Cryptology ePrint Archive: Report 2020/106

Relaxed freshness in component authentication

Frank Schuhmacher

Abstract: We suggests a relaxed freshness paradigm for challenge-response authentication for each field of application where challenger and responder are tightly coupled and authentication takes place in a friendly environment. Replay attacks are not feasible under this premise, and freshness can be relaxed to relative freshness: no refresh is required as long as all previously tested responders were authentic. One field of application is anti-counterfeiting of electronic device components. The main contribution is a formal security proof of an authentication scheme with choked refresh. A practical implication is the lifetime increase of stored challenge-response-pairs. This is a considerable advantage for solutions based on hardware intrinsic security. For solutions based on symmetric keys, it opens the possibility to use challenge-response-pairs instead of secret keys by the challenger a cheap way to reduce the risk of key disclosure.

Category / Keywords: foundations / Authentication, Challenge-Reponse-Pairs, Formal verification, Eprover

Date: received 2 Feb 2020

Contact author: frank schuhmacher at segrids com

Available format(s): PDF | BibTeX Citation

Version: 20200204:161726 (All versions of this report)

Short URL: ia.cr/2020/106


[ Cryptology ePrint archive ]