Article

Authenticating pervasive devices with human protocols

Authors:

Stephen A. WeisAuthors Info & Claims

CRYPTO'05: Proceedings of the 25th annual international conference on Advances in Cryptology

Pages 293 - 308

https://doi.org/10.1007/11535218_18

Published: 14 August 2005 Publication History

Abstract

Forgery and counterfeiting are emerging as serious security risks in low-cost pervasive computing devices. These devices lack the computational, storage, power, and communication resources necessary for most cryptographic authentication schemes. Surprisingly, low-cost pervasive devices like Radio Frequency Identification (RFID) tags share similar capabilities with another weak computing device: people.

These similarities motivate the adoption of techniques from human-computer security to the pervasive computing setting. This paper analyzes a particular human-to-computer authentication protocol designed by Hopper and Blum (HB), and shows it to be practical for low-cost pervasive devices. We offer an improved, concrete proof of security for the HB protocol against passive adversaries.

This paper also offers a new, augmented version of the HB protocol, named HB⁺, that is secure against active adversaries. The HB⁺ protocol is a novel, symmetric authentication protocol with a simple, low-cost implementation. We prove the security of the HB⁺ protocol against active adversaries based on the hardness of the Learning Parity with Noise (LPN) problem.

References

[1]

ANDERSON, R., AND KUHN, M. Low Cost Attacks on Tamper Resistant Devices. In International Workshop on Security Protocols (1997), vol. 1361 of Lecture Notes in Computer Science, pp. 125-136.

Digital Library

[2]

BERLEKAMP, E. R., MCELIECE, R. J., AND TILBORG, V. On the Inherent Intractability of Certain Coding Problems. IEEE Transactions on Information Theory 24 (1978), 384-386.

Digital Library

[3]

BLUM, A., FURST, M., KEARNS, M., AND LIPTON, R. J. Cryptographic Primitives Based on Hard Learning Problems. In Advances in Cryptology - CRYPTO'93 (1994), vol. 773 of Lecture Notes in Computer Science, pp. 278-291.

Digital Library

[4]

BLUM, A., KALAI, A., AND WASSERMAN, H. Noise-Tolerant Learning, the Parity Problem, and the Statistical Query Model. Journal of the ACM 50, 4 (July 2003), 506-519.

Digital Library

[5]

BLUM, M., LUBY, M., AND RUBINFELD, R. Self-Testing/Correcting with Applications to Numerical Problems. In Symposium on Theory of Computation (1990), pp. 73-83.

Digital Library

[6]

BONO, S., GREEN, M., STUBBLEFIELD, A., JUELS, A., RUBIN, A., AND SZYDLO, M. Security Analysis of a Cryptographically-Enabled RFID Device. In USENIX Security (2005). To appear. Available at http://rfidanalysis.org/.

Digital Library

[7]

CHABAUD, F. On the Security of Some Cryptosystems Based on Error-Correcting Codes. In Advances in Cryptology - EUROCRYPT (1995), vol. 950 of Lecture Notes in Computer Science, pp. 131-139.

[8]

COURTOIS, N., FINIASZ, M., AND SENDRIER, N. How to Achieve a McEliece-based Digital Signature Scheme. In Advances in Cryptology - ASIACRYPT (2001), vol. 2248 of Lecture Notes in Computer Science, pp. 157-174.

Digital Library

[9]

CRAWFORD, J. M., KEARNS, M. J., AND SHAPIRE, R. E. The Minimal Disagreement Parity Problem as a Hard Satisfiability Problem. Tech. rep., Computational Intelligence Research Laboratory and AT&T Bell Labs, February 1994.

[10]

EPCGLOBAL. Website. http://www.epcglobalinc.org/, 2005.

[11]

FELDHOFER, M., DOMINIKUS, S., AND WOLKERSTORFER, J. Strong Authentication for RFID Systems using the AES Algorithm. In Cryptographic Hardware in Embedded Systems (CHES) (2004).

