TCS / Studies / T-79.7001 Postgraduate Course in Theoretical Computer Science,

T-79.7001 Postgraduate Course in Theoretical Computer Science
T-110.7290 Research Seminar on Network Security
(3–5 cr) P V

Autumn 2006

Authentication and key establishment (AKE) is a cornerstone for securing distributed systems. There has been extensive research designing, breaking, and analyzing AKE protocols in classical distributed system contexts. In recent years, there has been increasing interest in new contexts and scenarios where the traditional AKE protocols cannot be applied directly due to various reasons such as resource constraints and differences in trust assumptions. This has prompted researchers to propose several new AKE protocols tailored for the new scenarios.

The goal of this research seminar is to understand the new scenarios and the AKE protocols proposed for them by studying recent research papers.

This is a joint seminar between TCS (T-79.7001) and TML (T-110.7290). The course T-79.7001 replaces the course T-79.300 Postgraduate Course in Theoretical Computer Science. The course T-110.7290 replaces the course T-110.558 Research seminar on network security.

[Current] [General Information] [Schedule] [Arrangements]

T-79.7001 in Previous years: [Spring 2006] [Autumn 2005] [Spring 2005] [Autumn 2004] [Spring 2004] [Autumn 2003] [Spring 2003] [Autumn 2002] [Spring 2002] [Autumn 2001] [Spring 2001]

Current

[15 Dec 2006] Seminar is over. Remember to give feedback (NB: use the 79.3001 code; the 110.7290 code is used by another seminar)
[20 Nov 2006] No meeting on Nov 27. Maarit's presentation postponed to Dec 1.
[2 Nov 2006] Notice change in schedule: no meeting on Dec 8. Two presentations on Dec 1.
[4 Oct 2006] A review template is now available. Papers, reviews etc. can be sent to the seminar mailing list. The mail alias is ake06 Ät tcs.hut.fi
[20 Sep 2006] Topic assignments, presentation dates, and review assignments have been updated. Check, and notify the co-ordinators if there are inconsistencies.
[10 Sep 2006] A list of suggested topics and initial references are available below. Some seminar participants have already chosen their topics. Their names appear in bold in front of their respective chosen topics. Topics without any names attached are still available.
[5 Jun 2006] The first seminar session is on Fri 15 Sep. If you are interested in participating, please
- E-mail the co-ordinators as soon as possible and to let them know your intent to participate, and the topics you are interested in,
- and Register via TOPI

General Information

Time, place: Fridays 9:00-12:00 a.m., seminar room T5.
Coordinators: Kaisa Nyberg, room TB255; N. Asokan, room TA110.
Registration by TOPI.
Prerequisites: Basic knowledge of network security and cryptography.
Assets: Familiarity with traditional authentication and key agreement protocols.
Credits: 3 cr (ECTS) for one paper+presentation. 1 cr (ECTS) for two in-depth peer reviews of papers by other participants, 1 cr (ECTS) for an additional set of two in-depth reviews of papers by other participants.
Grading: Based on the quality of the paper, presentation, own reviews of other papers, and participation in in-class or mailing-list discussions about papers as well as feedback from peer reviewers.

