Our code can interoperate with existing implementations of the roles of the protocol (client, identity provider, and relying party). We derive formal proofs of security properties for our code using an automated theorem prover. Hence, we obtain the most substantial examples of verified implementations of cryptographic protocols to date, and the first for any federated identity-management protocols. Moreover, we present a tool that downloads security policies from services and identity providers and compiles them to a verifiably secure client proxy.

Abstract: Summary We present a concept for the realization of asymmetric cryptographic techniques in light-weight cryptographic devices and describe an implementation based on elliptic curve cryptography which can be used for authentication in mass applications of RFID tags. Our schemes offer advantages in large decentralized applications with many unobservable readers in the field over previous solutions. Moreover, using public key techniques cryptographic protocols that protect the privacy of the tag bearer can be easily implemented.

Abstract: An encryption apparatus ( 14 ) includes a secure processing system ( 12 ) in the form of an integrated circuit. The secure processing system ( 12 ) includes an on-chip secure memory system ( 30 ). The secure memory system ( 30 ) includes a non-volatile, read-only, permanent key register ( 62 ) in which a permanent cryptographic key ( 64 ) is stored. The secure memory system ( 30 ) also includes a non-volatile, read-write, erasable key register ( 56 ) in which an erasable cryptographic key ( 60 ) is stored. Symmetric cryptographic operations take place in an encryption engine ( 46 ) using an operating cryptographic key ( 68 ) formed by combining ( 96 ) the permanent and erasable keys ( 64, 60 ). A tamper detection circuit ( 70 ) detects tampering and erases the erasable key ( 60 ) when a tamper event is detected.

Abstract: Techniques, systems and methods are described relating to combining biometric and cryptographic techniques to support securely embedding data within a token and subsequent biometrically-enabled recovery of said data. Various transformation approaches are described that provide a secure means for transforming a stored or live, secure biometric-based identity token, embedding data into such tokens and biometric-based matching to both verify the user's identity and recover the embedded data. Security enhancements to a range of existing protocols are described using the techniques. Systems using novel protocols based on these techniques are described