Your search keyword '"Cédric Lauradoux"' showing total 26 results

1. <scp>Desire</scp> : Leveraging the Best of Centralized and Decentralized Contact Tracing Systems

Author

Vincent Roca, Antoine Boutet, Cédric Lauradoux, Adrien Baud, Claude Castelluccia, Pierre-Guillaume Raverdy, Mathieu Cunche, Privacy Models, Architectures and Tools for the Information Society (PRIVATICS), Inria Grenoble - Rhône-Alpes, Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National de Recherche en Informatique et en Automatique (Inria)-CITI Centre of Innovation in Telecommunications and Integration of services (CITI), Institut National des Sciences Appliquées de Lyon (INSA Lyon), Institut National des Sciences Appliquées (INSA)-Université de Lyon-Institut National des Sciences Appliquées (INSA)-Université de Lyon-Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National des Sciences Appliquées de Lyon (INSA Lyon), Institut National des Sciences Appliquées (INSA)-Université de Lyon-Institut National des Sciences Appliquées (INSA)-Université de Lyon, Service Expérimentation et Développement [Paris] (SED), Inria de Paris, Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National de Recherche en Informatique et en Automatique (Inria), CITI Centre of Innovation in Telecommunications and Integration of services (CITI), Université de Lyon-Institut National des Sciences Appliquées (INSA)-Université de Lyon-Institut National des Sciences Appliquées (INSA)-Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National des Sciences Appliquées de Lyon (INSA Lyon), Université de Lyon-Institut National des Sciences Appliquées (INSA)-Université de Lyon-Institut National des Sciences Appliquées (INSA)-Institut National de Recherche en Informatique et en Automatique (Inria)-Inria Grenoble - Rhône-Alpes, Institut National de Recherche en Informatique et en Automatique (Inria), and Université de Lyon-Institut National des Sciences Appliquées (INSA)-Université de Lyon-Institut National des Sciences Appliquées (INSA)-Inria Lyon

Subjects

Risk analysis, Computer Networks and Communications, Computer science, 0211 other engineering and technologies, 02 engineering and technology, Tracing, Computer security, computer.software_genre, Exposure Notification, law.invention, Bluetooth, [INFO.INFO-NI]Computer Science [cs]/Networking and Internet Architecture [cs.NI], law, 020204 information systems, 0202 electrical engineering, electronic engineering, information engineering, National health, 021110 strategic, defence & security studies, Data collection, 3. Good health, Computer Science Applications, Information sensitivity, Hardware and Architecture, Safety Research, computer, Software, Contact tracing, Information Systems

Abstract

Contact tracing in case of pandemic is becoming an essential mitigation tool for national health services to break infection chains and prevent the virus from spreading further. To support manual tracing, several countries have been developing contact tracing apps that detect nearby mobile phones using Bluetooth. Such data collection raised privacy concerns and several privacy-preserving protocols have been proposed to prevent the leakage of personal and sensitive information. These solutions are mainly divided into two categories using a centralized or a decentralized exposure score computation. However, both approaches depict limitations. This article presents Desire , a novel exposure notification system that leverages the best of centralized and decentralized systems. As opposed to existing contact tracing schemes, Desire leverages Private Encounter Tokens ( Pets ) generated locally on the device that uniquely identify an encounter between two nodes while being private and unlinkable by the server. The role of the server is merely to match PETs generated by diagnosed users with the pets provided by requesting users. Our privacy risk analysis shows that Desire drastically improves privacy against malicious users (i.e., limitation of decentralized systems) and authority (i.e., limitation of centralised systems). We implemented Desire , evaluated it in real condition, and show it feasibility.

Published

2022

2. The Pitfalls of Hashing for Privacy

Author

Cédric Lauradoux, Levent Demir, Mathieu Cunche, Amrit Kumar, Privacy Models, Architectures and Tools for the Information Society (PRIVATICS), Inria Grenoble - Rhône-Alpes, Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National de Recherche en Informatique et en Automatique (Inria)-CITI Centre of Innovation in Telecommunications and Integration of services (CITI), Institut National des Sciences Appliquées de Lyon (INSA Lyon), Université de Lyon-Institut National des Sciences Appliquées (INSA)-Université de Lyon-Institut National des Sciences Appliquées (INSA)-Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National des Sciences Appliquées de Lyon (INSA Lyon), Université de Lyon-Institut National des Sciences Appliquées (INSA)-Université de Lyon-Institut National des Sciences Appliquées (INSA)-Inria Lyon, Institut National de Recherche en Informatique et en Automatique (Inria), INCAS-ITSec, Université Grenoble Alpes [2016-2019] (UGA [2016-2019]), CITI Centre of Innovation in Telecommunications and Integration of services (CITI), Institut National des Sciences Appliquées (INSA)-Université de Lyon-Institut National des Sciences Appliquées (INSA)-Université de Lyon-Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National des Sciences Appliquées de Lyon (INSA Lyon), and Institut National des Sciences Appliquées (INSA)-Université de Lyon-Institut National des Sciences Appliquées (INSA)-Université de Lyon-Institut National de Recherche en Informatique et en Automatique (Inria)-Inria Grenoble - Rhône-Alpes

Subjects

Information privacy, Computer science, Data_MISCELLANEOUS, Hash function, 0211 other engineering and technologies, Anonymization, Cryptography, 02 engineering and technology, Computer security, computer.software_genre, [INFO.INFO-CR]Computer Science [cs]/Cryptography and Security [cs.CR], Hashing, Pseudonymization, 0202 electrical engineering, electronic engineering, information engineering, Cryptographic hash function, Index Terms-Anonymity set, Electrical and Electronic Engineering, 021110 strategic, defence & security studies, Data anonymization, Universal hashing, business.industry, Anonymity set, 020206 networking & telecommunications, Balls-into-bins, business, computer, Anonymity

Abstract

International audience; Boosted by recent legislations, data anonymizationis fast becoming a norm. However, as of yet no generic solutionhas been found to safely release data. As a consequence, datacustodians often resort to ad-hoc means to anonymize datasets.Both past and current practices indicate that hashing is oftenbelieved to be an effective way to anonymize data. Unfortunately,in practice it is only rarely effective. This paper is a tutorialto explain the limits of cryptographic hash functions as ananonymization technique. Anonymity set is the best privacymodel that can be achieved by hash functions. However, thismodel has several shortcomings. We provide three case studiesto illustrate how hashing only yields a weakly anonymized data.The case studies include MAC and email address anonymizationas well as the analysis of Google Safe Browsing.Boosted by recent legislations, data anonymizationis fast becoming a norm. However, as of yet no generic solutionhas been found to safely release data. As a consequence, datacustodians often resort to ad-hoc means to anonymize datasets.Both past and current practices indicate that hashing is oftenbelieved to be an effective way to anonymize data. Unfortunately,in practice it is only rarely effective. This paper is a tutorialto explain the limits of cryptographic hash functions as ananonymization technique. Anonymity set is the best privacymodel that can be achieved by hash functions. However, thismodel has several shortcomings. We provide three case studiesto illustrate how hashing only yields a weakly anonymized data.The case studies include MAC and email address anonymizationas well as the analysis of Google Safe Browsing.

Published

2018

3. Security Analysis of Subject Access Request Procedures How to authenticate data subjects safely when they request for their data

Author

Coline Boniface, Nataliia Bielova, Imane Fouad, Cristiana Santos, Cédric Lauradoux, Privacy Models, Architectures and Tools for the Information Society (PRIVATICS), CITI Centre of Innovation in Telecommunications and Integration of services (CITI), Institut National des Sciences Appliquées de Lyon (INSA Lyon), Institut National des Sciences Appliquées (INSA)-Université de Lyon-Institut National des Sciences Appliquées (INSA)-Université de Lyon-Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National des Sciences Appliquées de Lyon (INSA Lyon), Institut National des Sciences Appliquées (INSA)-Université de Lyon-Institut National des Sciences Appliquées (INSA)-Université de Lyon-Institut National de Recherche en Informatique et en Automatique (Inria)-Inria Grenoble - Rhône-Alpes, Institut National de Recherche en Informatique et en Automatique (Inria), Secure Diffuse Programming (INDES), Inria Sophia Antipolis - Méditerranée (CRISAM), Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National de Recherche en Informatique et en Automatique (Inria), Université Toulouse 1 Capitole (UT1), Université Fédérale Toulouse Midi-Pyrénées, ANSWER project PIA FSN2 (P159564-2661789nDOS0060094), ANR-15-IDEX-0002,UGA,IDEX UGA(2015), ANR-18-CE39-0008,PrivaWEB,Protection de la vie privée et le respect de la réglementation ePrivacy pour les utilisateurs Web(2018), Inria Grenoble - Rhône-Alpes, Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National de Recherche en Informatique et en Automatique (Inria)-CITI Centre of Innovation in Telecommunications and Integration of services (CITI), Université de Lyon-Institut National des Sciences Appliquées (INSA)-Université de Lyon-Institut National des Sciences Appliquées (INSA)-Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National des Sciences Appliquées de Lyon (INSA Lyon), Université de Lyon-Institut National des Sciences Appliquées (INSA)-Université de Lyon-Institut National des Sciences Appliquées (INSA)-Inria Lyon, Université Toulouse Capitole (UT Capitole), Université de Toulouse (UT), Lauradoux, Cédric, IDEX UGA - - UGA2015 - ANR-15-IDEX-0002 - IDEX - VALID, and APPEL À PROJETS GÉNÉRIQUE 2018 - Protection de la vie privée et le respect de la réglementation ePrivacy pour les utilisateurs Web - - PrivaWEB2018 - ANR-18-CE39-0008 - AAPG2018 - VALID

Subjects

Security analysis, Authentication, data protection, identity verification, right of access, Computer science, Process (engineering), Subject (documents), Subject access, Computer security, computer.software_genre, privacy, subject access request (SAR), [INFO.INFO-CR]Computer Science [cs]/Cryptography and Security [cs.CR], Data access, Data Protection Act 1998, GDPR, Register of data controllers, computer, [INFO.INFO-CR] Computer Science [cs]/Cryptography and Security [cs.CR]

Abstract

International audience; With the GDPR in force in the EU since May 2018, companies and administrations need to be vigilant about the personal data they process. The new regulation denes rights for data subjects and obligations for data controllers but it is unclear how subjects and controllers interact concretely. This paper tries to answer two critical questions: is it safe for a data subject to exercise the right of access of her own data? When does a data controller have enough information to authenticate a data subject? To answer these questions, we have analyzed recommendations of Data Protection Authorities and authentication practices implemented in popular websites and third-party tracking services. We observed that some data controllers use unsafe or doubtful procedures to authenticate data subjects. The most common flaw is the use of authentication based on a copy of the subject's national identity card transmitted over an insecure channel. We define how a data controller should react to a subject's request to determine the appropriate procedures to identify the subject and her data. We provide compliance guidelines on data access response procedures.

