By reading the card data, an adversary can create a clone of the card, but this is not sufficient to forge a fake card, with modified data or modified bio- metric template, as discussed in the next subsection. Note also that PIC clones are as difficult to use as a stolen card: in both cases, the adversary needs to deceive the biometric authentication. By drawing on the re-vocation mechanism of group signature, it would also be possible to integrate the ability of revok- ing a particular PIC into the architecture of the system. For instance, if a card has been stolen or detected as being compromised, its private key of the group signature could be revoked and placed in a “blacklist” to make genuine readers reject future use of the card. However, this require the possibility of regularly updating this blacklist inside the reader’s memory, which might be impractical for some off-line applications.
Apart from the cloning of the card, there is also the risk ofcloning a reader if the adversary can break the tamper-resistance of a reader, thus accessing its private decryption key and its certificate. However, if he succeeds, the conse- quences may not be as disastrous as for the identity card. Indeed this would give enough information for an adversary to produce clones of the reader (thus impersonating a genuine reader) but the clone readers cannot be used to ob- tain more information from the card than the genuine reader or to forge a fake privacy-preserving identity card.
5.4 Tampering with the Card Attributes and Creation of a Fake Card
The greatest threat against the architecture of a privacy-preserving identity card would be if the adversary is able to change the value of an attribute stored on
a card or if he was able to create a card corresponding to an identity of its choice. This would correspond to a direct attack against the authenticity and unforgeability of the card. Tampering with the card attributes in the extended implementation corresponds to being able to sign arbitrary value of attributes on behalf of the CA. If this situation occurs, this results in a complete break-up of the security of the system as the adversary can potentially produce a card corresponding to the identity of any individual (real or not). The adversary could therefore design a kind of “YesCard”, which would look from outside as a genuine privacy-preserving identity card but could on the fly produce any (privacy-preserving) proof of statements needed simply by creating the required attributes and their corresponding signatures. Note that the adversary would also be able to produce a reader that could ask any question to a particular PIC (but still this interaction would only reveal one bit of information). The security of the PIC relies thus mainly on the CA signature, as in many other security-critical applications.
Even if the adversary cannot generate arbitrary signatures on behalf of the CA, acomposition attack remains possible if the adversary is able to collect sev- eral PICs corresponding to different identities and to access the content of their memories. In this situation, the adversary can create a fake identity by compos- ing the pieces of different identities (i.e., the attributes of the different cards).
The ability of the adversary to create different identities directly increase with the number of PICs he has gathered and their diversity in terms of attributes.
This type of attack is mainly possible because in the current proposal for the implementations of the privacy-preserving identity card, we have no mechanism that ties together the different attributes contained on a card. We briefly dis- cussed in the next section how ideas coming from attribute-based cryptography may be used to avoid/limit the applicability of such attack.
6 Technical Challenges and New Research Directions
As a conclusion, we review in this section what we consider as being novel challenges raised the privacy-preserving identity card for experts in security and cryptography. At the same time, we also propose some new research directions to address these challenges.
Practical implementation.Regarding practical considerations, the smartcard used for the implementation of BasicPICis required to have some cryptographic capacities such as (1) a random number generator, (2) a cryptographic hash- ing function, (3) a generator for session public key pairs (see the basic proposal protocol in [21]), (4) a semantically secure encryption function, (5) a public- key signature verification function, (6) a group signature function and (7) an error-correcting code with efficient decoding procedures. Current JavaCards al- ready integrate built-in libraries which contain optimized code for performing requirements (1) to (5) such as for instance SHA-1 for hashing and DSA for the signature scheme. Efficient versions of group signatures for smartcards, such
as Camenisch-Lysyanskaya [16], also exist and can be implemented with cur- rent technologies as recently shown by Bichsel, Camenisch, Groò and Shoup [4].
Regarding the use of a fuzzy commitment scheme or a fuzzy extractor, it is important to adapt the error-correcting code use to the biometrics considered.
For instance, in case of iris recognition a simple efficient linear code can be used to implement the fuzzy extractor. For fingerprints, due to the geometric struc- ture of the data, it does not seem as straightforward to adapt the code used to work also has a fuzzy extractor, but recent work representing fingerprint data as binary vector seems promising [12]. However, a full-fledged efficient implemen- tation of the privacy-preserving identity card combining all the aforementioned technologies remains to be seen.
