Article

Toward an automated verification of certificates of authenticity

Author:

Darko KirovskiAuthors Info & Claims

EC '04: Proceedings of the 5th ACM conference on Electronic commerce

Pages 160 - 169

https://doi.org/10.1145/988772.988797

Published: 17 May 2004 Publication History

Abstract

A certificate of authenticity (COA) is an inexpensivephysical object that has a random unique structure with a highcost of exact reproduction. An additional requirement is that theuniqueness of COA's random structure can be verified using aninexpensive device. Donald Bauder was the first to propose COA screated as a randomized augmentation of a set of fixed-length fibers into a transparent gluing material that fixes once for all the position of the fibers within. The statistics of the positioning of fibers is used as a source of randomness that is difficult to replicate.As oppose to recording authentic fiber-based COA structures in adatabase, we use public-key cryptography to authenticate COAs.During certification, the unique property of the physical objectis extracted, combined with an arbitrary text, signed with the private key of the issuer, and the signature is encoded andprinted as a barcode on the COA. Since the capacity of the barcodeis limited, the goal of any COA system is to contain in the signed message as much information about the random structure of the physical object as possible. In this paper, we show that the cost of forging a particular COA instance is exponentially proportional to the improvement in compressing COA's random features. Next, we formally define the compression objective, show that finding its optimal solution is an NP-hard problem, and propose a heuristic that improves significantly upon best standard compression methods.

References

[1]

T. Andreae and H. Bandelt. Performance guarantees for approximation algorithms depending on parametrized triangle inequalities. SIAM Journal of Discrete Mathematics, Vol.8, pp.1--16, 1995.]]

Digital Library

[2]

D.W. Bauder. Personal Communication.]]

[3]

D.W. Bauder. An Anti-Counterfeiting Concept for Currency Systems. Research report PTK-11990. Sandia National Labs. Albuquerque, NM, 1983.]]

[4]

S. Church and D. Littman. Machine reading of Visual Counterfeit Deterrent Features and Summary of US Research, 1980-90. Four Nation Group on Advanced Counterfeit Deterrence, Ottawa, Canada, Septemeber 1991.]]

[5]

A.M. Frieze, G. Galbiati, and F. Maffioli. On the worst-case performance of some algorithms for the asymmetric traveling salesman problem. Networks, Vol.12, no.1, pp.23--39, 1982.]]

[6]

M.R. Garey and D.S. Johnson. Computers and Intractability. San Francisco, CA: Freeman, 1979.]]

Digital Library

[7]

D.B. Johnson. Efficient algorithms for shortest paths in sparse networks. Journal of the ACM, Vol.24, no.1, pp.1--13, 1977.]]

Digital Library

[8]

A.J. Menezes, P.C. Van Oorschot, and S.A. Vanstone. Handbook of Applied Cryptography. CRC Press, 1996.]]

Digital Library

[9]

Commission on Engineering and Technical Systems (CETS). Counterfeit Deterrent Features for the Next-Generation Currency Design. The National Academic Press, 1993.]]

[10]

R. Pappu. Physical One-Way Functions. Ph.D. Thesis, MIT, 2001.]]

[11]

J. Rissanen. Modeling by Shortest Data Description. Automatica, Vol.14, pp.465--471, 1978.]]

Digital Library

[12]

R. L. Rivest, A. Shamir, and L. A. Adleman. A method for obtaining digital signatures and public-key cryptosystems. Communications of the ACM, vol.21, no.2, pp.120--126, 1978.]]

Digital Library

[13]

C.E. Shannon. Prediction and entropy of printed English. Bell Systems Technical Journal, pp.50--64, 1951.]]

[14]

V.V. Vazirani. Approximation Algorithms. Springer, 2001.]]

Digital Library

[15]

I.H. Witten, A. Moffat, and T.C. Bell. Managing gigabytes: compressing and indexing documents and images. Morgan-Kaufmann, 1999.]]

Digital Library

[16]

Y. Desmedt and A. Odlyzko. A Chosen Text Attack on the RSA Cryptosystem and Some Discrete Logarithm Schemes. CRYPTO, Springer-Verlag, pp.516--522, 1985.]]

Digital Library

[17]

D. Bleichenbacher. Chosen Ciphertext Attacks Against Protocols Based on the RSA Encryption Standard PKCS #1. CRYPTO, Springer-Verlag, pp.1--12, 1998.]]

Digital Library

[18]

J.-S. Coron, D. Naccache, and J.P. Stern. A New Signature Forgery Strategy. CRYPTO, Springer-Verlag, pp.1--18, 1999.]]

Digital Library

[19]

M. Bellare and P. Rogaway. The exact security of digital signatures: how to sign with RSA and Rabin. EUROCRYPT, Springer-Verlag, pp.399--414, 1996.]]