Published

2019

4. Security of Distance-Bounding: A Survey

Author

Aslan Tchamkerten, Muhammed Ali Bingöl, Gerhard P. Hancke, Kasper Bonne Rasmussen, Jorge Munilla, Süleyman Kardaş, Benjamin Martin, Dave Singelée, Gildas Avoine, Chong Hee Kim, Cédric Lauradoux, Rolando Trujillo-Rasua, Serge Vaudenay, Srdjan Capkun, Ioana Boureanu, Alberto Peinado, EMbedded SEcurity and Cryptography (EMSEC), SYSTÈMES LARGE ÉCHELLE (IRISA-D1), Institut de Recherche en Informatique et Systèmes Aléatoires (IRISA), Université de Rennes 1 (UR1), Université de Rennes (UNIV-RENNES)-Université de Rennes (UNIV-RENNES)-Institut National des Sciences Appliquées - Rennes (INSA Rennes), Institut National des Sciences Appliquées (INSA)-Université de Rennes (UNIV-RENNES)-Institut National des Sciences Appliquées (INSA)-Université de Bretagne Sud (UBS)-École normale supérieure - Rennes (ENS Rennes)-Institut National de Recherche en Informatique et en Automatique (Inria)-Télécom Bretagne-CentraleSupélec-Centre National de la Recherche Scientifique (CNRS)-Université de Rennes 1 (UR1), Institut National des Sciences Appliquées (INSA)-Université de Rennes (UNIV-RENNES)-Institut National des Sciences Appliquées (INSA)-Université de Bretagne Sud (UBS)-École normale supérieure - Rennes (ENS Rennes)-Institut National de Recherche en Informatique et en Automatique (Inria)-Télécom Bretagne-CentraleSupélec-Centre National de la Recherche Scientifique (CNRS)-Institut de Recherche en Informatique et Systèmes Aléatoires (IRISA), Institut National des Sciences Appliquées (INSA)-Université de Rennes (UNIV-RENNES)-Institut National des Sciences Appliquées (INSA)-Université de Bretagne Sud (UBS)-École normale supérieure - Rennes (ENS Rennes)-Institut National de Recherche en Informatique et en Automatique (Inria)-Télécom Bretagne-CentraleSupélec-Centre National de la Recherche Scientifique (CNRS), Computer Security and Industrial Cryptography [KU Leuven] (ESAT-COSIC), Department of Electrical Engineering [KU Leuven] (KU-ESAT), Catholic University of Leuven - Katholieke Universiteit Leuven (KU Leuven)-Catholic University of Leuven - Katholieke Universiteit Leuven (KU Leuven), Télécom ParisTech, University of Luxembourg [Luxembourg], Ecole Polytechnique Fédérale de Lausanne (EPFL), Istanbul Technical University (ITÜ), University of Surrey (UNIS), University of Pretoria [South Africa], Batman University, Department of Electrical Engineering [Princeton] (EE), Princeton University, Image et Son, Laboratoire Bordelais de Recherche en Informatique (LaBRI), Université de Bordeaux (UB)-Centre National de la Recherche Scientifique (CNRS)-École Nationale Supérieure d'Électronique, Informatique et Radiocommunications de Bordeaux (ENSEIRB)-Université de Bordeaux (UB)-Centre National de la Recherche Scientifique (CNRS)-École Nationale Supérieure d'Électronique, Informatique et Radiocommunications de Bordeaux (ENSEIRB), Université de Rennes (UR)-Institut National des Sciences Appliquées - Rennes (INSA Rennes), Institut National des Sciences Appliquées (INSA)-Institut National des Sciences Appliquées (INSA)-Université de Bretagne Sud (UBS)-École normale supérieure - Rennes (ENS Rennes)-Institut National de Recherche en Informatique et en Automatique (Inria)-Télécom Bretagne-CentraleSupélec-Centre National de la Recherche Scientifique (CNRS)-Université de Rennes (UR)-Institut National des Sciences Appliquées - Rennes (INSA Rennes), Institut National des Sciences Appliquées (INSA)-Institut National des Sciences Appliquées (INSA)-Université de Bretagne Sud (UBS)-École normale supérieure - Rennes (ENS Rennes)-Institut National de Recherche en Informatique et en Automatique (Inria)-Télécom Bretagne-CentraleSupélec-Centre National de la Recherche Scientifique (CNRS)-Institut de Recherche en Informatique et Systèmes Aléatoires (IRISA), Institut National des Sciences Appliquées (INSA)-Institut National des Sciences Appliquées (INSA)-Université de Bretagne Sud (UBS)-École normale supérieure - Rennes (ENS Rennes)-Institut National de Recherche en Informatique et en Automatique (Inria)-Télécom Bretagne-CentraleSupélec-Centre National de la Recherche Scientifique (CNRS), and Université de Bordeaux (UB)-École Nationale Supérieure d'Électronique, Informatique et Radiocommunications de Bordeaux (ENSEIRB)-Centre National de la Recherche Scientifique (CNRS)-Université de Bordeaux (UB)-École Nationale Supérieure d'Électronique, Informatique et Radiocommunications de Bordeaux (ENSEIRB)-Centre National de la Recherche Scientifique (CNRS)

Subjects

PROTOCOLS, Technology, General Computer Science, Computer science, media_common.quotation_subject, Access control, Cryptography, 02 engineering and technology, relay attacks, Gas meter prover, Computer security, computer.software_genre, Theoretical Computer Science, [INFO.INFO-CR]Computer Science [cs]/Cryptography and Security [cs.CR], Bounding overwatch, Computer Science, Theory & Methods, distance-bounding, 0202 electrical engineering, electronic engineering, information engineering, [INFO]Computer Science [cs], ComputingMilieux_MISCELLANEOUS, media_common, contactless, Authentication, Science & Technology, cryptography, Information security, business.industry, MAFIA, 020206 networking & telecommunications, Payment, distance fraud, mafia fraud, Computer Science, Key (cryptography), 020201 artificial intelligence & image processing, terrorist fraud, proximity check, business, computer, ATTACKS, AUTHENTICATION

Abstract

The file attached to this record is the author's final peer reviewed version. The Publisher's final version can be found by following the DOI link Distance-bounding protocols allow a verifier to both authenticate a prover and evaluate whether the latter is located in his vicinity. These protocols are of particular interest in contactless systems, e.g., electronic payment or access control systems, which are vulnerable to distance-based frauds. This survey analyzes and compares in a unified manner many existing distance-bounding protocols with respect to several key security and complexity features.

Published

2019

5. Duck Attack on Accountable Distributed Systems

Author

Pascal Lafourcade, Cédric Lauradoux, Amrit Kumar, National University of Singapore (NUS), Privacy Models, Architectures and Tools for the Information Society (PRIVATICS), Inria Grenoble - Rhône-Alpes, Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National de Recherche en Informatique et en Automatique (Inria)-CITI Centre of Innovation in Telecommunications and Integration of services (CITI), Institut National des Sciences Appliquées de Lyon (INSA Lyon), Institut National des Sciences Appliquées (INSA)-Université de Lyon-Institut National des Sciences Appliquées (INSA)-Université de Lyon-Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National des Sciences Appliquées de Lyon (INSA Lyon), Institut National des Sciences Appliquées (INSA)-Université de Lyon-Institut National des Sciences Appliquées (INSA)-Université de Lyon, Laboratoire d'Informatique, de Modélisation et d'Optimisation des Systèmes (LIMOS), Ecole Nationale Supérieure des Mines de St Etienne-Centre National de la Recherche Scientifique (CNRS)-Université Clermont Auvergne [2017-2020] (UCA [2017-2020]), Université de Lyon-Institut National des Sciences Appliquées (INSA)-Université de Lyon-Institut National des Sciences Appliquées (INSA)-Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National des Sciences Appliquées de Lyon (INSA Lyon), Université de Lyon-Institut National des Sciences Appliquées (INSA)-Université de Lyon-Institut National des Sciences Appliquées (INSA)-Inria Lyon, Institut National de Recherche en Informatique et en Automatique (Inria), Ecole Nationale Supérieure des Mines de St Etienne (ENSM ST-ETIENNE)-Université Clermont Auvergne [2017-2020] (UCA [2017-2020])-Centre National de la Recherche Scientifique (CNRS), and Lauradoux, Cédric

Subjects

Cryptographic primitive, Exploit, Computer science, business.industry, Secure log, Distributed computing, Hash function, Duck attack, 020206 networking & telecommunications, Cryptography, Public verifiability, 02 engineering and technology, Cryptographic protocol, Data structure, [INFO.INFO-CR]Computer Science [cs]/Cryptography and Security [cs.CR], 020204 information systems, 0202 electrical engineering, electronic engineering, information engineering, Key (cryptography), 020201 artificial intelligence & image processing, Accountability, business, Protocol (object-oriented programming), [INFO.INFO-CR] Computer Science [cs]/Cryptography and Security [cs.CR]

Abstract

International audience; Accountability plays a key role in dependable distributed systems.It allows to detect, isolate and churn malicious/selfish nodes thatdeviate from a prescribed protocol. To achieve these properties, sev-eral accountable systems use at their core cryptographic primitivesthat produce non-repudiable evidence of inconsistent or incorrectbehavior.In this paper, we show how selfish and colluding nodes canexploit the use of cryptographic digests in accountability protocolsto mount what we call a duck attack. In a duck attack, selfish andcolluding nodes exploit the use of cryptographic digests to alter thetransmission of messages while masquerading as honest entities.The end result is that their selfish behavior remains undetected. Thisundermines the security guarantees of the accountability protocols.We first discover the duck attack while analyzing PAG — a cus-tom cryptographic protocol to build accountable systems presentedat ICDCS 2016. We later discover that accountable distributed sys-tems based on a secure log (essentially a hash-based data structure)are also vulnerable to the duck attack and apply it on AcTinG — aprotocol presented at SRDS 2014. To defeat our attack, we modifythe underlying secure log to have high-order dependency on themessages stored in it.

