IACR News item: 08 June 2012
PhD Database
Name: Roel Peeters
Topic: Security Architecture for Things That Think
Category: cryptographic protocols
Description: The observation that people already carry lots of personal devices (e.g., a smart phone, an electronic identity card, an access badge, an electronic car key, a laptop, ... ), serves as starting point for this thesis. Furthermore, with the arrival of smart objects, the number of things that think one carries is expected to grow. Sensors will be built into clothing and attached to the body to monitor\r\nour health. It is clear that these devices need to be protected. However, due to the vast amount of devices involved, the traditional approach of protecting\r\neach device on its own, results in a usability nightmare.\r\n
\r\nWe investigate how to tap into the potential that arises from cooperation between these devices. This is done by deploying threshold cryptography on\r\npersonal devices. Threshold cryptography has the benefit of increased overall security, since an adversary can compromise a number (up to the threshold\r\nnumber) of devices without gaining any advantage towards breaking the overall security. Furthermore, the end-user does not need to carry all his personal\r\ndevices, any subset of size at least the threshold number is sufficient to make use of the threshold security system.\r\n
\r\nWe propose technical solutions to tackle some of the practical issues related to this approach, paving the road for real world implementations. First, we\r\nshow how one can include devices that do not have the necessary (secure) storage capabilities needed to store shares (e.g., car keys) in our threshold\r\nscheme. Second, we investigate how the end-user can add or remove devices from his set of personal devices used in this threshold scheme. Finally, in\r\norder to get user acceptance, the (location) privacy of consumers should not be disregarded. Towards this goal we examine how to achieve private and\r\nsecure device authentication over an open channel. This is done specifically for RFID tags, which are the least powerful devices that can be included in our\[...]
Topic: Security Architecture for Things That Think
Category: cryptographic protocols
Description: The observation that people already carry lots of personal devices (e.g., a smart phone, an electronic identity card, an access badge, an electronic car key, a laptop, ... ), serves as starting point for this thesis. Furthermore, with the arrival of smart objects, the number of things that think one carries is expected to grow. Sensors will be built into clothing and attached to the body to monitor\r\nour health. It is clear that these devices need to be protected. However, due to the vast amount of devices involved, the traditional approach of protecting\r\neach device on its own, results in a usability nightmare.\r\n
\r\nWe investigate how to tap into the potential that arises from cooperation between these devices. This is done by deploying threshold cryptography on\r\npersonal devices. Threshold cryptography has the benefit of increased overall security, since an adversary can compromise a number (up to the threshold\r\nnumber) of devices without gaining any advantage towards breaking the overall security. Furthermore, the end-user does not need to carry all his personal\r\ndevices, any subset of size at least the threshold number is sufficient to make use of the threshold security system.\r\n
\r\nWe propose technical solutions to tackle some of the practical issues related to this approach, paving the road for real world implementations. First, we\r\nshow how one can include devices that do not have the necessary (secure) storage capabilities needed to store shares (e.g., car keys) in our threshold\r\nscheme. Second, we investigate how the end-user can add or remove devices from his set of personal devices used in this threshold scheme. Finally, in\r\norder to get user acceptance, the (location) privacy of consumers should not be disregarded. Towards this goal we examine how to achieve private and\r\nsecure device authentication over an open channel. This is done specifically for RFID tags, which are the least powerful devices that can be included in our\[...]
Additional news items may be found on the IACR news page.