[12]

FLOERKEMEIER, C., AND LAMPE, M. Issues with RFID Usage in Ubiquitous Computing Applications. In Pervasive Computing (PERVASIVE) (2004), vol. 3001 of Lecture Notes in Computer Science, pp. 188-193.

[13]

FOOD AND DRUG ADMINISTRATION. Combating counterfeit drugs. Tech. rep., US Department of Health and Human Services, Rockville, Maryland, Februrary 2004.

[14]

HÅSTAD, J. Some Optimal Inapproximability Results. In Symposium on Theory of Computing (1997), pp. 1-10.

Digital Library

[15]

HENRICI, D., AND M?LLER, P. Hash-based Enhancement of Location Privacy for Radio-Frequency Identification Devices using Varying Identifiers. In Pervasive Computing and Communications (PerCom) (2004), IEEE Computer Society, pp. 149-153.

Digital Library

[16]

HOPPER, N., AND BLUM, M. A Secure Human-Computer Authentication Scheme. Tech. Rep. CMU-CS-00-139, Carnegie Mellon University, 2000.

[17]

HOPPER, N. J., AND BLUM, M. Secure Human Identification Protocols. In Advances in Cryptology - ASIACRYPT (2001), vol. 2248 of Lecture Notes in Computer Science, pp. 52-66.

Digital Library

[18]

JUELS, A. Minimalist Cryptography for RFID Tags. In Security in Communication Networks (2004), C. Blundo and S. Cimato, Eds., vol. 3352 of Lecture Notes in Computer Science, Springer-Verlag, pp. 149-164.

Digital Library

[19]

JUELS, A. "Yoking Proofs" for RFID Tags. In Pervasive Computing and Communications Workshop (2004), IEEE Press.

Digital Library

[20]

JUELS, A., AND PAPPU, R. Squealing Euros: Privacy Protection in RFID-Enabled Banknotes. In Financial Cryptography (2003), vol. 2742 of Lecture Notes in Computer Science, pp. 103-121.

[21]

JUELS, A., RIVEST, R. L., AND SZYDLO, M. The blocker tag: selective blocking of RFID tags for consumer privacy. In Proceedings of the 10th ACM conference on Computer and communication security (2003), ACM Press, pp. 103-111.

Digital Library

[22]

KEARNS, M. Efficient Noise-Tolerant Learning from Statistical Queries. Journal of the ACM 45, 6 (November 1998), 983-1006.

Digital Library

[23]

MACWILLIAMS, F., AND SLOANE, N. The Theory of Error-Correcting Codes. North-Holland, Amsterdam, 1977.

[24]

MANDEL, J., ROACH, A., AND WINSTEIN, K. MIT Proximity Card Vulnerabilities. Tech. rep., Massachusetts Institute of Technology, March 2004.

[25]

MATSUMOTO, T. Human-computer Cryptography: An Attempt. In Computer and Communications Security (1996), ACM Press, pp. 68-75.

Digital Library

[26]

MATSUMOTO, T., AND IMAI, H. Human Identification through Insecure Channel. In Advances in Cryptology - EUROCRYPT (1991), vol. 547 of Lecture Notes in Computer Science, pp. 409-421.

Digital Library

[27]

MCELIECE, R. J. DSN Progress Report. Tech. Rep. 42-44, JPL-Caltech, 1978.

[28]

MILLER, G. A. The Magical Number Seven, Plus or Minus Two: Some Limits on Our Capacity for Processing Information. Psychological Review 63 (1956), 81-97.

[29]

MOLNAR, D., AND WAGNER, D. Privacy and Security in Library RFID : Issues, Practices, and Architectures. In Computer and Communications Security (2004), B. Pfitzmann and P. McDaniel, Eds., ACM, pp. 210 - 219.

Digital Library

[30]

NAOR, M., AND PINKAS, B. Visual Authentication and Identification. In Advances in Cryptology - CRYPTO (1997), vol. 1294 of Lecture Notes in Computer Science, pp. 322-336.

