Abstract: With the proliferation of wireless sensor net-
works and mobile technologies in general, it is possible to
provide improved medical services and also to reduce costs
as well as to manage the shortage of specialized personnel.
Monitoring a person’s health condition using sensors pro-
vides a lot of benefits but also exposes personal sensitive
information to a number of privacy threats. By recording
user-related data, it is often feasible for a malicious or
negligent data provider to expose these data to an unau-
thorized user. One solution is to protect the patient’s pri-
vacy by making difficult a linkage between specific
measurements with a patient’s identity. In this paper we
present a privacy-preserving architecture which builds
upon the concept of
k
-anonymity; we present a clustering-
based anonymity scheme for effective network manage-
ment and data aggregation, which also protects user’s
privacy by making an entity indistinguishable from other
k
similar entities. The presented algorithm is resource
aware, as it minimizes energy consumption with respect to
other more costly, cryptography-based approaches. The
system is evaluated from an energy-consuming and net-
work performance perspective, under different simulation
scenarios.
Abstract: One problem that frequently arises is the establishment of a
secure connection between two network nodes. There are many key
establishment protocols that are based on Trusted Third Parties or
public key cryptography which are in use today. However, in the
case of networks with frequently changing topology and size
composed of nodes of limited computation power, such as the ad-hoc
and sensor networks, such an approach is difficult to apply. One
way of attacking this problem for such networks is to have the two
nodes share some piece of information that will, subsequently,
enable them to transform this information into a shared
communication key.
%
Having each pair of network nodes share some piece of information
is, often, achieved through appropriate {\em key pre-distribution}
schemes. These schemes work by equipping each network node with a
set of candidate key values, some of which shared with other
network nodes possessing other keys sets. Later, when two nodes
meet, they can employ a suitable key establishment protocol in
order to locate shared values and used them for the creation of
the communication key.
%
In this paper we give a formal definition of collusion resistant
key predistribution schemes and then propose such a scheme based
on probabilistically created set systems. The resulting key sets
are shown to have a number of desirable properties that ensure the
confidentiality of communication sessions against collusion
attacks by other network nodes.
Abstract: We describe the design and implementation of secure and robust protocol and system for a national electronic lottery. Electronic lotteries at a national level are a viable cost effective alternative to mechanical ones when there is a business need to support many types of rdquogames of chancerdquo and to allow increased drawing frequency. Electronic lotteries are, in fact, extremely high risk financial application: If one discovers a way to predict or otherwise claim the winning numbers (even once) the result is huge financial damages. Moreover, the e-lottery process is complex, which increases the possibility of fraud or costly accidental failures. In addition, a national lottery must adhere to auditability and (regulatory) fairness requirements regarding its drawings. Our mechanism, which we believe is the first one of its kind to be described in the literature, builds upon a number of cryptographic primitives that ensure the unpredictability of the winning numbers, the prevention of their premature leakages and prevention of fraud. We also provide measures for auditability, fairness, and trustworthiness of the process. Besides cryptography, we incorporate security mechanisms that eliminate various risks along the entire process. Our system which was commissioned by a national organization, was implemented in the field and has been operational and active for a while, now.
Abstract: As the Internet of Things (IOT) arises, the use of
low-end devices on a daily basis increases. The wireless nature
of communication that these devices provide raises security and
privacy issues. For protecting a user’s privacy, cryptography
offers the tool of zero knowledge proofs (ZKP). In this
paper, we study well-established ZKP protocols based on the
discrete logarithm problem and we adapt them to the Elliptic
Curve Cryptography (ECC) setting, which consists an ideal
candidate for embedded implementations. Then, we implement
the proposed protocols on Wiselib, a generic and open source
algorithmic library. For the first time, we present a thorough
evaluation of the protocols on two popular hardware platforms
equipped with low end microcontrollers (Jennic JN5139, TI
MSP430) and 802.15.4 RF transceivers, in terms of code size,
execution time, message size and energy requirements. This
work’s results can be used from developers who wish to achieve
certain levels of privacy in their applications.
Abstract: Elliptic Curve Cryptography (ECC) is one of the
most promising alternatives to conventional public
key cryptography, such as RSA and ElGamal, since
it employs keys of smaller sizes for the same level
of cryptographic strength. Smaller key sizes imply
smaller hardware units for performing the arithmetic
operations required by cryptographic protocols and,
thus, ECC is an ideal candidate for implementation
in embedded systems where the major computational
resources (speed and storage) are limited.
In this paper we present a port, written in ANSI C
for maximum portability, of an open source ECCbased
cryptographic library (ECC-LIB) to ATMEL¢s
AT76C520 802.11 WLAN Access Point. One of the
major features of this port, not found in similar ports,
is that it supports Complex Multiplication (CM) for
the construction of Elliptic Curves with good security
properties. We present some experimental results that
demonstrate that the port is efficient and can lead to generic embedded systems with robust ECC-based
cryptographic protocols using cryptographically strong
ECCs generated with CM. As an application of the
ported library, an EC Diffie-Hellman key exchange
protocol is developed as an alternative of the 4-way
key handshake protocol of the 802.11 protocol.
Abstract: Embedded computing devices dominate our everyday activities, from cell phones to wireless sensors that collect and process data for various applications. Although desktop and high-end server security seems to be under control by the use of current security technology, securing the low-end embedded computing systems is a difficult long-term problem. This is mainly due to the fact that the embedded systems are constrained by their operational environment and the limited resources they are equipped with. Recent research activities focus on the deployment of lightweight cryptographic algorithms and security protocols that are well suited to the limited resources of low-end embedded systems. Elliptic Curve Cryptography (ECC) offers an interesting alternative to the classical public key cryptography for embedded systems (e.g., RSA and ElGamal), since it uses smaller key sizes for achieving the same security level, thus making ECC an attractive and efficient alternative for deployment in embedded systems. In this chapter, the processing requirements and architectures for secure network access, communication functions, storage, and high availability of embedded devices are discussed. In addition, ECC-based state-of-the-art lightweight cryptographic primitives for the deployment of security protocols in embedded systems that fulfill the requirements are presented.