Sciweavers

CCS
2007
ACM

Covert channels in privacy-preserving identification systems

14 years 4 months ago
Covert channels in privacy-preserving identification systems
We examine covert channels in privacy-enhanced mobile identification devices where the devices uniquely identify themselves to an authorized verifier. Such devices (e.g. RFID tags) are increasingly commonplace in hospitals and many other environments. For privacy, the device outputs used for identification should "appear random" to any entity other than the verifier, and should not allow physical tracking of device bearers. Worryingly, there already exist privacy breaches for some devices [28] that allow adversaries to physically track users. Ideally, such devices should allow anyone to publicly determine that the device outputs are covert-channel free (CCF); we say that such devices are CCF-checkable. Our main result shows that there is a fundamental tension between identifier privacy and CCFcheckability; we show that the two properties cannot co-exist in a single system. We also develop a weaker privacy model where a continuous observer can correlate appearances of a given ...
Daniel V. Bailey, Dan Boneh, Eu-Jin Goh, Ari Juels
Added 12 Aug 2010
Updated 12 Aug 2010
Type Conference
Year 2007
Where CCS
Authors Daniel V. Bailey, Dan Boneh, Eu-Jin Goh, Ari Juels
Comments (0)