The research project is called "Lightweight privacY-enhancing cRyptography for mobIle Contactless Services" or LYRICS, and it is funded by the French National Research Agency (ANR).
The objective of the lightweight privacy-enhancing cryptography for mobile contactless services is to enable end users to securely access and operate contactless services in a privacy-preserving manner that is, without having to disclose their identity or any other unnecessary information related to personal data. More specifically, the companies intend to design new solutions that achieve the two fundamental privacy principles that are data minimization and data sovereignty. The data minimization (or minimal disclosure) principle states that only the information that is strictly necessary to complete a particular transaction should be disclosed (and nothing more). In practice, this means that the user should never have to give away more information than necessary for accessing and performing a specific contactless service. The data sovereignty principle states that the piece of information related to an individual totally belongs to her and that she should remain in full control of how these data are used, by whom and for which purpose.
Cryptography-based technologies exist that partially respond to these requirements in some contexts. Yet none of these has been specifically designed for contactless transactions, where being offline, ensuring very low latency and being limited to constrained resources are major issues. LYRICS intends to overcome these deadlocks by providing an open, general-purpose architecture for privacy-preserving contactless services and a set of new cryptographic mechanisms for implementing and deploying these services on NFC-enabled mobile phones.
The consortium members are the following:
EB LIFO / ENSI de Bourges
IRISA / Universite de Rennes
MoDyCo UMR 7114
France Telecom (Orange Labs)