Computer-assisted machine-to-human protocols for authentication of a RAM-based embedded system

Abdourhamane Idrissa 1 Alain Aubert 1, * Thierry Fournel 2
* Corresponding author
2 Laboratoire Hubert Curien / Eris
LHC - Laboratoire Hubert Curien [Saint Etienne]
Abstract : Mobile readers used for optical identification of manufactured products can be tampered in different ways: with hardware Trojan or by powering up with fake configuration data. How a human verifier can authenticate the reader to be handled for goods verification ? In this paper, two cryptographic protocols are proposed to achieve the verification of a RAM-based system through a trusted auxiliary machine. Such a system is assumed to be composed of a RAM memory and a secure block (in practice a FPGA or a configurable microcontroller). The system is connected to an input/output interface and contains a Non Volatile Memory where the configuration data are stored. Here, except the secure block, all the blocks are exposed to attacks. At the registration stage of the first protocol, the MAC of both the secret and the configuration data, denoted M0 is computed by the mobile device without saving it then transmitted to the user in a secure environment. At the verification stage, the reader which is challenged with nonces sends MACs / HMACs of both nonces and MAC M0 (to be recomputed), keyed with the secret. These responses are verified by the user through a trusted auxiliary MAC computer unit. Here the verifier does not need to tract a (long) list of challenge / response pairs. This makes the protocol tractable for a human verifier as its participation in the authentication process is increased. In counterpart the secret has to be shared with the auxiliary unit. This constraint is relaxed in a second protocol directly derived from Fiat-Shamir's scheme.
Complete list of metadatas

Cited literature [5 references]  Display  Hide  Download

https://hal-ujm.archives-ouvertes.fr/ujm-00699624
Contributor : Nathalie Bochard <>
Submitted on : Monday, May 21, 2012 - 1:31:25 PM
Last modification on : Wednesday, July 25, 2018 - 2:05:32 PM
Long-term archiving on : Wednesday, August 22, 2012 - 2:27:16 AM

File

2012_SPIE_Abdou.pdf
Files produced by the author(s)

Identifiers

Collections

Citation

Abdourhamane Idrissa, Alain Aubert, Thierry Fournel. Computer-assisted machine-to-human protocols for authentication of a RAM-based embedded system. Mobile Multimedia/Image Processing, Security, and Applications, SPIE 2012, Apr 2012, Baltimore, Maryland, United States. pp.Idrissa 7, ⟨10.1117/12.922364⟩. ⟨ujm-00699624⟩

Share

Metrics

Record views

230

Files downloads

248