Entangling biometrics and credentials. We note that our BasicPIC pro- posal is similar in spirit to other approaches to biometrics-based non-transferable anonymous credentials, such as the seminal paper by Bleumer [7] and subsequent work by Implagliazzo and More [33]. The main idea behind all these approaches is to combine the use of biometric authentication with physical security by means of a tamper-resistant token responsible for storing the credentials. If the biomet- ric authentication is not successful, then the physical token refuses to use the credentials it possesses, thus ensuring the property of non-transferability. Even more recently Blanton and Hudelson have proposed independently an approach similar to ours in which the tamper-proofness assumption is also relaxed by using fuzzy extractors [6]. In particular even if the integrity of the device holding the credentials is breached, it is still impossible to recover either the biometric data of the user or his credentials. The only assumptions that we need to make are that the biometric acquisition is done through a trusted sensor, which will erase the biometric data it has captured once the biometric authentication has been completed and that the communication between the sensor and the card is done through a secure channel. Of course, these assumptions may be relaxed if the biometric sensor is integrated in the card. Designing novel cryptographic primi- tives entangling tightly the biometric authentication and anonymous credentials (such as group signature schemes [13]) providing an all-or-nothing guarantee seems to be an interesting line of research for enhancing the non-transferability and authenticity properties of the privacy-preserving identity card.
Physical unclonable function. A Physical Unclonable Function (PUF) is a physical system that reacts in a unique but unpredictable way under a specific stimulus. PUFs can be considered as being the physical analog of one-way func- tion as they are easy to evaluate but are to invert (i.e. from a specific response, it is hard to infer in advance what was the original stimulus). A particular PUF is generally unique as it is generated from a physical process that is inherently random or in which explicit randomness can be injected. As such PUFs are diffi- cult to copy and can be used for authentication by a form of challenge-response protocol. In this context, the challenge is the stimulus applied to the PUF and for the authentication to be secure, the mapping between a specific stimulus (i.e. challenge) and its response should be difficult to guess. For example, PUFs
can be optical, magnetic or silicon-based. Naccache and Fr´emanteau [37] have suggested to use imperfections in the plastic support of a smartcard to act as a PUF. Therefore, to avoid the cloning of a card, it is possible to imagine to use the PUF as an authentication mechanism to verify the validity of the card before it is activated, in complement (or in conjunction) with the biometric au- thentification. A possible research direction would be to design a fuzzy extractor combining the PUF and biometrics (see for instance [30]), and to encrypt the data on the card by a key derived from the answer to a particular challenge of the PUF and the biometric template of an individual. In this situation, the data stored on the card would not be usable unless a biometric sample of the user is collected and the adversary has been able to characterize the behaviour of the PUF (which is supposed to be impossible). Moreover, any active attempt by an adversary to tamper with the card is likely to cause a degradation of the physical structure and therefore the authentication of the PUF would fail and the card would not be activated. Finally, as the structure of the PUF may also deteriorate with time, this can provide a limited lifetime to privacy-preserving identity card, which may be a useful functionality as currently most traditional identity cards have a limited validity and have to be renewed on a regular basis.
Attribute-based signatures. With an Attribute-Based Signature (ABS) scheme (see for instance [36]), an individual can sign a message not under his identity but with a predicate depending on some of his attributes that have been certified by the CA. Therefore, the attribute-based signature attests the validity of a statement linked to the identity of the individual much like an anonymous credential scheme. For instance, an attribute-based signature is said to achieve attribute-signer privacy if the signature reveals nothing about the identity or attributes of the signer beyond what is explicitly revealed by the statement be- ing proven. Moreover, some ABS are resistant to collusion, meaning that even if several individuals collude together, they cannot forge a signature of attributes that none of them could produce individually. In the context of the PIC, this means that even if the adversary is able to gather the credentials of several iden- tity cards, he still cannot perform a composition attack in which he would take attributes coming from different cards to generate a particular attribute-based signature. A possible avenue of research includes the exploration of the use of ABS for implementing a privacy-preserving identity card and a comparison of its advantages and drawbacks with other methods such as group signatures and zero-knowledge proofs. It would also be interesting to study how ABS can be combined with techniques such as fuzzy extractors and how anonymity revoka- tion mechanisms can be embedded directly inside the ABS.
Secure online time service.As explained in Section 5.1, the PIC requires a trusted time reference, which can be a clock implemented on the card or a secure online time service. A well known example of online time service is the NTP service, which has recently received new security extensions [31], to guarantee the freshness and authenticity of timestamps. Unfortunately, this protocol looks too complex to be easily implemented in current smartcards. On the other hand, the
NTP protocol can be run by the reader device, but if the device is not trusted, it can store many NTP timestamps in advance and replay them to the card.
Another solution would be to modify the NTP protocol run by the reader device to use a random nonce generated by the card: in that case, the card could verify the timestamp freshness by checking that the returned timestamp is signed by a trusted NTP server and contains the same nonce. As an alternative, it should not be difficult to implement a simpler dedicated time service, with a trusted server able to provide signed timestamps containing both the current time and the nonce issued by the card.
