Lyrics project is certified by E-Secure Transactions cluster (website).
The Lower Normandy Region offers unique advantages, reuniting the essential skills and expertise for the accomplishment of an ambitious secure electronic transactions programme.
In order to seize market opportunities and to guarantee the protection of key technologies, the cluster’s ambition is to shape the secure electronic transactions sector and to become:
- Within five years, the European point of reference in terms of R&D, training and industrial development in the field of secure electronic transactions;
- A pilot region, cradle of large scale product, service and usage experimentation;
- A place of influence and convergence of knowledge and know-how based on the capacity to materialise innovative projects and to conclude cooperative partnerships on a national and international scale.
Description of the project in french : http://www.pole-tes.com/web/portal/website/content/modules/projet2/projet2.do?websiteId=1&navigableId=374&projet2Id=208
Several national, European or international collaborative projects on specific aspects of « Privacy and Identity Management » have been launched in the past five years. PRIME, PrimeLife (PRIME’s follow-up project), PICOS (Privacy and Identity Management for Community Services) COPRIM (Contactless Privacy Manager) and ABC4Trust (Attribute-Based Credentials for Trust) , are representative projects in this area. In contrast to all of those projects, LYRICS puts a strong emphasis on conceiving and implementing innovative cryptographic primitives, and specifically addresses the computational constraints faced by embedded applications.
Our project bears some similarities with the European FP6 project PRIME (PRivacy and Identity Management for Europe) whose goal was to develop a framework and a number of tools allowing a user to manage his identity and to protect his privacy in the cyberspace. The main difference however is that we are focusing on real-world near-field transactions using low resources devices (NFC-enabled mobile phones) whereas PRIME was focusing exclusively on the on-line setting (Internet transactions performed on powerful devices such as personal computers). Moreover the privacy-enhancing cryptographic tools developed during the course of this project are mainly based on those used in the Idemix system and therefore would not be suitable for resources constrained devices such as SIM cards and mobile phones.
The ANR (French National Research Agency) is a research funding organisation. The Agency was established by the French government in 2005 to fund research projects, based on competitive schemes giving researchers the best opportunities to realise their projects and paving the way for groundbreaking new knowledge. The role of the Agency is to bring more flexibility to the French research system, foster new dynamics and devise cutting edge-strategies for acquiring new knowledge. By identifying priority areas and fostering public-private collaborations, the ANR also aims at enhancing the general level of competitiveness of both the French research system and the French economy.
Digital Engineering & Security – INS
The objectives of the INS research programme are the emergence of new paradigms, technologies, methods and tools to design digital systems consisting in integrated hardware and software in which security, dependability and energy efficiency are essential concerns. This affects the engineering of complex digital systems based on components, building blocks and applications.
Security stresses the design of high-confidence digital systems, their implementation and monitoring. The uncontrolled proliferation of connected digital systems also uses concepts such as protection assurance: « security by design ». Key challenges are concerned by dependability of critical systems, fidelity (customers viewpoint on brand reputation for products and services), the problems of energy consumption, the economy of software and hardware, i.e., the rationalization of fabrication (costs, delays) without compromising the quality and by creating higher added value for products and services that differentiate from competitors.
Global Platform: Global Platform (GP) is an important standard coping with the way applications are securely managed on the security element. Together with Java Card, it offers a good basis for industrial development and remote issuance of secure applications in the smartphone context, and consequently these environments will be the target of LYRICS.
GP is broadly used for SIMs which are typical multi-applicative secure elements (SE). Aspects dealt with by GP are secure download, activation, disable and removal of applications with their code, data and their secret material (keys, parameters, etc…) while preserving the right policy for doing these operations which can involve various entities: mobile network operators, the security element issuer, the application provider, and some trusted third party. There are clearly some concerns with privacy in tasks like secure code and keys downloading, since it could result for example in some problems of traceability. These aspects will be addressed in LYRICS in order to provide an analysis of mechanisms provided by GP2.2 and the work being done on “remote application management” topic to verify adequacy with the goals of LYRICS regarding privacy, describe relevant measures concerning remote management & privacy, and eventually define and propose some technical adaptations of GP protocols, and if necessary contribute to the GP standardization body.
ISO/IEC: Several standardization bodies have been involved over the last ten years in attempts to develop an information privacy protection standard. ISO/IEC JTC1/SC27 has vested interests in standardizing “information technology-security techniques”. This includes standards for privacy-enhancing technologies and especially for credential-based solutions. The subject of anonymous authentication mechanisms intersects with standardization works in two SC27 working groups, WG2 and WG5. WG2 develops standards based on algorithms such as group signatures and WG5 elaborates on requirements and guidelines. An initiative is currently being undertaken by SC27 WG5:
- The project ISO/IEC 29191 provides a model for partially anonymous unlinkable authentication mechanisms where a designated agent can revoke anonymity, and defines requirements thereof.
The WG5 is responsible for other privacy standards. The most advanced are ISO/IEC 29100 Privacy Framework and ISO/IEC 29101 Privacy Reference Architecture:
- The Privacy Framework serves as a basis for a technical reference architecture, for the implementation and use of specific privacy technologies and overall privacy management, for privacy controls for outsourced data processes, for privacy risk assessment or for specific engineering specifications.
- The Privacy Reference Architecture guides the implementation of controls associated with a privacy framework to ensure the proper handling of personally identifiable information within an information and communication technology environment.
NEC and France Telecom are actively involved in these two working groups WG2 and WG5. More precisely, NEC is the editor in charge of the ISO/IEC 29191 project. NEC, France Telecom as well as Microsoft also hold several patents on Privacy-Enhancing Cryptographic (PEC) mechanisms such as blind signatures, DAA and k-TAA and on applications making use of these anonymous signatures schemes such as e-cash, e-voting and e-auctions.
