function of a message and the key using Rabin’s function and only releasing a small number of
consecutive bits from the ciphertext. Although it strips the MAC from an inversion property, which is mandatory in an encryption scheme, this last feature allowed S UASH to be suitable for constrained environments. Pushing this reasoning even further, Shamir proposed to use Mersenne numbers of unknown factorization for the Rabin function as the special form of such numbers induces a signi cant simpli cation of Rabin’s modular reduction. All these optimizations allowed Shamir to estimate the number of gate equivalents needed for the - nal proposal S UASHto be around half the number of gates needed by the hardwareoriented stream cipher G - [HJMM ], i.e., around 850 GE. Nevertheless, all those simpli cations were claimed to not a ect the security of the MAC. As a proof, Shamir gave a “blame-game” argument which consists of saying that any successful attack against S UASH could be translated in an attack against the Rabin cryptosystem. erefore, if there was any weakness in S UASH’s design, it is Rabin’s scheme that should be blamed for. With the latter’s security having tight bounds with the factorization problem, S UASH was backed up with solid arguments.
Besides the practical S UASHproposal, two theoretical versions were proposed, the rst one which we call S UASH- , proposed to use a Linear Feedback Shi Register (LFSR) that is loaded with the XOR of the key and the message to MAC. is version was proposed in [Sha ]. As it was quickly shown to be insecure when no window truncation was used, i.e., if all the Rabin ciphertext was released, Shamir proposed to replace the LFSR by a nonlinear function [Sha ]. Still, both versions stood on the same security arguments. Note that S UASHis an aggressive proposal for which the blame-game argument does not hold.
In Chapter , we challenge S UASH’s blame-game argument by mounting a key recovery attack on the rst version, S UASH-0. We show that when using the recommended Mersenne number 21 277 1 for the modulus of Rabin’s function, the secret key can be recovered a er 210 pairs consisting of messages and their MACs. Of course, our attack does not rely on factoring the modulus and works by manipulating the entries of the mixing function. Unfortunately, the attack does not extend to the version in which the mixing function is a non-linear mapping. Despite that, our attack leads to the conclusion that the security guarantees behind S UASH do not hold. So, although there is no concrete attack on the nal S UASH proposal, its exact level of security is unknown.
ese results were part of an earlier research paper published at EuroCrypt [OV ].
1.2Privacy Issues in RFID Systems
Besides needing dedicated cryptographic primitives to ensure security, the massive deployment of contactless devices such as RFID tags introduced a whole set of new threats related to the privacy of their wielders. Indeed, the particularity of these devices of communicating over the air presents several attractive advantages. Unfortunately, it also makes them much
.
|
|
more vulnerable as this feature permits any entity in a reasonably close distance to monitor all their communications. Not only that, but those attackers can also access the device and interact with it at will. In spite of the speci cations that may claim otherwise, this treat is even more serious to consider as the distance from which a tag can be accessed ranges from aroundcm for passive tags to more than m for active ones.
AsAvoineandOechslinnoted[AO ],theprivacyofRFIDsisaproblemexceedingasingle layer and needs to be addressed in every layer of the Open Systems Interconnection (OSI) model. In this dissertation, we concentrate on the higher ones and study privacy at the level of protocols.
e traditional cryptographic requirement was limited to security, which roughly summarizes in prohibiting the adversary from having access to sensitive content she should not have had access to. e nowadays availability of contactless devices introduced the possibility for a malicious adversary to trace or track an RFID tag. Being able to track such a tag constites a mean to automatically trace its holder. It was the threat caused by this leakage of privacy that led to the constitution of several organizations devoted to thwart the spread of this technology such as the Boycott Benetton campaign [Ben] and the CASPIAN groups’s protest against the introduction of RFID chips in supermarkets [CAS].
In the second part of this thesis, we discuss and study how privacy can be protected in RFID authentication protocols. For that, we study the problem of formalizing what is a privacy leakage. We claim that this formalism is needed and is the reason of the failure of many authentication protocols. A er that, we consider the protocols that can be used to obtain privacy preserving protocols that can be used in RFID systems.
