Security Challenges and Solutions for Ubiquitous Networks

Dave Singelée

K.U.Leuven – ESAT/COSIC

LICT Industrial Affiliation Day February 10, 2012

Outline of the talk

• Who are we?

• Ubiquitous networks

• Security and privacy challenges

• Cryptographic solutions

– Threshold cryptography

– Lightweight cryptography

– Efficient implementations of cryptographic primitives

• Conclusion

Electrical Engineering-

ESAT

ELECTA PSI MICAS SCD

SISTA COSIC DOCARCH

TELEMIC INSYS

Bart Preneel Ingrid Verbauwhede Vincent Rijmen

COSIC: COmputer Security and Industrial Cryptography Founded in 1978

Claudia Diaz

COSIC - Research

Fundamental research in discrete mathematics

Cryptographic algorithms: design and cryptanalysis

Cryptographic protocols: design and cryptanalysis

Efficient and secure implementations

number theoretic algorithms, Boolean functions, secure multi-party computation, secret sharing

block ciphers, stream ciphers, hash functions, MAC algorithms, (hyper)-elliptic curve cryptography e.g.: AES, RIPEMD-160, HAMSI

entity authentication, credentials, oblivious transfer,

• software: block ciphers, point counting algorithms • hardware: FPGA and ASIC • side-channel attacks: power, timing, and electromagnetic analysis, fault attacks

COSIC - Applications Creating electronic equivalent of the real world: confidentiality, digital signature, anonymity, payments, digital right

managements, elections Technologies:

key management: ad hoc networks

anonymous communications and services

software tamper resistance and obfuscation

trusted platforms

multimedia security

RFID / NFC security Applications:

electronic payments and commerce

e-government: electronic ID card, e-voting

car-to-car communications

ehealth 5

Ubiquitous networks

Security and privacy requirements

• Cryptographic requirements

• Confidentiality

• Authenticity

• Availability

• (Location) privacy

• …

• Many design and implementation challenges

Wireless range

• Wireless signal does not stop at the borders of the building …

• Often underestimated

Technological challenges (I)

• Heterogeneous networks

Technological challenges (I)

• Heterogeneous networks

Technological challenges (II)

• Low-cost hardware resources

• Ultra low-power budget

• Limited physical protection

Ubiquitous networks: devices

• Computers, sensors, mobile phones, …

• Small devices

• Mobile

– Personal devices

– Attached to physical objects

• Often unattended

• Lost and/or stolen

– NMBS: +/- 1000 lost mobile phones (2009)

Security challenges

• Wireless communication network

• Low-cost hardware resources

• Ultra low-power budget

• Limited physical protection

• Small + mobile devices

• Can be lost or stolen

• No infrastructure

• Key management, etc.

• Availability (battery exhaustion, …)

• …

Privacy challenges (I)

[A. Juels. RSA Laboratories]

Mr. Jones in 2020 Wig model #4456 (cheap polyester)

Das Kapital and

Communist-

party handbook

1500 Euros

in wallet Serial numbers:

597387,389473

… 30 items

of lingerie

Replacement hip medical part #459382

Privacy challenges (II)

Location privacy

4

6

5

3 2

1

7 8

Cryptographic solutions

• Threshold cryptography (secret sharing)

• Lightweight cryptography

• Efficient, lightweight implementations

• Physically entangled cryptography – Distance bounding protocols

– Physical Unclonable Functions (PUFs)

• Key management schemes

• Pairing protocols

• Privacy enhancing technology

• …

Threshold cryptography

• k out of n secret sharing

• Less than k shares => no information about key

Application: access control

[R. Peeters. COSIC]

Application: access control

Application: access control

Application: access control

Design of cryptographic primitives

• Lightweight, compact cryptographic algorithms

– KATAN (802 GE)

– Present (1075 GE)

– Trivium (2599 GE)

• Lightweight cryptographic protocols

– RFID identification protocols

– Wireless authentication protocols

– Broadcast authentication

• Efficient lightweight implementations

– Within power, area, speed, … budgets

– E.g., ECC processor (0.13µm - 14,566 GE - 7.3µW)

• Trustworthy implementations

– Resistant to side-channel and fault injection attacks

=> BOTH are needed

Embedded crypto implementations

Conclusion

• Characteristics of ubiquitous networks

• Various security and privacy challenges

• Conventional techniques cannot be used

• Lightweight solutions and implementations are needed

• Dedicated (cryptographic) solutions exist

• Active area of research

Questions

Contact information

ESAT / SCD - COSIC • Prof. Bart Preneel

• Prof. Ingrid Verbauwhede

• Prof. Vincent Rijmen

• Prof. Claudia Diaz

• Dave.Singelee@esat.kuleuven.be

• http://www.esat.kuleuven.be/cosic/

• K.U.Leuven, ESAT / SCD - COSIC

Kasteelpark Arenberg 10, bus 2446

B-3001 Leuven-Heverlee