We expect to specify a high-level applicative architecture for privacy-preserving contactless mobile services (CMS) which could serve as a basis for standardization and future market offerings in this area.
The innovations expected from the project are the emergence of low-cost cryptographic primitives and protocols for the controlled disclosure of personal information in the context of contactless mobile services. We target, for typical contactless transactions, a running time on the NFC-enabled mobile phones of the order or less than 1 second. For transactions subject to stronger time constraints, such as those involved in transportation ticketing services, we expect to lower this bound to about 150 milliseconds.
Our results will be disseminated by:
- Patents and publications in the most influential conferences in the related scientific field and in commercial workshops.
- Taking part to standardisation efforts to orient current standardization initiatives and promote the promising solutions developed within LYRICS.
- The industry partners may reuse the project outcomes to build on top of their own security products or services.
The main goals of the LYRICS project are to:
- Establish a high-level architecture for privacy-preserving services;
- Invent and specify low-cost cryptographic mechanisms that can be used to protect user privacy in the context of contactless mobile services;
- Securely implement these cryptographic tools on selected NFC-enabled mobile phones;
- Develop and experiment a pilot implementation of a privacy-preserving contactless mobile service (e.g. an m-ticketing application or a use case coming from the Japanese market, to be defined within the course of the project).
A critical part of the project resides in the conception of low-cost cryptographic mechanisms that can be assembled to support a higher-level privacy-preserving applicative architecture. Several promising approaches are envisioned in order to realize both secure and efficient low-level mechanisms:
- Approach 1: The first approach is to consider the SIM card as being tamper-proof, which states that it is infeasible to extract its embedded keys and that the all applications embedded within the SIM cards are trusted to perform correctly. This usually allows very efficient solutions based on symmetric-key mechanisms, as in the case of [CG02, CT04]. However, in some use cases such as banking applications, the tamper-resistance assumption may not be appropriate: namely, whenever the potential economic loss due to fraud and piracy is overwhelming once the tamper‑resistance of a single SIM card is compromised. Also, when tamper-proofness must be ensured, the cost of manufacturing SIM cards may be too high for the targeted application. To address these issues, we consider the second approach.
- Approach 2: Our second approach consists in speeding up the computations performed by the SIM card (the secure element of the architecture) by delegating a substantial part of the computations to the mobile phone (the powerful element of the architecture). This delegation-based approach opens the way to achieving better efficiency while secret elements are kept protected within the SIM card. This also allows to benefit from the parallel computations performed at the same time within the SIM card and using the mobile’s crypto-accelerator.
- Approach 3: LYRICS will undertake important research efforts to improve the efficiency of existing schemes and invent new PEC mechanisms. Promising results in this direction have been obtained by NEC for group signatures ([FI06], [IMS+06]).
- Approach 4: We will make use of a crypto-accelerator specifically developed by NEC for group signatures such as to achieve better performances within the mobile/smart phone.
The work within LYRICS is conducted along six technical tasks.
Task 1 aims at ensuring that the project meets or exceeds its expectations, at overseeing the dissemination of the results and monitoring relevant standardization activities.
The main goals of Task 2 are to analyse several contactless mobiles services (e.g. m-ticketing, m‑payment, etc.) and formulate their associated privacy risks (privacy threat model); as well as to design an overall architecture for privacy‑preserving contactless mobile services and survey tools that can help the user to manage his own privacy, taking into account the points of view, knowledge and social representations of the general public on these subjects.
In Task 3, we will concentrate on the conception of lightweight privacy-enhancing cryptographic (PEC) mechanisms for contactless mobile services. We will in particular investigate solutions that consider the SIM card as a tamper-resistant hardware as well as protocols using a dedicated crypto-processor and/or securely delegating some non-critical parts of the private computation to the mobile phone to improve efficiency.
The main goal of Task 4 consists in selecting and specifying one of the various privacy-enhancing contactless services studied in the Task 2. We expect the service to be an m-ticketing application or a service based on a specific business case arising from the Japanese market.
The goal of Task 5 is to develop the prototype of the privacy-preserving contactless mobile service which includes the software components on the SIM, mobile, service and identity provider side. The prototype will aim at demonstrating one use case selected from Task 4.
The main goal of Task 6 will be first, to implement the security components for protecting the SIM-embedded prototype and second, to elaborate a platform that generates attacks against the mobile software part of the use case designed in Task 4.
|Orange Labs||Jacques TRAOREemail@example.com|
|Atos Wordline||Olivier MAAS|
|ENSI de Bourges||Jean-François LALANDE|
|Microsoft (US)||Christian PAQUIN|
|NEC Corporation (Japan)||Kazue SAKO|
|Oberthur Technologies||Jean-Loup DEPINAY|
LYRICS, Lightweight privacY-enhancing cRyptography for mobIle Contactless Services, is a cooperative project funded by ANR (French Research Agency) in the call “Ingénierie Numérique et Sécurité (INS 2011).
The next generation of mobile and smart phones will integrate NFC (Near Field Communication) chips. With the fast emergence of this contactless technology, mobile phones will soon be able to play the role of e-tickets, credit cards, transit pass, loyalty cards, access control badges, e-voting tokens, e‑cash wallets, etc.
The main goal of LYRICS is to enable end users to securely access and operate these contactless services in a privacy-preserving manner that is, without having to disclose their identity or any other unnecessary information related to personal data. More specifically, we intend to design new innovative cryptographic solutions that achieve the fundamental privacy principles such as data minimization, which states that only the information that is strictly necessary to complete a particular transaction should be disclosed (and nothing more).