Improved Security Notions and Protocols for Non-transferable Identification
نویسندگان
چکیده
Different security notions and settings for identification protocols have been proposed so far, considering different powerful adversaries that can play “man-in-the-middle” attacks. In this paper we consider one of the strongest forms of these attacks, namely resettably non-transferable identification introduced in [Bellare et al., Eurocrypt 2001]. This notion immunizes a scheme from powerful adversaries that have physical access to the proving device and can thus reset it to a previous state. We discuss some limitations of existing notions as well as different impossibility results for strong notions of non-transferability. We introduce a strong and achievable notion for resettably non-transferable identification that reflects real scenarios more adequately and show a general protocol that satisfies it. We show how to efficiently instantiate our construction and discuss the viability of our protocol for the next generation of electronic passports (e-passports).
منابع مشابه
Process algebraic modeling of authentication protocols for analysis of parallel multi-session executions
Many security protocols have the aim of authenticating one agent acting as initiator to another agent acting as responder and vice versa. Sometimes, the authentication fails because of executing several parallel sessions of a protocol, and because an agent may play both the initiator and responder role in parallel sessions. We take advantage of the notion of transition systems to specify authen...
متن کاملA Decentralized Online Sortition Protocol
We propose a new online sortition protocol which is decentralized. We argue that our protocol has safety, fairness, randomness, non-reputation and openness properties. Sortition is a process that makes random decision and it is used in competitions and lotteries to determine who is the winner. In the real world, sortition is simply done using a lottery machine and all the participa...
متن کاملA note on the security of two improved RFID protocols
Recently, Baghery et al. [1, 2] presented some attacks on two RFID protocols, namely Yoon and Jung et al. protocols, and proposed the improved version of them. However, in this note, we show that the improved version of the Jung et al. protocol suffers from desynchronization attack and the improved version of the Yoon's protocol suffers from secret disclosure attack. The succe...
متن کاملIEC 60870-5-104 Protocol Security Challenges and Countermeasures Identification
Industrial control systems (ICSs) which are used in critical infrastructure and other industries mostly use various communication protocols. Most of these communication protocols have various cyber security challenges and weakness that give the attackers the opportunity to gain to their malicious intentions. In this paper, we assess IEC 60870-5-104 protocols from security perspective which is u...
متن کاملAbout Machine-Readable Travel Documents Privacy Enhancement Using (Weakly) Non-Transferable Data Authentication
Passports are now equipped with RFID chips that contain private information, biometric data, and a digital signature by issuing authorities. We review most of applicable security and privacy issues. We argue that the main privacy issue is not unauthorized access through radio channel or data skimming as claimed before, but rather the leakage of a digital signature by government authorities for ...
متن کامل