Frank Stajano

Location privacy in pervasive computing

As location-aware applications begin to track our movements in the name of convenience, how can we protect our privacy? This article introduces the mix zone-a new construction inspired by anonymous communication techniques-together with metrics for assessing user anonymity. It is based on frequently changing pseudonyms.

The Quest to Replace Passwords: A Framework for Comparative Evaluation of Web Authentication Schemes

We evaluate two decades of proposals to replace text passwords for general-purpose user authentication on the web using a broad set of twenty-five usability, deployability and security benefits that an ideal scheme might provide. The scope of proposals we survey is also extensive, including password management software, federated login protocols, graphical password schemes, cognitive authentication schemes, one-time passwords, hardware tokens, phone-aided schemes and biometrics. Our comprehensive approach leads to key insights about the difficulty of replacing passwords. Not only does no known scheme come close to providing all desired benefits: none even retains the full set of benefits that legacy passwords already provide. In particular, there is a wide range from schemes offering minor security benefits beyond legacy passwords, to those offering significant security benefits in return for being more costly to deploy or more difficult to use. We conclude that many academic proposals have failed to gain traction because researchers rarely consider a sufficiently wide range of real-world constraints. Beyond our analysis of current schemes, our framework provides an evaluation methodology and benchmark for future web authentication proposals.

Mix zones: user privacy in location-aware services

Privacy of personal location information is becoming an increasingly important issue. We refine a method, called the mix zone, developed to enhance user privacy in location-based services. We improve the mathematical model, examine and minimise computational complexity and develop a method of providing feedback to users.

Security in Pervasive Computing

The audience of SPC 2003 needs no introduction to the Mark Weiser vision of ubiquitous computing: the etymological meaning of ”computing present or found everywhere” is not to be taken in the narrow sense of ”a computer on every desk” but rather in that of embedding computing and communication capabilities into all the everyday objects that surround us.

The Resurrecting Duckling: security issues for ubiquitous computing

Imagine the future: hundreds of embedded computers per person, all cooperating via ad hoc wireless networks. What will the security implications be? Peer-to-peer and ubiquitous computing systems involve many principals, but their network connectivity is intermittent and not guaranteed. Traditional approaches to authentication, from Kerberos to public-key certificates, are therefore unworkable, because they rely on online connectivity to an authentication or revocation server. The paper considers new solutions. It discusses the Resurrecting Duckling security policy model. The traditional taxonomy of security threats identifies three main classes which are considered: confidentiality, integrity or availability.

Smart bridges, smart tunnels: Transforming wireless sensor networks from research prototypes into robust engineering infrastructure

We instrumented large civil engineering infrastructure items, such as bridges and tunnels, with sensors that monitor their operational performance and deterioration. In so doing we discovered that commercial offerings of wireless sensor networks (WSNs) are still geared towards research prototypes and are currently not yet mature for deployment in practical scenarios. We distill the experience gained during this 3-year interdisciplinary project into specific advice for researchers and developers. We discuss problems and solutions in a variety of areas including sensor hardware, radio propagation, node deployment, system security and data visualization. We also point out the problems that are still open and that the community needs to address to enable widespread adoption of WSNs outside the research lab.

The Cocaine Auction Protocol: On the Power of Anonymous Broadcast

Traditionally, cryptographic protocols are described as a sequence of steps, in each of which one principal sends a message to another. It is assumed that the fundamental communication primitive is necessarily one-to-one, so protocols addressing anonymity tend to resort to the composition of multiple elementary transmissions in order to frustrate traffic analysis.

Passwords and the evolution of imperfect authentication

Theory on passwords has lagged practice, where large providers use back-end smarts to survive with imperfect technology.

Location privacy in bluetooth

We discuss ways to enhance the location privacy of Bluetooth. The principal weakness of Bluetooth with respect to location privacy lies in its disclosure of a device’s permanent identifier, which makes location tracking easy. Bluetooth’s permanent identifier is often disclosed and it is also tightly integrated into lower layers of the Bluetooth stack, and hence susceptible to leakage. We survey known location privacy attacks against Bluetooth, generalize a lesser-known attack, and describe and quantify a more novel attack. The second of these attacks, which recovers a 28-bit identifier via the device’s frequency hop pattern, requires just a few packets and is practicable. Based on a realistic usage scenario, we develop an enhanced privacy framework with stronger unlinkability, using protected stateful pseudonyms and simple primitives.

Multichannel Security Protocols

Multichannel security protocols transmit messages over multiple communication channels, taking into account each channels security properties. Our first intentional use of these protocols goes back to a 1999 article that proposed physical contact for imprinting as opposed to the wireless channel used in subsequent operations. Only later did we understand three key points. First, explicit use of multiple channels in the same protocol can offer significant advantages for both security and usability. Second, explicitly stating the properties of the channel on which each protocol message is transmitted is useful for understanding ones own protocol in greater depth and therefore for addressing subtle vulnerabilities early on. Third, multichannel protocols existed long before we recognized them as such - think of the courier handcuffed to the briefcase carrying the code book that will later protect postal or telegraphic traffic. The paper presents a security protocol that exploit additional transmissions over lower-capacity channels, typically found in ubicomp environments, that offer a different combination of security properties.