M. Ufuk Caglayan

Relay Attacks on Bluetooth Authentication and Solutions

We describe relay attacks on Bluetooth authentication protocol. The aim of these attacks is impersonation. The attacker does not need to guess or obtain a common secret known to both victims in order to set up these attacks, merely to relay the information it receives from one victim to the other during the authentication protocol run. Bluetooth authentication protocol allows such a relay if the victims do not hear each other. Such a setting is highly probable. We analyze the attacks for several scenarios and propose practical solutions. Moreover, we simulate attacks to make sure about their feasibility. These simulations show that current Bluetooth specifications do not have defensive mechanisms for relay attacks. However, relay attacks create a significant partial delay during the connection that might be useful for detection.

Measurement-based replanning of cell capacities in GSM networks

Due to the scarcity of the spectral resources and mobility of the portables, the call attempts may be blocked during call initiation or terminated during the hand-off process. When the blocking ratio exceeds some grade of service level, the capacity of the congested cell must be replanned using the call attempt data. However, most of the time, the measurements are inflated by the redials and the retrials. During the replanning process, the first step should be to calculate the effective load from the measured cumulative call statistics. In this paper, we provide simple-to-implement analytical models that compute the average number of retrials and redials per original call attempt using only the operations and maintenance center measurements. The effective load is then determined through appropriate scaling. That way, unnecessary waste of channels to sustain retrials and redials is avoided during the cellular capacity re-planning phase.

Providing destructive privacy and scalability in RFID systems using PUFs

Internet of Things (IoT) emerges as a global network in which any things (including humans and the real world things) having unique identifier can communicate each other. The RFID system has very important role in the IoT system for solving the identification issues of things cost-effectively. However, RFID systems have serious security and privacy issues. In the literature, there are many proposals that aim to solve to security and privacy issues of RFID systems. The common drawback of these solution is scalability because they generally require a linear search on the back-end database in order to identify a tag. Some proposals use tree structures to store the keys. They reduce the search complexity from O(n) to O( log n). However, these protocols are susceptible to compromising attack in which an adversary compromising one tag can reveal the secrets of other tags. That means tree-based protocols can provide only a weak level of privacy. In this paper, we propose a scalable authentication protocol for RFID systems. Our solution utilizes Physically Unclonable Functions (PUFs) in order to achieve higher level of privacy with constant identification time. It provides destructive privacy according to the Vaudenays privacy and security model. It defends against compromising attack by using PUFs as a secure storage to keep secrets of the tag. To the best of our knowledge, it is the first protocol providing such a privacy level with constant identification time.

PUF Based Scalable Private RFID Authentication

In this paper, we propose a privacy-preserving authentication scheme for RFID systems with fast lookup time. Our solution is based on the use of Physically Unclonable Functions (PUFs). Although there are many proposals that addresses the security and privacy issues of RFID, the search efficiency still remains as a challenging issue. A first treebased mutual authentication scheme for RFID systems has been proposed by Molnar and Wagner to solve the search efficiency problem. The large communication overhead of this scheme has been reduced by Dimitriou performing the authentication with one message from the tag to the reader. However, tree-based schemes are vulnerable to tag compromising attack due to lack key-updating mechanism. Therefore, tree-based schemes are weak private in the Vaudenay-Model. In this paper, we present a tree-based authentication protocol for RFID systems that is destructive-private in the Vaudenay-Model. Our proposed scheme provides resistance against tag compromising attack by using PUFs as a secure storage to keep secrets of the tag. Keywords-RFID; Security; Privacy; Authentication; PUF;

Analytical performance evaluation of nested certificates

Abstract The classical certificate systems are computationally inefficient, since they use signature operations based on public key cryptosystems. The nested certificates (A. Levi, Design and performance evaluation of the nested certification scheme and its applications in public key infrastructures, Ph.D. Thesis, Department of Computer Engineering, Bogazici University, Istanbul, Turkey) are proposed to improve the performance of the certificate verification. A nested certificate is a certificate for another, say subject , certificate. The subject certificates can be classical or other nested certificates. A subject certificate can be verified without using the public key cryptosystem operations. In this way, the nested certificates improve the performances of the certificate and certificate path verification. In this paper, analytical formulations and graphical analyses of the computational performance improvement of the nested certificate usage are given for both single subject certificate verification and certificate path verification cases. Moreover, it is also shown that the usage of nested certificates always improves the computational performances of the verification of a single certificate and the verification of a certificate path.

