ETH - System Security - Projects and publications

News | About us | People

Contact | Sitemap | Help

Research | Education

Intranet

ETH Zurich - D-INFK - System Security Group - Research

Research

Publications

SPOT: Secure Positioning (Localization)

Project: Authentication over Insecure Wireless Channels

Device Identification

Secure Time Synchronization in Wireless Networks

Jamming Resistance

Projects and publications

News / Recent Events

- 16.-18.03.09, Second ACM Conference on Wireless Network Security (WiSec'09)
- 26.09.08, The System Security Group presented its research to the public at the Researchers' Night in Zurich on Friday, September 26th.
- 15.04.08, ETH press release on our iPhone/iPod localization attack project, more technical details here.
- 22.11.07, ETH Globe on our Secure Localization Research
- 27./28.09. 2007, ZISC Workshop on Wireless Security
- 16.05.07, Neue Zürcher Zeitung on our Secure Localization Research

Below is a list of some recent activities in the group. For a full list of publications or project descriptions use the menu on the left.

PROXIMITY-BASED ACCESS CONTROL FOR IMPLANTABLE MEDICAL DEVICES We propose a proximity-based access control scheme for implantable medical devices (IMDs). Our scheme is based on ultrasonic distance bounding and enables an implanted medical device to grant access to its resources only to those devices that are in its close proximity. We demonstrate the feasibility of our approach through tests in an emulated patient environment. We show that, although implanted, IMDs can successfully verify the proximity of other devices with high accuracy. We propose a set of protocols that support our scheme, analyze their security in detail and discuss possible extensions. We make new observations about the security of implementations of ultrasonic distance-bounding protocols. Finally, we discuss the integration of our scheme with existing IMD devices and with their existing security measures. People: Kasper Bonne Rasmussen, Claude Castelluccia, Thomas S. Heydt-Benjamin, Srdjan Capkun Publication: Proximity-based Access Control for Implantable Medical Devices, In Proceedings of the ACM Conference on Computer and Communications Security (CCS), 2009 [PDF \| bibtex]

PROXIMITY-BASED ACCESS CONTROL FOR IMPLANTABLE MEDICAL DEVICES

We propose a proximity-based access control scheme for implantable medical devices (IMDs). Our scheme is based on ultrasonic distance bounding and enables an implanted medical device to grant access to its resources only to those devices that are in its close proximity. We demonstrate the feasibility of our approach through tests in an emulated patient environment. We show that, although implanted, IMDs can successfully verify the proximity of other devices with high accuracy. We propose a set of protocols that support our scheme, analyze their security in detail and discuss possible extensions. We make new observations about the security of implementations of ultrasonic distance-bounding protocols. Finally, we discuss the integration of our scheme with existing IMD devices and with their existing security measures.

People:

Kasper Bonne Rasmussen, Claude Castelluccia, Thomas S. Heydt-Benjamin, Srdjan Capkun

Publication:

Proximity-based Access Control for Implantable Medical Devices, In Proceedings of the ACM Conference on Computer and Communications Security (CCS), 2009 [PDF | bibtex]

LOCATION PRIVACY OF DISTANCE BOUNDING PROTOCOLS We analyze, in a number of scenarios, how much information distance bounding protocols leak. We further discuss several straightforward countermeasures and show why they do not provide adequate protection against distance leakage. Finally, we propose a location private distance bounding protocol that maintains the properties of existing distance bounding protocols while leaking no information about the distance measured between the communicating parties. Read more on the project web page. People: Kasper Bonne Rasmussen, Srdjan Capkun Publication: Location Privacy of Distance Bounding Protocols In Proceedings of the ACM Conference on Computer and Communications Security (CCS), 2008 [PDF]

LOCATION PRIVACY OF DISTANCE BOUNDING PROTOCOLS

We analyze, in a number of scenarios, how much information distance bounding protocols leak. We further discuss several straightforward countermeasures and show why they do not provide adequate protection against distance leakage. Finally, we propose a location private distance bounding protocol that maintains the properties of existing distance bounding protocols while leaking no information about the distance measured between the communicating parties.

