The motivation for RESCUE IT is our ever increasing dependency of robust supply chains. Whether you look at dairy products (like milk or joghurt) or other sensitive goods - the process from production to delivery is increasing in complexity and in the number of involved parties. Supply chains of today are handled by complex IT and communication systems, their robustness against errors must be increased to meet our societies demands of an uninterupted supply stream. The errors RESCUE IT will be adressing range from sabotage of production, risks during transport, attacks on the underlying IT-Infrastructure, to targeted attacks on the quality and loss of consumability of goods in the wholesale sector. The research is scenario-driven and will be conducted together with industry partners, SCM software developers, and universities.
- Supply Chain Modelling: We built a high-level supply chain modeling tool that can be used to represent complex supply chains. On basis of a risk database threats to this supply chain are automatically identified. Controls that mitigate these threats can then be dragged & dropped onto the identified risk. Legal demands concerning food production, storage and handling as well as data security law and regulations concerning data storage are incorporated in order to ease legal and contractual compliance.
- Security & Safety Controls: We initially did envision only basic controls such as a separation of duties, digital signatures or a sensor monitoring the temperature of an asset. However throughout the course of the project several other types of controls were implemented including sanitizable signatures; life cycle management of authenticity and integrity statements; unobservable communication; attribute-based authentication; a benchmarking service and prepared product recall procedures
- Enforcement: All this is done on basis of a Coordination and Execution Platform. Monitoring of supply chain activities and automatic checks for validity of the process execution according the conceptually modeled supply chain are two key features for achieving security. This is realized by the Coordination and Execution Platform, which receives status information and interchanged electronic documents of the supply chain partners, and compares the received as-is information to the modeled to-be situation in the specified models. This way, anomalies in the process execution , e. g. wrong transport routes taken, or invalid entries in interchanged electronic document, can be detected, which previously would not have been taken notice of.
The software making up the Coordination and Execution Platform is created using a model-transformation based approach . That means, it is not manually programmed. Instead, a transformation-procedure is created which converts supply-chain models to the software that makes up the Coordination and Execution Platform. Because the Coordination and Execution Platform is not programmed in a traditional way, its software functionality can be predicted from the transformation procedure, and, once the transformation has been certified to deliver the desired software result according to a given supply-chain model as input, the resulting software can be trusted to correctly reflect the supply-chain model content in the resulting software. The risk of unwanted programming mistakes or intended malicious behaviour of software is reduced by this approach.
RFID sensors are attached to pallets which measure e. g. temperature, light and acceleration. While fluctuations of single sensor values alone might not be dangerous, a pattern of fluctuations in a certain time-frame might be a hint towards greater threats such as intoxication of foods. E. g., an attacker intending to intoxicate goods in a truck might need to first open the truck door (which will trigger the light and temperature sensor) and then to open a box on the pallet (which will trigger the acceleration sensor). The process of detecting such patterns in streams of separated sensor events is called Complex Event Processing (CEP). ReSCUeIT offers CEP facilities which are automatically configured during the model transformation based upon the supply chain process. An extension of the classical CEP feature which was introduced in the frame of ReSCUeIT is event patterns which include physical as well as logical events in order to detect cyber-physical threats. E.g. an attacker might attack the supply chain by detouring foods to a warehouse containing goods with emitting toxic vapors. In such a case the physical RFID sensors alone cannot detect the contamination, but the collocation of incompatible goods in terms of mutual contamination needs to be detected.
- Secure Logging: Usual log files, even encrypted ones, do not offer facilities to protect their content against attacks such as removal of log entries, reordering of log entries, or inserting new log entries. Therefore, usual log files are not secure by means of IT forensics. Secure logging aims at providing facilities which protect log files against the aforementioned attacks and thus form the base for audit trails where no repudiation is possible for the single stakeholders. Decrypting and verifying the validity of the log entries is only possible for the ReSCUeIT platform which is therefore viewed as a Trusted Third Party (TTP) for all stakeholders. In order to complicate inserting new log entries by attackers at the end of the log file, all observed systems are obliged to periodically report to the TTP with their current number of log entries.
Our chair has lead the security workpackage and contributed the design and development of the integrity and authenticity mechanisms for ReSCUeIT. In particular:
- Sanitizable signatures enable to verify the authenticity of signed documents even if trade secrets or personally identifying information have been removed. Thus, they allow sharing integrity protected supply chain documents with a verifiable origin, such as orders or lab-reports more freely among the partners of a supply chain. This exchange creates a more transparent supply-chain among the partners while respecting each partner’s individual privacy requirements (trade secrets / employee data protection regulations). Utilized to the full extend this would allow technically to identify all the ingredients of any product. This data in the hands of consumers increases confidence and allows identifying potentially risky products.
