Toni Perković

Secure Initialization of Multiple Constrained Wireless Devices for an Unaided User

A number of protocols and mechanisms have been proposed to address the problem of initial secure key deployment in wireless networks. Most existing approaches work either with a small number of wireless devices (i.e., two) or otherwise rely on the presence of an auxiliary device (such as a programmable camera, computer, or Faraday cage). In this paper, we design a solution that allows a user unaided initialization (free from auxiliary devices) of a relatively large number of wireless devices. The proposed solution is based on a novel multichannel Group message Authentication Protocol (GAP), in which information is transmitted over both a radio and a visible light channel (VLC). A notable feature of GAP is that the information to be authenticated is independent of the short authentication string\o be verified by the user (an indirect binding protocol [28]). This, as we show, results in a lower communication cost compared to existing direct binding protocols. The advantage in terms of the communication cost of our GAP protocol is especially important for power-constrained devices, such as wireless sensor motes. Another appealing feature of GAP is that it is secure in the attacker model where the VLC is semiauthentic, whereas existing protocols consider VLC to be authentic. This is made possible by using joint Manchester-Berger unidirectional error-detection codes that are secure and easy to interpret by a nonspecialist and unaided end user. Our overall key deployment mechanism has minimal hardware requirements: one LED, one button and, of course, a radio transceiver, and is thus suitable for initializing devices with constrained interfaces, such as (multiple) wireless sensor motes. We demonstrate the feasibility of the proposed method via a preliminary usability study. The study indicates that the method has reasonably low execution time, minimal error rate, and is user friendly.

Shoulder-Surfing safe login in a partially observable attacker model

Secure login methods based on human cognitive skills can be classified into two categories based on information available to a passive attacker: (i) the attacker fully observes the entire input and output of a login procedure, (ii) the attacker only partially observes the input and output. Login methods secure in the fully observable model imply very long secrets and/or complex calculations. In this paper, we study three simple PIN-entry methods designed for the partially observable attacker model. A notable feature of the first method is that the user needs to perform a very simple mathematical operation, whereas, in the other two methods, the user performs a simple table lookup. Our usability study shows that all the methods have reasonably low login times and minimal error rates. These results, coupled with low-cost hardware requirements (only earphones), are a significant improvement over existing approaches for this model [9,10]. We also show that side-channel timing attacks present a real threat to the security of login schemes based on human cognitive skills.

Timing Attacks on Cognitive Authentication Schemes

Classical password/PIN-based authentication methods have proven to be vulnerable to a broad range of observation attacks (such as key-logging, video-recording or shoulder surfing attacks). In order to mitigate these attacks, a number of solutions have been proposed, most of them being cognitive authentication schemes (challenge-response protocols that require users to perform some kind of cognitive operations). In this paper, we show successful passive side-channel timing attacks on two cognitive authentication schemes, a well-known Hopper-Blum (HB) protocol and a U.S. patent Mod10 method, previously believed to be secure against observation attacks. As we show, the main security weakness of these methods comes from detectable variations in the users cognitive load that results from cognitive operations during the authentication procedure. We carried out theoretical analysis of both Mod10 and HB methods, as well as an experimental user study of Mod10 method with 58 participants to validate the results of our timing attacks. We also propose security enhancements of these schemes aimed to mitigate the timing side-channel attacks. The proposed enhancements show the existence of a strong tradeoff between security and usability, indicating that the security of cognitive authentication schemes comes at a non-negligible usability cost (e.g., increased overall login time). For this reason, the designers of new cognitive authentication schemes should not ignore possible threats induced by side-channel timing attacks.

LIRA: A new key deployment scheme for Wireless Body Area Networks

A rapid development of the Wireless Body Area Network (WBAN) has become very important for applications in telemedicine and m-health. However, there is still a need to ensure a reliable and secure communication in these systems. In this paper we present a novel multi-channel key deployment scheme for wireless body sensor networks. The proposed key deployment scheme requires no public key cryptography and therefore is suitable for CPU-constrained sensor nodes. The solution is implemented on commercially available wireless sensor nodes while the performance of the system is shown through the experiments with users.

