Catálogo de publicaciones - libros

This extended abstract describes an alternative to trusting individual nodes in pervasive systems, which is to exploit the diversity of nodes in such systems to build application ensembles that are collectively trustworthy. These configurations are resilient to high levels of attack, and are not dependent on large pre-distribution key-spaces.

In this paper, we consider a multi-layer mobile ad-hoc network (MANET) composed of several kinds of networking units (such as ground soldiers, tanks, and unmanned aerial vehicles) with heterogeneous resources to communicate and compute. In this multi-layer MANET, we first propose a password-based authenticated group key exchange scheme with members’ different passwords. The proposed scheme only requires constant-round to generate a group session key under the dynamic scenario, hence it is scalable, i.e., the overhead of key generation is independent of the size of a total group. We support the proposed scheme with formal security proof. Namely, our proposed scheme is the first constant-round password-based group key exchange with different passwords for the dynamic setting of MANET.

The pervasive computing paradigm assumes an essentially dynamic model of interaction between devices that also motivates the need to discover the services offered by previously unknown parties at an early phase of these interactions. Whereas this assumption is at the heart of many pervasive computing protocols and systems, the necessity of securing service discovery and the complexity of this task have been largely underestimated, if considered at all. This paper discusses the implications of insecure service discovery in available systems and which security objectives should be pursued. The design space for introducing security features into a specific architecture, namely registry-based discovery systems, is then explored and assessed.

We propose a set of security provisions for node to base station communication in wireless sensor networks. It supports standard security requirements, viz. authentication of the origin of data and confidentiality of data. Additionally we use key evolution to achieve forward security which is of particular importance in the face of node capture attacks. As a bonus we obtain implicit weak freshness without message expansion. We take the typical resource constraints of wireless sensor networks into account. The security provisions can be superimposed on several communication models, such as the epidemic communication model.

In this work, we present a vulnerability in monoprocess or monothreaded servers that allows the execution of DoS attacks with the peculiarity that they are generated by low rate traffic. This feature makes the attack less vulnerable to detection by current IDS systems, which usually expect high rate traffic. The intruder can take advantage of some knowledge about the inter-output times in the server to build the attack. We have simulated and tested it in a real environment, obtaining worrying conclusions due to the efficiency achieved by the attack, with low effort from the attacker.

Logging is a central service in computing systems. It lays the foundation for accountability and audit services in computing systems, as well as for other accessory services. While providing logging services in traditional computing systems is a relatively smooth process, it turns to an intricate task in pervasive computing systems. In this context, we present two contributions addressing this problem. First, we develop an approach to securely log information in marginally trusted collectors. Second, we investigate the question of how to securely delegate our logging protocol to a relay equipped with trusted-computing modules.

Multivariate (or $\mathcal{MQ}$ ) public-key cryptosystems (PKC) are alternatives to traditional PKCs based on large algebraic structures (e.g., RSA and ECC); they usually execute much faster than traditional PKCs on the same hardware. However, one major challenge in implementing multivariates in embedded systems is that the key size can be prohibitively large for applications with stringent resource constraints such as low-cost smart cards, sensor networks (e.g., Berkeley motes), and radio-frequency identification (RFID). In this paper, we investigate strategies for shortening the key of a multivariate PKC. We apply these strategies to the Tame Transformation Signatures (TTS) as an example and quantify the improvement in key size and running speed, both theoretically and via implementation. We also investigate ways to save die space and energy consumption in hardware, reporting on our ASIC implementation of TTS on a TSMC 0.25 μ m process. Even without any key shortening, the current consumption of TTS is only 21  μ A for computing a signature, using 22,000 gate equivalents and 16,000 100-kHz cycles (160 ms). With circulant-matrix key shortening, the numbers go down to 17,000 gates and 4,400 cycles (44 ms). We therefore conclude: besides representing a future-proofing investment against the emerging quantum computers, multivariates can be immediately useful in niches.

In this paper, we are concerned with the detection software faults and tampering of the mobile application as well as the mobile device theft. We want to disable mobile device cryptographically once either of these problems are detected. Basically the device needs to receive a new cryptographic key after each pre-set period of time in order to continue function. The mobile application execution integrity is checked by the authority when deciding whether or not to give out a new key. The detection can be done via a run-time result checking when the device connects to the authority. The authority can also proactively examine whether or not software tampering is happening. This paper will show approaches that each standalone can improve the dependability and security of a mobile application. We will show how these approaches can work together seamlessly to form a stronger scheme.

Most security protocols for wireless sensor networks (WSN) assume that the adversary can gain full control over a sensor node through direct physical access (node capture attack). But so far the amount of effort an attacker has to undertake in a node capture attack is unknown. In our project we evaluate different physical attacks against sensor node hardware. Detailed knowledge about the effort needed for physical attacks allows to fine tune security protocols in WSNs so they provide optimal protection at minimal cost.

The success of Ambient Intelligence (AmI) will depend on how secure it can be made, how privacy and other rights of individuals can be protected and how individuals can come to trust the intelligent world that surrounds them and through which they move. This contribution presents an analysis of ambient intelligence scenarios, particularly in regard to AmI’s impacts on and implications for individual privacy. The analysis draws on our review of more than 70 AmI projects, principally in Europe. It notes the visions as well as the specifics of typical AmI scenarios. Several conclusions can be drawn from the analysis, not least of which is that most AmI scenarios depict a rather too sunny view of our technological future. Finally, reference is made to the SWAMI project (Safeguards in a World of Ambient Intelligence) which, inter alia, has constructed ”dark” scenarios, as we term them, to show how things can go wrong in AmI and where safeguards are needed.