Vasiliki Liagkou

Design, Analysis and Performance Evaluation of Group Key Establishment in Wireless Sensor Networks

Wireless sensor networks are comprised of a vast number of ultra-small autonomous computing, communication and sensing devices, with restricted energy and computing capabilities, that co-operate to accomplish a large sensing task. Such networks can be very useful in practice, e.g. in the local monitoring of ambient conditions and reporting them to a control center. In this paper we propose a new lightweight, distributed group key establishment protocol suitable for such energy constrained networks. Our approach basically trade-offs complex message exchanges by performing some amount of additional local computations. The extra computations are simple for the devices to implement and are evenly distributed across the participants of the network leading to good energy balance. We evaluate the performance our protocol in comparison to existing group key establishment protocols both in simulated and real environments. The intractability of all protocols is based on the Diffie-Hellman problem and we used its elliptic curve analog in our experiments. Our findings basically indicate the feasibility of implementing our protocol in real sensor network devices and highlight the advantages and disadvantages of each approach given the available technology and the corresponding efficiency (energy, time) criteria.

Electronic national lotteries

We describe the design and implementation of secure and robust protocol and system for a national electronic lottery. Electronic lotteries at a national level are a viable cost effective alternative to mechanical ones when there is a business need to support many types of ”games of chance” and to allow increased drawing frequency. Electronic lotteries are, in fact, extremely high risk financial application: If one discovers a way to predict or otherwise claim the winning numbers (even once) the result is huge financial damages. Moreover, the e-lottery process is complex, which increases the possibility of fraud or costly accidental failures. In addition, a national lottery must adhere to auditability and (regulatory) fairness requirements regarding its drawings. Our mechanism, which we believe is the first one of its kind to be described in the literature, builds upon a number of cryptographic primitives that ensure the unpredictability of the winning numbers, the prevention of their premature leakages and prevention of fraud. We also provide measures for auditability, fairness, and trustworthiness of the process. Besides cryptography, we incorporate security mechanisms that eliminate various risks along the entire process. Our system which was commissioned by a national organization, was implemented in the field and has been operational and active for a while, now.

“Trust engineering: ” from requirements to system design and maintenance – a working national lottery system experience

Based on our experience in designing, building and maintaining an information system for supporting a large scale electronic lottery, we present in this paper a unified approach to the design and implementation of electronic lotteries with the focus on pragmatic trust establishment. This approach follows closely the methodologies commonly employed in the development of general information systems. However, central to the proposed approach is the decomposition of a security critical system into layers containing basic trust components so as to facilitate the management of trust, first along the layers, and then as we move from layer to layer. We believe that such a structured approach, based on layers and trust components, can help designers of security critical applications produce demonstrably robust and verifiable systems that people will not hesitate to use.

The threshold behaviour of the fixed radius random graph model and applications to the key management problem of sensor networks

In this paper we study the threshold behavior of the fixed radius random graph model and its applications to the key management problem of sensor networks and, generally, for mobile ad-hoc networks. We show that this random graph model can realistically model the placement of nodes within a certain region and their interaction/sensing capabilities (i.e. transmission range, light sensing sensitivity etc.). We also show that this model can be used to define key sets for the network nodes that satisfy a number of good properties, allowing to set up secure communication with each other depending on randomly created sets of keys related to their current location. Our work hopes to inaugurate a study of key management schemes whose properties are related to properties of an appropriate random graph model and, thus, use the rich theory developed in the random graph literature in order to transfer “good” properties of the graph model to the key sets of the nodes.

Course Evaluation in Higher Education: the Patras Pilot of ABC4Trust

In this chapter we describe one of the pilots of the ABC4Trust project that we developed in order to offer privacy-preserving course evaluations at universities. The distinctive feature of this application is that the pilot system can authenticate students, with respect to their eligibility to evaluate a course, without requiring from them any identifying information. Thus, it is impossible for the system to link participants with their evaluations and, therefore, participants’ privacy is protected while the system is certain to receive evaluations only from eligible participants. In this chapter we describe the pilot context, the high level architecture of the pilot system as well as a questionnaire-based evaluation process for user acceptance. Along with a usability evaluation of the pilot prototype, we considered possible user acceptance factors for Privacy-ABCs and developed a novel model of user acceptance in a privacy critical setting.

