Overview
Time
8:00
9:00
10:00
11:00
12:00
13:00
14:00
15:00
16:00
17:00
16.3.2009
Monday
Registration
Opening notes
Szczechowiak et al.
Hansen
Liu et al.
Ugus et al.
Kerschbaum et al.
Shaoying et al.
Oren et al.
Xu et al.
Lunch
17.3.2009
Tuesday
Keynote IRoss Anderson Dong et al. Lindqvist et al. Yang et al. Yan et al. Slater et al. Martinovic et al. Lazos et al.
Lunch
18.3.2009
Wednesday
Keynote IIBart Preneel Ferguson et al. Svenda et al. Pietro et al. Tan et al. Cristofaro et al. Sun et al. Concluding remarks
Monday
Session: Sensor Network Security (I)
Piotr Szczechowiak, Anton Kargl, Michael Scott, Martin Collier
On the Application of Pairing Based Cryptography to Wireless Sensor Networks
16/03/2009 09:10 - 30 minutes
Morten Tranberg Hansen
Asynchronous Group Key Distribution on top of the CC2420 Security Mechanisms for Sensor Networks
16/03/2009 09:40 - 20 minutes
Joseph K. Liu, Joonsang Baek, Jianying Zhou
Certificate-Based Sequential Aggregate Signature
16/03/2009 10:00 - 20 minutes
Osman Ugus, Dirk Westhoff, Jens-Matthias Bohli
A ROM-friendly Secure Code Update mechanism for WSNs using a stateful-verifier T-time Signature Scheme
16/03/2009 10:20 - 30 minutes
Session: RFID security
Florian Kerschbaum, Alessandro Sorniotti
RFID-Based Supply Chain Partner Authentication and Key Agreement
16/03/2009 11:20 - 30 minutes
Cai Shaoying, Yingjiu Li, Tieyan Li, Robert Deng
Attacks and Improvements to an RFID Mutual Authentication Protocol and its Extensions
16/03/2009 11:50 - 20 minutes
Yossef Oren, Martin Feldhofer
A Low-Resource Public-Key Identification Scheme for RFID Tags
16/03/09 12:10 - 30 minutes
Session: Attacks
Nan Xu, Fan Zhang, Yisha Luo, Weijia Jia, Dong Xuan, Jin Teng
Stealthy Video Capturer: A New Video-based Spyware in 3G Smartphones
16/03/2009 12:40 - 30 minutes
Session: Ad Hoc Networks
Jared Cordasco, Susanne Wetzel
An Attacker Model for MANET Routing Security
16/03/2009 16:30 - 20 minutes
Sevil Sen, John A. Clark
A Grammatical Evolution Approach to Intrusion Detection on Mobile Ad Hoc Networks
16/03/2009 16:50 - 20 minutes
William Kozma, Loukas Lazos
REAct: Resource-Efficient Accountability for Node Misbehavior in Ad Hoc Networks based on Random Audits
16/03/2009 17:10 - 20 minutes
Tuesday
Ross Anderson
Keynote I: From the Eternity Service to Suicide Bombing - a Short History of Ad-hoc Network Security
17/03/2009 08:20 - 70 minutes
The security of ad-hoc networks has been a subject of academic study for barely fifteen years. In the process it's thrown up all sorts of provocative ideas, from Berkeley's Smart Dust to our Resurrecting Duckling protocol. Now that a number of ad-hoc network technologies are being deployed, it turns out that reality is even stranger. After giving an overview of the history, I will look at what some real systems teach the researcher.
Peer-to-peer systems were one of the developments that brought home to us the importance of incentives; microeconomic analysis matters as much as cryptanalysis for devising systems that will actually be used. HomePlug teaches us about usability: a protocol to be deployed in billions of low-cost consumer electronic devices simply cannot impose a significant call-centre overhead. Social networks teach us about the importance of topology, and give us new insights into such matters as traffic analysis and anonymity. Finally, the "lick'em and stick'em" approach to deploying sensors in industrial control systems has got some deep lessons about lifecycle costs and configuration management.
In short, the things that caused problems mostly weren't the things we'd expected to, but they still give lots of juicy topics for the next generation of researchers.