Digital Library

[31]

NIEDERREITER, H. Knapsack-Type Cryptosystems and Algebraic Coding Theory. Problems of Control and Information Theory 15, 2 (1986), 159-166.

[32]

OHKUBO, M., SUZUKI, K., AND KINOSHITA, S. Efficient Hash-Chain Based RFID Privacy Protection Scheme. In Ubiquitous Computing (UBICOMP) (September 2004).

[33]

SARMA, S. E., WEIS, S. A., AND ENGELS, D. W. RFID Systems and Security and Privacy Implications. In Workshop on Cryptographic Hardware and Embedded Systems (2002), vol. 2523, Lecture Notes in Computer Science, pp. 454-470.

Digital Library

[34]

SHAMOS, M. I. Paper v. Electronic Voting Records - An Assessment, 2004. Paper written to accompany panel presentation at Computers, Freedom, and Privacy Conference '04. Available at http://euro.ecom.cmu.edu/people/faculty/ mshamos/paper.htm.

[35]

STERN, J. A New Paradigm for Public Key Identification. IEEE Transactions on Information Theory 42, 6 (1996), 1757-1768.

[36]

VAJDA, I., AND BUTTYAN, L. Lightweight Authentication Protocols for Low-Cost RFID Tags. In Ubiquitious Computing (UBICOMP) (2003).

[37]

VERICHIP. Website. http://www.4verichip.com/, 2005.

[38]

WANG, C.-H., HWANG, T., AND TSAI, J.-J. On the Matsumoto and Imai's Human Identification Scheme. In EuroCrypt '95 (1995), vol. 921 of Lecture Notes in Computer Science, pp. 382-392.

Digital Library

[39]

WEIS, S. A., SARMA, S. E., RIVEST, R. L., AND ENGELS, D. W. Security and Privacy Aspects of Low-Cost Radio Frequency Identification Systems. In Security in Pervasive Computing (2004), vol. 2802 of Lecture Notes in Computer Science, pp. 201-212.

Cited By

Liu BTang M(2024)MS-LW-TIIET Information Security10.1049/2024/88518782024Online publication date: 1-Jan-2024
https://dl.acm.org/doi/10.1049/2024/8851878
Matelski S(2022)Human-Computable OTP Generator as an Alternative of the Two-Factor AuthenticationProceedings of the 2022 European Interdisciplinary Cybersecurity Conference10.1145/3528580.3532842(64-71)Online publication date: 15-Jun-2022
https://dl.acm.org/doi/10.1145/3528580.3532842
Matelski S(2022)Secure Human Identification Protocol with Human-Computable PasswordsInformation Security Practice and Experience10.1007/978-3-031-21280-2_25(452-467)Online publication date: 23-Nov-2022
https://dl.acm.org/doi/10.1007/978-3-031-21280-2_25
Show More Cited By

Authenticating pervasive devices with human protocols

Recommendations

Practical deniable authentication for pervasive computing environments

Pervasive computing environments allow users to get services anytime and anywhere. Security has become a great challenge in pervasive computing environments because of its heterogeneity, openness, mobility and dynamicity. In this paper, we propose two ...
Smart Card Based AKE Protocol Using Biometric Information in Pervasive Computing Environments
ICCSA '09: Proceedings of the International Conference on Computational Science and Its Applications: Part II

Smart card based authenticated key exchange allows a user with smartcards and the server to authenticate each other and to agree on a session key which can be used for confidentiality or data integrity. In the paper, we propose a two-round smart card ...
On Elliptic Curve Based Untraceable RFID Authentication Protocols
IH&MMSec '15: Proceedings of the 3rd ACM Workshop on Information Hiding and Multimedia Security

An untraceable RFID authentication scheme allows a legitimate reader to authenticate a tag, and at the same time it assures the privacy of the tag against unauthorized tracing. In this paper, we revisit three elliptic-curve based untraceable RFID ...

