The main goals of the LYRICS project are to:
- Establish a high-level architecture for privacy-preserving services;
- Invent and specify low-cost cryptographic mechanisms that can be used to protect user privacy in the context of contactless mobile services;
- Securely implement these cryptographic tools on selected NFC-enabled mobile phones;
- Develop and experiment a pilot implementation of a privacy-preserving contactless mobile service (e.g. an m-ticketing application or a use case coming from the Japanese market, to be defined within the course of the project).
A critical part of the project resides in the conception of low-cost cryptographic mechanisms that can be assembled to support a higher-level privacy-preserving applicative architecture. Several promising approaches are envisioned in order to realize both secure and efficient low-level mechanisms:
- Approach 1: The first approach is to consider the SIM card as being tamper-proof, which states that it is infeasible to extract its embedded keys and that the all applications embedded within the SIM cards are trusted to perform correctly. This usually allows very efficient solutions based on symmetric-key mechanisms, as in the case of [CG02, CT04]. However, in some use cases such as banking applications, the tamper-resistance assumption may not be appropriate: namely, whenever the potential economic loss due to fraud and piracy is overwhelming once the tamper‑resistance of a single SIM card is compromised. Also, when tamper-proofness must be ensured, the cost of manufacturing SIM cards may be too high for the targeted application. To address these issues, we consider the second approach.
- Approach 2: Our second approach consists in speeding up the computations performed by the SIM card (the secure element of the architecture) by delegating a substantial part of the computations to the mobile phone (the powerful element of the architecture). This delegation-based approach opens the way to achieving better efficiency while secret elements are kept protected within the SIM card. This also allows to benefit from the parallel computations performed at the same time within the SIM card and using the mobile’s crypto-accelerator.
- Approach 3: LYRICS will undertake important research efforts to improve the efficiency of existing schemes and invent new PEC mechanisms. Promising results in this direction have been obtained by NEC for group signatures ([FI06], [IMS+06]).
- Approach 4: We will make use of a crypto-accelerator specifically developed by NEC for group signatures such as to achieve better performances within the mobile/smart phone.