TU Darmstadt / ULB / TUprints

Trusted and Privacy-preserving Embedded Systems: Advances in Design, Analysis and Application of Lightweight Privacy-preserving Authentication and Physical Security Primitives

Wachsmann, Christian (2014)
Trusted and Privacy-preserving Embedded Systems: Advances in Design, Analysis and Application of Lightweight Privacy-preserving Authentication and Physical Security Primitives.
Technische Universität
Ph.D. Thesis, Primary publication

Copyright Information: CC BY 2.5 Generic - Creative Commons, Attribution.

Download (7MB) | Preview
Item Type: Ph.D. Thesis
Type of entry: Primary publication
Title: Trusted and Privacy-preserving Embedded Systems: Advances in Design, Analysis and Application of Lightweight Privacy-preserving Authentication and Physical Security Primitives
Language: English
Referees: Sadeghi, Prof. Dr. Ahmad-Reza ; Preneel, Prof. Dr. Bart
Date: March 2014
Place of Publication: Darmstadt
Date of oral examination: 25 September 2013

Radio Frequency Identification (RFID) enables RFID readers to perform fully automatic wireless identification of objects labeled with RFID tags and is widely deployed to many applications, such as access control, electronic tickets and payment as well as electronic passports. This prevalence of RFID technology introduces various risks, in particular concerning the privacy of its users and holders. Despite the privacy risk, classical threats to authentication and identification systems must be considered to prevent the adversary from impersonating or copying (cloning) a tag.

This thesis summarizes the state of the art in secure and privacy-preserving authentication for RFID tags with a particular focus on solutions based on Physically Unclonable Functions (PUFs). It presents advancements in the design, analysis and evaluation of secure and privacy-preserving authentication protocols for RFID systems and PUFs.

Formalizing the security and privacy requirements on RFID systems is essential for the design of provably secure and privacy-preserving RFID protocols. However, existing RFID security and privacy models in the literature are often incomparable and in part do not reflect the capabilities of real-world adversaries. We investigate subtle issues such as tag corruption aspects that lead to the impossibility of achieving both mutual authentication and any reasonable notion of privacy in one of the most comprehensive security and privacy models, which is the basis of many subsequent works. Our results led to the refinement of this privacy model and were considered in subsequent works on privacy-preserving RFID systems.

A promising approach to enhance the privacy in RFID systems without lifting the computational requirements on the tags are anonymizers. These are special devices that take off the computational workload from the tags. While existing anonymizer-based protocols are subject to impersonation and denial-of-service attacks, existing RFID security and privacy models do not include anonymizers. We present the first security and privacy framework for anonymizer-enabled RFID systems and two privacy-preserving RFID authentication schemes using anonymizers. Both schemes achieve several appealing features that were not simultaneously achieved by any previous proposal. The first protocol is very efficient for all involved entities, achieves privacy under tag corruption. It is secure against impersonation attacks and forgeries even if the adversary can corrupt the anonymizers. The second scheme provides for the first time anonymity and untraceability of tags against readers as well as secure tag authentication against collisions of malicious readers and anonymizers using tags that cannot perform public-key cryptography (i.e., modular exponentiations).

The RFID tags commonly used in practice are cost-efficient tokens without expensive hardware protection mechanisms. Physically Unclonable Functions (PUFs) promise to provide an effective security mechanism for RFID tags to protect against basic hardware attacks. However, existing PUF-based RFID authentication schemes are not scalable, allow only for a limited number of authentications and are subject to replay, denial-of-service and emulation attacks. We present two scalable PUF-based authentication schemes that overcome these problems. The first protocol supports tag and reader authentication, is resistant to emulation attacks and highly scalable. The second protocol uses a PUF-based key storage and addresses an open question on the feasibility of destructive privacy, i.e., the privacy of tags that are destroyed during tag corruption.

The security of PUFs relies on assumptions on physical properties and is still under investigation. PUF evaluation results in the literature are difficult to compare due to varying test conditions and different analysis methods. We present the first large-scale security analysis of ASIC implementations of the five most popular electronic PUF types, including Arbiter, Ring Oscillator, SRAM, Flip-Flop and Latch PUFs. We present a new PUF evaluation methodology that allows a more precise assessment of the unpredictability properties than previous approaches and we quantify the most important properties of PUFs for their use in cryptographic schemes.

PUFs have been proposed for various applications, including anti-counterfeiting and authentication schemes. However, only rudimentary PUF security models exist, limiting the confidence in the security claims of PUF-based security mechanisms. We present a formal security framework for PUF-based primitives, which has been used in subsequent works to capture the properties of image-based PUFs and in the design of anti-counterfeiting mechanisms and physical hash functions.

Alternative Abstract:
Alternative AbstractLanguage

Die Dissertation präsentiert neuartige Ansätze zum Design und zur Analyse sicherer und privatheitsbewahrender kryptographischer Verfahren für eingebettete Systeme. Sie stellt insbesondere effiziente Authentifikationsprotokolle basierend auf sogenannten Physically Unclonable Functions (PUFs) vor. PUFs erlauben die Erzeugung eindeutiger und unklonbarer Hardware-Fingerprints, die in kryptographische Protokolle eingebunden werden können. Zur Sicherheitsanalyse PUF-basierter Protokolle sowie zur Evaluation der zugrundeliegenden PUF-Implementierungen werden neuartige formale Modelle und Methoden präsentiert. Die aufgestellten Modelle ermöglichen erstmalig die Realisierung beweisbar sicherer PUF-basierter kryptographischer Verfahren und eine Anbindung an komplexitätstheoretische Annahmen im Sinne der modernen Kryptographie. Die Korrektheit der theoretischen Modelle wurde durch die experimentelle Evaluation von PUF-Implementierungen in ASICs validiert.

Uncontrolled Keywords: Privacy-preserving Authentication, Embedded Devices, Physically Unclonable Function (PUF)
URN: urn:nbn:de:tuda-tuprints-38513
Classification DDC: 000 Generalities, computers, information > 004 Computer science
Divisions: 20 Department of Computer Science
20 Department of Computer Science > Embedded Systems and Applications
20 Department of Computer Science > Kryptographische Protokolle
20 Department of Computer Science > Modeling and Analysis of Information Systems (MAIS)
20 Department of Computer Science > Security Engineering
Date Deposited: 24 Mar 2014 13:51
Last Modified: 09 Jul 2020 00:37
URI: https://tuprints.ulb.tu-darmstadt.de/id/eprint/3851
PPN: 386312869
Actions (login required)
View Item View Item