Published

2017

6. Decompression Quines and Anti-Viruses

Author

Mary-Andréa Rakotomanga, Amrit Kumar, Reihaneh Safavi-Naini, Margaux Canet, Cédric Lauradoux, Université Grenoble Alpes [2016-2019] (UGA [2016-2019]), Privacy Models, Architectures and Tools for the Information Society (PRIVATICS), CITI Centre of Innovation in Telecommunications and Integration of services (CITI), Institut National des Sciences Appliquées de Lyon (INSA Lyon), Institut National des Sciences Appliquées (INSA)-Université de Lyon-Institut National des Sciences Appliquées (INSA)-Université de Lyon-Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National des Sciences Appliquées de Lyon (INSA Lyon), Institut National des Sciences Appliquées (INSA)-Université de Lyon-Institut National des Sciences Appliquées (INSA)-Université de Lyon-Institut National de Recherche en Informatique et en Automatique (Inria)-Inria Grenoble - Rhône-Alpes, Institut National de Recherche en Informatique et en Automatique (Inria), University of Calgary, Labex Persyval, ANR-11-LABX-0025,PERSYVAL-lab,Systemes et Algorithmes Pervasifs au confluent des mondes physique et numérique(2011), Inria Grenoble - Rhône-Alpes, Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National de Recherche en Informatique et en Automatique (Inria)-CITI Centre of Innovation in Telecommunications and Integration of services (CITI), Université de Lyon-Institut National des Sciences Appliquées (INSA)-Université de Lyon-Institut National des Sciences Appliquées (INSA)-Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National des Sciences Appliquées de Lyon (INSA Lyon), and Université de Lyon-Institut National des Sciences Appliquées (INSA)-Université de Lyon-Institut National des Sciences Appliquées (INSA)-Inria Lyon

Subjects

Anti-viruses, Exploit, Decompression, Computer science, Compression, [SCCO.COMP]Cognitive science/Computer science, 020206 networking & telecommunications, Denial-of-service attack, 02 engineering and technology, Data_CODINGANDINFORMATIONTHEORY, Computer security, computer.software_genre, Communications system, Denial-of-Service, Quines, [INFO.INFO-CR]Computer Science [cs]/Cryptography and Security [cs.CR], 0202 electrical engineering, electronic engineering, information engineering, [INFO.INFO-SY]Computer Science [cs]/Systems and Control [cs.SY], Overhead (computing), 020201 artificial intelligence & image processing, False positive rate, computer, Hardware_LOGICDESIGN, Hacker, Data compression

Abstract

International audience; Data compression is ubiquitous to any information and communication system. It often reduces resources required to store and transmit data. However, the efficiency of compression algorithms also makes them an obvious target for hackers to mount denial-of-service attacks. In this work, we consider decompression quines, a specific class of compressed files that decompress to themselves. We analyze all the known decompression quines by studying their structures , and their impact on anti-viruses. Our analysis reveals that most of the anti-viruses do not have a suitable architecture in place to detect decompression quines. Even worse, some of them are vulnerable to denial-of-service attacks exploiting quines. Motivated by our findings, we study several quine detectors and propose a new one that exploits the fact that quines and non-quine files do not share the same underlying structure. Our evaluation against different datasets shows that the detector incurs no performance overhead at the expense of a low false positive rate.

Published

2017

7. Energy efficient authentication strategies for network coding

Author

Anya Apavatjrut, Katia Jaffrès-Runser, Antoine Fraboulet, Cédric Lauradoux, Wassim Znaidi, Claire Goursaud, Marine Minier, Smart Wireless Networking (SWING), Inria Grenoble - Rhône-Alpes, Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National de Recherche en Informatique et en Automatique (Inria)-CITI Centre of Innovation in Telecommunications and Integration of services (CITI), Institut National des Sciences Appliquées de Lyon (INSA Lyon), Université de Lyon-Institut National des Sciences Appliquées (INSA)-Université de Lyon-Institut National des Sciences Appliquées (INSA)-Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National des Sciences Appliquées de Lyon (INSA Lyon), Université de Lyon-Institut National des Sciences Appliquées (INSA)-Université de Lyon-Institut National des Sciences Appliquées (INSA), Ambient Middleware Architectures: Service-Oriented, Networked, Efficient and Secured (AMAZONES), CITI Centre of Innovation in Telecommunications and Integration of services (CITI), Université de Lyon-Institut National des Sciences Appliquées (INSA)-Université de Lyon-Institut National des Sciences Appliquées (INSA)-Institut National de Recherche en Informatique et en Automatique (Inria)-Inria Grenoble - Rhône-Alpes, and Institut National de Recherche en Informatique et en Automatique (Inria)

Subjects

Linear Universal Hash Functions, Computer Networks and Communications, Computer science, Distributed computing, Hash function, Throughput, 0102 computer and information sciences, 02 engineering and technology, Network topology, 01 natural sciences, Trees, Theoretical Computer Science, [INFO.INFO-NI]Computer Science [cs]/Networking and Internet Architecture [cs.NI], Pollution Attack, 0202 electrical engineering, electronic engineering, information engineering, Message authentication code, Dissemination, Authentication, MAC, Wireless network, business.industry, 020206 networking & telecommunications, Energy consumption, Denial of Services, Computer Science Applications, Computational Theory and Mathematics, 010201 computation theory & mathematics, Linear network coding, Xor Network Coding, business, Wireless sensor network, Software, Efficient energy use, Computer network

Abstract

Recent advances in information theory and networking, e.g. aggregation, network coding or rateless codes, have significantly modified data dissemination in wireless networks. These new paradigms create new threats for security such as pollution attacks and denial of services (DoS). These attacks exploit the difficulty to authenticate data in such contexts. The particular case of xor network coding is considered herein. We investigate different strategies based on message authentication codes algorithms (MACs) to thwart these attacks. Yet, classical MAC designs are not compatible with the linear combination of network coding. Fortunately, MACs based on universal hash functions (UHFs) match nicely the needs of network coding: some of these functions are linear h(x1⊕x2) = h(x1)⊕h(x2). To demonstrate their efficiency, we consider the case of wireless sensor networks (WSNs). Although these functions can drastically reduce the energy consumption of authentication (up to 68% gain over the classical designs is observed), they increase the threat of DoS. Indeed, an adversary can disrupt all communications by polluting few messages. To overcome this problem, a group testing algorithm is introduced for authentication resulting in a complexity linear in the number of attacks. The energy consumption is analyzed for cross-point and butterfly network topologies with respect to the possible attack scenarios. The results highlight the trade-offs between energy efficiency, authentication and the effective throughput for the different MAC modes. Copyright © 2011 John Wiley & Sons, Ltd.

Published

2011

8. Preserving Privacy in secured ZigBee Wireless Sensor Networks

Author

Jessye Dos Santos, Christine Hennebert, Cédric Lauradoux, Commissariat à l'énergie atomique et aux énergies alternatives - Laboratoire d'Electronique et de Technologie de l'Information (CEA-LETI), Direction de Recherche Technologique (CEA) (DRT (CEA)), Commissariat à l'énergie atomique et aux énergies alternatives (CEA)-Commissariat à l'énergie atomique et aux énergies alternatives (CEA), Privacy Models, Architectures and Tools for the Information Society (PRIVATICS), CITI Centre of Innovation in Telecommunications and Integration of services (CITI), Institut National des Sciences Appliquées de Lyon (INSA Lyon), Institut National des Sciences Appliquées (INSA)-Université de Lyon-Institut National des Sciences Appliquées (INSA)-Université de Lyon-Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National des Sciences Appliquées de Lyon (INSA Lyon), Institut National des Sciences Appliquées (INSA)-Université de Lyon-Institut National des Sciences Appliquées (INSA)-Université de Lyon-Institut National de Recherche en Informatique et en Automatique (Inria)-Inria Grenoble - Rhône-Alpes, Institut National de Recherche en Informatique et en Automatique (Inria), Inria Grenoble - Rhône-Alpes, Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National de Recherche en Informatique et en Automatique (Inria)-CITI Centre of Innovation in Telecommunications and Integration of services (CITI), Université de Lyon-Institut National des Sciences Appliquées (INSA)-Université de Lyon-Institut National des Sciences Appliquées (INSA)-Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National des Sciences Appliquées de Lyon (INSA Lyon), and Université de Lyon-Institut National des Sciences Appliquées (INSA)-Université de Lyon-Institut National des Sciences Appliquées (INSA)-Inria Lyon

Subjects

Computer science, 02 engineering and technology, security, IDS, Computer security, computer.software_genre, privacy, ZigBee WSN, attacks, 0202 electrical engineering, electronic engineering, information engineering, ComputerSystemsOrganization_SPECIAL-PURPOSEANDAPPLICATION-BASEDSYSTEMS, [INFO]Computer Science [cs], Zigbee wireless sensor networks, Protocol (object-oriented programming), SIMPLE (military communications protocol), business.industry, ComputerSystemsOrganization_COMPUTER-COMMUNICATIONNETWORKS, eavesdropping, 020206 networking & telecommunications, 020207 software engineering, Eavesdropping, Information leakage, Identity (object-oriented programming), business, computer, NeuRFon, Computer network

Abstract

International audience; We expose concretely the information leakage occurring in an IEEE 802.15.4-based ZigBee meshed network. We deploy an IoT platform and used a killerbee sniffer to eavesdrop the communication between the motes. Metadata and control traffic are exploited in depth to recover protocol instances, routes, identity, capability and activity of the devices. We experiment different levels of security for the communications from none to the best available. Even when security is enforced, information leakages are not avoided. We propose simple countermeasures to prevent an outsider from monitoring a ZigBee network.

