File(s) not publicly available

CTRL-PACE: Controlled Randomness for e-Passport Password Authentication

journal contribution
posted on 2023-11-29, 18:07 authored by Lucjan HanzlikLucjan Hanzlik, Kamil Kluczniak, Miroslaw Kutylowski
Security of many cryptographic protocols is conditioned by the quality of the random elements generated in the course of the protocol execution. On the other hand, cryptographic devices implementing these protocols are designed given technical limitations, usability requirements and cost constraints. This frequently results in a black box solution. Unfortunately, black box random number generators may enable creating backdoors for stealing signing keys, breaking authentication protocols and encrypted communication. In this paper we deal with this problem and extend our approach proposed during MYCRYPT’2016. The solution discussed is generating random parameters so that: (a) the protocols are backwards compatible (a user gets additional data that can be simply ignored), (b) verification of randomness might be executed any time without notice, so a device is forced to behave honestly, (c) the solution makes almost no intrusion in the existing protocols and is easy to implement, (d) the owner of a cryptographic device becomes secured against its designer and manufacturer that may even predict the output of the generator. In this paper we focus on a case when Diffie-Hellman protocol is executed for a generator that itself is a secret – this case has not been solved in our paper from MYCRYPT’2016. On the other hand, exactly this case occurs for the PACE protocol from the ICAO standard specifying electronic travel documents. For the sake of the proof we develop a framework of nested security games that aims to enable security proofs of modified protocols without redoing the proofs designed for their original versions.


Preferred Citation

Lucjan Hanzlik, Kamil Kluczniak and Miroslaw Kutylowski. CTRL-PACE: Controlled Randomness for e-Passport Password Authentication. In: Fundamenta Informaticae. 2019.

Primary Research Area

  • Algorithmic Foundations and Cryptography

Legacy Posted Date



Fundamenta Informaticae

Open Access Type

  • Unknown

Sub Type

  • Article


@article{cispa_all_3112, title = "CTRL-PACE: Controlled Randomness for e-Passport Password Authentication", author = "Hanzlik, Lucjan and Kluczniak, Kamil and Kutylowski, Miroslaw", journal="{Fundamenta Informaticae}", year="2019", }

Usage metrics


    No categories selected


    Ref. manager