Comments

Information & Contributors

Information

Published In

cover image Guide Proceedings

CRYPTO'05: Proceedings of the 25th annual international conference on Advances in Cryptology

August 2005

568 pages

ISBN:3540281142

Editor:
Victor Shoup
New York University

Sponsors

IACR: International Association for Cryptologic Research

In-Cooperation

IEEE Comp. Sci. Technical Committee on Security and Privacy, Comp.Sci. Dept., Univ. of California, Santa Barbara: IEEE Computer Science Technical Committee on Security and Privacy, Computer Science Department, University of California, Santa Barbara

Publisher

Springer-Verlag

Berlin, Heidelberg

Publication History

Published: 14 August 2005

Author Tags

Qualifiers

Article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

147
Total Citations
View Citations
0
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 25 Feb 2025

Other Metrics

View Author Metrics

Citations

Cited By

Liu BTang M(2024)MS-LW-TIIET Information Security10.1049/2024/88518782024Online publication date: 1-Jan-2024
https://dl.acm.org/doi/10.1049/2024/8851878
Matelski S(2022)Human-Computable OTP Generator as an Alternative of the Two-Factor AuthenticationProceedings of the 2022 European Interdisciplinary Cybersecurity Conference10.1145/3528580.3532842(64-71)Online publication date: 15-Jun-2022
https://dl.acm.org/doi/10.1145/3528580.3532842
Matelski S(2022)Secure Human Identification Protocol with Human-Computable PasswordsInformation Security Practice and Experience10.1007/978-3-031-21280-2_25(452-467)Online publication date: 23-Nov-2022
https://dl.acm.org/doi/10.1007/978-3-031-21280-2_25
Tan TSoh DZhou J(2022)Calibrating Learning Parity with Noise Authentication for Low-Resource DevicesInformation and Communications Security10.1007/978-3-031-15777-6_2(19-36)Online publication date: 5-Sep-2022
https://dl.acm.org/doi/10.1007/978-3-031-15777-6_2
Dodis YQuach WWichs D(2022)Authentication in the Bounded Storage ModelAdvances in Cryptology – EUROCRYPT 202210.1007/978-3-031-07082-2_26(737-766)Online publication date: 30-May-2022
https://dl.acm.org/doi/10.1007/978-3-031-07082-2_26
Lim CKwon T(2022)Strong and Robust RFID Authentication Enabling Perfect Ownership TransferInformation and Communications Security10.1007/11935308_1(1-20)Online publication date: 10-Mar-2022
https://dl.acm.org/doi/10.1007/11935308_1
Yu YZhang J(2021)Smoothing Out Binary Linear Codes and Worst-Case Sub-exponential Hardness for LPNAdvances in Cryptology – CRYPTO 202110.1007/978-3-030-84252-9_16(473-501)Online publication date: 16-Aug-2021
https://dl.acm.org/doi/10.1007/978-3-030-84252-9_16
Bogos SKorolija DLocher TVaudenay S(2021)Towards Efficient LPN-Based Symmetric EncryptionApplied Cryptography and Network Security10.1007/978-3-030-78375-4_9(208-230)Online publication date: 21-Jun-2021
https://dl.acm.org/doi/10.1007/978-3-030-78375-4_9
Aslan BYavuzer Aslan FSakallı M(2020)Energy Consumption Analysis of Lightweight Cryptographic Algorithms That Can Be Used in the Security of Internet of Things ApplicationsSecurity and Communication Networks10.1155/2020/88376712020Online publication date: 1-Jan-2020
https://dl.acm.org/doi/10.1155/2020/8837671
Huang YLi SSun WDai XZhu W(2020)HVH: A Lightweight Hash Function Based on Dual Pseudo-Random TransformationSecurity, Privacy, and Anonymity in Computation, Communication, and Storage10.1007/978-3-030-68884-4_41(492-505)Online publication date: 18-Dec-2020
https://dl.acm.org/doi/10.1007/978-3-030-68884-4_41
Show More Cited By

View Options

View options

Figures

Tables

Media

View Table of Conten