Agustin Orfila scite author profile

During the last years many RFID authentication protocols have been proposed with major or minor success (van Deursen and Radomirović (2008)). Juels (2004) introduced a different and novel problem that aims to evidence that two tags have been simultaneously scanned. He called this kind of evidence a yoking-proof that is supposed to be verifiable offline. Then, some authors suggested the generalization of the proof for a larger number of tags. In this paper, we review the literature published in this research topic and show the security flaws of the proposed protocols, named RFID groupingproofs generally. More precisely, we cryptanalyze five of the most recent schemes and we also show how our techniques can be applied to older proposals. We provide some guidelines that should be followed to design secure protocols and preclude past errors. Finally, we present a yoking-proof for low-cost RFID tags, named Kazahaya, that conforms to the proposed guidelines. Keywords:RFID; Grouping-proof; Security; Privacy, Cryptanalysis * Corresponding author Email addresses: P.PerisLopez@tudelft.nl (Pedro Peris-Lopez), Preprint submitted to Journal of Network and Computer Applications March 25, 2010A c c e p t e d m a n u s c r i p t

show abstract

A comprehensive RFID solution to enhance inpatient medication safety

Peris-López

Orfila

Mitrokotsa

et al. 2011

International Journal of Medical Informatics

106

View full text Add to dashboard Cite

Errors involving medication administration can be costly, both in financial and in human terms. Indeed, there is much potential for errors due to the complexity of the medication administration process. Nurses are often singled out as the only responsible of these errors because they are in charge of drug administration. Nevertheless, the interventions of every actor involved in the process and the system design itself contribute to errors [23]. Proper inpatient medication safety systems can help to reduce such errors in hospitals. In this paper, we review in depth two recent proposals [7,12] that pursue the aforementioned objective. Unfortunately, they fail in their attempt mainly due to their security faults but interesting ideas can be drawn from both. These security faults refer to impersonation and replay attacks that could produce the generation of a forged proof stating that certain medication was administered to an inpatient when it was not. We propose a leading-edge solution to enhance inpatient medication safety based on RFID technology that overcomes these weaknesses. Our solution, named Inpatient Safety RFID system (IS-RFID), takes into account the Information Technology (IT) infrastructure of a hospital and covers every phase of the drug administration process. From a practical perspective, our system can be easily integrated within hospital IT infrastructures, has a moderate cost, is very ease to use and deals with security aspects as a key point.

show abstract

A tunable proof of ownership scheme for deduplication using Bloom filters

Blasco

Pietro²,

Orfila

et al. 2014

View full text Add to dashboard Cite

Deduplication is a widely used technique in storage services, since it affords a very efficient usage of resourcesbeing especially effective for consumer-grade storage services (e.g. Dropbox). Deduplication has been shown to suffer from several security weaknesses, the most severe ones enabling a malicious user to obtain possession of a file it is not entitled to. Standard solutions to this problem require users to prove possession of data prior to its upload. Unfortunately, the schemes proposed in the literature are very taxing on either the server or the client side. In this paper, we introduce a novel solution based on Bloom filters that provides a flexible, scalable, and provably secure solution to the weaknesses of deduplication, and that overcomes the deficiencies of existing approaches. We provide a formal description of the scheme, a thorough security analysis, and compare our solution against multiple existing ones, both analytically and by means of extensive benchmarking. Our results confirm the quality and viability of our approach.

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Agustin Orfila

Flaws on RFID grouping-proofs. Guidelines for future sound protocols

A comprehensive RFID solution to enhance inpatient medication safety

A tunable proof of ownership scheme for deduplication using Bloom filters

Contact Info

Product

Resources

About