Valtteri Niemi

Bio: Valtteri Niemi is an academic researcher from Helsinki Institute for Information Technology. The author has contributed to research in topics: Authentication & Encryption. The author has an hindex of 30, co-authored 170 publications receiving 3213 citations. Previous affiliations of Valtteri Niemi include Nokia & University of Turku.

UMTS Networks: Architecture, Mobility and Services

Abstract: From the Publisher: UMTS (Universal Mobile Telecommunication Services) systems are third-generation systems designed for multimedia communication. Traditionally mobile systems books have concentrated on the radio interface issues. Although the radio interface in any cellular system is extremely important it is only one part of a very large and sophisticated cellular system such as the third-generation system. UMTS Network provides a comprehensive introduction and reference to third-generation mobile systems, suitable for individuals at a variety of knowledge levels.

Secure Vickrey auctions without threshold trust

Abstract: We argue that threshold trust is not an option in most of the real-life electronic auctions. We then propose two new cryptographic Vickrey auction schemes that involve, apart from the bidders and the seller S, an auction authority A so that unless S and A collude the outcome of auctions will be correct, and moreover, S will not get any information about the bids, while A will learn bid statistics. Further extensions make it possible to decrease damage that colluding S and A can do, and to construct (m + 1)st price auction schemes. The communication complexity between the S and A in medium-size auctions is at least one order of magnitude less than in the Naor-Pinkas-Sumner scheme.

Practical attacks against privacy and availability in 4G/LTE mobile communication systems

Abstract: Mobile communication systems now constitute an essential part of life throughout the world. Fourth generation "Long Term Evolution" (LTE) mobile communication networks are being deployed. The LTE suite of specifications is considered to be significantly better than its predecessors not only in terms of functionality but also with respect to security and privacy for subscribers. We carefully analyzed LTE access network protocol specifications and uncovered several vulnerabilities. Using commercial LTE mobile devices in real LTE networks, we demonstrate inexpensive, and practical attacks exploiting these vulnerabilities. Our first class of attacks consists of three different ways of making an LTE device leak its location: A semi-passive attacker can locate an LTE device within a 2 sq.km area within a city whereas an active attacker can precisely locate an LTE device using GPS co-ordinates or trilateration via cell-tower signal strength information. Our second class of attacks can persistently deny some or all services to a target LTE device. To the best of our knowledge, our work constitutes the first publicly reported practical attacks against LTE access network protocols. We present several countermeasures to resist our specific attacks. We also discuss possible trade-offs that may explain why these vulnerabilities exist and recommend that safety margins introduced into future specifications to address such trade-offs should incorporate greater agility to accommodate subsequent changes in the trade-off equilibrium.

A system for ensuring encrypted communication after handover

Abstract: A fraudulent intruder can eavesdrop on a call by removing information about an encryption algorithm when a multimode mobile station sends an unpro-tected initial signaling message containing this information over the radio interface to the mobile telecommunications system. The attempt can be pre-vented in a universal mobile telecommunications system (UMTS) comprising at least two radio access networks providing mobile stations with access to at least one core network, a multimode mobile station, and at least one core network. During connection setup with a first radio access network, the mul-timode mobile station sends an unprotected initial signaling message that includes information about those encryption algorithms that the multimode mobile station supports when it communicates in a second radio access network. The first radio access network saves some or all the information of it. Then it composes and sends an integrity-protected message that includes information about the encryption algorithms supported by the multimode mobile station in the second radio access network.

Internet of Things in the 5G Era: Enablers, Architecture, and Business Models

Abstract: The IoT paradigm holds the promise to revolutionize the way we live and work by means of a wealth of new services, based on seamless interactions between a large amount of heterogeneous devices. After decades of conceptual inception of the IoT, in recent years a large variety of communication technologies has gradually emerged, reflecting a large diversity of application domains and of communication requirements. Such heterogeneity and fragmentation of the connectivity landscape is currently hampering the full realization of the IoT vision, by posing several complex integration challenges. In this context, the advent of 5G cellular systems, with the availability of a connectivity technology, which is at once truly ubiquitous, reliable, scalable, and cost-efficient, is considered as a potentially key driver for the yet-to emerge global IoT. In the present paper, we analyze in detail the potential of 5G technologies for the IoT, by considering both the technological and standardization aspects. We review the present-day IoT connectivity landscape, as well as the main 5G enablers for the IoT. Last but not least, we illustrate the massive business shifts that a tight link between IoT and 5G may cause in the operator and vendors ecosystem.

A secure and optimally efficient multi-authority election scheme

Abstract: In this paper we present a new multi-authority secret-ballot election scheme that guarantees privacy, universal verifiability, and robustness. It is the first scheme for which the performance is optimal in the sense that time and communication complexity is minimal both for the individual voters and the authorities. An interesting property of the scheme is that the time and communication complexity for the voter is independent of the number of authorities. A voter simply posts a single encrypted message accompanied by a compact proof that it contains a valid vote. Our result is complementary to the result by Cramer, Franklin, Schoenmakers, and Yung in the sense that in their scheme the work for voters is linear in the number of authorities but can be instantiated to yield information-theoretic privacy, while in our scheme the voter's effort is independent of the number of authorities but always provides computational privacy-protection. We will also point out that the majority of proposed voting schemes provide computational privacy only (often without even considering the lack of information-theoretic privacy), and that our new scheme is by far superior to those schemes.

Applied cryptography, second edition : protocols, algorithms,and source code in C

Abstract: Part I—Cryptographic Protocols Chapter 2—Protocol Building Blocks 2.

General data protection regulation

Abstract: Presentacio sobre l'Oficina de Proteccio de Dades Personals de la UAB i la politica Open Science. Va formar part de la conferencia "Les politiques d'Open Data / Open Acces: Implicacions a la recerca" orientada a investigadors i gestors de projectes europeus que va tenir lloc el 20 de setembre de 2018 a la Universitat Autonoma de Barcelona