Read more on the project web page.

People:

Kasper Bonne Rasmussen, Srdjan Capkun

Publication:

Location Privacy of Distance Bounding Protocols
In Proceedings of the ACM Conference on Computer and Communications Security (CCS), 2008 [PDF]

UNCOORDINATED FREQUENCY HOPPING We consider the problem of how two devices that do not share any secrets can establish a shared secret key over a wireless radio channel in the presence of a communication jammer, i.e., in the absence of a reliable communication channel. As a solution, we propose an Uncoordinated Frequency Hopping (UFH) scheme that breaks the dependency on a shared secret key and enables key establishment in the presence of a communication jammer. Read more on the project web page. People: Mario Strasser, Christina Pöpper, Srdjan Capkun, Mario Cagalj Publications: Efficient Uncoordinated FHSS Anti-Jamming Communication, in Proceedings of the ACM Symposium on Mobile Ad Hoc Networking and Computing (MobiHoc), 2009 [PDF] Jamming-resistant Key Establishment using Uncoordinated Frequency Hopping, in Proceedings of IEEE Symposium on Security and Privacy, 2008 [PDF]

UNCOORDINATED FREQUENCY HOPPING

We consider the problem of how two devices that do not share any secrets can establish a shared secret key over a wireless radio channel in the presence of a communication jammer, i.e., in the absence of a reliable communication channel. As a solution, we propose an Uncoordinated Frequency Hopping (UFH) scheme that breaks the dependency on a shared secret key and enables key establishment in the presence of a communication jammer.

Read more on the project web page.

People:

Mario Strasser, Christina Pöpper, Srdjan Capkun, Mario Cagalj

Publications:

Efficient Uncoordinated FHSS Anti-Jamming Communication,
in Proceedings of the ACM Symposium on Mobile Ad Hoc Networking and Computing (MobiHoc), 2009 [PDF]

Jamming-resistant Key Establishment using Uncoordinated Frequency Hopping,
in Proceedings of IEEE Symposium on Security and Privacy, 2008 [PDF]

DEMONSTRATION OF LOCATION SPOOFING

We analysed conventional public WLAN-based localization systems such as the WPS of Skyhook, which is being used in Apple's iPhone and iPod touch devices. By using a combination of access point spoofing and jamming, we were able to displace the location returned by these devices to an arbitrary position.

Read more on the project web page.

People:

Nils Ole Tippenhauer, Kasper Bonne Rasmussen, Christina Pöpper, Srdjan Capkun

Publication:

Attacks on Public WLAN-based Positioning
In Proceedings of the ACM/Usenix International Conference on Mobile Systems, Applications and Services (MobiSys), 2009 [PDF | bibtex | talk video | online version]

UWB-BASED SECURE RANGING AND LOCALIZATION

We propose and implement a novel ID-based secure ranging protocol. Our protocol is inspired by existing authenticated ranging and distance-bounding protocols, and is tailored to work on existing Ultra Wide Band (UWB) ranging platforms. Building on the implementation of secure ranging, we further implement a secure localization protocol that enables the computation of a correct device location in the presence of an adversary. We study how various implementations of secure ranging and localization protocols impacts their security and performance.

Read more on the project web page.

People:

Nils Ole Tippenhauer, Srdjan Capkun

Publication:

UWB-based Secure Ranging and Localization,Technical Report 586, ETH Zürich, System Security Group, January 2008. Submitted for Publication. [PDF]

Wichtiger Hinweis:
Diese Website wird in älteren Versionen von Netscape ohne graphische Elemente dargestellt. Die Funktionalität der Website ist aber trotzdem gewährleistet. Wenn Sie diese Website regelmässig benutzen, empfehlen wir Ihnen, auf Ihrem Computer einen aktuellen Browser zu installieren. Weitere Informationen finden Sie auf
folgender Seite.

Important Note:
The content in this site is accessible to any browser or Internet device, however, some graphics will display correctly only in the newer versions of Netscape. To get the most out of our site we suggest you upgrade to a newer browser.
More information