Adaptive probabilistic secure routing in mobile wireless sensor networks

We study the problem of secure routing in wireless sensor networks where the sensors and the sink can move during the execution of remote monitoring applications and communication is not necessarily directed towards the sink. We present a new routing protocol that builds upon a collection of mechanisms so that the integrity and confidentiality of the information reported to the controlling authorities is secured. The mechanisms are simple to implement, rely only on local information and require O(1) storage per sensor. The protocol adapts to mobility and security challenges that may arise throughout the execution of the application. We take special care for wireless sensor networks that monitor dynamically changing environments and applications that require its operation for extended periods of time. APSR can detect when the current network conditions are about to change and becomes ready for adaption to the new conditions. We demonstrate how to deal with inside and out-side attacks even when the network is adapting to internal and/or external events.

Agent-based Distributed Group Key Establishment in Wireless Sensor Networks

Wireless sensor networks are comprised of a vast number of ultra-small autonomous computing, communication and sensing devices, with restricted energy and computing capabilities, that co-operate to accomplish a large sensing task. Such networks can be very useful in practice, e.g. in the local monitoring of ambient conditions and reporting them to a control center. In this paper we propose a distributed group key establishment protocol that uses mobile agents (software) and is particularly suitable for energy constrained, dynamically evolving ad-hoc networks. Our approach totally avoids the construction and the maintenance of a distributed structure that reflects the topology of the network. Moreover, it trades-off complex message exchanges by performing some amount of additional local computations in order to be applicable at dense and dynamic sensor networks. The extra computations are simple for the devices to implement and are evenly distributed across the participants of the network leading to good energy balance. We evaluate the performance of our protocol in a simulated environment and compare our results with existing group key establishment protocols. The security of the protocol is based on the Diffie-Hellman problem and we used in our experiments its elliptic curve analog. Our findings basically indicate the feasibility of implementing our protocol in real sensor network devices and highlight the advantages and disadvantages of each approach given the available technology and the corresponding efficiency (energy, time) criteria.

A trustworthy architecture for managing cultural content

Abstract Information creation, presentation and exchange, as well as the collection, organization and storage of multimedia-based artistic content, is an old craft. What makes the problem different in today’s information society is the amount of multimedia information in digital form (digital content) that has to be handled, the speed at which it is produced and the ways that it is presented, exchanged, organized and stored. The advent of World Wide Web has tremendously affected all these activities, giving us new tools and ways for harnessing digital art material. Culture organizations have to deal with all the open security challenges that can cause huge data and financial losses, harm their reputation and strictly affect people’s trust on them. Here we shall propose a trust preserving approach for handling the increasingly difficult complexity issues of building data management systems suitable for cultural environments. Our model addresses a list of fundamental operational and security requirements. It is designed as a standalone solution but it can be flexibly adapted in broader management infrastructures.

A Security Model for Internet-Based Digital Asset Management Systems

Usage and exploitation of the Internet is a critical requirement for managing and distributing valuable digital assets. This requirement introduces a great number of threats for commercial (or not) organizations that may cause huge data and financial losses, harm their reputation as well as peoples trust on them. In this paper we present the research challenges for secure digital asset management over the web by proposing a model that provides data safety and secure user interaction on especially demanding on-line collaboration environments.

Brief Announcement: Providing End-to-End Secure Communication in Low-Power Wide Area Networks

Recent technologies for low-rate, long-range transmission in unlicensed sub-GHz frequency bands enables the realization of Long-range Wide Area Network. Despite the rapid uptake of LPWANs, security concerns arising from the open architecture and usage of the unlicensed band are also growing. While the current LPWAN deployments include basic techniques to deal with end-to-end encryption there are specific security issues that arise due to the overall architecture and protocol layer design. In this paper, a new scheme to establish end-to-end secure communication in long-range IoT deployments is introduced. The advantages over the existing approaches and architectural design are presented in the context of typical smart cities application scenarios.