Advanced Cryptographic Protocols for RFID Tags

Prof. Giuseppe Ateniese
The Johns Hopkins University (USA)

RFID tags will soon replace barcodes on any products we buy at the store. They will also be embedded in keys, credit cards, tickets, license plates, passports and, possibly, in bank-notes and checks. Companies already sell RFID tags that can be implanted in our body to monitor our health status or for identification purposes. The way information stored into RFID tags is protected will directly affect the success rate of this emerging technology. RFID tags can be cloned, swapped, or tracked. Information stored into tags can be abused and manipulated. Cryptography could play a major role in this area since it enables effective ways of achieving confidentiality, authentication, and integrity protection. However, cryptographic techniques will have to be tailored for the unique environment in which RFID tags operate: Unlike other small devices, such as smartcards and sensors, passive RFID tags have no internal power source and must be inexpensive. Thus, RFID tags will always have limited communicational and computational capabilities, regardless of how fast technology progresses. Researchers have proposed several new techniques and protocols for RFID systems to enable security services and provide privacy protection. We will survey relevant papers in the field and report on the latest results. The main focus of this seminar is on the theoretical aspects of the techniques being discussed. Background information on group theory, bilinear maps, and public-key cryptography will also be provided.

Security and Privacy in Upcoming Wireless Networks

Prof. Levente Buttyan
Budapest University of Technology and Economics (Hungary)

Emerging wireless technologies, such as wireless sensors networks, vehicular ad hoc networks, wireless mesh networks, RFID systems, etc. are about to dramatically change the deployment and operation philosophy of future wireless networks. Unfortunately, this evolution also creates new vulnerabilities, and raises serious concerns about security and privacy that need to be addressed in order to avoid that ubiquitous computing becomes a pervasive nightmare. In this series of lectures, we will address some fundamental security and privacy aspects of upcoming wireless networks. In particular, we address the problem of naming and addressing, and explain how the Sybil and the node replication attacks can be thwarted; we examine how security associations can be set up between wireless devices, notably by exploiting their physical proximity and mobility; we study the problem of secure neighbor discovery and explain the wormhole attack along with techniques to thwart it; we describe techniques to secure the fundamental operation of routing in wireless multi-hop networks; and finally, we address the crucial issue of location privacy in future wireless networks. Each of these problem areas will be examined in the context of one or more emerging wireless technologies. In addition, we will also provide some background information on sensor networks, vehicular communications, and RFID systems, and on security and privacy services and mechanisms in general. The lectures are primarily based on Parts I and II of the book "Security and Cooperation in Wireless Networks" written by Levente Buttyan and Jean-Pierre Hubaux. The manuscript of this book is available for free in electronic format.