Law enforcement and detection of fake identity cards. To mitigate the risks linked to forged or stolen identity cards, it would be interesting to enable law enforcement officers to detect whether or not a PIC is genuine. For that, the officers could use a dedicated reader device that would be able to read the full content of the card and compare it online to a reference stored by the CA when the card was issued. But this raises a problem: a smart card reader does not read directly the storage content of the card, it is just able to send a request for the card processor to transmit the storage content back to the reader, and it would thus be possible for a fake card to replay the content of a genuine card. This problem is similar to checking the integrity of an untrusted remote storage server [22,41], but here the solution can be simpler: the law enforcement reader can capture a fresh biometric sample and compare it to the biometric template recorded by the CA when the genuine card was issued. This can be completed with the combination of PUF and biometrics, as presented above. If it is possible to implement an efficient detection of fake identity cards, it would reduce significantly the interest of the extended proposal, and the basic version of the PIC, which is much simpler to implement, would be sufficient.
Security challenges in other contexts. If the PIC is used in an online context such as the access to e-government services or e-business applications, this raises new security issues due to the difficulty to control the environment in which the card is used. For instance, there is the risk of a spyware in- fecting the user’s personal computer and gathering personal information as the user interacts with software and hardware installed on his machine dur- ing his access to e-government services. This is a serious threat that should be tackled by using common security techniques such as antivirus and malware detection tools or some additional secure hardware such as an external trusted USB reader certified by the government. Moreover, we could imagine some kind of phishing attacks where the user receives an email making some advertise- ment for a particular online store together with a fake website address. If he is the owner of this website, a malicious adversary could sit on the link be- tween the card and the legitimate server and performed a man-in-the-middle attack. More precisely, the adversary would pretend to be a genuine online store to the card and relay the answers provided by the card to the real store and vice versa and thus gain access to resources in the behalf of the owner of the PIC (imagine for instance that the adversary makes the user of the PIC
pay for the tunes he downloaded from an online music store). Note that the same kind of attack may also apply for the access to e-government services in which case it could lead to a privacy breach where the adversary learns per- sonal information related to the user of the PIC (which could be used later for fraudulent ends such as identity theft). To prevent such attacks, a secure end-to- end channel could be established between the server and the trusted USB card reader (with mutual authentication of the server and the reader), and this even before the user-reader mutual authentication occurs. Afterwards, the same se- cure channel should be used for all communications exchanged between the user and the server during the session. Of course, extensions such as e-government services or e-business applications are very different from the original purpose of the privacy-preserving identity card and would require an in-depth security analysis to ensure that they can be safely integrated in the architecture of the system.
References
1. Bangerter, E., Camenisch, J., Lysyanskaya, A.: A cryptographic framework for the controlled release of certified data. In: Proceedings of the 12th International Security Protocols Workshop, pp. 20–42 (2004)
2. Batina, L., Mentens, N., Verbauwhede, I.: Side channel issues for designing secure hardware implementations. In: Proceeding of the 11th IEEE International On-Line Testing Symposium, pp. 118–121 (2005)
3. Belenkiy, M., Chase, M., Kohlweiss, M., Lysyanskaya, A.: P-signatures and nonin- teractive anonymous credentials. In: Canetti, R. (ed.) TCC 2008. LNCS, vol. 4948, pp. 356–374. Springer, Heidelberg (2008)
4. Bichsel, P., Camenisch, J., Groò, T., Shoup, V.: Anonymous credentials on a stan- dard java card. In: Proceedings of the 16th ACM Conference on Computer and Communications Security (CCS 2009), pp. 600–610 (2009)
5. Birch, D.: Psychic ID: A blueprint for a modern national identity scheme. In:
Identity in the Information Society 1(1) (2009)
6. Blanton, M., Hudelson, W.: Biometric-based non-transferable anonymous creden- tials. In: Qing, S., Mitchell, C.J., Wang, G. (eds.) ICICS 2009. LNCS, vol. 5927, pp. 165–180. Springer, Heidelberg (2009)
7. Bleumer, G.: Biometric yet privacy protecting person authentication. In: Aucsmith, D. (ed.) IH 1998. LNCS, vol. 1525, pp. 99–110. Springer, Heidelberg (1998) 8. Boudot, F.: Partial revelation of certified identity. In: Proceedings of the First
International Conference on Smart Card Research and Advanced Applications (CARDIS 2000), pp. 257–272 (2000)
