Dave Singelée

Low-cost untraceable authentication protocols for RFID

The emergence of pervasive computing devices has raised several privacy issues. In this paper, we address the risk of tracking attacks in RFID networks. Our contribution is threefold: (1) We repair three revised EC-RAC protocols of Lee, Batina and Verbauwhede and show that two of the improved authentication protocols are wide-strong privacy-preserving and one wide-weak privacy-preserving; (2) We present the search protocol, a novel scheme which allows for privately querying a particular tag, and proof its security properties; and (3) We design a hardware architecture to demonstrate the implementation feasibility of our proposed solutions for a passive RFID tag. Due to the specific design of our authentication protocols, they can be realized with an area significantly smaller than other RFID schemes proposed in the literature, while still achieving the required security and privacy properties.

Extending ECC-based RFID authentication protocols to privacy-preserving multi-party grouping proofs

Since the introduction of the concept of grouping proofs by Juels, which permit RFID tags to generate evidence that they have been scanned simultaneously, various new schemes have been proposed. Their common property is the use of symmetric-key primitives. However, it has been shown that such schemes often entail scalability, security and/or privacy problems. In this article, we extend the notion of public-key RFID authentication protocols and propose a privacy-preserving multi-party grouping-proof protocol which relies exclusively on the use of elliptic curve cryptography (ECC). It allows to generate a proof which is verifiable by a trusted verifier in an offline setting, even when readers or tags are potentially untrusted, and it is privacy-preserving in the setting of a narrow-strong attacker. We also demonstrate that our RFID grouping-proof protocol can easily be extended to use cases with more than two tags, without any additional cost for an RFID tag. To illustrate the implementation feasibility of our proposed solutions, we present a novel ECC hardware architecture designed for RFID.

The Wireless Application Protocol

The Wireless Application Protocol (WAP) is a protocol stack for wireless communication networks. WAP uses WTLS, a wireless variant of the SSL/TLS protocol, to secure the communication between the mobile phone and other parts of the WAP architecture. This paper describes the security architecture of WAP and some important properties of the WTLS protocol. There are however some security problems with WAP and the WTLS protocol. Privacy, data protection and integrity are not always provided. Users and developers of WAP-applications should be aware of this. In this paper, we address the security weaknesses of WAP and WTLS and propose some countermeasures and good practices when using WAP. We conclude with advising when to use WAP and when not.

A Secure Cross-Layer Protocol for Multi-hop Wireless Body Area Networks

The development of Wireless Body Area Networks (WBANs) for wireless sensing and monitoring of a persons vital functions, is an enabler in providing better personal health care whilst enhancing the quality of life. A critical factor in the acceptance of WBANs is providing appropriate security and privacy protection of the wireless communication. This paper first describes a general health care platform and pinpoints the security challenges and requirements. Further it proposes and analyzes the CICADA-S protocol, a secure cross-layer protocol for WBANs. It is an extension of CICADA, which is a cross-layer protocol that handles both medium access and the routing of data in WBANs. The CICADA-S protocol is the first integrated solution that copes with threats that occur in this mobile medical monitoring scenario. It is shown that the integration of key management and secure, privacy preserving communication techniques within the CICADA-S protocol has low impact on the power consumption and throughput.

Location privacy in wireless personal area networks

Location privacy is one of the major security problems in a Wireless Personal Area Network (WPAN). By eavesdropping on the transmitted packets, an attacker can keep track of the place and time of the communication between the mobile devices. The hardware address of the device can often be linked to the identity of the user operating the mobile device; this represents a violation of the users privacy. Fortunately, this problem can be solved quite efficiently in a WPAN. We consider four communication scenarios and present several techniques to solve the location privacy problem in each of these scenarios. As mobile devices in a WPAN are typically operated by a user and energy constrained, we focused on user-friendliness and energy consumption during the design of our solutions.

Hierarchical ECC-Based RFID authentication protocol

RFID (Radio Frequency Identification) technology enables readers to scan remote RFID tags, and label the objects and people to which they are attached. Current cryptographic authentication protocols deployed in heterogeneous environments are often not compatible, or reveal too much information to the RFID readers. To tackle this problem, we introduce the concept of RFID groups and propose a hierarchical RFID authentication protocol. By using this protocol, an RFID tag can tune its identification process to the type of reader it is communicating with. Only a subset of readers can learn the identity of a particular tag, while others can only acquire information on the group to which the tag belongs. Our protocol offers impersonation resistance and is narrow-strong privacy-preserving. Furthermore, we extend the concept to multiple level of subgroups, and demonstrate the feasibility of our proposed protocols for RFID tags.

Threat Modelling for Security Tokens in Web Applications

In the last couple of years, several European countries have started projects which intend to provide their citizens with electronic identity cards, driven by the European Directive on Electronic Signatures. One can expect that within a few years, these smart cards will be used in a wide variety of applications. In this paper, we describe the common threats that can be identified when using security tokens such as smart cards in web applications. We illustrate each of these threats with a few attack scenarios. This paper is part of a series of papers, written by several academic teams. Each paper focuses on one particular technological building block for web applications.

Privacy-preserving ECC-based grouping proofs for RFID

The concept of grouping proofs has been introduced by Juels to permit RFID tags to generate a verifiable proof that they have been scanned simultaneously, even when readers or tags are potentially untrusted. In this paper, we extend this concept and propose a narrowstrong privacy-preserving RFID grouping proof and demonstrate that it can easily be extended to use cases with more than two tags, without any additional cost for an RFID tag. Our protocols rely exclusively on the use of Elliptic Curve Cryptography (ECC). To illustrate the implementation feasibility of our proposed solutions, we present a novel ECC hardware architecture designed for RFID.

Toward More Secure and Reliable Access Control

Conventional access control mechanisms, relying on a single security token to authenticate remote users, introduce a single point of failure and are vulnerable to relay attacks. A threshold-based distance-bounding protocol that distributes a users private key among various personal devices improves system security and reliability.

On the Feasibility of Cryptography for a Wireless Insulin Pump System

This paper analyses the security and privacy properties of a widely used insulin pump and its peripherals. We eavesdrop the wireless channel using Commercial Off-The-Shelf (COTS) software-based radios to intercept the messages sent between these devices; fully reverse-engineer the wireless communication protocol using a black-box approach; and document the message format and the protocol state-machine in use. The upshot is that no standard cryptographic mechanisms are applied and hence the system is shown to be completely vulnerable to replay and message injection attacks. Furthermore, sensitive patient health-related information is sent unencrypted over the wireless channel. Motivated by the results of our attacks, we study the feasibility of applying cryptography to protect the data transmitted over the air and prevent unauthorized access to the insulin pump. We present a solution based on AES in combination with an updated message format optimized for energy consumption. We implement our solution on a 16-bit micro-controller and evaluate its security properties and energy requirements. Finally, we discuss potential strategies for further reducing the energy consumption.