Book ChapterDOI
The Resurrecting Duckling: Security Issues for Ad-hoc Wireless Networks
Frank Stajano,Frank Stajano,Ross Anderson +2 more
- pp 172-194
Reads0
Chats0
TLDR
A resurrecting duckling security policy model is presented, which describes secure transient association of a device with multiple serialised owners over the air in a short range wireless channel.Abstract:
In the near future, many personal electronic devices will be able to communicate with each other over a short range wireless channel. We investigate the principal security issues for such an environment. Our discussion is based on the concrete example of a thermometer that makes its readings available to other nodes over the air. Some lessons learned from this example appear to be quite general to ad-hoc networks, and rather different from what we have come to expect in more conventional systems: denial of service, the goals of authentication, and the problems of naming all need re-examination. We present the resurrecting duckling security policy model, which describes secure transient association of a device with multiple serialised owners.read more
Citations
More filters
Journal ArticleDOI
Shake Well Before Use: Intuitive and Secure Pairing of Mobile Devices
Rene Mayrhofer,Hans Gellersen +1 more
TL;DR: Two concrete methods are presented, ShaVe and ShaCK, in which sensing and analysis of shaking movement is combined with cryptographic protocols for secure authentication, which are based on initial key exchange followed by exchange and comparison of sensor data for verification of key authenticity.
Proceedings ArticleDOI
Key infection: smart trust for smart dust
TL;DR: It is argued that, in distributed systems where the opponent can subvert any small proportion of nodes, it is more economic to invest in resilience than inBootstrapping, and may start to challenge the common belief that authentication is substantially about bootstrapping trust.
Book ChapterDOI
Secure communications over insecure channels based on short authenticated strings
TL;DR: A way to establish peer-to-peer authenticated communications over an insecure channel by using an extra channel which can authenticate very short strings, e.g. 15 bits, which offers an alternative (or complement) to public-key infrastructures, since it no longer need any central authority, and to password-based authenticated key exchange, since one no longer needs to establish a confidential password.
Book ChapterDOI
On Trust Establishment in Mobile Ad-Hoc Networks
TL;DR: In this article, the authors present some properties of trust establishment in mobile, ad-hoc networks and illustrate how they differ from those of trust established in the Internet, and motivate these differences by providing an example of ad hoc network use in battlefield scenarios, yet equally practical examples can be found in non-military environments.
Proceedings Article
Efficient Distribution of Key Chain Commitments for Broadcast Authentication in Distributed Sensor Networks
Donggang Liu,Peng Ning +1 more
TL;DR: A novel technique to replace the unicast-based initialization with a broadcast-based one is presented, which satisfies several nice properties, including low overhead, tolerance of message loss, scalability to large networks, and resistance to replay attacks as well as some known Denial of Service (DOS) attacks.
References
More filters
Journal ArticleDOI
New Directions in Cryptography
TL;DR: This paper suggests ways to solve currently open problems in cryptography, and discusses how the theories of communication and computation are beginning to provide the tools to solve cryptographic problems of long standing.
Integrity Considerations for Secure Computer Systems
TL;DR: The author identifies the integrity problems posed by a secure military computer utility and integrity policies addressing these problems are developed and their effectiveness evaluated.
Tamper resistance: a cautionary note
Ross Anderson,Markus G. Kuhn +1 more
TL;DR: It is concluded that trusting tamper resistance is problematic; smartcards are broken routinely, and even a device that was described by a government signals agency as 'the most secure processor generally available' turns out to be vulnerable.
Book ChapterDOI
Low Cost Attacks on Tamper Resistant Devices
Ross Anderson,Markus G. Kuhn +1 more
TL;DR: A number of attacks that can be mounted by opponents with much shallower pockets, such as smart-cards, are described.
Journal Article
Low cost attacks on tamper resistant devices
Ross Anderson,Markus G. Kuhn +1 more
TL;DR: In this article, the authors describe a number of attacks that can be mounted by opponents with much shallower pockets, three of them involve special (but low cost) equipment: differential fault analysis, chip rewriting, and memory remanence.