Published

2015

9. Interleaving Cryptanalytic Time-memory Trade-offs on Non-Uniform Distributions

Author

Xavier Carpent, Cédric Lauradoux, Gildas Avoine, EMbedded SEcurity and Cryptography (EMSEC), SYSTÈMES LARGE ÉCHELLE (IRISA-D1), Institut de Recherche en Informatique et Systèmes Aléatoires (IRISA), Université de Rennes (UR)-Institut National des Sciences Appliquées - Rennes (INSA Rennes), Institut National des Sciences Appliquées (INSA)-Institut National des Sciences Appliquées (INSA)-Université de Bretagne Sud (UBS)-École normale supérieure - Rennes (ENS Rennes)-Institut National de Recherche en Informatique et en Automatique (Inria)-Télécom Bretagne-CentraleSupélec-Centre National de la Recherche Scientifique (CNRS)-Université de Rennes (UR)-Institut National des Sciences Appliquées - Rennes (INSA Rennes), Institut National des Sciences Appliquées (INSA)-Institut National des Sciences Appliquées (INSA)-Université de Bretagne Sud (UBS)-École normale supérieure - Rennes (ENS Rennes)-Institut National de Recherche en Informatique et en Automatique (Inria)-Télécom Bretagne-CentraleSupélec-Centre National de la Recherche Scientifique (CNRS)-Institut de Recherche en Informatique et Systèmes Aléatoires (IRISA), Institut National des Sciences Appliquées (INSA)-Institut National des Sciences Appliquées (INSA)-Université de Bretagne Sud (UBS)-École normale supérieure - Rennes (ENS Rennes)-Institut National de Recherche en Informatique et en Automatique (Inria)-Télécom Bretagne-CentraleSupélec-Centre National de la Recherche Scientifique (CNRS), Institut National des Sciences Appliquées - Rennes (INSA Rennes), Institut National des Sciences Appliquées (INSA), Institut Universitaire de France (IUF), Ministère de l'Education nationale, de l’Enseignement supérieur et de la Recherche (M.E.N.E.S.R.), Université Catholique de Louvain = Catholic University of Louvain (UCL), Privacy Models, Architectures and Tools for the Information Society (PRIVATICS), Inria Grenoble - Rhône-Alpes, Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National de Recherche en Informatique et en Automatique (Inria)-CITI Centre of Innovation in Telecommunications and Integration of services (CITI), Institut National des Sciences Appliquées de Lyon (INSA Lyon), Université de Lyon-Institut National des Sciences Appliquées (INSA)-Université de Lyon-Institut National des Sciences Appliquées (INSA)-Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National des Sciences Appliquées de Lyon (INSA Lyon), Université de Lyon-Institut National des Sciences Appliquées (INSA)-Université de Lyon-Institut National des Sciences Appliquées (INSA)-Inria Lyon, Institut National de Recherche en Informatique et en Automatique (Inria), CentraleSupélec-Télécom Bretagne-Université de Rennes 1 (UR1), Université de Rennes (UNIV-RENNES)-Université de Rennes (UNIV-RENNES)-Institut National de Recherche en Informatique et en Automatique (Inria)-École normale supérieure - Rennes (ENS Rennes)-Université de Bretagne Sud (UBS)-Centre National de la Recherche Scientifique (CNRS)-Institut National des Sciences Appliquées - Rennes (INSA Rennes), Institut National des Sciences Appliquées (INSA)-Université de Rennes (UNIV-RENNES)-Institut National des Sciences Appliquées (INSA)-CentraleSupélec-Télécom Bretagne-Université de Rennes 1 (UR1), Institut National des Sciences Appliquées (INSA)-Université de Rennes (UNIV-RENNES)-Institut National des Sciences Appliquées (INSA)-Institut de Recherche en Informatique et Systèmes Aléatoires (IRISA), Institut National des Sciences Appliquées (INSA)-Université de Rennes (UNIV-RENNES)-Institut National des Sciences Appliquées (INSA), Institut National des Sciences Appliquées (INSA)-Université de Rennes (UNIV-RENNES), CITI Centre of Innovation in Telecommunications and Integration of services (CITI), Institut National des Sciences Appliquées (INSA)-Université de Lyon-Institut National des Sciences Appliquées (INSA)-Université de Lyon-Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National des Sciences Appliquées de Lyon (INSA Lyon), and Institut National des Sciences Appliquées (INSA)-Université de Lyon-Institut National des Sciences Appliquées (INSA)-Université de Lyon-Institut National de Recherche en Informatique et en Automatique (Inria)-Inria Grenoble - Rhône-Alpes

Subjects

Password, 021110 strategic, defence & security studies, Theoretical computer science, Interleaving, Computer science, business.industry, Hash function, 0211 other engineering and technologies, 020206 networking & telecommunications, Ranging, 02 engineering and technology, Toolbox, Tree traversal, [INFO.INFO-CR]Computer Science [cs]/Cryptography and Security [cs.CR], Rainbow table, Symmetric-key algorithm, 0202 electrical engineering, electronic engineering, information engineering, business

Abstract

Cryptanalytic time-memory trade-offs TMTO are famous tools available in any security expert toolbox. They have been used to break ciphers such as A5/1, but their efficiency to crack passwords made them even more popular in the security community. While symmetric keys are generated randomly according to a uniform distribution, passwords chosen by users are in practice far from being random, as confirmed by recent leakage of databases. Unfortunately, the technique used to build TMTOs is not appropriate to deal with non-uniform distributions. In this paper, we introduce an efficient construction that consists in partitioning the search set into subsets of close densities, and a strategy to explore the TMTOs associated to the subsets based on an interleaved traversal. This approach results in a significant improvement compared to currently used TMTOs. We experimented our approach on a classical problem, namely cracking 7-character NTLM Hash passwords using an alphabet with 34 special characters. This resulted in speedups ranging from 16 to 76 depending on the input distribution over rainbow tables, which are considered as the most efficient variant of time-memory trade-offs.

Published

2015

10. The Power of Evil Choices in Bloom Filters

Author

Cédric Lauradoux, Thomas Gerbet, Amrit Kumar, Université Joseph Fourier - Grenoble 1 (UJF), Privacy Models, Architectures and Tools for the Information Society (PRIVATICS), CITI Centre of Innovation in Telecommunications and Integration of services (CITI), Institut National des Sciences Appliquées de Lyon (INSA Lyon), Institut National des Sciences Appliquées (INSA)-Université de Lyon-Institut National des Sciences Appliquées (INSA)-Université de Lyon-Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National des Sciences Appliquées de Lyon (INSA Lyon), Institut National des Sciences Appliquées (INSA)-Université de Lyon-Institut National des Sciences Appliquées (INSA)-Université de Lyon-Institut National de Recherche en Informatique et en Automatique (Inria)-Inria Grenoble - Rhône-Alpes, Institut National de Recherche en Informatique et en Automatique (Inria), ANR-11-LABX-0025,PERSYVAL-lab,Systemes et Algorithmes Pervasifs au confluent des mondes physique et numérique(2011), Inria Grenoble - Rhône-Alpes, Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National de Recherche en Informatique et en Automatique (Inria)-CITI Centre of Innovation in Telecommunications and Integration of services (CITI), Université de Lyon-Institut National des Sciences Appliquées (INSA)-Université de Lyon-Institut National des Sciences Appliquées (INSA)-Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National des Sciences Appliquées de Lyon (INSA Lyon), Université de Lyon-Institut National des Sciences Appliquées (INSA)-Université de Lyon-Institut National des Sciences Appliquées (INSA)-Inria Lyon, and INRIA Grenoble

Subjects

Pre-image attack, Secure Hash Algorithm, Computer science, Bloom filters, Hash function, [SCCO.COMP]Cognitive science/Computer science, SWIFFT, Hash functions, 020206 networking & telecommunications, 02 engineering and technology, Bloom filter, Digest truncation, Computer security, computer.software_genre, Denial-of-Service, [INFO.INFO-CR]Computer Science [cs]/Cryptography and Security [cs.CR], SHA-2, 0202 electrical engineering, electronic engineering, information engineering, Cryptographic hash function, Hash chain, 020201 artificial intelligence & image processing, Security of cryptographic hash functions, computer

Abstract

International audience; A Bloom filter is a probabilistic hash-based data structure extensively used in software including onlinesecurity applications. This paper raises the following important question: Are Bloom filters correctly designed in a securitycontext? The answer is no and the reasons are multiple: bad choices of parameters, lack of adversary models and misusedhash functions. Indeed, developers truncate cryptographic digests without a second thought on the security implications.This work constructs adversary models for Bloom filters and illustrates attacks on three applications, namely Scrapy web spider, Bitly Dablooms spam filter and Squid cache proxy. As a general impact, filters are forced to systematically exhibit worst-case behavior. One of the reasons being that Bloom filter parameters are always computed in the average case. We compute the worst-case parameters in adversarial settings, show how to securely and efficiently use cryptographic hash functions and propose several other countermeasures to mitigateour attacks.

Published

2015

11. A Survey of Alerting Websites: Risks and Solutions

Author

Cédric Lauradoux, Amrit Kumar, Privacy Models, Architectures and Tools for the Information Society (PRIVATICS), CITI Centre of Innovation in Telecommunications and Integration of services (CITI), Institut National des Sciences Appliquées de Lyon (INSA Lyon), Institut National des Sciences Appliquées (INSA)-Université de Lyon-Institut National des Sciences Appliquées (INSA)-Université de Lyon-Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National des Sciences Appliquées de Lyon (INSA Lyon), Institut National des Sciences Appliquées (INSA)-Université de Lyon-Institut National des Sciences Appliquées (INSA)-Université de Lyon-Institut National de Recherche en Informatique et en Automatique (Inria)-Inria Grenoble - Rhône-Alpes, Institut National de Recherche en Informatique et en Automatique (Inria), ANR-11-LABX-0025,PERSYVAL-lab,Systemes et Algorithmes Pervasifs au confluent des mondes physique et numérique(2011), Inria Grenoble - Rhône-Alpes, Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National de Recherche en Informatique et en Automatique (Inria)-CITI Centre of Innovation in Telecommunications and Integration of services (CITI), Université de Lyon-Institut National des Sciences Appliquées (INSA)-Université de Lyon-Institut National des Sciences Appliquées (INSA)-Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National des Sciences Appliquées de Lyon (INSA Lyon), and Université de Lyon-Institut National des Sciences Appliquées (INSA)-Université de Lyon-Institut National des Sciences Appliquées (INSA)-Inria Lyon

Subjects

Password, Computer science, business.industry, Internet privacy, [SCCO.COMP]Cognitive science/Computer science, Bloom filter, Private Set Intersection, Computer security, computer.software_genre, Phishing, Data leakages, Credit card, Work (electrical), Telephone number, Cardinality (SQL statements), Private Information Retrieval, business, computer, Private information retrieval

Abstract

International audience; In the recent years an incredible amount of data has been leaked from major websites such as Adobe, Snapchat and LinkedIn. There are hundreds of millions of usernames, email addresses, passwords, telephone numbers and credit card details in the wild. The aftermath of these breaches is the rise of alerting websites such as haveibeenpwned.com, which let users verify if their accounts have been compromised. Unfortunately, these seemingly innocuous websites can be easily turned into phishing tools. In this work, we provide a comprehensive study of the most popular ones. Our study exposes the associated privacy risks and evaluates existing solutions towards designing privacy-friendly alerting websites. In particular, we study three solutions: private set intersection, private set intersection cardinality and private information retrieval adapted to membership testing. Finally, we investigate the practicality of these solutions with respect to real world database leakages.

