Citation Context

...t is the hash format code word. The preimage resistance and collision resistance properties of MD5 and SHA-1 ensure that it is computationally difficult to find the shared secret from the hash result =-=[29]-=-. The TVP and hash result are sent to the other party for verification. Generate a code word in the hash format Bloom filter Bit h(Shared Secret, XOR padding1, h(Shared Secret, XOR padding2, TVP)) Chu...

Citation Context

...ion seems to be a good approach to secure the Master Key, for instance a fingerprint may be used to activate the Master Key. In PrudentExposure [22], a similar data structure, namely the Bloom Filter =-=[23]-=-, is used during service discovery processes to find legitimate service providers and users. By exchanging precise code words, service providers and users discover each other’s existence in one round....

Citation Context

...es to start the engine. If a car is parked for several weeks, the battery in the car may become completely drained. Abadi and Fournet proposed two private authentication protocols for ad hoc networks =-=[27]-=-. The protocols enable two principals to authenticate and establish a secure communication channel without explicitly specifying their identities. Assuming that the public keys of the principals are k...

Citation Context

...ne some mathematical properties of the Bloom filter for our case. Some formal mathematical analysis of the false positive rates and the calculation of the expected false positive rate may be found in =-=[24, 30]-=-. Unlike the analyses, which are based on having each element in a Bloom filter with the same length, the Master Key may use various lengths for different code words. Moreover, the Master Key uses a f...

Citation Context

...claimant and a verifier, and then one can determine whether the distance between the two is within the expectation [32, 33]. Recent improvements based on location and time information may be found in =-=[34]-=-. Third, based on the assumption that an eavesdropper is not able to monitor all communication channels, a large number of channels are simultaneously used to obscure some real communication channels ...

Citation Context

... in one round. The authentication approach discussed in PrudentExposure does not protect privacy information from malicious insiders. The Bloom filter has wide applications in database and networking =-=[24]-=-, and recently it has some applications in security [22, 25]. The Bloom filter is a compression method to express memberships. It has the efficiency advantages of storage space and computational time,...

Citation Context

...g tag IDs from their messages and thus they are not appropriate for entity authentication when privacy is a concern. Several solutions are proposed to improve privacy for RFID tags in some situations =-=[10, 11]-=-, but the privacy problem is not entirely solved. Moreover, passive RFID tags do not have processing capabilities to perform cryptographic operations. The MIT Card System uses magnetic stripe and pass...

Citation Context

...adge, a pioneer location sensing system, may be used as a remote control to start a user’s X window display on the nearest computer, and then a user pushes buttons on the badge to control the display =-=[19]-=-. Based on relative location context, content of the applications and displays may be adapted. When a user leaves, applications and the display are automatically closed. With location or even orientat...

Citation Context

...ow. Recent implementation and experimentation show that public key operations, such as elliptic curve cryptography, take only several seconds to run on the 8-bit Berkeley/Crossbow Mica2 mote platform =-=[16]-=-. Energy consumption due to cryptographic operations and wireless communication on those embedded devices are low [17]. These tiny devices are expected to cost as little as a dollar in a few years [18...

Citation Context

...ke only several seconds to run on the 8-bit Berkeley/Crossbow Mica2 mote platform [16]. Energy consumption due to cryptographic operations and wireless communication on those embedded devices are low =-=[17]-=-. These tiny devices are expected to cost as little as a dollar in a few years [18]. Imagine that within pervasive computing environments, such devices may be embedded in locks and other commodities w...

Citation Context

...wner without the owner’s knowledge. Biometric recognition, such as fingerprint, iris, hand geometry, and voice recognition, is used in various authentication applications including keys to open locks =-=[21]-=-. As a proof of “who you are”, biometric recognition has several advantages over other authentication approaches such as token-based (“what you have”) or password-based (“what you know”). While other ...

Citation Context

... several representative solutions to counter the attacks without physically isolating claimants (devices). First, location information may be integrated into an authentication protocol as proposed in =-=[31]-=-. Second, 9 measuring the transmission time between a claimant and a verifier, and then one can determine whether the distance between the two is within the expectation [32, 33]. Recent improvements b...

Citation Context

...ications may be jeopardized. However, biometric recognition seems to be a good approach to secure the Master Key, for instance a fingerprint may be used to activate the Master Key. In PrudentExposure =-=[22]-=-, a similar data structure, namely the Bloom Filter [23], is used during service discovery processes to find legitimate service providers and users. By exchanging precise code words, service providers...

