| Author | Degabriele, Jean Paul; Fehr, Victoria; Fischlin, Marc; Gagliardoni, Tommaso; Günther, Felix; Marson, Giorgia Azzurra; Mittelbach, Arno; Paterson, Kenneth G. |
|---|
| Date | 2014 |
|---|
| Type | Conference Proceedings |
|---|
| Abstract | The Protocol for Lightweight Authentication of Identity (PLAID) aims at secure and private authentication between a smart card and a terminal. Originally developed by a unit of the Australian Department of Human Services for physical and logical access control, PLAID has now been standardized as an Australian standard AS-5185-2010 and is currently in the fast track standardization process for ISO/IEC 25185-1.2. We present a cryptographic evaluation of PLAID. As well as reporting a number of undesirable cryptographic features of the protocol, we show that the privacy properties of PLAID are significantly weaker than claimed: using a variety of techniques we can fingerprint and then later identify cards. These techniques involve a novel application of standard statistical and data analysis techniques in cryptography. We also discuss countermeasures to our attacks. |
|---|
| Conference | 1st International Conference on Research in Security Standardisation |
|---|
| Isbn | 978-3-319-14054-4 |
|---|
| Serie | Lecture Notes in Computer Science |
|---|
| In | Security Standardisation Research, p.1-25 |
|---|
| Publisher | Springer |
|---|
| Partn | TUD-CS-2014-1001 |
|---|
| Url | https://tubiblio.ulb.tu-darmstadt.de/id/eprint/101877 |
|---|
