International Association for Cryptologic Research

Ph.D. Database

The aim of the IACR Ph.D. database is twofold. On the first hand, we want to offer an overview of Ph.D. already completed in the domain of cryptology. Where possible, this should also include a subject classification, an abstract, and access to the full text. On the second hand, it deals with Ph.D. subjects currently under investigation. This way, we provide a timely map of contemporary research in cryptology. All entries or changes need to be approved by an editor. You can contact them via phds (at) iacr.org.

Details

Vijayakrishnan Pasupathinathan (#387)
Name Vijayakrishnan Pasupathinathan
Personal Homepage http://www.vkrishnan.com
Institution Macquarie University
Topic of his/her doctorate. Hardware-based Identification and Authentication Systems
Category applications
Ph.D. Supervisor(s) Josef Pieprzyk
Year of completion 2010
Abstract The digitisation of the traditional brick-and-mortar applications has increased our dependence on computing systems. It has also led to an increased usage of such systems, to store and transact, sensitive personal and financial information. The failure to secure such information adequately has resulted in identity theft, credit fraud and related crimes. The lack of protection offered by software-only solutions has led to the development of new security mechanisms, designed using an intermediate hardware device. Such hardware-based security solutions are playing a vital role in many applications that aim to provide security and privacy; this makes it important to study, and solve security issues that arise during the design and implementation of such security solutions. This PhD thesis presents the results of our analysis and design of cryptographic protocols used to construct hardware-based secure systems. In this thesis, we first analyse the security of the passive hardware devices. Standard cryptographic primitives though provide strong security; they are demanding with respect to, power consumption, memory size and circuitry design, thus making them unsuitable for the design of security solutions for passive devices. To illustrate, we consider an application of passive devices in the supply chain and product identification, and provide a security analysis of the EPC Gen2 standard. To resolve the weaknesses identified, we propose an EPC Gen2 compliant authentication protocol that provides locational privacy. We then examine the use of hardware devices in identity documents, where the device capabilities are comparable to those of the semi-passive devices. Here, we consider two recent proposals for electronic passports that rely on hardware-based security. We provide a security analysis of the ICAO first-generation ePassport standard and the EU's proposal for a second generation of ePassports. Resolving the weaknesses identified, we outline our proposal for an online secure ePassport protocol. Lastly, we analyse the identification and authentication mechanisms in active devices. We propose a new pseudonym system based on the security of preserving a high value secret that solves the security and privacy issues arising from deploying active hardware modules. We further discuss the integration of our proposal based on active hardware devices in an application level security protocol.
E-Mail Address vijay (at) cprotocol.com
Last Change 2011-04-16 18:37:18
To provide an update on this entry, please click .

Contact: phds (at) iacr.org

[ IACR home page ] [ IACR PhDs page ] © IACR