Home // International Journal On Advances in Security, volume 5, numbers 1 and 2, 2012 // View article

Advances in Protecting Remote Component Authentication

Authors:
Rainer Falk
Steffen Fries

Keywords: device authentication, counterfeiting, tunneled authentication

Abstract:
Component authentication allows verifying the originality of various components being part of a machine or a system, or being connected to control equipment. Various technologies are available, ranging from holograms, hidden marks, special inks to cryptography-based component authentication. Typical applied cryptography-based mechanisms employ a challenge-response-based component authentication mechanism. These component authentication mechanisms have been designed originally for local genuineness verification, i.e., for an authentication performed in direct vicinity of the component to be verified. However, it may be useful to support also a remote component authentication, e.g., to verify the integrity of the control system including its periphery from a central monitoring station. This paper describes an attack on a challenge-response component authentication protocol when using it in addition for a remote component authentication. A new security measure, that binds a challenge value to a specific remote verifier, is described to prevent this attack. The challenge value for which the response is calculated by the component authentication mechanism can therefore not be selected by the remote verifier. This has the advantage on one hand that a potential remote adversary cannot use the component as oracle to collect challenge response pairs. On the other hand, the response value can be provided to the verifier directly.

Pages: 28 to 35

Copyright: Copyright (c) to authors, 2012. Used with permission.

Publication date: June 30, 2012

Published in: journal

ISSN: 1942-2636