Citation Context

...tion protocol as proposed in [31].sSecond,smeasuring the transmission time between a claimantsand a verifier, and then one can determine whethersthe distance between the two is within thesexpectation =-=[32, 33]-=-.sRecent improvements based onslocation and time information may be found in [34].sThird, based on the assumption that an eavesdroppersis not able to monitor all communication channels, aslarge number...

Citation Context

.... Third, based on the assumption that an eavesdropper is not able to monitor all communication channels, a large number of channels are simultaneously used to obscure some real communication channels =-=[35]-=-. These approaches can be adapted and fit into our protocols. For instance, if the Master Key and a lock know their location information, then the code words can be also based on the location informat...

Citation Context

...tes the generation of a code word in the hash format. A time variant parameter (TVP) and the shared secret are the two inputs to h(*), which is the hash-based message authentication codes proposed in =-=[28]-=-. The Hash function, MD5 or SHA-1, is used in the place of h(). The hash result is the hash format code word. The preimage resistance and collision resistance properties of MD5 and SHA-1 ensure that i...

Citation Context

...ctional smart cards and provides an approach to select the correct credentials privately during authentication. RFID tags (i.e., passive and active tags) are used as authentication tokens, such as in =-=[8, 9]-=-, respectively. However, RFID tags can be tracked by reading tag IDs from their messages and thus they are not appropriate for entity authentication when privacy is a concern. Several solutions are pr...

Citation Context

...on protocol as proposed in [31]. Second, 9 measuring the transmission time between a claimant and a verifier, and then one can determine whether the distance between the two is within the expectation =-=[32, 33]-=-. Recent improvements based on location and time information may be found in [34]. Third, based on the assumption that an eavesdropper is not able to monitor all communication channels, a large number...

Citation Context

...tes the generationsof a code word in the hash format.sA time variantsparameter (TVP) and the shared secret are the twosinputs to h(*), which is the hash-based messagesauthentication codes proposed in =-=[28]-=-.sThe Hashsfunction, MD5 or SHA-1, is used in the place of h(). The hash result is the hash format code word.sThespreimage resistance and collision resistancesproperties of MD5 and SHA-1 ensure that i...

Citation Context

...aced. In addition, if an intruder acquires a master key, then the intruder may access many locks. Moreover, locks that support master keys are vulnerable to the malicious insider who has a normal key =-=[2]-=-. The use of multiple access tokens does not have the fatal delegation and revocation problems as traditional master keys have because one token usually matches one lock. Similarly, if a key-lock pair...

Citation Context

...g tag IDs from their messages and thus they are not appropriate for entity authentication when privacy is a concern. Several solutions are proposed to improve privacy for RFID tags in some situations =-=[10, 11]-=-, but the privacy problem is not entirely solved. Moreover, passive RFID tags do not have processing capabilities to perform cryptographic operations. The MIT Card System uses magnetic stripe and pass...

Citation Context

...t £130 million in 2004 [5]. Due to the smart cards’ computational and storage capabilities and better security features, they are considered the replacement for many magnetic stripe card applications =-=[6]-=-. Smart cards are also used as prepaid transit cards, ID cards, health cards, or are even embedded within passports [7]. Smart cards may be classified as contact or contactless cards. The former type ...

Citation Context

...t are widely used and embedded in 2 small devices for entity authentication. Then, we discuss other research work that inspire our work. Magnetic stripe technology is now widely used as access tokens =-=[4]-=-. For example, hotel guestroom locks and employee badges use the technology, while the most common usage is for bankcards. Most magnetic stripe cards contain three tracks on which data or even PIN num...

Citation Context

...oduction We prove our identities everyday by showing the possession of access tokens. Using a key to open a lock may be the most common form, which has about 4000 years of history since ancient Egypt =-=[1]-=-. As one may access many locks, traditional master keys were designed to enable accessing multiple locks with a single key. Nevertheless, master keys are not widely used. Instead, people carry multipl...

Citation Context

...rprise facility using a smart card badge; entering a parking facility using a RFID gate card; opening a hotel room using a magnetic stripe card; or locking and unlocking a computer by wearing a token =-=[3]-=-. Additional token designs are emerging as well as their applications. Nevertheless, the management of access tokens and memorizing the token-lock relationships become inconvenient and difficult as th...

Citation Context

..., they are considered the replacement for many magnetic stripe card applications [6]. Smart cards are also used as prepaid transit cards, ID cards, health cards, or are even embedded within passports =-=[7]-=-. Smart cards may be classified as contact or contactless cards. The former type of cards needs physical contact with readers, while the latter conveniently works over radio frequency links. A smart c...