Published

2015

12. A Privacy Analysis of Google and Yandex Safe Browsing

Author

Amrit Kumar, Cédric Lauradoux, Thomas Gerbet, Université Joseph Fourier - Grenoble 1 (UJF), Privacy Models, Architectures and Tools for the Information Society (PRIVATICS), Inria Grenoble - Rhône-Alpes, Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National de Recherche en Informatique et en Automatique (Inria)-CITI Centre of Innovation in Telecommunications and Integration of services (CITI), Institut National des Sciences Appliquées de Lyon (INSA Lyon), Université de Lyon-Institut National des Sciences Appliquées (INSA)-Université de Lyon-Institut National des Sciences Appliquées (INSA)-Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National des Sciences Appliquées de Lyon (INSA Lyon), Université de Lyon-Institut National des Sciences Appliquées (INSA)-Université de Lyon-Institut National des Sciences Appliquées (INSA)-Inria Lyon, Institut National de Recherche en Informatique et en Automatique (Inria), INRIA, ANR-11-LABX-0025,PERSYVAL-lab,Systemes et Algorithmes Pervasifs au confluent des mondes physique et numérique(2011), CITI Centre of Innovation in Telecommunications and Integration of services (CITI), Institut National des Sciences Appliquées (INSA)-Université de Lyon-Institut National des Sciences Appliquées (INSA)-Université de Lyon-Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National des Sciences Appliquées de Lyon (INSA Lyon), Institut National des Sciences Appliquées (INSA)-Université de Lyon-Institut National des Sciences Appliquées (INSA)-Université de Lyon-Institut National de Recherche en Informatique et en Automatique (Inria)-Inria Grenoble - Rhône-Alpes, and Université Grenoble Alpes [2016-2019] (UGA [2016-2019])

Subjects

Privacy analysis, Computer science, Privacy policy, Internet privacy, 02 engineering and technology, phishing, computer.software_genre, Malware, [INFO.INFO-CL]Computer Science [cs]/Computation and Language [cs.CL], World Wide Web, [INFO.INFO-CR]Computer Science [cs]/Cryptography and Security [cs.CR], Server, 0202 electrical engineering, electronic engineering, information engineering, Private information retrieval, Web browser, business.industry, 020206 networking & telecommunications, Phishing, privacy-set size, Privacy, surveillance, 020201 artificial intelligence & image processing, business, computer, Google Safe browsing

Abstract

International audience; Google and Yandex Safe Browsing are popular services included in many webbrowsers to prevent users from visiting phishing or malware website links. If Safe Browsing servicesprotect their users from losing private information, they also require that their servers receivebrowsing information on the very same users. In this paper, we present an analysis of Googleand Yandex Safe Browsing services from a privacy perspective. We quantify the privacy providedby these services by analyzing the possibility of re-identifying a URL visited by a client. Wehence challenge Google’s privacy policies where they claim that Google can not recover URLsvisited by its users. Our analysis and experimental results show that Google and Yandex SafeBrowsing can potentially be used as a tool to track specific classes of individuals. Additionally, ourinvestigations on the data currently included in Yandex Safe Browsing provides a concrete set ofURLs/domains that can be re-identified without much effort

Published

2015

13. Analysing the privacy policies of Wi-Fi trackers

Author

Levent Demir, Cédric Lauradoux, Mathieu Cunche, Privacy Models, Architectures and Tools for the Information Society (PRIVATICS), CITI Centre of Innovation in Telecommunications and Integration of services (CITI), Institut National des Sciences Appliquées de Lyon (INSA Lyon), Institut National des Sciences Appliquées (INSA)-Université de Lyon-Institut National des Sciences Appliquées (INSA)-Université de Lyon-Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National des Sciences Appliquées de Lyon (INSA Lyon), Institut National des Sciences Appliquées (INSA)-Université de Lyon-Institut National des Sciences Appliquées (INSA)-Université de Lyon-Institut National de Recherche en Informatique et en Automatique (Inria)-Inria Grenoble - Rhône-Alpes, Institut National de Recherche en Informatique et en Automatique (Inria), INRIA, Inria Grenoble - Rhône-Alpes, Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National de Recherche en Informatique et en Automatique (Inria)-CITI Centre of Innovation in Telecommunications and Integration of services (CITI), Université de Lyon-Institut National des Sciences Appliquées (INSA)-Université de Lyon-Institut National des Sciences Appliquées (INSA)-Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National des Sciences Appliquées de Lyon (INSA Lyon), Université de Lyon-Institut National des Sciences Appliquées (INSA)-Université de Lyon-Institut National des Sciences Appliquées (INSA)-Inria Lyon, Institut National des Sciences Appliquées (INSA)-Université de Lyon-Institut National des Sciences Appliquées (INSA)-Université de Lyon-Institut National de Recherche en Informatique et en Automatique (Inria), and Université de Lyon-Institut National des Sciences Appliquées (INSA)-Université de Lyon-Institut National des Sciences Appliquées (INSA)-Institut National de Recherche en Informatique et en Automatique (Inria)

Subjects

physical analytics, MAC address, Computer science, business.industry, BitTorrent tracker, Privacy policy, Hash function, Tracking system, Tracking (particle physics), Computer security, computer.software_genre, privacy, anonymization, [INFO.INFO-CR]Computer Science [cs]/Cryptography and Security [cs.CR], Software, hash function, Wi-Fi tracking, business, computer, ACM: K.: Computing Milieux/K.4: COMPUTERS AND SOCIETY/K.4.1: Public Policy Issues/K.4.1.5: Privacy, Computer network, 802.11

Abstract

Wi-Fi-based tracking systems have recently appeared. By collecting radio signals emitted by Wi-Fi enabled devices, those systems are able to track individuals. They basically rely on the MAC address to uniquely identify each individual. If retailers and business have high expectations for physical tracking, it is also a threat for citizens privacy. We analyse the privacy policies used by the current tracking companies then we show the pitfalls of hash-based anonymization. More particularly we demonstrate that the hash-based anonymization of MAC address used in many Wi-Fi tracking systems can be easily defeated using of-the-shelf software and hardware. Finally we discuss possible solutions for MAC address anonymization in Wi-Fi tracking systems.; Les systèmes de traçages basés sur le Wi-Fi ont récemment fait leur apparition. En collectant les signaux radio émis par les terminaux équipés du Wi-Fi, ces systèmes sont capables de tracer les individus. Ils utilisent l'adresse MAC des terminaux pour identifier de manière unique les personnes. Si les acteurs du commerce physique ont de grandes attentes de ces technologies de traçage physique, elles représentent également une menace pour la vie privée. Nous analysons les politiques de vie privée des principaux acteurs du traçage Wi-Fi et nous montrons l'inefficacité des techniques d'anonymisation par fonction de hachage. Plus particulièrement, nous montrons que les techniques d'anonymisations basées sur les fonctions de hachage, communément utilisés dans les systèmes de traçage Wi-Fi, peuvent être facilement cassées en utilisant des logiciels et du matériel standard. Finalement, nous discutons des solutions alternatives pour l'anonymisation des adresses MAC dans les systèmes de traçage Wi-Fi.

Published

2014

14. Overflow of Fountain Codes in Multi-hop Wireless Sensor Networks

Author

Katia Jaffrès-Runser, Cédric Lauradoux, Anya Apavatjrut, Claire Goursaud, Smart Wireless Networking (SWING), Inria Grenoble - Rhône-Alpes, Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National de Recherche en Informatique et en Automatique (Inria)-CITI Centre of Innovation in Telecommunications and Integration of services (CITI), Institut National des Sciences Appliquées de Lyon (INSA Lyon), Université de Lyon-Institut National des Sciences Appliquées (INSA)-Université de Lyon-Institut National des Sciences Appliquées (INSA)-Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National des Sciences Appliquées de Lyon (INSA Lyon), Université de Lyon-Institut National des Sciences Appliquées (INSA)-Université de Lyon-Institut National des Sciences Appliquées (INSA), IEEE, and Jaffrès-Runser, Katia

Subjects

Computer science, Acknowledgement, 02 engineering and technology, Data_CODINGANDINFORMATIONTHEORY, Hop (networking), ACM: C.: Computer Systems Organization/C.4: PERFORMANCE OF SYSTEMS/C.4.0: Design studies, [INFO.INFO-NI]Computer Science [cs]/Networking and Internet Architecture [cs.NI], Fountain code, 0202 electrical engineering, electronic engineering, information engineering, Network performance, wireless sensor networks, Channel code, [INFO.INFO-NI] Computer Science [cs]/Networking and Internet Architecture [cs.NI], Network packet, business.industry, ComputerSystemsOrganization_COMPUTER-COMMUNICATIONNETWORKS, 020206 networking & telecommunications, ACM: C.: Computer Systems Organization/C.2: COMPUTER-COMMUNICATION NETWORKS, ACM: F.: Theory of Computation/F.0: GENERAL, Linear network coding, ACM: C.: Computer Systems Organization/C.2: COMPUTER-COMMUNICATION NETWORKS/C.2.2: Network Protocols, flooding overhead, fountain codes, acknowledgement, business, Wireless sensor network, Decoding methods, Computer network

Abstract

International audience; This paper concentrates on the proper use of fountain codes for the transmission of sporadic data in a wireless sensor network (WSN). Fountain codes offer great perspectives for the self-organization of WSNs: they self adapt to the channel error rate without control packets. Deploying fountain codes in a WSN raises two problems. First, the size of the data transmitted by a sensor is small in comparison to the size usually considered with fountain codes. Second, WSNs mostly rely on multi-hop transmissions. It implies a non null transmission duration for the end-to-end acknowledgement of the reception. During this period of time, the source is still transmitting useless packets, creating a specific overhead we define as the overflow. This paper brings the overflow problem to light and analyses its impact on the network performance. Our work can be viewed as the networking counterpart of the results presented by Pakzad et al. at ISIT 2005 applied to WSNs.

