RFIDsec 2013 - Invited Speakers  
Wayne Burleson
"RFID Privacy: From Transportation Payments to Implantable Medical Devices" (, 3.9 MB)

Although RFID has been widely known for its impact on supply chain and inventory management, two of the most exciting applications from a privacy perspective are in: 1) transportation payment systems and 2) implantable medical devices. This talk presents recent research in both areas, drawing parallels but making important distinctions between the two applications. Both projects involve broad international collaborations due to the large number of technical disciplines involved, as well as varying legal and societal dimensions across different cultures. Transportation payment systems have the ability to divulge user location and hence travel habits. However they also facilitate sophisticated dynamic fare schemes and optimization of the transportation system. Implantable medical devices contain extremely private information about personal health and habits, as well as enabling tracking and other privacy concerns. However, the ability to wirelessly access implanted devices provides enormous health and cost benefits. Both topics raise interesting cross-disciplinary issues in economics, threat models, and ethics as well as more technical aspects of security engineering. This talk will review engineering solutions to both of these domains, including low-power cryptography, physical unclonable functions, and prototyping techniques.

About the Speaker:
Wayne Burleson has been a Professor of Electrical and Computer Engineering at the University of Massachusetts Amherst since 1990. He is also currently a Senior Fellow at AMD Research in Boston. He has degrees from MIT and the University of Colorado. He has worked as a custom chip designer and consultant in the semiconductor industry with VLSI Technology, DEC, Compaq/HP, Intel, Rambus and AMD, as well as several start-ups. Wayne was a visiting professor at ENST Paris in 1996/97, at LIRM Montpellier in 2003 and at EPFL Switzerland in 2010/11. His research is in the general area of VLSI, including circuits and CAD for low-power, interconnects, clocking, reliability, thermal effects, process variation and noise mitigation. He also conducts research in hardware security, reconfigurable computing, content-adaptive signal processing, RFID and multimedia instructional technologies. He teaches courses in VLSI Design, Embedded Systems and Security Engineering. Wayne has published over 180 refereed publications in these areas and is a Fellow of the IEEE for contributions in integrated circuit design and signal processing.

Most relevant to RFIDSec, Wayne currently leads research in privacy-preserving payment systems for transportation and secure implantable medical devices. The first project is an NSF-funded collaboration with Kevin Fu and Christof Paar, as well as Anna Lysanskaya from Brown University and several Transportation researchers. The second project is a collaboration with EPFL Switzerland and U. Bochum Germany, as well as the large US DHHS-funded SHARPS consortium, including Dartmouth, NYU, UIUC, Stanford and Johns Hopkins.
Lejla Batina
How Light is Lightweight Crypto? (, 7.5 MB)

With the expansion of versatile privacy-sensitive RFID applications a clear need for new identification schemes has been established. In the past few years a plentitude of identification protocols has been proposed addressing different real-life scenarios and relying on both symmetric-key and asymmetric-key cryptography.

In this talk we first survey some prominent solutions for privacy-sensitive RFID identification protocols and discuss their properties and hardware requirements. In the second part of this talk we discuss hardware requirements for the public-key founded protocols i.e. an ECC-based processor enabling the new solutions.

About the Speaker:
Lejla Batina received the Ph.D. degree in engineering in 2005 from Katholieke Universiteit Leuven, Belgium and the M.Sc. degree in mathematics from the University of Zagreb Croatia (1995). She has also studied at the Technische Universiteit Eindhoven, TU/e (Mathematics for industry, grad. in 2001)

Since 2009, she is an assistant professor in the Digital Security group of the Radboud University, Nijmegen and a member of the COSIC group of the Katholieke Universiteit Leuven. Before starting her PhD at KU Leuven, on secure hardware implementations of public-key cryptography, she worked as a cryptographer for a hardware company in The Netherlands (2001-2003).

After obtaining her Ph.D. she was a postdoctoral researcher at the COSIC group, at K.U. Leuven 2006-2009. Her research interests are in lightweight cryptography and side-channel analysis and countermeasures. She has published over 60 refereed papers in these areas and served at 50+ program committees. She has chaired RFIDSec09 and CHES 2012 (as general co-chair) and she was the general chair of RFIDSec12 in Nijmegen.
Günther Lackner and Karin Greimel
20 Years of MIFARE. From CRYPTO1 to Formal Verification. (, 1.5 MB)

In the last 20 years, the brand MIFARE was developed as the de-facto standard for low-end contact-less applications that require high levels of security and privacy. These applications include transport-ticketing, access-control and micro-payment. Started by the ground-breaking Classic in 1994, the MIFARE product family remarkably evolved in terms of diversity, security, and performance. More than 5 billion shipped devices prove the success of our invention.
With the rapid adoption of contact-less smart card technology in many areas of our daily lives, the need for proven security became higher than ever before. To deliver these requirements, a significant shift of paradigms in the industry had to take place. While 20 years ago it was common practice to develop proprietary security protocols, now a days all state-of-the-art mechanisms rely on modern and proven algorithms such as the AES. This shift also required a major step-up in development processes within the identification industry.
In order to reach higher assurance of the correctness and security of NXP products we apply formal verification to the critical parts of our specifications. A big challenge of applying formal verification in industry is to integrate it into the design process, such that errors can be found early in the design process and models can be adapted and reused by engineers.
Using UML statechart diagrams as input to a formal verification tool allows to use parts of the specification written by the architect directly for formal verification and supports the architect and the developer in having a precise common understanding of the specification. Having a precise, unambiguous and proven specification is key to developing high quality products.

About the Speakers:
Günther Lackner is an International Product Marketing Manager in the Automatic Fare Collection (AFC) Product Line of NXP Semiconductors. He has over 7 years of experience in IT Security, Applied Cryptography, Project Management and Product Management. He is currently responsible for Product Marketing and Strategy of CPU based smart card controllers in Automatic Fare Collection within NXPs Identification Business Unit.
Günther holds a BSc, MSc and PhD degree in computer science which he obtained during his studies at the University of Technology Graz - Austria, Universite de Technologie de Compiegne - France and the Queensland University of Technology Brisbane - Australia.

Karin Greimel studied Applied Mathematics at Graz University of Technology from 2001 to 2007. She worked as a research assistant at the Institute for Applied Information Processing and Communications in the Formal Methods for Design and Verification Group from 2008 to 2011. Since 2011 Karin Greimel is part of the Security Certification team at NXP Semiconductors Austria GmbH.