In this work we perform the first comprehensive study of physical-layer identification of RFID transponders. We propose several techniques for the extraction of RFID physical-layer fingerprints. We show that RFID transponders can be accurately identified in a controlled environment based on stable fingerprints corresponding to their physical-layer properties. We tested our techniques on a set o...

In [KK], a new identification scheme based on the Gap Diffie-Hellman problem was proposed at SCIS 2002, and it is shown that the scheme is secure against active attacks under the Gap Diffie-Hellman Intractability Assumption. Paradoxically, this identification scheme is totally breakable under passive attacks. In this paper, we show that any adversary holding only public parameters of the scheme...

This paper investigates a new family of RFID protocols called Ff that grew out of a proposal made at ESORICS 2007. This family has the property of having highly efficient implementations and simultaneously providing some security arguments which shares some features with the HB protocol family. In this work, we exhibit links between the Ff protocol and the LPN problem, and demonstrate two attac...

A fingerprint matching is a very difficult problem. Minutiae-based-matching is the most popular and widely used technique for fingerprint matching. The minutiae points considered in automatic identification systems are based normally on termination and bifurcation points. In this paper we propose a new technique for fingerprint matching using minutiae points and genetic programming. The goal of...

An Extranet is used to connect businesses with their suppliers, customers or other businesses that share common goals in a way that automates their administrative interactions using Internet technology. The security of the communications over Internet is considered an essential feature. To guarantee secure operation the aid of some user authentication infrastructure is needed. This paper introd...

RFID tags travel between partner sites in a supply chain. For privacy reasons, each partner owns the tags present at his site, i.e., the owner is the only entity able to authenticate his tags. When passing tags on to the next partner in the supply chain, ownership of the old partner is transferred to the new partner. In this paper, we propose ROTIV, a protocol that allows secure ownership trans...

We revisit the 3-pass code-based identification scheme proposed by Stern at Crypto’93, and give a new 5-pass protocol for which the probability of the cheater is ≈ 1/2 (instead of 2/3 in the original Stern’s proposal). Furthermore, we propose to use quasi-cyclic construction in order to dramatically reduce the size of the public key. The proposed scheme is zero-knowledge and relies on an NPcomp...