Share Email Print

Proceedings Paper

Computer-assisted machine-to-human protocols for authentication of a RAM-based embedded system
Author(s): Abdourhamane Idrissa; Alain Aubert; Thierry Fournel
Format Member Price Non-Member Price
PDF $17.00 $21.00

Paper Abstract

Mobile readers used for optical identification of manufactured products can be tampered in different ways: with hardware Trojan or by powering up with fake configuration data. How a human verifier can authenticate the reader to be handled for goods verification? In this paper, two cryptographic protocols are proposed to achieve the verification of a RAM-based system through a trusted auxiliary machine. Such a system is assumed to be composed of a RAM memory and a secure block (in practice a FPGA or a configurable microcontroller). The system is connected to an input/output interface and contains a Non Volatile Memory where the configuration data are stored. Here, except the secure block, all the blocks are exposed to attacks. At the registration stage of the first protocol, the MAC of both the secret and the configuration data, denoted M0 is computed by the mobile device without saving it then transmitted to the user in a secure environment. At the verification stage, the reader which is challenged with nonces sendsMACs / HMACs of both nonces and MAC M0 (to be recomputed), keyed with the secret. These responses are verified by the user through a trusted auxiliary MAC computer unit. Here the verifier does not need to tract a (long) list of challenge / response pairs. This makes the protocol tractable for a human verifier as its participation in the authentication process is increased. In counterpart the secret has to be shared with the auxiliary unit. This constraint is relaxed in a second protocol directly derived from Fiat-Shamir's scheme.

Paper Details

Date Published: 8 May 2012
PDF: 7 pages
Proc. SPIE 8406, Mobile Multimedia/Image Processing, Security, and Applications 2012, 84060U (8 May 2012); doi: 10.1117/12.922364
Show Author Affiliations
Abdourhamane Idrissa, Lab. Hubert Curien, CNRS, Univ. de Saint-Etienne (France)
Univ. de Lyon (France)
Alain Aubert, Lab. Hubert Curien, CNRS, Univ. de Saint-Etienne (France)
Univ. de Lyon (France)
Thierry Fournel, Lab. Hubert Curien, CNRS, Univ. de Saint-Etienne (France)
Univ. de Lyon (France)

Published in SPIE Proceedings Vol. 8406:
Mobile Multimedia/Image Processing, Security, and Applications 2012
Sos S. Agaian; Sabah A. Jassim; Eliza Yingzi Du, Editor(s)

© SPIE. Terms of Use
Back to Top
Sign in to read the full article
Create a free SPIE account to get access to
premium articles and original research
Forgot your username?