Published

2011

15. Authentication planning for XOR network coding

Author

Katia Jaffrès-Runser, Cédric Lauradoux, Smart Wireless Networking (SWING), Inria Grenoble - Rhône-Alpes, Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National de Recherche en Informatique et en Automatique (Inria)-CITI Centre of Innovation in Telecommunications and Integration of services (CITI), Institut National des Sciences Appliquées de Lyon (INSA Lyon), Université de Lyon-Institut National des Sciences Appliquées (INSA)-Université de Lyon-Institut National des Sciences Appliquées (INSA)-Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National des Sciences Appliquées de Lyon (INSA Lyon), and Université de Lyon-Institut National des Sciences Appliquées (INSA)-Université de Lyon-Institut National des Sciences Appliquées (INSA)

Subjects

FOS: Computer and information sciences, Computer science, Distributed computing, Throughput, Context (language use), 02 engineering and technology, security, Network topology, message authentication codes, Computer Science - Networking and Internet Architecture, [INFO.INFO-NI]Computer Science [cs]/Networking and Internet Architecture [cs.NI], 0202 electrical engineering, electronic engineering, information engineering, Computer Science::Networking and Internet Architecture, Message authentication code, Computer Science::Cryptography and Security, Networking and Internet Architecture (cs.NI), Authentication, business.industry, 020206 networking & telecommunications, network coding, Wireless sensor networks, Linear network coding, 020201 artificial intelligence & image processing, planning, business, Wireless sensor network, optimization, Computer network, Efficient energy use

Abstract

International audience; This paper formulates the authentication planning problem when network coding is implemented in a wireless sensor network. The planning problem aims at minimizing the energy consumed by the security application which is guarantied using message authentication codes. This paper proposes a binary non-linear optimization formulation for this planning problem whose decision variables are the authentication decision of the nodes and the MAC modes of operation. It is illustrated for a butterfly topology. Results show that there is a real trade-off between energy efficiency and message throughput in this context.; Les réseaux sans-fil sont particulièrement vulnérables aux attaques par pollution dans lesquelles un attaquant externe est capable d'envoyer ces propres messages sur le réseau. Pour pouvoir détecter de telles attaques à la destination, un code d'authentification (MAC: Message Authentication Code en anglais) est rajouté à chaque paquet. Un noeud intermédiaire peut vérifier la validité d'un paquet de façon à limiter la portée de transmission d'un paquet pollué dans le réseau. Dans le cadre d'un réseau fortement contraint en énergie tel qu'un réseau de capteurs, le problème du déploiement d'une stratégie de sécurisation du réseau par MAC se pose. En effet, la consommation énergétique du réseau sera fortement influencée d'une part par le type de MAC utilisé dans le réseau et d'autre part par le choix des relais du réseau qui vérifieront le code des paquets avant de les retransmettre. Nous nous intéressons plus particulièrement au cas où le réseau de capteurs utilise une transmission par codage réseau de par sa plus grande vulnérabilité aux attaques par pollution. Ce type de réseau nécessite l'emploi de MAC dédiés (linéaires). Dans ces travaux, nous proposons une formulation combinatoire du problème de planification de la sécurité. Dans cette formulation, nous minimisons l'énergie totale consommée par le réseau sécurisé pour la transmission d'un paquet par source dans le réseau. Les variables sont les décisions d'authentification binaires des noeuds. Nous illustrons ce modèle pour un réseau papillon pour lequel différentes distributions des probabilités d'attaque sur les liens sont considérées.

Published

2011

16. A Framework for Analyzing RFID Distance Bounding Protocols

Author

Cédric Lauradoux, Gildas Avoine, Benjamin Martin, Muhammed Ali Bingöl, Süleyman Kardaş, Département d'Ingénierie Informatique - UCL (INGI), Université Catholique de Louvain = Catholic University of Louvain (UCL), Istanbul Technical University (ITÜ), Sabanci University [Istanbul], Smart Wireless Networking (SWING), Inria Grenoble - Rhône-Alpes, Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National de Recherche en Informatique et en Automatique (Inria)-CITI Centre of Innovation in Telecommunications and Integration of services (CITI), Institut National des Sciences Appliquées de Lyon (INSA Lyon), Institut National des Sciences Appliquées (INSA)-Université de Lyon-Institut National des Sciences Appliquées (INSA)-Université de Lyon-Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National des Sciences Appliquées de Lyon (INSA Lyon), Institut National des Sciences Appliquées (INSA)-Université de Lyon-Institut National des Sciences Appliquées (INSA)-Université de Lyon, Université de Lyon-Institut National des Sciences Appliquées (INSA)-Université de Lyon-Institut National des Sciences Appliquées (INSA)-Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National des Sciences Appliquées de Lyon (INSA Lyon), and Université de Lyon-Institut National des Sciences Appliquées (INSA)-Université de Lyon-Institut National des Sciences Appliquées (INSA)

Subjects

Theoretical computer science, Relation (database), Computer Networks and Communications, Computer science, Distance Bounding Protocol, 02 engineering and technology, Gas meter prover, Domain (software engineering), Terminology, T Technology (General), [INFO.INFO-CR]Computer Science [cs]/Cryptography and Security [cs.CR], Bounding overwatch, distance-bounding, 0202 electrical engineering, electronic engineering, information engineering, QA Mathematics, Safety, Risk, Reliability and Quality, RFID, Authentication, 020206 networking & telecommunications, Adversary, Hardware and Architecture, authentication, 020201 artificial intelligence & image processing, proximity check, Distance-bounding protocol, Software

Abstract

The file attached to this record is the author's final peer reviewed version. The Publisher's final version can be found by following the DOI link. Many distance bounding protocols appropriate for the RFID technology have been proposed recently. Unfortunately, they are commonly designed without any formal approach, which leads to inaccurate analyzes and unfair comparisons. Motivated by this need, we introduce a unified framework that aims to improve analysis and design of distance bounding protocols. Our framework includes a thorough terminology about the frauds, adversary and prover, thus disambiguating many misleading terms. It also explores the adversary's capabilities and strategies, and addresses the impact of the prover's ability to tamper with his device. It thus introduces some new concepts in the distance bounding domain as the black-box and white-box models, and the relation between the frauds with respect to these models. The relevancy and impact of the framework is finally demonstrated on a study case: Munilla–Peinado distance bounding protocol.

Published

2010

17. Parallel Generation of ℓ-Sequences

Author

Cédric Lauradoux and Andrea Röck

Subjects

Sequence, Decimation, Nonlinear system, Transformation (function), Generator (computer programming), Computer science, Parallelism (grammar), Parallel generation, Algorithm, Shift register

Abstract

The generation of pseudo-random sequences at a high rate is animportant issue in modern communication schemes. The representationof a sequence can be scaled by decimation to obtain parallelism andmore precisely a sub-sequences generator. Sub-sequences generatorsand therefore decimation have been extensively used in the past forlinear feedback shift registers (LFSRs). However, the case ofautomata with a non linear feedback is still in suspend. In thispaper, we have studied how to transform of a feedback with carryshit register (FCSR) into a sub-sequences generator. We examine twosolutions for this transformation, one based on the decimationproperties of l-sequences, i.e.FCSR sequenceswith maximal period, and the other one based on multiple stepsimplementation. We show that the solution based on the decimationproperties leads to much more costly results than in the case ofLFSRs. For the multiple steps implementation, we show how thepropagation of carries affects the design.

Published

2008

18. SOSEMANUK: a fast software-oriented stream cipher

Author

Louis Goubin, Anne Canteaut, Thomas Pornin, Marine Minier, Aline Gouget, Henri Gilbert, Louis Granboulan, Côme Berbain, Nicolas T. Courtois, Cédric Lauradoux, Olivier Billet, Hervé Sibert, France Télécom Recherche & Développement (FT R&D), France Télécom, Coding and cryptography (CODES), Inria Paris-Rocquencourt, Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National de Recherche en Informatique et en Automatique (Inria), University College of London [London] (UCL), Université de Versailles Saint-Quentin-en-Yvelines (UVSQ), Gemalto [Meudon], GEMALTO (GEMALTO), ASTRIUM, EADS - European Aeronautic Defense and Space, Architectures of networks of services (ARES), Inria Grenoble - Rhône-Alpes, Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National de Recherche en Informatique et en Automatique (Inria)-CITI Centre of Innovation in Telecommunications and Integration of services (CITI), Institut National des Sciences Appliquées de Lyon (INSA Lyon), Université de Lyon-Institut National des Sciences Appliquées (INSA)-Université de Lyon-Institut National des Sciences Appliquées (INSA)-Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National des Sciences Appliquées de Lyon (INSA Lyon), Université de Lyon-Institut National des Sciences Appliquées (INSA)-Université de Lyon-Institut National des Sciences Appliquées (INSA), Cryptolog International (Cryptolog), Cryptolog International, NXP Semiconductors, European Network of Excellence ECRYPT, Institut National des Sciences Appliquées (INSA)-Université de Lyon-Institut National des Sciences Appliquées (INSA)-Université de Lyon-Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National des Sciences Appliquées de Lyon (INSA Lyon), and Institut National des Sciences Appliquées (INSA)-Université de Lyon-Institut National des Sciences Appliquées (INSA)-Université de Lyon

Subjects

CBC-MAC, Theoretical computer science, Computer science, SOSEMANUK, Stream cipher attack, 020206 networking & telecommunications, 02 engineering and technology, Parallel computing, [INFO.INFO-CR]Computer Science [cs]/Cryptography and Security [cs.CR], Cipher, Running key cipher, 0202 electrical engineering, electronic engineering, information engineering, 020201 artificial intelligence & image processing, Hardware_ARITHMETICANDLOGICSTRUCTURES, Stream cipher, Transposition cipher, Block cipher

Abstract

The original publication is available at www.springerlink.com; Sosemanuk is a new synchronous software-oriented stream cipher, corresponding to Profile 1 of the ECRYPT call for stream cipher primitives. Its key length is variable between 128 and 256 bits. It ac- commodates a 128-bit initial value. Any key length is claimed to achieve 128-bit security. The Sosemanuk cipher uses both some basic design principles from the stream cipher SNOW 2.0 and some transformations derived from the block cipher SERPENT. Sosemanuk aims at improv- ing SNOW 2.0 both from the security and from the efficiency points of view. Most notably, it uses a faster IV-setup procedure. It also requires a reduced amount of static data, yielding better performance on several architectures.