- We provide services for lifecycle management of authenticity and integrity statements. The generation of a signature over a document represents an endorsement of the signed contents by the signer. However, this happens at the time of signature generation. If at a later time the signer does not want to continue this endorsement he needs to recall the signature. In most cases he does not want to invalidate the whole signature but rather indicate that a certain signed value, which represent a produced physical good’s condition, i.e. frozenness, is no longer endorsed. This update is possible with ReSCUeIT, such that it allows the signer to ‘revoke’ his statement and allows others on verification of the signed document to query the current status of each endorsed value. ReSCUeIT calls them ‘certified property states’ and building upon existing standard technologies for certificate revocation ReSCUeIT offers a secure, verifiable and efficient state management and retrieval system . ReSCUeIT enhanced the standardized Online Certificate Status Protocol (OCSP) and facilitates X.509 compatible certificates to enable this functionality. Both technologies are reliable and secure, e.g. they are used in the Internet for SSL webserver certificates. All functions have been implemented as Web Services and their interworking is best shown in our dedicated demonstrator web-based GUI . Additionally, the use of these services has been documented with code snippets in JAVA and as BPEL process models.
Sanitizable Signatures have extensively been researched in RESCUE IT with respect to their speed , their applicability to the XML domain and in particular their legal implications . This resulted in numerous adjustments of cryptographic properties to fulfil the high legal requirements for digital signatures of EU regulations to the highest possible extend allowing RESCUE IT participants to generate sanitizable signatures with a high value of legal evidence. All the methods have been cryptographically proven to be as strong as the underlying unforgeable signature scheme, i.e., RSA-PSS.
We have implemented them all as Web Services allowing for an easy integration and flexible deployment. We build an individual prototype with a web-based GUI to showcase the generation of a classical signature on a purchase order and we can also show the generation of a sanitizable signature on a report of a laboratory , as well as the lifecycle management components , in more detail.
Contingency Revisited: Secure Construction and Legal Implications of Verifiably Weak Integrity
In IFIP Advances in Information and Communication Technology (IFIP AICT) , page 136-150., , and , editor, Trust Management VII Volume 401 of
Publisher: Springer Berlin Heidelberg,
Note: This is the preliminary version of the original publication.
Efficient and Perfectly Unlinkable Sanitizable Signatures without Group Signatures
In Lecture Notes in Computer Science (LNCS) , page 12-30.and , editor, Proc. of the 10th European Workshop: Public Key Infrastructures, Services and Applications (EuroPKI 2013) Volume 8341 of
Publisher: Springer Berlin Heidelberg,
Note: This is an preliminary version of the original publication. The original publication is available at springerlink.com.
Malleable Signatures for Resource Constrained Platforms
In Lecture Notes in Computer Science (LNCS) , page 18-33.and , editor, Information Security Theory and Practice. Security of Mobile and Cyber-Physical Systems Volume 7886 of
Note: This is an preliminary version of the original publication.
Scope of Security Properties of Sanitizable Signatures Revisited
Proc. of the 8th International Conference on Availability, Reliability and Security (ARES 2013) , page 188-197.
Note: This is an preliminary version of the original publication. The original publication is available at ieeexplore.ieee.org.
Rechtsfolgen editierbarer SignaturenDatenschutz und Datenrecht (DuD), Volume 36(6):485-491
Flexible Redactable Signature Schemes for Trees --- Extended Security Model and Construction
Proc. of the International Conference on Security and Cryptography (SECRYPT 2012) , page 113-125.
Non-Interactive Public Accountability for Sanitizable Signatures
Proc. of the 9th European PKI Workshop: Research and Applications (EuroPKI 2012) Volume 7868 of Lecture Notes in Computer Science (LNCS) , page 178.
Note: This is an extended and revised version of the original publication.
On Structural Signatures for Tree Structured Data
Proc. of the 10th International Conference on Applied Cryptography and Network Security (ACNS 2012) of Lecture Notes in Computer Science (LNCS)
Note: This is an extended and revised version of the original publication. The original publication is available at www.springerlink.com
Redactable Signatures for Independent Removal of Structure and Content
Proc. of the 8th International Conference on Information Security Practice and Experience (ISPEC 2012) of LNCS
Sticky Signatures: Legal Advantages of Redactable Signatures and Credentials in the Food Supply Chain
Proc. of the 5th Interdisciplinary Conference on Current Issues in IT Security 2012 of Interdisciplinary Series of the Max Planck Institute for Foreign and International Criminal Law
Publisher: Dunker & Humblot, Berlin,
The Role of Data Integrity in EU Digital Signature Legislation - Achieving Statutory Trust for Sanitizable Signature Schemes
Proc. of 7th International Workshop on Security and Trust Management (STM 2011) Volume 7170 of LNCS , page 175-192.
Indistinguishability of One-Way Accumulators
Document number: MIP-1210
Faculty of Computer Science and Mathematics (FIM), University of Passau,