9. Boyd, C., Mathuria, A.: Protocols for Authentication and Key Establishment.
Springer, Heidelberg (2003)
10. Brands, S.: Rethinking Public Key Infrastructures and Digital Certificates: Build- ing in Privacy. MIT Press, Cambridge (2000)
11. Brickell, E., Camenisch, J., Chen, L.: Direct anonymous attestation. In: Proceed- ings of the 11th of the ACM Conference on Computer and Communications Secu- rity (CCS 2004), pp. 225–234 (2004)
12. Bringer, J., Despiegel, V.: Binary feature vector fingerprint representation from minutiae vicinities. In: Proceeding of the 4th IEEE Fourth International Conference on Biometrics: Theory, Applications and Systems, BTAS 2010 (2010)
13. Bringer, J., Chabanne, H., Pointcheval, D., Zimmer, S.: An application of the Boneh and Shacham group signature scheme to biometric authentication. In: Mat- suura, K., Fujisaki, E. (eds.) IWSEC 2008. LNCS, vol. 5312, pp. 219–230. Springer, Heidelberg (2008)
14. Calmels, B., Canard, S., Girault, M., Sibert, H.: Low-cost cryptography for pri- vacy in RFID systems. In: Domingo-Ferrer, J., Posegga, J., Schreckling, D. (eds.) CARDIS 2006. LNCS, vol. 3928, pp. 237–251. Springer, Heidelberg (2006) 15. Camenisch, J., Lysyanskaya, A.: An efficient system for non-transferable anony-
mous credentials with optional anonymity revocation. In: Pfitzmann, B. (ed.) EU- ROCRYPT 2001. LNCS, vol. 2045, pp. 93–118. Springer, Heidelberg (2001) 16. Camenisch, J., Lysyanskaya, A.: A signature scheme with efficient protocols. In:
Cimato, S., Galdi, C., Persiano, G. (eds.) SCN 2002. LNCS, vol. 2576, pp. 268–289.
Springer, Heidelberg (2003)
17. Camenisch, J., Thomas, G.: Efficient attributes for anonymous credentials. In: Pro- ceedings of the 2008 ACM Conference on Computer and Communications Security (CCS 2008), pp. 345–356 (2008)
18. Chaum, D.: Security without identification: transaction systems to make Big Brother obsolete. Communications of the ACM 28(10), 1030–1044 (1985)
19. Chaum, D., van Heyst, E.: Group signatures. In: Davies, D.W. (ed.) EUROCRYPT 1991. LNCS, vol. 547, pp. 257–265. Springer, Heidelberg (1991)
20. Cramer, R., Shoup, V.: A practical public key cryptosystem provably secure against adaptive chosen ciphertext attack. In: Krawczyk, H. (ed.) CRYPTO 1998. LNCS, vol. 1462, pp. 13–25. Springer, Heidelberg (1998)
21. Deswarte, Y., Gambs, S.: A proposal for a privacy-preserving national identity card. Transactions on Data Privacy 3(3), 253–276 (2010)
22. Deswarte, Y., Quisquater, J.J., Saydane, A.: Remote integrity checking – how to trust files stored on untrusted servers. In: Proceedings of the 6th IFIP WG 11.5 Working Conference on Integrity and Internal Control in Information Systems (IICIS 2003), pp. 1–11 (2003)
23. Dodis, Y., Reyzin, L., Smith, A.: Fuzzy extractors, a brief survey of results from 2004 to 2006. In: Tuyls, P., Skoric, B., Kevenaar, T. (eds.) Security with Noisy Data, ch. 5. Springer, Heidelberg (2007)
24. European Union, Directive 95/46/EC of the European Parliament and of the Coun- cil of 24 October (1995), on the protection of individuals with regard to the pro- cessing of personal data and on the free movement of such data,http://eur-lex.
europa.eu/LexUriServ/LexUriServ.do?uri=CELEX:31995L0046:EN:HTML 25. European Network and Information Security Agency (ENISA) position paper, Pri-
vacy features of European eID card specifications,http://www.enisa.europa.eu/
doc/pdf/deliverables/enisa_privacy_features_eID.pdf
26. Franz, M., Meyer, B., Pashalidis, A.: Attacking unlinkability: The importance of context. In: Borisov, N., Golle, P. (eds.) PET 2007. LNCS, vol. 4776, pp. 1–16.
Springer, Heidelberg (2007)
27. Fujisaki, E., Okamoto, T.: Statistical zero knowledge protocols to prove modular polynomial relations. In: Kaliski Jr., B.S. (ed.) CRYPTO 1997. LNCS, vol. 1294, pp. 16–30. Springer, Heidelberg (1997)
28. Goldreich, O., Micali, S., Wigderson, A.: Proofs that yield nothing but their va- lidity for all languages in NP have zero-knowledge proof systems. Journal of the ACM 38(3), 691–729 (1991)
29. Groth, J., Sahai, A.: Efficient non-interactive proof systems for bilinear groups. In:
Smart, N.P. (ed.) EUROCRYPT 2008. LNCS, vol. 4965, pp. 415–432. Springer, Heidelberg (2008)