Published

2008

19. Decim v2

Author

Hervé Sibert, Louis Granboulan, Thomas Pornin, Côme Berbain, Olivier Billet, Aline Gouget, Louis Goubin, Nicolas T. Courtois, Cédric Lauradoux, Blandine Debraize, Anne Canteaut, Marine Minier, Henri Gilbert, France Télécom Recherche & Développement (FT R&D), France Télécom, Coding and cryptography (CODES), Inria Paris-Rocquencourt, Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National de Recherche en Informatique et en Automatique (Inria), University College of London [London] (UCL), Gemalto [Meudon], GEMALTO (GEMALTO), ASTRIUM, EADS - European Aeronautic Defense and Space, Architectures of networks of services (ARES), Inria Grenoble - Rhône-Alpes, Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National de Recherche en Informatique et en Automatique (Inria)-CITI Centre of Innovation in Telecommunications and Integration of services (CITI), Institut National des Sciences Appliquées de Lyon (INSA Lyon), Université de Lyon-Institut National des Sciences Appliquées (INSA)-Université de Lyon-Institut National des Sciences Appliquées (INSA)-Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National des Sciences Appliquées de Lyon (INSA Lyon), Université de Lyon-Institut National des Sciences Appliquées (INSA)-Université de Lyon-Institut National des Sciences Appliquées (INSA), Cryptolog International (Cryptolog), Cryptolog International, NXP Semiconductors, European Network of Excellence ECRYPT, Institut National des Sciences Appliquées (INSA)-Université de Lyon-Institut National des Sciences Appliquées (INSA)-Université de Lyon-Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National des Sciences Appliquées de Lyon (INSA Lyon), and Institut National des Sciences Appliquées (INSA)-Université de Lyon-Institut National des Sciences Appliquées (INSA)-Université de Lyon

Subjects

[INFO.INFO-CC]Computer Science [cs]/Computational Complexity [cs.CC], Decimation, Theoretical computer science, Computer science, MathematicsofComputing_NUMERICALANALYSIS, Initialization, 020206 networking & telecommunications, Data_CODINGANDINFORMATIONTHEORY, 02 engineering and technology, Filter (signal processing), 0202 electrical engineering, electronic engineering, information engineering, 020201 artificial intelligence & image processing, eSTREAM, Hardware_ARITHMETICANDLOGICSTRUCTURES, Stream cipher, Linear feedback shift register

Abstract

The original publication is available at www.springerlink.com; In this paper, we present Decimv2, a stream cipher hardware- oriented selected for the phase 3 of the ECRYPT stream cipher project eSTREAM. As required by the initial call for hardware-oriented stream cipher contribution, Decimv2 manages 80-bit secret keys and 64-bit public initialization vectors. The design of Decimv2 combines two filtering mechanisms: a nonlinear Boolean filter over a LFSR, followed by an irregular decimation mechanism called the ABSG. Since designers have been invited to demonstrate flexibility of their design by proposing vari-ants that take 128-bit keys, we also present a 128-bit security version of Decim called Decim-128.

Published

2008

20. SYND: a Fast Code-Based Stream Cipher with a Security Reduction

Author

Nicolas Sendrier, Cédric Lauradoux, and Philippe Gaborit

Subjects

Reduction (complexity), Generator (computer programming), Computer science, business.industry, Code (cryptography), Cryptography, Pseudorandom generator, Parallel computing, business, Stream cipher, Linear code, Algorithm, Decoding methods

Abstract

In this note we reconsider the code-based pseudorandom generator proposed by Fischer and Stern. This generator is proven as secure as the syndrome decoding problem but has two main drawbacks: it is slow (3000 bits/s) and a large size of memory is needed (88 kiloBytes). We propose a variation on the scheme which avoid them: the use of regular words speeds the system up and the use of quasi-cyclic codes allows a decrease of the memory requirements. We eventually obtain a generator as fast as AES in counter mode using only about 8000 bits of memory. We also give a more precise security reduction.

Published

2007

21. Parallel Generation of l-Sequences

Author

Andrea Röck and Cédric Lauradoux, Röck, Andrea, Lauradoux, Cédric, Andrea Röck and Cédric Lauradoux, Röck, Andrea, and Lauradoux, Cédric

Abstract

The generation of pseudo-random sequences at a high rate is an important issue in modern communication schemes. The representation of a sequence can be scaled by decimation to obtain parallelism and more precisely a sub-sequences generator. Sub-sequences generators and therefore decimation have been extensively used in the past for linear feedback shift registers (LFSRs). However, the case of automata with a non linear feedback is still in suspend. In this work, we have studied how to transform of a feedback with carry shift register (FCSR) into a sub-sequences generator. We examine two solutions for this transformation, one based on the decimation properties of $ell$-sequences, extit{i.e.} FCSR sequences with maximal period, and the other one based on multiple steps implementation. We show that the solution based on the decimation properties leads to much more costly results than in the case of LFSRs. For the multiple steps implementation, we show how the propagation of carries affects the design. par This work represents a cooperation with Cédric Lauradoux and was presented at the international conference on SEquences and Their Applications (SETA) 2008.

Published

2009

22. Performances of Cryptographic Accumulators

Author

Amrit Kumar, Pascal Lafourcade, Cédric Lauradoux, PrograMming and scheduling design fOr Applications in Interactive Simulation (MOAIS), Inria Grenoble - Rhône-Alpes, Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National de Recherche en Informatique et en Automatique (Inria)-Laboratoire d'Informatique de Grenoble (LIG), Institut polytechnique de Grenoble - Grenoble Institute of Technology (Grenoble INP )-Institut National Polytechnique de Grenoble (INPG)-Centre National de la Recherche Scientifique (CNRS)-Université Pierre Mendès France - Grenoble 2 (UPMF)-Université Joseph Fourier - Grenoble 1 (UJF)-Institut polytechnique de Grenoble - Grenoble Institute of Technology (Grenoble INP )-Institut National Polytechnique de Grenoble (INPG)-Centre National de la Recherche Scientifique (CNRS)-Université Pierre Mendès France - Grenoble 2 (UPMF)-Université Joseph Fourier - Grenoble 1 (UJF), Distributed and Complex Systems, VERIMAG (VERIMAG - IMAG), Centre National de la Recherche Scientifique (CNRS)-Institut National Polytechnique de Grenoble (INPG)-Institut polytechnique de Grenoble - Grenoble Institute of Technology (Grenoble INP )-Université Joseph Fourier - Grenoble 1 (UJF)-Centre National de la Recherche Scientifique (CNRS)-Institut National Polytechnique de Grenoble (INPG)-Institut polytechnique de Grenoble - Grenoble Institute of Technology (Grenoble INP )-Université Joseph Fourier - Grenoble 1 (UJF), Privacy Models, Architectures and Tools for the Information Society (PRIVATICS), CITI Centre of Innovation in Telecommunications and Integration of services (CITI), Institut National des Sciences Appliquées de Lyon (INSA Lyon), Institut National des Sciences Appliquées (INSA)-Université de Lyon-Institut National des Sciences Appliquées (INSA)-Université de Lyon-Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National des Sciences Appliquées de Lyon (INSA Lyon), Institut National des Sciences Appliquées (INSA)-Université de Lyon-Institut National des Sciences Appliquées (INSA)-Université de Lyon-Institut National de Recherche en Informatique et en Automatique (Inria)-Inria Grenoble - Rhône-Alpes, Institut National de Recherche en Informatique et en Automatique (Inria), Persyval Labex grant, ANR-11-LABX-0025,PERSYVAL-lab,Systemes et Algorithmes Pervasifs au confluent des mondes physique et numérique(2011), Université Pierre Mendès France - Grenoble 2 (UPMF)-Université Joseph Fourier - Grenoble 1 (UJF)-Institut polytechnique de Grenoble - Grenoble Institute of Technology (Grenoble INP )-Institut National Polytechnique de Grenoble (INPG)-Centre National de la Recherche Scientifique (CNRS)-Université Pierre Mendès France - Grenoble 2 (UPMF)-Université Joseph Fourier - Grenoble 1 (UJF)-Institut polytechnique de Grenoble - Grenoble Institute of Technology (Grenoble INP )-Institut National Polytechnique de Grenoble (INPG)-Centre National de la Recherche Scientifique (CNRS), Université Joseph Fourier - Grenoble 1 (UJF)-Institut polytechnique de Grenoble - Grenoble Institute of Technology (Grenoble INP )-Institut National Polytechnique de Grenoble (INPG)-Centre National de la Recherche Scientifique (CNRS)-Université Joseph Fourier - Grenoble 1 (UJF)-Institut polytechnique de Grenoble - Grenoble Institute of Technology (Grenoble INP )-Institut National Polytechnique de Grenoble (INPG)-Centre National de la Recherche Scientifique (CNRS), Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National de Recherche en Informatique et en Automatique (Inria)-CITI Centre of Innovation in Telecommunications and Integration of services (CITI), Université de Lyon-Institut National des Sciences Appliquées (INSA)-Université de Lyon-Institut National des Sciences Appliquées (INSA)-Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National des Sciences Appliquées de Lyon (INSA Lyon), Université de Lyon-Institut National des Sciences Appliquées (INSA)-Université de Lyon-Institut National des Sciences Appliquées (INSA)-Inria Lyon, Kumar, Amrit, and Laboratoires d'excellence - Systemes et Algorithmes Pervasifs au confluent des mondes physique et numérique - - PERSYVAL-lab2011 - ANR-11-LABX-0025 - LABX - VALID

Subjects

021110 strategic, defence & security studies, Cryptographic primitive, Computer science, business.industry, Distributed computing, 0211 other engineering and technologies, Value (computer science), [SCCO.COMP]Cognitive science/Computer science, Cryptography, 02 engineering and technology, Bloom filter, Space (commercial competition), Data structure, Set (abstract data type), [SCCO.COMP] Cognitive science/Computer science, Cryptographic accumulators, 0202 electrical engineering, electronic engineering, information engineering, Performance Analysis, 020201 artificial intelligence & image processing, Hydraulic accumulator, business

Abstract

International audience; Cryptographic accumulators are space/time efficient data structures used to verify if a value belongs to a set. They have found many applications in networking and distributed systems since their in- troduction by Benaloh and de Mare in 1993. Despite this popularity, there is currently no performance evaluation of the different existing de- signs. Symmetric and asymmetric accumulators are used likewise without any particular argument to support either of the design. We aim to es- tablish the speed of each design and their application's domains in terms of their size and the size of the values.

