## CryptoDB

### Tri Van Le

#### Publications

Year
Venue
Title
2007
EPRINT
Security and privacy in RFID systems is an important and active research area. A number of challenges arise due to the extremely limited computational, storage and communication abilities of a typical RFID tag. This work describes two families of simple, inexpensive, and untraceable identification protocols for RFID tags. The proposed protocols involve minimal interaction between a tag and a reader and place low computational burden on the tag, requiring only a pseudo-random generator. They also impose low computational load on the back-end server. The paper also describes a universally composable security model tuned for RFID applications. By making specific setup, communication, and concurrency assumptions that are realistic in the RFID application setting, we arrive at a model that guarantees strong security and availability properties, while still permitting the design of practical RFID protocols. We show that our protocols are provably secure within the new security model. The security supports, availability, authentication, forward-secure anonymity and key exchange, and modularity. The last attribute is most appropriate for ubiquitous applications.
2006
EPRINT
This paper examines two unlinkably anonymous, simple RFID identification protocols that require only the ability to evaluate hash functions and generate random values, and that are provably secure against Byzantine adversaries. The main contribution is a universally composable security model tuned for RFID applications. By making specific setup, communication, and concurrency assumptions that are realistic in the RFID application setting, we arrive at a model that guarantees strong security and availability properties, while still permitting the design of practical RFID protocols. We show that the two previously proposed protocols are provably secure within the new security model. Our proofs do not employ random oracles---the protocols are shown to be secure in the standard model under the assumption of existence of pseudo-random function families.
2006
EPRINT
Protocols proven secure in universally composable models remain secure under concurrent and modular composition, and may be easily plugged into more complex protocols without having their security re-assessed with each new use. Recently, a universally composable framework has been proposed for Radio-Frequency Identification (RFID) authentication protocols, that simultaneously provides for availability, anonymity, and authenticity. In this paper we extend that framework to support key-compromise and forward-security issues. We also introduce new, provably secure, and highly practical protocols for anonymous authentication and key-exchange by RFID devices. The new protocols are lightweight, requiring only a pseudo-random bit generator. The new protocols satisfy forward-secure anonymity, authenticity, and availability requirements in the Universal Composability model. The proof exploits pseudo-randomness in the standard model.
2003
EPRINT
Rijndael, or the Advanced Encryption Standard, is an interesting cipher from a designer's viewpoint. Over the last few decades, the most notable, and successful attacks against the best block ciphers were linear and differential cryptanalysis. On the other hand, Rijndael is designed from the ground up to resist these attacks, as well as many others, by employing special algebraic properties of its primitive operations. The byte inversion operation over finite field $\mathbb{F}_{256}$ was chosen by its designer to thwart all possibly useful linear and difference invariances, the basic ingredients of linear and differential cryptanalysis. However, by using simple algebraic operations with known properties, the combinations of them may possess many interesting, and unexpected, algebraic properties that were not known at design time. This paper presents such new unknown properties on the combinations of primitive operations of AES.
2003
EPRINT
We construct \emph{efficient} public key steganographic schemes, without resort to any peculiar existence assumption such as unbiased functions. This is the first time such a construction is obtained. Not only our constructions are \emph{secure}, but also are essentially optimal and have \emph{no error} decoding. We achieve this by designing a new primitive called $\ch{P}$-codes.
2003
EPRINT
We define the notion of adative chosen stegotext security. We then construct \emph{efficient} public key steganographic schemes secure against adaptively chosen stegotext attacks, without resort to any special existence assumption such as unbiased functions. This is the first time such a construction is obtained. Not only our constructions are \emph{secure}, but also are essentially optimal and have \emph{no error} decoding. We achieve this by applying a primitive called $\ch{P}$-codes.
1999
ASIACRYPT

#### Coauthors

Mike Burmester (3)
Kaoru Kurosawa (1)
Breno de Medeiros (3)
Khanh Quoc Nguyen (1)