An improved conference-key agreement protocol for dynamic groups with efficient fault correction

The pervasive usage of the Internet has made secure group communications a significant issue. Conference-key agreement protocols provide secure group communications with lower computational cost. Providing key agreements and updates of dynamic groups in an efficient manner is a significant challenge for conference-key agreement protocols. Auxiliary key agreement operations are needed to solve the challenge. In this paper, we propose an improved conference-key agreement protocol, called Dynamic Conference-Key Agreement Protocol, that consists of Initial Conference-Key Agreement Protocol and Auxiliary Conference-Key Agreement operations. Dynamic Conference-Key Agreement Protocol has operations to handle dynamic groups. The proposed protocol has better fault correction and provides the same security level with the existing ones. Copyright

A new RFID authentication protocol with resistance to server impersonation

Security is one of the main issues to adopt RFID technology in daily use. Due to resource constraints of RFID systems, it is very restricted to design a private authentication protocol based on existing cryptographic functions. In this paper, we propose a new RFID authentication protocol. The proposed protocol provides better protection against privacy and security threats than those before. Our proposed protocol is resistant to server impersonation attack introduced in [17]. Former proposal assumes that the adversary should miss any reader-to-tag communication flows and claims that their protocol is secure against forward traceability only in such communication environment. We show that even under such an assumption, the former proposed protocol is not secure. Our proposed protocol is secure against forward traceability, if the adversary misses any reader-to-tag communication flows. Our protocol also has low computational load on both the tag and the server side.

Vulnerabilities of RFID Security Protocol Based on Chaotic Maps

Many RFID authentication protocols have been proposed to provide desired security and privacy level for RFID systems. Almost all of these protocols are based on symmetric cryptography because of the limited resources of RFID tags. Recently Cheng et. Al have proposed an RFID security protocol based on chaotic maps. In this paper, we analyse the security of this protocol and discover its vulnerabilities. We firstly present a de-synchronization attack in which a passive adversary makes the shared secrets out-of-synchronization by eavesdropping just one protocol session. We secondly present a secret disclosure attack in which a passive adversary extracts secrets of a tag by eavesdropping just one protocol session. An adversary having the secrets of the tag can launch some other attacks. Finally, we propose modifications to Cheng et. Als protocol to eliminate its vulnerabilities.

An improved fault-tolerant conference-key agreement protocol with forward secrecy

The pervasive usage of the Internet has made secure group communications a significant issue. Conference key agreement protocols provide secure group communications against some attacks with lower computational cost in the Internet. However, forward secrecy is a challenging issue in the existing protocols, where it is preserved either the long-term key of a participant is compromised. In this study, we propose an improved conference key agreement protocol with forward secrecy. Besides providing forward secrecy, the proposed protocol preserves the same security level with existing ones.

Model checking of location and mobility related security policy specifications in ambient calculus

Verification of security for mobile networks requires specification and verification of security policies in multiple-domain environments. Mobile users present challenges for specification and verification of security policies in such environments. Formal methods are expected to ensure that the construction of a system adheres to its specification. Formal methods for specification and verification of security policies ensure that the security policy is consistent and satisfied by the network elements in a given network configuration. We present a method and a model checking tool for formal specification and verification of location and mobility related security policies for mobile networks. The formal languages used for specification are Predicate Logic and Ambient Calculus. The presented tool is capable of spatial model checking of Ambient Calculus specifications for security policy rules and uses the NuSMV model checker for temporal model checking.