. . e Need of a Privacy Model
To motivate the need of a privacy model, we show in Chapter how several RFID protocols, whose security are either based on adhoc arguments or were proven in an inadequate model, fail to protect the privacy of the tag. More explicitly, we mount tracing attacks on ProbIP [CS ], MARP [KYK ], Auth [TSL ], and Tsudik’s YA-TRAP [Tsu ] along with its variants YA-TRAP+ and O-TRAP [LBdM ]. We stress that all these protocols have the common property of not being supported by a rigorous security proof, but were based on rather informal arguments. e point of these cryptanalysis is mainly to demonstrate how crucial it is for protocols in general, and lightweight ones in this context, to be supported by a sound proof that quanti es the expected security.
Still, using an inappropriate model for assessing the privacy of schemes opens the door to attacks leading to privacy leakage. To illustrate this point, we give tracing attacks for the LimKwon protocol [LK ] which used an adhoc model presented in the same paper to prove that the scheme is both forward and backward private (Forward privacy deals with the privacy of the scheme before the tag’s secrets leak to the adversary while, backward privacy looks at sessions occurring a er that leakage). We also show limitations of corruption in the model
.
proposed by Van Le, Burmester and de Medeiros [LBdM ]. For that, we prove that O-FRAP
and O-FRAKE, proposed in the same paper as an illustration of how the framework would apply to prove privacy, do not provide Forward privacy. e conclusion from this analysis is to emphasize the importance of having a model whose de nitions correctly mirrors the requirements of privacy.
ese results, with others not covered in this thesis, were published in two papers presented at ISPEC [OP a] and ACNS [OP b]. Some parts of them also appeared in an article published in the Wireless Personal Communications journal [OPSW ].
. . Our Privacy Model
Chapters to are devoted to present our privacy model. Our starting point is Vaudenay’s work[Vau ]asweretainitsunderlyingintuitionthatprivacyistheinabilityforanyadversary in extracting any information from protocol messages. We start by recalling and adapting some of its de nitions in Chapter . We also compare the model with other proposals we describe in Chapter , namely Juels and Weis model [JW ] and the zero-knowledge privacy model introduced in [DLYZ ]. Our conclusion from this comparison is that any privacy leakage detected in the previous two models is detected in Vaudenay’s model.
However, Vaudenay’s de nitions induce one unnatural result in the impossibility of designing a protocol that provides privacy protection against adversaries who have an a priori knowledge of the tag’s secrets and have access to the result of protocol sessions. In Chapter , we argue that this impossibility is the result of a mismatch between the actual de nition of privacy and the notion it aims to implement. erefore, we update the de nition to ll that gap. Moreover, we show that using a plaintext-aware public-key encryption scheme leads to a protocol achieving this level of privacy. On a side note, we show that the same level of privacy cannot be achieved by a public-key encryption scheme secure against chosen ciphertext attacks (IND-CCA ), hence, giving one of the sole applications of plaintext-awareness that is independent from IND-CCA.
at impossibility result also had implications for protocols with mutual authentication, i.e., in which the reader is also required to authenticate to the tag. In a critical work of Paise and Vaudenay’s model, Armknecht, Sadeghi, Scafuro, Visconti, and Wachsmann [ASS+ ] showed that no protocol with mutual authentication achieves security and privacy with respect to adversaries who have knowledge of all the tags’ secrets, but do not see the result of protocol instances (Such a level of security and privacy is achievable in unilateral authentication protocols by an IND-CCA secure encryption scheme). is result comes as a direct contradiction to Paise and Vaudenay’s IND-CCA based protocol that was supposed to achieve it. Although we agree with Armknecht et al. on their results, we still show that Paise and Vaudenay’s scheme is Forward private. We also argue why their results do not hold under our corrected model and demonstrate that the strongest form of privacy is achievable in conjonction with security for mutual authentication protocols by proposing a concrete RFID
.
|
|
protocol. Again, we rely on plaintext-aware encryption schemes to instantiate this protocol. is extension is the subject of Chapter .
.