2014 Reports :  Cryptology ePrint Archive Forum
Discussion forum for Cryptology ePrint Archive reports posted in 2014. Please put the report number in the subject. 
Goto Thread: PreviousNext
Goto: Forum ListMessage ListNew TopicSearchLog In
2014/728 Unpicking PLAID response - Nit-Picking PLAID
Posted by: Graeme.Freedman (IP Logged)
Date: 27 November 2014 21:00

See the following link for the Nit-Picking PLAID response to this Paper

[dl.dropboxusercontent.com]

Re: 2014/728 Unpicking PLAID response - Nit-Picking PLAID
Posted by: tommaso.gagliardoni (IP Logged)
Date: 08 January 2015 08:52

On behalf of the "Unpicking PLAID" research team, I would like to point out that our response to this report is available from:

[www.cryptoplexity.informatik.tu-darmstadt.de]

This response expresses our viewpoint on that report, rectifying some misrepresented facts and countering false allegations. In particular (but not limited to):

1) The author(s) of the report seem to consistently confuse the mere lack of known attacks with a proof of security.

2) They argue about a lack of a formal definition of privacy in our work and digress into musing about an Oxford dictionary definition of privacy. Our paper, however, allows the reader to easily infer what our attacks against the ISO standard achieve: tracing cards across executions, and identifying the supported key set of a card. None of these attacks should be possible according to PLAID's own claims of privacy.

3) They try to minimise the impact of our attacks, based on the availability of CPLC data, implying that CPLC data is anyway always available even in privacy-sensitive scenarios - which is incorrect. Furthermore, they completely ignore our fingerprinting attack on key sets, and focus only on the RSA fingerprinting attack.

4) They credit us for claims which we never made, and misrepresent the timeline and references in our paper.

Finally, we wish to remark that the personal email correspondence with Professors Fischlin and Paterson, linked to in Annex A of the project editor's report, was published without their consent.

We consider the situation to be self-explanatory, and encourage readers to draw their own conclusions.

Sincerely,
The "Unpicking PLAID" team.



Please log in for posting a message. Only registered users may post in this forum.