Wouter Teepe

Learn More
When companies interchange information about individuals, privacy is at stake. On the basis of the purpose of the information interchange, rules can be designed for an agent (Alter-ego) to determine whether the requested information can be provided. This purpose can be derived from a WorkFlow specification according to which employees (agents) of one(More)
This paper introduces and describes new protocols for proving knowledge of secrets without giving them away: if the verifier does not know the secret, he does not learn it. This can all be done while only using one-way hash functions. If also the use of encryption is allowed, these goals can be reached in a more efficient way. We extend and use the GNY(More)
On March 7, 2008 researchers and students of the Digital Security group of the Radboud University Nijmegen have discovered a serious security flaw in a widely used type of contactless smartcard [9], also called RFID tag. It concerns the " Mifare Classic " RFID card produced by NXP (formerly Philips Semiconductors). Earlier, German researchers Karsten Nohl(More)
We show that BAN logic, an epistemic logic for analyzing security protocols, contains an inference rule that wrongly ascribes a certain property to cryptographic hash functions. This faulty inference rule makes the BAN logic not 'sound'. That is, it is possible to derive counterintuitive beliefs which cannot be computationally justified. We will prove this(More)
BAN logic, an epistemic logic for analyzing security protocols, contains an unjustifiable inference rule. The inference rule assumes that possession of H (X) (i.e., the cryptographic hash value of X) counts as a proof of possession of X , which is not the case. As a result, BAN logic exhibits a problematic property, which is similar to unsoundness, but not(More)