Session: WiFi and Mesh Network Security
Jing Dong, Reza Curtmola, Cristina Nita-Rotaru
Practical Defenses Against Pollution Attacks in Intra-Flow Network Coding for Wireless Mesh Networks
17/03/2009 09:50 - 30 minutes
Janne Lindqvist, Tuomas Aura, George Danezis, Teemu Koponen, Annu Myllyniemi, Jussi Mäki, Michael Roe
Privacy-Preserving 802.11 Access-Point Discovery
17/03/2009 10:20 - 20 minutes
Zhimin Yang, Adam Champion, Boxuan Gu, Xiaole Bai, Dong Xuan
Link-Layer Protection in 802.11i WLANs with Dummy Authentication
17/03/2009 10:40 - 20 minutes
Guanhua Yan, Stephan Eidenbenz, Bo Sun
Mobi-Watchdog: You Can Steal, But You Can't Run!
17/03/2009 11:00 - 30 minutes
Session: Jamming/Anti-jamming
David Slater, Patrick Tague, Radha Poovendran, Brian J Matt
A Coding-Theoretic Approach for Efficient Message Verification Over Unsecure Channels
17/03/2009 12:00 - 30 minutes
Ivan Martinovic, Paul Pichota, Jens B. Schmitt
Jamming for Good: Design and Analysis of a Crypto-less Protection for WSNs
17/03/2009 12:30 - 20 minutes
Loukas Lazos, Sisi Liu, Marwan Krunz
Mitigating Control-Channel Jamming Attacks in Multi-channel Ad Hoc Networks
17/03/2009 12:50 - 30 minutes
Session: Secure Localization and Time synchronization
Jerry T. Chiang, Jason J. Haas, Yih-Chun Hu
Secure and Precise Location Verification Using Distance Bounding and Simultaneous Multilateration
17/03/2009 15:00 - 30 minutes
Reza Shokri, Marcin Poturalski, Gael Ravot, Panos Papadimitratos, Jean-Pierre Hubaux
A Practical Secure Neighbor Verification Protocol for Wireless Sensor Networks
17/03/2009 15:30 - 20 minutes
Murtuza Jadliwala, Qi Duan, Shambhu Upadhyaya, Jinhui Xu
Towards a Theory for Securing Time Synchronization in Wireless Sensor Networks
17/03/2009 15:50 - 30 minutes
Wednesday
Bart Preneel
Keynote II: Research Challenges in Lightweight Cryptography
18/03/2009 08:20 - 70 minutes
Cryptographic algorithms and protocols are now widely available in applications such as finance, conditional access and e-government, in computer systems (e.g., for hard disk encryption) and in wired and wireless networks. The first challenges for the deployment of cryptography to secure communication networks were the high cost and inflexibility of the hardware implementations, the control by governments on cryptographic technology, and the lack of open standards. Most of these barriers have been lifted during the 1990s, in particular by the evolution of cryptography from software to hardware and by the development of standardized protocols that allow for algorithm negotiation (e.g., TLS and IPsec). On the other hand, the end systems have become very complex and the weakest link has been shifting towards the operating system and the applications.
Security requirements for wireless networks have always been more pressing: these networks are more vulnerable to passive (but also active) eavesdropping and cellular networks offer larger economic incentives for attackers. On the other hand, mobile and wireless environments present tighter constraints in terms of the available computational power and energy and are still using more hardware-oriented and inflexible solutions. The security of the first version of wireless technologies is typically very weak or non-existent (think of AMPS for analog mobile phones, cordless phones, WEP for WLAN, Bluetooth, ...); very often, the second generation brings some improvements (GSM, DECT and WPA), while an acceptable security level is only reached in the third generation (3GSM, WPA2). While the cost of cryptography on these devices drops and the links become more secure, the systems themselves become in turn more complex and attackers shift their target to higher layers.
However, there is always room at the bottom. Ultra low-cost wireless devices such as low-cost RFID tags and sensor networks put again stringent requirements on the cryptographic algorithms and protocols in terms of area (size of memory, number and complexity of operations), power and/or energy. In this talk, we present an overview of the state of the art for cryptographic algorithms with an emphasis on ``lightweight'' algorithms We cover the most important classes of algorithms in use today, that is: block ciphers, stream ciphers, hash functions, MAC algorithms and public-key algorithms; each of these areas is in a different state of maturity and presents specific research challenges. We will conclude with some observations on the requirement of secure implementations in software and hardware.