Citation Context

...ilities to perform cryptographic operations. The MIT Card System uses magnetic stripe and passive RFID technologies. The usage of passive RFID tags on the cards introduces several new vulnerabilities =-=[12]-=-, which makes the cards even less secure than their old magnetic stripe ID cards. Remote Keyless Entry systems are commonly installed on new automobiles and garage-doors. On a typical Remote Keyless E...

Citation Context

...s the cards even less secure than their old magnetic stripe ID cards. Remote Keyless Entry systems are commonly installed on new automobiles and garage-doors. On a typical Remote Keyless Entry system =-=[13]-=-, when its owner pushes a button, the remote control sends a message (8 or 16 bytes) to the receiver. The message contains a “rolling code” for authentication [14]. The “rolling code” is a pseudo-rand...

Citation Context

... typical Remote Keyless Entry system [13], when its owner pushes a button, the remote control sends a message (8 or 16 bytes) to the receiver. The message contains a “rolling code” for authentication =-=[14]-=-. The “rolling code” is a pseudo-random number that is generated both at the controller and the receiver by using the same seed. The seed is computationally difficult to find from the pseudo-random nu...

Citation Context

...16]. Energy consumption due to cryptographic operations and wireless communication on those embedded devices are low [17]. These tiny devices are expected to cost as little as a dollar in a few years =-=[18]-=-. Imagine that within pervasive computing environments, such devices may be embedded in locks and other commodities with simplified key delegation and revocation. Together with the Master Keys, locks ...

Citation Context

...PrudentExposure does not protect privacy information from malicious insiders. The Bloom filter has wide applications in database and networking [24], and recently it has some applications in security =-=[22, 25]-=-. The Bloom filter is a compression method to express memberships. It has the efficiency advantages of storage space and computational time, while paying the price of false positive cases in membershi...

Citation Context

... to preserve privacy because of their high false positive rates, while longselements are used for their time and space advantages. Beaufour and Bonnet proposed to use Personal Servers as digital keys =-=[26]-=-. In their design, a lock actively looks for devices to make a connection. Once a connection is established, a lock identifies itself. If the device is a Personal Server with digital keys, it identifi...

Citation Context

...on protocol as proposed in [31]. Second, 9 measuring the transmission time between a claimant and a verifier, and then one can determine whether the distance between the two is within the expectation =-=[32, 33]-=-. Recent improvements based on location and time information may be found in [34]. Third, based on the assumption that an eavesdropper is not able to monitor all communication channels, a large number...

Citation Context

...oductionsWe prove our identities everyday by showing thespossession of access tokens.sUsing a key to open aslock may be the most common form, which has abouts4000 years of history since ancient Egypt =-=[1]-=-.sAs onesmay access many locks, traditional master keys weresdesigned to enable accessing multiple locks with assingle key.sNevertheless, master keys are not widelysused.sInstead, people carry multipl...

Citation Context

...rprise facility using a smart card badge; enteringsa parking facility using a RFID gate card; opening ashotel room using a magnetic stripe card; or lockingsand unlocking a computer by wearing a token =-=[3]-=-.sAdditional token designs are emerging as well asstheir applications.sNevertheless, the management ofsaccess tokens and memorizing the token-locksrelationships become inconvenient and difficult assth...

Citation Context

..., they aresconsidered the replacement for many magnetic stripescard applications [6].sSmart cards are also used assprepaid transit cards, ID cards, health cards, or areseven embedded within passports =-=[7]-=-.sSmart cardssmay be classified as contact or contactless cards.sThesformer type of cards needs physical contact withsreaders, while the latter conveniently works oversradio frequency links.sA smart c...

Citation Context

...PrudentExposure does notsprotect privacy information from malicious insiders.sThe Bloom filter has wide applications insdatabase and networking [24], and recently it hasssome applications in security =-=[22, 25]-=-.sThe Bloomsfilter is a compression method to expresssmemberships.sIt has the efficiency advantages ofsstorage space and computational time, while payingsthe price of false positive cases in membershi...

Citation Context

...omputing and Communications (PERCOM’06)s0-7695-2518-0/06 $20.00 © 2006 IEEEselements are used for their time and spacesadvantages.sBeaufour and Bonnet proposed to use PersonalsServers as digital keys =-=[26]-=-.sIn their design, a locksactively looks for devices to make a connection.sOnce a connection is established, a lock identifiessitself.sIf the device is a Personal Server with digitalskeys, it identifi...

Citation Context

...tion protocol as proposed in [31].sSecond,smeasuring the transmission time between a claimantsand a verifier, and then one can determine whethersthe distance between the two is within thesexpectation =-=[32, 33]-=-.sRecent improvements based onslocation and time information may be found in [34].sThird, based on the assumption that an eavesdroppersis not able to monitor all communication channels, aslarge number...