Cited By

Toreini EShahandashti SHao F(2017)Texture to the RescueACM Transactions on Privacy and Security10.1145/309281620:3(1-29)Online publication date: 11-Aug-2017
https://dl.acm.org/doi/10.1145/3092816
Rührmair U(2016)Disorder-Based Security Hardware: An OverviewSecure System Design and Trustable Computing10.1007/978-3-319-14971-4_1(3-37)Online publication date: 2016
https://doi.org/10.1007/978-3-319-14971-4_1
Parusiński MShariati SKamel DXavier-Standaert F(2013)Strong PUFs and their (physical) unpredictabilityProceedings of the Workshop on Embedded Systems Security10.1145/2527317.2527322(1-10)Online publication date: 29-Sep-2013
https://dl.acm.org/doi/10.1145/2527317.2527322
Show More Cited By

Index Terms

Toward an automated verification of certificates of authenticity
1. Computer systems organization
  1. Embedded and cyber-physical systems
  2. Real-time systems
2. Information systems
  1. Data management systems
    1. Data structures
      1. Data layout
        Data compression

Recommendations

Cryptanalysis of some proxy signature schemes without certificates
WISTP'07: Proceedings of the 1st IFIP TC6 /WG8.8 /WG11.2 international conference on Information security theory and practices: smart cards, mobile and ubiquitous computing systems

The concept of proxy signature was introduced by Mambo et al. to delegate signing capability in the digital world. In this paper, we show that three existing proxy signature schemes without certificates, namely, the Qian and Cao identity-based proxy ...
Formal Analysis of Symbolic Authenticity
Frontiers of Combining Systems
Abstract
Authenticated encryption schemes are ways of encrypting messages which simultaneously assure the secrecy and authenticity of data. Designing authenticated encryption schemes can be error-prone. In this paper, we consider the authenticity of ...
Secret-key certificates

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Conferences

EC '04: Proceedings of the 5th ACM conference on Electronic commerce

May 2004

278 pages

ISBN:1581137710

DOI:10.1145/988772

General Chair:
Jack Breese
Microsoft
,
Program Chairs:
Joan Feigenbaum
Yale University
,
Margo Seltzer
Harvard University

Copyright © 2004 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 17 May 2004

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Article

Conference

EC04

Sponsor:

EC04: Fifth ACM Conference on Electronic Commerce 2004 ( held in conjunction with WWW'04: The 2004 World Wide Web Conference )

May 17 - 20, 2004

NY, New York, USA

Acceptance Rates

EC '04 Paper Acceptance Rate 24 of 146 submissions, 16%;

Overall Acceptance Rate 664 of 2,389 submissions, 28%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

13
Total Citations
View Citations
436
Total Downloads

Downloads (Last 12 months)5
Downloads (Last 6 weeks)0

Reflects downloads up to 12 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

Toreini EShahandashti SHao F(2017)Texture to the RescueACM Transactions on Privacy and Security10.1145/309281620:3(1-29)Online publication date: 11-Aug-2017
https://dl.acm.org/doi/10.1145/3092816
Rührmair U(2016)Disorder-Based Security Hardware: An OverviewSecure System Design and Trustable Computing10.1007/978-3-319-14971-4_1(3-37)Online publication date: 2016
https://doi.org/10.1007/978-3-319-14971-4_1
Parusiński MShariati SKamel DXavier-Standaert F(2013)Strong PUFs and their (physical) unpredictabilityProceedings of the Workshop on Embedded Systems Security10.1145/2527317.2527322(1-10)Online publication date: 29-Sep-2013
https://dl.acm.org/doi/10.1145/2527317.2527322
Shariati SStandaert FJacques LMacq B(2012)Analysis and experimental evaluation of image-based PUFsJournal of Cryptographic Engineering10.1007/s13389-012-0041-32:3(189-206)Online publication date: 23-Sep-2012
https://doi.org/10.1007/s13389-012-0041-3
Shariati SKoeune FStandaert F(2012)Security analysis of image-based PUFs for anti-counterfeitingProceedings of the 13th IFIP TC 6/TC 11 international conference on Communications and Multimedia Security10.1007/978-3-642-32805-3_3(26-38)Online publication date: 3-Sep-2012
https://dl.acm.org/doi/10.1007/978-3-642-32805-3_3
Škorić B(2010)Quantum readout of physical unclonable functionsProceedings of the Third international conference on Cryptology in Africa10.1007/978-3-642-12678-9_22(369-386)Online publication date: 3-May-2010
https://dl.acm.org/doi/10.1007/978-3-642-12678-9_22
DeJean GKirovski D(2009)Exploring RFCOAs and its application to products2009 Asia Pacific Microwave Conference10.1109/APMC.2009.5385430(2252-2255)Online publication date: Dec-2009
https://doi.org/10.1109/APMC.2009.5385430
Dejean GKirovski D(2007)RF-DNAProceedings of the 9th international workshop on Cryptographic Hardware and Embedded Systems10.1007/978-3-540-74735-2_24(346-363)Online publication date: 10-Sep-2007
https://dl.acm.org/doi/10.1007/978-3-540-74735-2_24
Schonberg DKirovski D(2006)EyeCertsIEEE Transactions on Information Forensics and Security10.1109/TIFS.2006.8736041:2(144-153)Online publication date: 1-Nov-2006
https://dl.acm.org/doi/10.1109/TIFS.2006.873604
DeJean GKirovski D(2006)Making RFIDs unique - radio frequency certificates of authenticity2006 IEEE Antennas and Propagation Society International Symposium10.1109/APS.2006.1710711(1039-1042)Online publication date: 2006
https://doi.org/10.1109/APS.2006.1710711
Show More Cited By

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents