8.1.- Tipos de técnicas de ensayos no destructivos

The protocol begins when the TTP receives the OT request from the current owner.

The Ownership Transfer phase has 2 steps. First step is between the TTP and the new owners and the second step is between the TTP and all the Tags in the Tag-Group.

Step 1: T T P → New Owners → T T P . Here, the new owners are given the Tag IDs and each owner’s respective new secret to the tags in the group.

Step 1A: T T P performs the following:

• T T P generates a pseudo-random number S2rand a new secret SO_s_nthat is shared between the T T P and the owners. Then, for each new owner i:

– T T P generates a new secret Ns_i which the owner shares with all the tags in the tag-group. It then computes M 1_i = O_id_i ⊕ P RNG(SOs⊕ S2r), M 2_i = S2_r⊕ P RNG(Oid_i⊕ SOs), M 3_i = N_s_i⊕ P RNG(Oid_i⊕ SOs⊕ S2r), M 0_i = SOs_n⊕P RNG(M1i⊕Oid_i⊕SOs). M 1i is used in M 0ito keep all the PRNG operations unique for each message.

– Then, for each Tag j in the Tag-Group, T T P computes M 4_j = T_id_j ⊕ P RN G(Ns_i ⊕ SOs⊕ S2r) and M_j^c = P RN G(M 0i⊕ SOs)⊕ P RNG(M3i⊕ SO_s)⊕ P RNG(M4j⊕ S2r).

– T T P sends M 0_i, M 1_i, M 2_i, M 3_i, M 4_(1..j) and M_(1..j)^c to each new owner i.

• T T P repeats the process for the next owner.

Step 1B: Each new owner i performs the following:

• Using the stored Oid, SO_seach owner extracts S2_ras: M 2_i⊕P RNG(Oid⊕SOs)→ S2_r and veriﬁes if O_id= M 1_i⊕ P RNG(SOs⊕ S2r).

• If the check fails, the owner uses the previous secret SOs in the above step. If either one of the secrets result in a match, then the T T P is authenticated and the owner knows that the message is for itself. This validation ensures that M 1i

and M 2_i are not tampered by an adversary during transmission. Otherwise, the protocol aborts. For the reminder of the operations either SO_s or SO_s will be used based on which one returned a successful match.

6.2. THE PROPOSED PROTOCOL 103

• Then, using the stored SOs, extracted S2r and received values, for all j, the owners verify if P RN G(M 0_i⊕SOs)⊕P RNG(M3i⊕SOs)⊕P RNG(M4j⊕S2r) =

(1..j) that it is authorized to access and its own secret as OTs = Ns_i.

• Once that is accomplished, the owner generates pseudo-random number O1r, com-putes RN Do= O1r⊕ Oid⊕ SOs and ACKo = O_id⊕ OTs⊕ P RNG(SOs⊕ O1r).

The owner then sends RN D_o, ACK_o to the T T P .

• Finally, if Oid was matched using SO_s then the owner updates the shared secret as SO_s ← SOs and SO_s← SOs_n.

Step 1C: For each new owner’s reply, T T P performs the following: Using the stored O_id_i and SO_s, the T T P extracts O1_r as RN D_o⊕ Oid_i ⊕ SOs → O1r. It then veriﬁes if O_id_i ⊕ Ns_i = ACKo ⊕ P RNG(SOs ⊕ O1r). If it is successful, the new owner is authenticated and it also conﬁrms that the new secret has been successfully updated for that new owner. If the T T P does not receive acknowledgements from all the new owners within a stipulated time, it will restart the process from Step 1A. Otherwise, it updates the shared secret SO_s as SO_s← SOs_n and commences Step 2.

Trusted Third Party (TTP) New Owners

Step 1A Step 1B

Generate S2r M 2i⊕ P RNG(O^id⊕ SO^s)→ S2^r

Generate TTP To Owner-Group New Secret SOs_n if Oid= M 1i⊕ P RNG(SO^s⊕ S2^r)

For each New Owner i TTP Authenticated; & Message is for this Owner;

Generate Owner To Tag-Group New Secret Ns_i else

M 1i= Oid_i⊕ P RNG(SOs⊕ S2r) Use SO_sin the above steps and try again;

Figure 6.2: Proposed Multi Owner/Tag Ownership Transfer Protocol - Step 1 Step 2: T T P → Tag-Group → T T P . Here, the T T P sends the new owner IDs and their respective new secret, to the tags in the tag-group.

Step 2A: The T T P performs the following:

Trusted Third Party (TTP) Each Tag in Tag-Group

Step 2A Step 2B

Generate S1r M 8j⊕ P RNG(Tid⊕ STs)→ S1r

Generate TTP To Tag-Group New Secret STsn

For each New Owner i If Tid= M 7j⊕ P RNG(Tid⊕ STs⊕ S1r)

Next Tag Remove Previous Owners’ IDs & Secrets from Tag

Insert Oid_(1..i), OTs= Ns_(1..i), OT_s= Ns_(1..i)

Step 2C Generate T 1r

For each Tag’s Reply: RN Dt= T 1r⊕ Tid⊕ STs

RN Dt⊕ Tid⊕ STs→ T 1r ACKt= Tid⊕ (Oid||OTs)_(1..i)⊕ P RNG(STs⊕ T 1r) if T_id_j⊕ (Oid||Ns)_(1..i)= ACKt⊕ P RNG(STs⊕ T 1r)

Tag Authenticated RN D_t, ACK_t

New Owners & Secrets Successfully Inserted <− − − − −

If All ACK NOT Received then If T_idmatched using ST_s

Goto Step 2A ST_s← STs

else STs← STs_n STs← STs_n

Figure 6.3: Proposed Multi Owner/Tag Ownership Transfer Protocol - Step 2

• T T P generates a pseudo-random number S1r and a new secret ST_s_n which the T T P shares with all the tags in the tag-group. Then for each new owner i:

• T T P computes M5i = N_s_i ⊕ P RNG(STs ⊕ S1r), M 6_i = O_id_i ⊕ P RNG(Ns_i ⊕

Step 2B: Each Tag in the Tag-Group performs the following:

• Using stored Tid, ST_s tag extracts S1_r as M 8_j ⊕ P RNG(Tid⊕ STs) → S1r and veriﬁes if Tid= M 7j⊕ P RNG(Tid⊕ STs⊕ S1r).

• If the check fails, the tag uses the previous secret STs in the above step. If either one of the secrets result in a match, then the T T P is authenticated and the tag knows that the message is for itself. This validation ensures that M 7_j and M 8_j are not tampered by an adversary during transmission. Otherwise, the protocol aborts. For the reminder of the operations either ST_s or ST_s will be used based on which one returned a successful match.

• The tag then extracts STs_n as M 9_j⊕P RNG(M7j⊕Tid⊕STs)→ STs_n. Then, for all i, using the stored STs, extracted S1r and received M 5i, M 6i, the tag veriﬁes if P RN G(M 5_i⊕ S1r⊕ STs_n)⊕ P RNG(M6i⊕ STs) = M_i^c . This validation ensures that M 5_i, M 6_i and M 9_j are not tampered by an adversary during transmission.

The tag then extracts the new owner IDs and their respective secrets as M 5i⊕

6.3. SECURITY ANALYSIS 105

P RN G(STs⊕ S1r) → Ns_i and M 6i⊕ P RNG(Ns_i⊕ STs⊕ S1r) → Oid_i. If the check fails for any i, the protocol aborts.

• It then removes all the previous owner IDs that are stored and inserts the new owners O_id_(1..i) and sets the current and previous shared secrets as OTs= Ns_(1..i), OT_s = N_s_(1..i). One row for each owner i is inserted in the form{Oid_i, OT_s_i, OT_s

i}.

• Once that is accomplished, the tag generates a fresh pseudo-random number T 1r

and computes RN Dt = T 1r ⊕ Tid ⊕ STs and ACKt = T_id⊕ (Oid₁||OTs₁) ⊕ (O_id₂||OTs₂) ⊕... ⊕ (Oid_i||OTs_i) ⊕P RNG(STs⊕ T 1r). For ease of representation, this computation is shown in the Figure 6.3 as ACK_t = T_id⊕ (Oid||OTs)_(1..i)⊕ P RN G(STs⊕ T 1r). The tag then sends RN Dt, ACKt to the T T P

• Finally, if the Tid was matched using ST_s then the tag updates the shared secret as ST_s ← STs and ST_s← STs_n.

Step 2C: For each Tag’s reply, the T T P performs the following: It extracts T 1r using stored T_id, ST_sas RN D_t⊕Tid⊕STs→ T 1rand veriﬁes if T_id_j⊕ (Oid₁||Ns₁)⊕(Oid₂||Ns₂)

⊕... ⊕ (Oid_i||Ns_i) = ACK_t⊕ P RNG(STs⊕ T 1r). If it is successful, the tag is authen-ticated and it also conﬁrms that the new owners and their respective secrets have been successfully inserted in that tag. For ease of representation, this computation is shown in the Figure 6.3 as if T_id_j⊕ (Oid||Ns)_(1..i)= ACK_t⊕ P RNG(STs⊕ T 1r). If the T T P does not receive acknowledgements from all the tags in the Tag-Group within a stipu-lated time, it will restart the process from Step 2A. Otherwise, it updates the shared secret ST_s as ST_s ← STs_n. As the last step in the process, the T T P sends a Owner-ship Transfer Conﬁrmation message to the current owner and completes the OwnerOwner-ship Transfer process.

In document Patología estructural y del casco : métodos de protección, inspección, mantenimiento y reparación (página 93-98)