23. Hardware Implementation of the GPS authentication

Author

Cédric Lauradoux, Tanguy Risset, Mickaël Dardaillon, Software and Cognitive radio for telecommunications (SOCRATE), Inria Grenoble - Rhône-Alpes, Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National de Recherche en Informatique et en Automatique (Inria)-CITI Centre of Innovation in Telecommunications and Integration of services (CITI), Institut National des Sciences Appliquées de Lyon (INSA Lyon), Université de Lyon-Institut National des Sciences Appliquées (INSA)-Université de Lyon-Institut National des Sciences Appliquées (INSA)-Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National des Sciences Appliquées de Lyon (INSA Lyon), Université de Lyon-Institut National des Sciences Appliquées (INSA)-Université de Lyon-Institut National des Sciences Appliquées (INSA), CITI Centre of Innovation in Telecommunications and Integration of services (CITI), Université de Lyon-Institut National des Sciences Appliquées (INSA)-Université de Lyon-Institut National des Sciences Appliquées (INSA)-Institut National de Recherche en Informatique et en Automatique (Inria), and Région Rhône Alpes ADR 11 01302401

Subjects

FOS: Computer and information sciences, Computer Science - Cryptography and Security, business.industry, Computer science, GPS, parallel/serial implementation, 02 engineering and technology, Gas meter prover, Cryptographic protocol, multiplication by a constant, 020202 computer hardware & architecture, NESSIE, Protocol stack, [INFO.INFO-CR]Computer Science [cs]/Cryptography and Security [cs.CR], Embedded system, Authentication protocol, 0202 electrical engineering, electronic engineering, information engineering, Global Positioning System, 020201 artificial intelligence & image processing, Multiplier (economics), business, Field-programmable gate array, Cryptography and Security (cs.CR), Computer hardware

Abstract

In this paper, we explore new area/throughput trade- offs for the Girault, Poupard and Stern authentication protocol (GPS). This authentication protocol was selected in the NESSIE competition and is even part of the standard ISO/IEC 9798. The originality of our work comes from the fact that we exploit a fixed key to increase the throughput. It leads us to implement GPS using the Chapman constant multiplier. This parallel implementation is 40 times faster but 10 times bigger than the reference serial one. We propose to serialize this multiplier to reduce its area at the cost of lower throughput. Our hybrid Chapman's multiplier is 8 times faster but only twice bigger than the reference. Results presented here allow designers to adapt the performance of GPS authentication to their hardware resources. The complete GPS prover side is also integrated in the network stack of the PowWow sensor which contains an Actel IGLOO AGL250 FPGA as a proof of concept., ReConFig - International Conference on ReConFigurable Computing and FPGAs (2012)

24. Security of Distance−Bounding: A Survey

Author

Gildas, Avoine, Muhammed, Ali Bingöl, Ioana, Boureanu, Srdjan, Čapkun, Gerhard, Hancke, Süleyman, Kardaş, Chong, Hee Kim, Cédric, Lauradoux, Benjamin, Martin, Jorge, Munilla, Alberto, Peinado, Kasper, Rasmussen, Dave, Singelée, Aslan, Tchamkerten, Trujillo Rasua, Rolando, Serge, Vaudenay, Gildas, Avoine, Muhammed, Ali Bingöl, Ioana, Boureanu, Srdjan, Čapkun, Gerhard, Hancke, Süleyman, Kardaş, Chong, Hee Kim, Cédric, Lauradoux, Benjamin, Martin, Jorge, Munilla, Alberto, Peinado, Kasper, Rasmussen, Dave, Singelée, Aslan, Tchamkerten, Trujillo Rasua, Rolando, and Serge, Vaudenay

Abstract

Distance bounding protocols allow a verifier to both authenticate a prover and evaluate whether the latter is located in his vicinity. These protocols are of particular interest in contactless systems, e.g. electronic payment or access control systems, which are vulnerable to distance-based frauds. This survey analyzes and compares in a unified manner many existing distance bounding protocols with respect to several key security and complexity features.

25. Security of Distance−Bounding: A Survey

Author

Gildas, Avoine, Muhammed, Ali Bingöl, Ioana, Boureanu, Srdjan, Čapkun, Gerhard, Hancke, Süleyman, Kardaş, Chong, Hee Kim, Cédric, Lauradoux, Benjamin, Martin, Jorge, Munilla, Alberto, Peinado, Kasper, Rasmussen, Dave, Singelée, Aslan, Tchamkerten, Trujillo Rasua, Rolando, Serge, Vaudenay, Gildas, Avoine, Muhammed, Ali Bingöl, Ioana, Boureanu, Srdjan, Čapkun, Gerhard, Hancke, Süleyman, Kardaş, Chong, Hee Kim, Cédric, Lauradoux, Benjamin, Martin, Jorge, Munilla, Alberto, Peinado, Kasper, Rasmussen, Dave, Singelée, Aslan, Tchamkerten, Trujillo Rasua, Rolando, and Serge, Vaudenay

Abstract

Distance bounding protocols allow a verifier to both authenticate a prover and evaluate whether the latter is located in his vicinity. These protocols are of particular interest in contactless systems, e.g. electronic payment or access control systems, which are vulnerable to distance-based frauds. This survey analyzes and compares in a unified manner many existing distance bounding protocols with respect to several key security and complexity features.

26. Security of an UWB-IR Link

Author

Benfarah , Ahmed, CITI Centre of Innovation in Telecommunications and Integration of services ( CITI ), Institut National des Sciences Appliquées de Lyon ( INSA Lyon ), Université de Lyon-Institut National des Sciences Appliquées ( INSA ) -Université de Lyon-Institut National des Sciences Appliquées ( INSA ) -Institut National de Recherche en Informatique et en Automatique ( Inria ), INSA de Lyon, Cédric Lauradoux, Jean-Marie Gorce, STAR, ABES, CITI Centre of Innovation in Telecommunications and Integration of services (CITI), Institut National des Sciences Appliquées de Lyon (INSA Lyon), and Université de Lyon-Institut National des Sciences Appliquées (INSA)-Université de Lyon-Institut National des Sciences Appliquées (INSA)-Institut National de Recherche en Informatique et en Automatique (Inria)

Subjects

[SPI.OTHER]Engineering Sciences [physics]/Other, Couche physique UWB-IR, [ SPI.OTHER ] Engineering Sciences [physics]/Other, [SPI.OTHER] Engineering Sciences [physics]/Other, Brouillage, Wireless communication, Protocole délimiteur de distance, Radio impulsionnelle ultra large bande - UWB-IR, Distance bounding protocol, Relay attacks, Attaque par relais, Vulnérabilité de sécurité, Ultra WideBand Impulse Radio - UWB-IR, Communication sans fil, Télécommunications, Jamming, Security vulnerability, Embedding

Abstract

Due to the shared nature of wireless medium, wireless communications are more vulnerable to security threats. In my PhD work, I focused on two types of threats: relay attacks and jamming. UWB-IR physical layer technology has seen a great development during the last decade which makes it a promising candidate for short range wireless communications. My main goal was to exploit UWB-IR physical layer characteristics in order to reinforce security of wireless communications. By the simple way of signal relaying, the adversary can defeat wireless authentication protocols. The first countermeasure proposed to thwart these relay attacks was distance bounding protocol. The concept of distance bounding relies on the combination of two sides: an authentication cryptographic side and a distance checking side. In this context, I propose two new distance bounding protocols that significantly improve the security of existing distance bounding protocols by means of UWB-IR physical layer parameters. The first protocol called STHCP is based on using secret time-hopping codes. Whereas, the second called SMCP is based on secret mapping codes. Security analysis and comparison to the state of the art highlight various figures of merit of my proposition. Jamming consists in the emission of noise over the channel while communication is taking place and constitutes a major problem to the security of wireless communications. In a first contribution, I have determined worst case Gaussian noise parameters (central frequency and bandwidth) against UWB-IR communication employing PPM modulation and a non-coherent receiver. The metric considered for jammer optimization is the signal-to-jamming ratio at the output of the receiver. In a second contribution, I propose a new jamming model by analogy to attacks against ciphering algorithms. The new model leads to distinguish various jamming scenarios ranging from the best case to the worst case. Moreover, I propose a modification of the UWB-IR physical layer which allows to restrict any jamming problem to the most favorable scenario. The modification is based on using a cryptographic modulation depending on a stream cipher. The new radio has the advantage to combine the resistance to jamming and the protection from eavesdropping. Finally, I focused on the problem of security embedding on an existing UWB-IR network. Security embedding consists in adding security features directly at the physical layer and sending them concurrently with data. The embedding mechanism should satisfy a compatibility concern to existing receivers in the network. I propose two new embedding techniques which rely on the superposition of a pulse orthogonal to the original pulse by the form or by the position. Performances analysis reveal that both embedding techniques satisfy all system design constraints., Du fait de la nature ouverte et partagée du canal radio, les communications sans fil souffrent de vulnérabilités sérieuses en terme de sécurité. Dans ces travaux de thèse, je me suis intéressé particulièrement à deux classes d’attaques à savoir l’attaque par relais et l’attaque par déni de service (brouillage). La technologie de couche physique UWB-IR a connu un grand essor au cours de cette dernière décennie et elle est une candidate intéressante pour les réseaux sans fil à courte portée. Mon objectif principal était d’exploiter les caractéristiques de la couche physique UWB-IR afin de renforcer la sécurité des communications sans fil. L’attaque par relais peut mettre à défaut les protocoles cryptographiques d’authentification. Pour remédier à cette menace, les protocoles de distance bounding ont été proposés. Dans ce cadre, je propose deux nouveaux protocoles (STHCP : Secret Time-Hopping Code Protocol et SMCP : Secret Mapping Code Protocol) qui améliorent considérablement la sécurité des protocoles de distance bounding au moyen des paramètres de la radio UWB-IR. Le brouillage consiste en l’émission intentionnelle d’un signal sur le canal lors du déroulement d’une communication. Mes contributions concernant le problème de brouillage sont triples. D’abord, j’ai déterminé les paramètres d’un brouilleur gaussien pire cas contre un récepteur UWB-IR non-cohérent. En second lieu, je propose un nouveau modèle de brouillage par analogie avec les attaques contre le système de chiffrement. Troisièmement, je propose une modification rendant la radio UWB-IR plus robuste au brouillage. Enfin, dans une dernière partie de mes travaux, je me suis intéressé au problème d’intégrer la sécurité à un réseau UWB-IR en suivant l’approche d’embedding. Le principe de cette approche consiste à superposer et à transmettre les informations de sécurité simultanément avec les données et avec une contrainte de compatibilité. Ainsi, je propose deux nouvelles techniques d’embedding pour la couche physique UWB-IR afin d’intégrer un service d’authentification.

Published

2013