Flashing displays: user‐friendly solution for bootstrapping secure associations between multiple constrained wireless devices

Future healthcare systems, smart homes, and similar will involve a large number of smart inter-connected wireless devices (such as wireless sensor nodes). One of the major challenges to securing these systems presents loading initial cryptographic credentials into a relatively large number of wireless devices. Furthermore, many of these technologies involve low-cost and highly interface constrained devices (lacking usual wired interfaces, displays, keypads, and alike). We propose two novel multichannel key deployment schemes for wireless networks that only require a presence of a light source device, such as a multi-touch screen (tablet or smartphone device). The first key deployment scheme is based on secret key cryptography and is suitable for interface/resource-constrained wireless devices. The second scheme assumes a strong attacker and requires the use of public key cryptography. In both our solutions, we use one-way visible light channel of multi-touch screens (flashing displays) to initialize devices in a secure, usable, and scalable way. From the users perspective, this boils down to placing the devices on the multitouch screen after which the remaining process is fully automatized. We showed through the experiments with 48 users that our solution is user-friendly and scales linearly with the number of nodes. Copyright

Wake-on-a-Schedule: Energy-aware Communication in Wi-Fi Networks

1 Abstract—Excessive energy consumption of mobile device Wi-Fi (IEEE 802.11x) interface is limiting its operational time on batteries, and impacts total energy consumption of electronic devices. In recent years research community has invested great effort in better efficiency of energy consumption. However, there is still a space for improvement. Wi-Fi devices connected to the single AP (Access Point) compete for the medium during data exchange. However, due to the performance anomaly in 802.11 networks, a low data rate device will force all other devices connected to the AP to communicate at low rate, which will increase the total energy consumption of these devices. Wake-on-a-Schedule algorithm is proposed reducing the energy consumption of devices placed in the area with the weaker signal by scheduling the data packets for each client on the server side which will not allow clients to compete for the Wi-Fi medium. Through extensive measurements we show that our algorithm can save up to 60% of energy consumption on the client side.

Fortune cookies and smartphones

Smartphones are being increasingly used to perform financial transactions (through m-banking, virtual wallet or as a smartcard). The latter applications involve contactless technology (e.g., NFC) that is known to be vulnerable to mafia fraud attacks. In this work we show that a secret message inside an appropriately folded piece of paper (fortune cookie) can be used to effectively mitigate the mafia fraud attack. Fortune cookies implement a weakly unrelayable channel that, in combination with smartphones, provides a provable protection against those attacks. Our solution requires minimal or no hardware changes to the existing equipment (especially on the users side) and is suitable for different communication technologies (e.g., intra-body communication, NFC, WiFi, Bluetooth, sound, infrared).

SSID Oracle Attack on Undisclosed Wi-Fi Preferred Network Lists

User’s location privacy concerns have been further raised by today’s Wi-Fi technology omnipresence. Preferred Network Lists (PNLs) are a particularly interesting source of private location information, as devices are storing a list of previously used hotspots. Privacy implications of a disclosed PNL have been covered by numerous papers, mostly focusing on passive monitoring attacks. Nowadays, however, more and more devices no longer transmit their PNL in clear, thus mitigating passive attacks. Hidden PNLs are still vulnerable against active attacks whereby an attacker mounts a fake SSID hotspot set to one likely contained within targeted PNL. If the targeted device has this SSID in the corresponding PNL, it will automatically initiate a connection with the fake hotspot thus disclosing this information to the attacker. By iterating through different SSIDs (from a predefined dictionary) the attacker can eventually reveal a big part of the hidden PNL. Considering user mobility, executing active attacks usually has to be done within a short opportunity window, while targeting nontrivial SSIDs from user’s PNL. The existing work on active attacks against hidden PNLs often neglects both of these challenges. In this paper we propose a simple mathematical model for analyzing active SSID dictionary attacks, allowing us to optimize the effectiveness of the attack under the above constraints (limited window of opportunity and targeting nontrivial SSIDs). Additionally, we showcase an example method for building an effective SSID dictionary using top-N recommender algorithm and validate our model through simulations and extensive real-life tests.

BlinkComm: Initialization of IoT Devices Using Visible Light Communication

Many applications from the Internet of Things (IoT) domain used in healthcare, smart homes, and cities involve a large number of interconnected wireless devices. To ensure privacy, confidentiality, and integrity of the information, devices should be initialized prior to any communication. In this paper, we present a secure initialization method for constrained IoT devices such as wireless sensors devices and/or actuators. The solution uses visible light communication (VLC) for the initial configuration of the IoT devices. The VLC system consists of a modulated light source such as a smartphone screen and a very simple photodetector. We analyze known coding and modulation techniques used for the VLC and propose BlinkComm, a differential coding technique that achieves threefold increase in transmission speed compared to existing solutions. We showed through experiments with 32 participants that the proposed solution achieves fast completion times and low error rates as well as high user satisfaction levels.

Active IR System for Projectile Detection and Tracking

Positioning systems based on location fingerprinting have become an area of intense research, mainly with the aim of providing indoor localization. Many challenges arise when trying to ...