Enforcing RFID data visibility restrictions using XACML security policies

Radio Frequency Identification (RFID) technology allows automatic data capture from tagged objects moving in a supply chain. This data can be very useful if it is used to answer traceability queries, however it is distributed across many different repositories, owned by different companies. © 2012 IEEE.

Efficient decoy-state quantum key distribution with quantified security

We analyse the finite-size security of the efficient Bennett-Brassard 1984 protocol implemented with decoy states and apply the results to a gigahertz-clocked quantum key distribution system. Despite the enhanced security level, the obtained secure key rates are the highest reported so far at all fibre distances.

High bit rate quantum key distribution with 100 dB security

We report the operation of a gigahertz clocked quantum key distribution system featuring high composable and quantifiable security while maintaining more than 1 Mbit/s secure key rate over a 50 km quantum channel. © OSA 2013.

Improving the safety and security of the pharmaceutical supply chain

This paper discusses various techniques that may be used to combat counterfeiting in the pharmaceutical supply chain. These include the use of electronic pedigrees (to ensure the integrity of the supply chain), together with mass-serialization (to provide for a unique lifecycle history of each individual package) and authentication of the product (to check for any discrepancies in the various attributes of the product and its packaging are as intended for that individual package). Management of the pedigree process and product authentication is discussed in some detail, together with various other learnings from the Drug Security Network, including identification of some remaining vulnerabilities and suggestions for tightening these loopholes. © 2008 Springer-Verlag Berlin Heidelberg.

Anti-counterfeiting and supply chain security

Counterfeit trade developed into a severe problem for many industries. While established security features such as holograms, micro printings or chemical markers do not seem to efficiently avert trade in illicit imitation products, RFID technology, with its potential to automate product authentications, may become a powerful tool to enhance brand and product protection. The following contribution contains an overview on the implication of product counterfeiting on affected companies, provides a starting point for a structured requirements definition for RFID-based anti-counterfeiting systems, and outlines several principal solution approaches that are discussed in greater detail in the subsequent chapters. © 2008 Springer-Verlag Berlin Heidelberg.

Practical Evaluation of Security against Generalized Interpolation Attack

Interpolation attack was presented by Jakobsen and Knudsen at FSE'97. Interpolation attack is effective against ciphers that have a certain algebraic structure like the PURE cipher which is a prototype cipher, but it is difficult to apply the attack to real-world ciphers. This difficulty is due to the difficulty of deriving a low degree polynomial relation between ciphertexts and plaintexts. In other words, it is difficult to evaluate the security against interpolation attack. This paper generalizes the interpolation attack. The generalization makes easier to evaluate the security against interpolation attack. We call the generalized interpolation attack linear sum attack. We present an algorithm that evaluates the security of byte-oriented ciphers against linear sum attack. Moreover, we show the relationship between linear sum attack and higher order differential attack. In addition, we show the security of CRYPTON, E2, and RIJNDAEL against linear sum attack using the algorithm.

an improved smart card based password authentication scheme with provable security

Password authentication has been adopted as one of the most commonly used solutions in network environment to protect resources from unauthorized access. Recently, Lee–Kim–Yoo [S.W. Lee, H.S. Kim, K.Y. Yoo, Improvement of Chien et al.'s remote user authentication scheme using smart cards, Computer Standards & Interfaces 27 (2) (2005) 181–183] and Lee-Chiu [N.Y. Lee, Y.C. Chiu, Improved remote authentication scheme with smart card, Computer Standards & Interfaces 27 (2) (2005) 177–180] respectively proposed a smart card based password authentication scheme. We show that these two schemes are both subject to forgery attacks provided that the information stored in the smart card is disclosed by the adversary. We also propose an improved scheme with formal security proof.

cryptanalysis of the end-to-end security protocol for mobile communications with end-user identification/authentication

IEEE Computer Society