Workshop on Cryptography for the Internet of Things

November 20 - 21, 2012, Antwerp, Belgium

Network of Excellence in Cryptology

Titles and abstracts of invited talks

Gildas Avoine (Université catholique de Louvain, Belgium)
Relay Attacks and Distance Bounding Protocols
We will describe in this presentation relay attacks against authentication protocols and their practical feasibility. We will then extend the relay attacks to more powerful attacks, including the Mafia Fraud and the Terrorist Fraud. After the description of the frauds, we will focus the presentation on the distance bounding protocols, which aim to thwart the considered attacks. Research on distance bounding protocols is an emerging theoretical topic, yet with direct practical impact.

Daniel J. Bernstein (University of Illinois at Chicago, USA, and Technische Universiteit Eindhoven, Netherlands)
High-speed cryptography for mobile devices
Imagine the Internet of Things a few years from now: at every moment you're within radio distance of thousands of small networked devices. All of those devices will talk to, and to some extent be controlled by, your smartphone. These communications will require cryptographic protection; but can your smartphone keep up with the load? This talk will discuss the state of the art in smartphone cryptography.

Guido Bertoni (STMicroelectronics, Italy)
Permutation based cryptography for IoT
In the recent years we have proposed cryptographic constructions based on fixed width permutations addressing different security needs. In this talk we present an overview on how you can implement all cryptographic functions required by Internet of Things with a single lightweight permutation and a public key algorithm.
This is a joint work with Joan Daemen, Michael Peeters and Gilles Van Assche

Junfeng Fan and Ingrid Verbauwhede (K.U. Leuven, Belgium)
Light weight, secure implementations of cryptographic algorithms
Medical applications, wireless sensor networks and many other portable applications are only possible if we can build devices that can perform the mathematically demanding cryptographic operations in an efficient way. Unfortunately, many of these sensor nodes, RFID tags and others, operate under extremely limited power, energy and area constraints. Yet we expect that they can execute, often in real-time, the symmetric key, public key and/or hash functions needed for the application. At the same time, we request that the implementations are also secure against a wide range of physical attacks.
This presentation will focus on the implementation aspects of cryptographic operations on resource constrained devices. To reach the extremely low power, low energy and area budgets, we need to consider in an integrated way the protocols, the algorithms, the architectures and the circuit aspects of the application. This will be illustrated with the design of several cryptographic co-processors suitable for implementation in ASIC or FPGA.
More specifically, in the second half of the presentation, design details will be given over an ultra low energy ECC core.

Tim Güneysu (Ruhr-Universität Bochum, Germany)
Compact Implementation and Performance Evaluation of Hash Functions in ATtiny Devices
The pervasive diffusion of electronic devices in security and privacy sensitive applications has boosted research in cryptography. In this context, the study of lightweight algorithms has been a very active direction over the last years. In general, symmetric cryptographic primitives are good candidates for low-cost implementations. For example, several previous works have investigated the performances of block ciphers on various platforms. Motivated by the recent SHA3 competition, this project extends these studies to another family of cryptographic primitives, namely hash functions. We implemented different algorithms on an ATMEL AVR ATtiny45 8-bit microcontroller, and provide their performance evaluation. All the implementations were carried out with the goal of minimizing the code size and memory utilization, and are evaluated using a common interface. As part of our contribution, we make all the corresponding source codes available on a web page, under an open-source license. We hope that this work provides a good basis for researchers and embedded system designers who need to include more and more functionalities in next generation smart devices.

Jens Hermans (K.U. Leuven, Belgium)
Privacy Preserving Protocols
A cheap wireless device that responds to every query it receives and maybe even authenticates. It's the classical recipe for tracing goods in supply chains, ticketing, access control... But also a potential privacy breach waiting to be abused.
In this talk we look at the different privacy threats and the ways to model these. We discuss several possible solutions to achieve an appropriate privacy and security level for different applications.

Miroslav Knezevic (NXP, Belgium)
Lightweight Cryptography - A Battle for a Single Gate
In this talk we will make an overview and outline the importance of lightweight cryptography in the world of security. We will talk about good practices for designing lightweight cryptographic primitives, mainly focusing on block ciphers and hash functions. Finally, we will discuss the importance of latency in these primitives - a performance factor that has not been sufficiently addressed in the literature.

Paul Lukowicz (DFKI and Technical University of Kaiserslautern, Germany)
Ubiquitous Computing

Christof Paar (Ruhr-Universität Bochum, Germany)
Efficient E-cash in Practice: Privacy-Preserving Payments for Intelligent Transportation Systems with Contactless Tokens
Near field communication (NFC) is a new popular technology that will facilitate many aspects of payments with mobile tokens. It will especially be useful in the domain of intelligent transportation payment systems, where electronic payments are greatly appreciated, due to advantages with respect to throughput, capabilities (congestion-based pricing etc.) and convenience. At the same time, electronic payments often sacrifice the user's privacy, including loss of locational privacy of users. E-cash allows for the execution of secure payments without revealing a user's identity. Even though e-cash protocols have been proposed three decades ago, there are relatively few actual implementations. One limiting factor has been the computation complexity.
We present the implementation of Brands' untraceable offline cash scheme and variants of it on NFC-enabled smartphones and RFID tokens. The main finding is that privacy-preserving payments are feasible with today's contactless tokens.
Joint work with Foteini Baldimtsi, Gesine Hinterwaelder, Anna Lysyanskaya, and Christian Zenger.

Christian Rechberger (DTU, Denmark)
PRINCE - A Low-latency Block Cipher for Pervasive Computing Applications

Serge Vaudenay (Swiss Federal Institute of Technologies (EPFL), Switzerland)
On the need for provably secure distance-bounding protocols
We review recent insecurity cases in distance-bounding protocols. We also discuss on incorrect proof arguments form the literature, which are based on pseudorandom functions. Finally, we present directions for having provably secure distance-bounding.

Michael Ward (Mastercard, UK)
Contactless Payments - a Card Payments Scheme perspective
The presentation will begin by providing some background on card payments, the EMV specifications and the motivation for introducing contactless technology; it will then review the risks and security challenges associated with this technology; it will conclude by presenting MasterCard contactless payments solutions, current cryptographic techniques used and proposals for future cryptography especially for contactless payments.

Last modified: 2012.11.19