Unpicking PLAID: a cryptographic analysis of an ISO-standards-track authentication protocol

Abstract: Abstract. The Protocol for Lightweight Authentication of Identity (PLAID) aims at secure and private authentication between a smart card and a terminal. Originally developed by a unit of the Australian Department of Human Services for physical and logical access control, PLAID has now been standardized as an Australian standard AS-5185-2010 and is currently in the fast-track standardization process for ISO/IEC 25185-1. We present a cryptographic evaluation of PLAID. As well as reporting a number of undesirable… Show more

“…This includes several well-known protocols such as IKE [39,44], SIGMA [45], SSL [31], TLS [25,47,56,36,12], as well as the standard in German electronic identity cards, namely EAC [14,22], and the standardized protocols OPACITY [23] and PLAID [24]. Another line of designing AKEs follows the idea of MQV [57,41,46,68] (which has been standardized by ISO/IEC and IEEE, and recommended by NIST and NSA Suite B) by making good use of the algebraic structure of DH problems to achieve implicit authentication.…”

Authenticated Key Exchange from Ideal Lattices

“…This includes several well-known protocols such as IKE [39,44], SIGMA [45], SSL [31], TLS [25,47,56,36,12], as well as the standard in German electronic identity cards, namely EAC [14,22], and the standardized protocols OPACITY [23] and PLAID [24]. Another line of designing AKEs follows the idea of MQV [57,41,46,68] (which has been standardized by ISO/IEC and IEEE, and recommended by NIST and NSA Suite B) by making good use of the algebraic structure of DH problems to achieve implicit authentication.…”

Authenticated Key Exchange from Ideal Lattices