Stefaan Seys

Towards measuring anonymity

This paper introduces an information theoretic model that allows to quantify the degree of anonymity provided by schemes for anonymous connections. It considers attackers that obtain probabilistic information about users. The degree is based on the probabilities an attacker, after observing the system, assigns to the different users of the system as being the originators of a message. As a proof of concept, the model is applied to some existing systems. The model is shown to be very useful for evaluating the level of privacy a system provides under various attack scenarios, for measuring the amount of information an attacker gets with a particular attack and for comparing different systems amongst each other.

ARM: Anonymous Routing Protocol for Mobile Ad hoc Networks

Due to the nature of radio transmissions, communications in wireless networks are easy to capture and analyze. Next to this, privacy enhancing techniques (PETs) proposed for wired networks such as the Internet often cannot be applied to mobile ad hoc networks (MANETs). In this paper we present a novel anonymous on demand routing scheme for MANETs. We identify a number of problems of previously proposed works and propose an efficient solution that provides anonymity in a stronger adversary model

A Framework for Analyzing Template Security and Privacy in Biometric Authentication Systems

In this correspondence, we analyze the vulnerabilities of biometric authentication protocols with respect to user and data privacy. The goal of an adversary in such context is not to bypass the authentication but to learn information either on biometric data or on users that are in the system. We elaborate our analysis on a general system model involving four logical entities (sensor, server, database, and matcher), and we focus on internal adversaries to encompass the situation where one or a combination of these entities would be malicious. Our goal is to emphasize that when going beyond the usual honest-but-curious assumption much more complex attacks can affect the privacy of data and users. On the one hand, we introduce a new comprehensive framework that encompasses the various schemes we want to look at. It presents a system model in which each internal entity or combination of entities is a potential attacker. Different attack goals are considered and resulting requirements on data flows are discussed. On the other hand, we develop different generic attacks. We follow a blackbox approach in which we consider components that perform operations on biometric data but where only the input/output behavior is analyzed. These attack strategies are exhibited on recent schemes such as the distributed protocol of Bringer (ACISP 2007), which is based on the Goldwasser-Micali cryptosystem, the related protocol of Barbosa (ACISP 2008), which uses the Paillier cryptosystem, and the scheme of Stoianov (SPIE 2010), that features the Blum-Goldwasser cryptosystem. All these schemes have been developed in the honest-but-curious adversary model and show potential weaknesses when considered in our malicious insider attack model.

ARM: anonymous routing protocol for mobile ad hoc networks

In this paper we describe a novel anonymous on-demand routing protocol for wireless Mobile Ad Hoc Networks (MANETs) that is secure against both nodes that actively participate in the network and a passive global adversary who monitors all network traffic. Finally, we provided a detailed analysis of the privacy offered by hiding routes in limited broadcast groups, and padding messages.

Extending ECC-based RFID authentication protocols to privacy-preserving multi-party grouping proofs

Since the introduction of the concept of grouping proofs by Juels, which permit RFID tags to generate evidence that they have been scanned simultaneously, various new schemes have been proposed. Their common property is the use of symmetric-key primitives. However, it has been shown that such schemes often entail scalability, security and/or privacy problems. In this article, we extend the notion of public-key RFID authentication protocols and propose a privacy-preserving multi-party grouping-proof protocol which relies exclusively on the use of elliptic curve cryptography (ECC). It allows to generate a proof which is verifiable by a trusted verifier in an offline setting, even when readers or tags are potentially untrusted, and it is privacy-preserving in the setting of a narrow-strong attacker. We also demonstrate that our RFID grouping-proof protocol can easily be extended to use cases with more than two tags, without any additional cost for an RFID tag. To illustrate the implementation feasibility of our proposed solutions, we present a novel ECC hardware architecture designed for RFID.

Power consumption evaluation of efficient digital signature schemes for low power devices

In this paper we evaluate the power consumption of different digital signature schemes. We compare the cost of the elliptic curve digital signature algorithm with signature schemes solely based on symmetric techniques such as the Diffie-Lamport one-time signature scheme. These evaluations take into account all aspects of using digital signatures in wireless environments: energy consumption of key generation, signing and verification, and the communication cost of sending and receiving the necessary data (including the public keys and the necessary data to authenticate them).

Hierarchical ECC-Based RFID authentication protocol

RFID (Radio Frequency Identification) technology enables readers to scan remote RFID tags, and label the objects and people to which they are attached. Current cryptographic authentication protocols deployed in heterogeneous environments are often not compatible, or reveal too much information to the RFID readers. To tackle this problem, we introduce the concept of RFID groups and propose a hierarchical RFID authentication protocol. By using this protocol, an RFID tag can tune its identification process to the type of reader it is communicating with. Only a subset of readers can learn the identity of a particular tag, while others can only acquire information on the group to which the tag belongs. Our protocol offers impersonation resistance and is narrow-strong privacy-preserving. Furthermore, we extend the concept to multiple level of subgroups, and demonstrate the feasibility of our proposed protocols for RFID tags.

Privacy-preserving ECC-based grouping proofs for RFID

The concept of grouping proofs has been introduced by Juels to permit RFID tags to generate a verifiable proof that they have been scanned simultaneously, even when readers or tags are potentially untrusted. In this paper, we extend this concept and propose a narrowstrong privacy-preserving RFID grouping proof and demonstrate that it can easily be extended to use cases with more than two tags, without any additional cost for an RFID tag. Our protocols rely exclusively on the use of Elliptic Curve Cryptography (ECC). To illustrate the implementation feasibility of our proposed solutions, we present a novel ECC hardware architecture designed for RFID.

Efficient cooperative signatures: a novel authentication scheme for sensor networks

This paper describes an efficient and strong authentication mechanism for ad hoc sensor networks. Our protocol focuses on providing strong authentication and privacy for requests from query nodes to the network and for the corresponding responses. Our scheme uses the asymmetrical energy consumption of the well known public key cryptosystems RSA and Rabin. As the sensor nodes are assumed to be power-restrained, we only employ efficient public key operations at their side of the protocol, this leaves us only with the public operations encryption and signature verification. We have extended this set with a novel building block that allows nodes to sign messages cooperatively. We show that our protocol is robust against attacks from both outsiders and insiders.

Secure JTAG Implementation Using Schnorr Protocol

The standard IEEE 1149.1 (Test Access Port and Boundary-Scan Architecture, also known as JTAG port) provides a useful interface for embedded systems development, debug, and test. In an 1149.1-compatible integrated circuit, the JTAG port allows the circuit to be easily accessed from the external world, and even to control and observe the internal scan chains of the circuit. However, the JTAG port can be also exploited by attackers to mount several cryptographic attacks. In this paper we propose a novel architecture that implements a secure JTAG interface. Our JTAG scheme allows for mutual authentication between the device and the tester. In contrast to previous work, our scheme uses provably secure asymmetric-key based authentication and verification protocols. The complete scheme is implemented in hardware and integrated with the standard JTAG interface. Detailed area and timing results are also presented.