The subliminal channel and digital signatures
Proc. of the EUROCRYPT 84 workshop on Advances in cryptology: theory and application of cryptographic techniques
Subliminal communication is easy using the DSA
EUROCRYPT '93 Workshop on the theory and application of cryptographic techniques on Advances in cryptology
CRYPTO '02 Proceedings of the 22nd Annual International Cryptology Conference on Advances in Cryptology
RSA Key Generation with Verifiable Randomness
PKC '02 Proceedings of the 5th International Workshop on Practice and Theory in Public Key Cryptosystems: Public Key Cryptography
RFID Systems and Security and Privacy Implications
CHES '02 Revised Papers from the 4th International Workshop on Cryptographic Hardware and Embedded Systems
The blocker tag: selective blocking of RFID tags for consumer privacy
Proceedings of the 10th ACM conference on Computer and communications security
Privacy and security in library RFID: issues, practices, and architectures
Proceedings of the 11th ACM conference on Computer and communications security
Proceedings of the thirty-seventh annual ACM symposium on Theory of computing
RFID Privacy: An Overview of Problems and Proposed Solutions
IEEE Security and Privacy
Untraceable RFID tags via insubvertible encryption
Proceedings of the 12th ACM conference on Computer and communications security
Privacy for RFID through trusted computing
Proceedings of the 2005 ACM workshop on Privacy in the electronic society
Tamper-Evident Digital Signature Protecting Certification Authorities Against Malware
DASC '06 Proceedings of the 2nd IEEE International Symposium on Dependable, Autonomic and Secure Computing
Kleptography: using cryptography against cryptography
EUROCRYPT'97 Proceedings of the 16th annual international conference on Theory and application of cryptographic techniques
Exposure-resilient functions and all-or-nothing transforms
EUROCRYPT'00 Proceedings of the 19th international conference on Theory and application of cryptographic techniques
RFID traceability: a multilayer problem
FC'05 Proceedings of the 9th international conference on Financial Cryptography and Data Security
RFID guardian: a battery-powered mobile device for RFID privacy management
ACISP'05 Proceedings of the 10th Australasian conference on Information Security and Privacy
Minimalist cryptography for low-cost RFID tags (extended abstract)
SCN'04 Proceedings of the 4th international conference on Security in Communication Networks
Evaluating 2-DNF formulas on ciphertexts
TCC'05 Proceedings of the Second international conference on Theory of Cryptography
Auditable privacy: on tamper-evident mix networks
FC'06 Proceedings of the 10th international conference on Financial Cryptography and Data Security
High-Power proxies for enhancing RFID privacy and utility
PET'05 Proceedings of the 5th international conference on Privacy Enhancing Technologies
A scalable, delegatable pseudonym protocol enabling ownership transfer of RFID tags
SAC'05 Proceedings of the 12th international conference on Selected Areas in Cryptography
RFID security and privacy: a research survey
IEEE Journal on Selected Areas in Communications
A new cell counter based attack against tor
Proceedings of the 16th ACM conference on Computer and communications security
Authentication in 802.11 LANs using a covert side channel
ICC'09 Proceedings of the 2009 IEEE international conference on Communications
A potential HTTP-based application-level attack against Tor
Future Generation Computer Systems
An 802.11 MAC layer covert channel
Wireless Communications & Mobile Computing
| Hi-index | 0.00 |
We examine covert channels in privacy-enhanced mobile identification devices where the devices uniquely identify themselves to an authorized verifier. Such devices (e.g. RFID tags) are increasingly commonplace in hospitals and many other environments. For privacy, the device outputs used for identification should "appear random" to any entity other than the verifier, and should not allow physical tracking of device bearers. Worryingly, there already exist privacy breaches for some devices [28] that allow adversaries to physically track users. Ideally, such devices should allow anyone to publicly determine that the device outputs are covert-channel free (CCF); we say that such devices are CCF-checkable. Our main result shows that there is a fundamental tension between identifier privacy and CCF-checkability; we show that the two properties cannot co-exist in a single system. We also develop a weaker privacy model where a continuous observer can correlate appearances of a given tag, but a sporadic observer cannot. We also construct a privacy-preserving tag identification scheme that is CCF-checkable and prove it secure under the weaker privacy model using a new complexity assumption. The main challenge addressed in our construction is the enforcement of public verifiability, which allows a user to verify covert-channel-freeness in her device without managing secret keys external to the device.