The aim of the IACR Ph.D. database is twofold. On the first hand, we want to offer an overview of Ph.D. already completed
in the domain of cryptology. Where possible, this should also include a subject classification, an abstract, and
access to the full text.
On the second hand, it deals with Ph.D. subjects
currently under investigation. This way, we provide a timely
map of contemporary research in cryptology.
All entries or changes need to be approved by an editor. You can contact them via phds (at) iacr.org.
Vijayakrishnan Pasupathinathan (#387)
Topic of his/her doctorate.
Hardware-based Identification and Authentication Systems
Year of completion
The digitisation of the traditional brick-and-mortar applications has increased our dependence on computing systems. It has also led to an increased usage of such systems, to store and transact, sensitive personal and financial information. The failure to secure such information adequately has resulted in identity theft, credit fraud and related crimes. The lack of protection offered by software-only solutions has led to the development of new security mechanisms, designed using an intermediate hardware device. Such hardware-based security solutions are playing a vital role in many applications that aim to provide security and privacy; this makes it important to study, and solve security issues that arise during the design and implementation of such security solutions. This PhD thesis presents the results of our analysis and design of cryptographic protocols used to construct hardware-based secure systems.
In this thesis, we first analyse the security of the passive hardware devices. Standard cryptographic primitives though provide strong security; they are demanding with respect to, power consumption, memory size and circuitry design, thus making them unsuitable for the design of security solutions for passive devices. To illustrate, we consider an application of passive devices in the supply chain and product identification, and provide a security analysis of the EPC Gen2 standard. To resolve the weaknesses identified, we propose an EPC Gen2 compliant authentication protocol that provides locational privacy.
We then examine the use of hardware devices in identity documents, where the device capabilities are comparable to those of the semi-passive devices. Here, we consider two recent proposals for electronic passports that rely on hardware-based security. We provide a security analysis of the ICAO first-generation ePassport standard and the EU's proposal for a second generation of ePassports. Resolving the weaknesses identified, we outline our proposal for an online secure ePassport protocol.
Lastly, we analyse the identification and authentication mechanisms in active devices. We propose a new pseudonym system based on the security of preserving a high value secret that solves the security and privacy issues arising from deploying active hardware modules. We further discuss the integration of our proposal based on active hardware devices in an application level security protocol.
vijay (at) cprotocol.com