Hannes Hartenstein

Bio: Hannes Hartenstein is an academic researcher from Karlsruhe Institute of Technology. The author has contributed to research in topics: Vehicular ad hoc network & Wireless ad hoc network. The author has an hindex of 55, co-authored 234 publications receiving 14515 citations. Previous affiliations of Hannes Hartenstein include University of Mannheim & University of Freiburg.

10402 Report - Working Group on Fundamental Limits and Opportunities.

Abstract: This working group investigated first steps towards finding a theoretical foundation for inter-vehicle communication. The main outcome is a sketch of a roadmap for future work in this direction.

On CRDTs in Byzantine Environments

Abstract: Conflict-free Replicated Data Types (CRDTs) allow updates to be applied to different replicas independently and concurrently, without the need for a remote conflict resolution. Thus, they provide a building block for scalability and performance of fault-tolerant distributed systems. Currently, CRDTs are typically used in a crash fault setting for global scale, partition-tolerant, highly available databases or collaborative applications. In this paper, we explore the use of CRDTs in Byzantine environments. This exploration is inspired by the popular Matrix messaging system: as recently shown, the underlying Matrix Event Graph replicated data type represents a CRDT that can very well deal with Byzantine behavior. This “Byzantine Tolerance” is due to mechanisms inherent in CRDTs and in the hash-based directed acyclic graph (HashDAG) data structure used in Matrix. These mechanisms restrict Byzantine behavior. We, therefore, discuss Byzantine behavior in a context of CRDTs, and how the notion of Byzantine tolerance relates to equivocation. We show that a subclass of CRDTs is equivocation-tolerant, i.e., without equivocation detection, prevention or remediation, this subclass still fulfills the CRDT properties, which leads to Byzantine tolerance. We conjecture that an operation-based Byzantine-tolerant CRDT design supporting non-commutative operations needs to be based on a HashDAG data structure. We close the paper with thoughts on chances and limits of this data type.

User-centric management of distributed credential repositories: balancing availability and vulnerability

Abstract: To relieve users of the burden to memorize and manage their credentials while allowing for seamless roaming between various end devices, the idea of so-called credential repositories that store credentials for users came to attention. Both the risk of the credential repository being unavailable and the risk of the credentials becoming compromised are managed by the party that hosts the credential repository and that has to be trusted by the user. Removing the need for a trust relationship to a single party implies that users have to manage the risks themselves, for instance, by splitting the credentials across multiple systems/parties. However, if the systems differ in terms of availability and vulnerability, determining a suitable splitting strategy to manage the tradeoff between credential availability and vulnerability constitutes a complex problem. In this paper we present CREDIS, an approach that supports the user in building a credential repository based on heterogeneous systems that differ in terms of vulnerability and availability. CREDIS enables users to specify requirements on the availability and the vulnerability of the distributed credential repository and determines an optimal strategy on how to split secrets across the heterogeneous systems. We prove the NP-hardness of finding an optimal strategy, introduce an approach based on Integer Linear Programming to find optimal strategies for medium sized scenarios and propose heuristics for larger ones. We show that the CREDIS approach yields a reasonably secure and available credential repository even when the distributed repository is built based on low-grade devices or systems.

Random graphs

Abstract: We will review some of the major results in random graphs and some of the more challenging open problems. We will cover algorithmic and structural questions. We will touch on newer models, including those related to the WWW.

Spray and wait: an efficient routing scheme for intermittently connected mobile networks

Abstract: Intermittently connected mobile networks are sparse wireless networks where most of the time there does not exist a complete path from the source to the destination. These networks fall into the general category of Delay Tolerant Networks. There are many real networks that follow this paradigm, for example, wildlife tracking sensor networks, military networks, inter-planetary networks, etc. In this context, conventional routing schemes would fail.To deal with such networks researchers have suggested to use flooding-based routing schemes. While flooding-based schemes have a high probability of delivery, they waste a lot of energy and suffer from severe contention, which can significantly degrade their performance. Furthermore, proposed efforts to significantly reduce the overhead of flooding-based schemes have often be plagued by large delays. With this in mind, we introduce a new routing scheme, called Spray and Wait, that "sprays" a number of copies into the network, and then "waits" till one of these nodes meets the destination.Using theory and simulations we show that Spray and Wait outperforms all existing schemes with respect to both average message delivery delay and number of transmissions per message delivered; its overall performance is close to the optimal scheme. Furthermore, it is highly scalable retaining good performance under a large range of scenarios, unlike other schemes. Finally, it is simple to implement and to optimize in order to achieve given performance goals in practice.

Dedicated Short-Range Communications (DSRC) Standards in the United States

Abstract: Wireless vehicular communication has the potential to enable a host of new applications, the most important of which are a class of safety applications that can prevent collisions and save thousands of lives. The automotive industry is working to develop the dedicated short-range communication (DSRC) technology, for use in vehicle-to-vehicle and vehicle-to-roadside communication. The effectiveness of this technology is highly dependent on cooperative standards for interoperability. This paper explains the content and status of the DSRC standards being developed for deployment in the United States. Included in the discussion are the IEEE 802.11p amendment for wireless access in vehicular environments (WAVE), the IEEE 1609.2, 1609.3, and 1609.4 standards for Security, Network Services and Multi-Channel Operation, the SAE J2735 Message Set Dictionary, and the emerging SAE J2945.1 Communication Minimum Performance Requirements standard. The paper shows how these standards fit together to provide a comprehensive solution for DSRC. Most of the key standards are either recently published or expected to be completed in the coming year. A reader will gain a thorough understanding of DSRC technology for vehicular communication, including insights into why specific technical solutions are being adopted, and key challenges remaining for successful DSRC deployment. The U.S. Department of Transportation is planning to decide in 2013 whether to require DSRC equipment in new vehicles.

PORs: Proofs of Retrievability for Large Files

Abstract: In this paper, we define and explore proofs of retrievability (PORs). A POR scheme enables an archive or back-up service (prover) to produce a concise proof that a user (verifier) can retrieve a target file F, that is, that the archive retains and reliably transmits file data sufficient for the user to recover F in its entirety.A POR may be viewed as a kind of cryptographic proof of knowledge (POK), but one specially designed to handle a large file (or bitstring) F. We explore POR protocols here in which the communication costs, number of memory accesses for the prover, and storage requirements of the user (verifier) are small parameters essentially independent of the length of F. In addition to proposing new, practical POR constructions, we explore implementation considerations and optimizations that bear on previously explored, related schemes.In a POR, unlike a POK, neither the prover nor the verifier need actually have knowledge of F. PORs give rise to a new and unusual security definition whose formulation is another contribution of our work.We view PORs as an important tool for semi-trusted online archives. Existing cryptographic techniques help users ensure the privacy and integrity of files they retrieve. It is also natural, however, for users to want to verify that archives do not delete or modify files prior to retrieval. The goal of a POR is to accomplish these checks without users having to download the files themselves. A POR can also provide quality-of-service guarantees, i.e., show that a file is retrievable within a certain time bound.

Securing vehicular ad hoc networks

Abstract: Vehicular networks are very likely to be deployed in the coming years and thus become the most relevant form of mobile ad hoc networks. In this paper, we address the security of these networks. We provide a detailed threat analysis and devise an appropriate security architecture. We also describe some major design decisions still to be made, which in some cases have more than mere technical implications. We provide a set of security protocols, we show that they protect privacy and we analyze their robustness and efficiency.