HAL will be down for maintenance from Friday, June 10 at 4pm through Monday, June 13 at 9am. More information
Skip to Main content Skip to Navigation

Design of privacy preserving cryptographic protocols for mobile contactless services

Abstract : The increasing number of worldwide mobile platforms and the emergence of new technologies such as the NFC (Near Field Communication) lead to a growing tendency to build a user's life depending on mobile phones. This context brings also new security and privacy challenges. In this thesis, we pay further attention to privacy issues in NFC services as well as the security of the mobile applications private data and credentials namely in Trusted Execution Environments (TEE). We first provide two solutions for public transport use case: an m-pass (transport subscription card) and a m-ticketing validation protocols. Our solutions ensure users' privacy while respecting functional requirements of transport operators. To this end, we propose new variants of group signatures and the first practical set-membership proof that do not require pairing computations at the prover's side. These novelties significantly reduce the execution time of such schemes when implemented in resource constrained environments. We implemented the m-pass and m-ticketing protocols in a standard SIM card: the validation phase occurs in less than 300ms whilst using strong security parameters. Our solutions also work even when the mobile is switched off or the battery is flat. When these applications are implemented in TEE, we introduce a new TEE migration protocol that ensures the privacy and integrity of the TEE credentials and user's private data. We construct our protocol based on a proxy re-encryption scheme and a new TEE model. Finally, we formally prove the security of our protocols using either game-based experiments in the random oracle model or automated model checker of security protocols.
Document type :
Complete list of metadata

Cited literature [120 references]  Display  Hide  Download

Contributor : Abes Star :  Contact
Submitted on : Tuesday, March 1, 2016 - 10:43:31 AM
Last modification on : Monday, May 9, 2022 - 5:40:29 PM
Long-term archiving on: : Tuesday, May 31, 2016 - 11:02:09 AM


Version validated by the jury (STAR)


  • HAL Id : tel-01280792, version 1


Ghada Arfaoui. Design of privacy preserving cryptographic protocols for mobile contactless services. Mobile Computing. Université d'Orléans, 2015. English. ⟨NNT : 2015ORLE2013⟩. ⟨tel-01280792⟩



Record views


Files downloads