International Association for Cryptologic Research

International Association
for Cryptologic Research

CryptoDB

Refik Molva

Publications

Year
Venue
Title
2015
EPRINT
2015
EPRINT
2014
EPRINT
2014
EPRINT
2010
EPRINT
Tracker: Security and Privacy for RFID-based Supply Chains
The counterfeiting of pharmaceutics or luxury objects is a major threat to supply chains today. As different facilities of a supply chain are distributed and difficult to monitor, malicious adversaries can inject fake objects into the supply chain. This paper presents Tracker, a protocol for object genuineness verification in RFID-based supply chains. More precisely, Tracker allows to securely identify which (legitimate) path an object/tag has taken through a supply chain. Tracker provides privacy: an adversary can neither learn details about an object's path, nor can it trace and link objects in supply chain. Tracker's security and privacy is based on an extension of polynomial signature techniques for run-time fault detection using homomorphic encryption. Contrary to related work, RFID tags in this paper are not required to perform \emph{any computation}, but only feature a few bytes of storage such as ordinary EPC Class 1 Gen 2 tags.
2008
EPRINT
The $F_f$-Family of Protocols for RFID-Privacy and Authentication
In this paper, we present the design of the lightweight $F_f$ family of privacy-preserving authentication protocols for RFID-systems. $F_f$ is based on a new algebraic framework for reasoning about and analyzing this kind of authentication protocols. $F_f$ offers user-adjustable, strong authenticity and privacy against known algebraic and also recent SAT-solving attacks. In contrast to related work, $F_f$ achieves these two security properties without requiring an expensive cryptographic hash function. $F_f$ is designed for a challenge-response protocol, where the tag sends random nonces and the results of HMAC-like computations of one of the nonces together with its secret key. In this paper, the authenticity and privacy of $F_f$ is evaluated using analytical and experimental methods.
1991
CRYPTO