Schedule

Week	Date	Topic	Presenters.............	Slides................	DraftPaper.......	Reviews.........	RevisedPaper
37.	Sep 15	Opening, and Welcome	Kaisa Nyberg, N. Asokan
		Introduction to the theme and topics	N. Asokan	[pdf] [ppt]
		Ad Hoc Security Associations for Groups (dry run of ESAS presentation)	Jukka Valkonen	[pdf]
38.	Sep 22	No Meeting
39.	Sep 29	Introductory lecture	Kaisa Nyberg	[pdf]
40.	Oct 6	1.Bellare-Rogaway security model	Kaisa Nyberg	[pdf]
		2. Security models and proofs	Sven Laur	[pdf]
41.	Oct 13	Key establishment in constrained devices	Jan-Erik Ekberg	[pdf]	[pdf]	Jani [txt]	[pdf]
						Dan [txt]
						Asokan [txt]
42.	Oct 20	Use cases of implicit authentication and key establishment with sender and receiver ID binding	Dan Forsberg	[pdf]	[pdf] (updated)	Maarit [txt]	[pdf]
						Vesa [txt]
						Asokan [txt]
43.	Oct 27	Touchstone of trust: physical contact in ad-hoc wireless network	Nie Pin	[ppt]	[pdf]	Vesa [txt]	[pdf]
						Jukka [txt]
						Asokan [txt]
						Kaisa [txt]
		Multi-model security associations in personal networks	Jani Suomalainen	[pdf]	[pdf]	Kristiina [txt]	[pdf]
						Dan [txt]
						Asokan [txt]
						Kaisa [txt]
44.	Nov 3	Theoretical bounds for human mediated data authentication protocols	Vesa Vaskelainen	[pdf](updated)	[pdf](updated)	Jani [txt]	[pdf]
						Jan-Erik [txt]
						Asokan [txt]
						Kaisa [txt]
45.	Nov 10	Contributory Key Agreement in Groups: Quest for Authentication	Jan Hlinovsky	[pdf] (updated)	[pdf]	Laura [txt]	[pdf]
						Maarit [txt]
						Asokan [txt]
46.	Nov 17	Key management in IP multicast	Petri Jokela	[pdf]	[pdf]	Jan [txt]	[pdf]
						Laura [txt]
						Asokan [txt]
						Kaisa [txt]
		MAC Layer Key Hierarchies and Establishment Procedures	Jukka Valkonen	[pdf]	[pdf]	NiePin [txt]	[pdf]
						Kristiina [txt]
						Kaisa [txt]
						Asokan [txt]
47.	Nov 24	No Meeting
48.	Dec 1	Analyzing AKE protocols with AVISPA	Laura Takkinen	-----	[pdf]	Jan-Erik [txt]
						Jukka[txt]
						Asokan [txt]
		AKE in clustered ad hoc networks	Maarit Hietalahti	[pdf]	[pdf]	Petri [txt]	[pdf]
						NiePin [txt]
						Asokan [txt]
						Kaisa [txt]
49.	Dec 8	Closing	Asokan				-

Arrangements

In the first meeting, the co-ordinators will introduce the area of research, and briefly present the potential topics.
Each student will propose a topic to the co-ordinators and reserve a date for the presentation. Topic proposals must be done as soon as possible (preferably before the course starts), and no later than week 37. Typically a topic will be based on one or more research papers.
The co-ordinators will nominate two reviewers for each paper.
Each student should prepare a paper on their chosen topic. The paper should be made available to the seminar participants at least one week before the day of the presentation.
At a minimum, the paper should be a good survey of the material covered in the research papers related to the topic. An excellent paper will break new ground: e.g., by proposing new solutions or identifying flaws in the surveyed papers.
The assigned reviewers will read the paper and provide written reviews at least one day before the day of the presentation. The reviews are expected to be in the style of peer reviews of research papers using the review template Reviews should be constructive: e.g., suggesting ways of improving the paper.
Based on the reviews and the discussion after the presentation, the student can revise and re-submit the paper within one week.

Seminar material

Suggestions for topic areas

The following is a list of example topics. With each topic, we have listed one or more pointers to sources that can serve as starting points for your research. You need not (and should not) limit yourself to this starter material only. You should only include relevant material from this list, and include any other relevant material as well.

Update (Sep 10): Some seminar participants have already chosen their topics. Their names appear in bold in front of their respective chosen topics. Topics without any names attached are still available.

If you are not able to locate one of the papers listed below, ask the seminar co-ordinators to borrow a local copy.

AKE in sensor networks
- Jan-Erik Ekberg: Key agreement between sensor network nodes [EG02] [ACP04] [CP05]
- Authenticating communication between an external query/sink node and a sensor network node. [Ben05] [SP06]
AKE in "First Connect" scenarios
The term "First Connect" refers to the initial setup of a security association among two or more devices for subsequent secure communication.
- Nie Pin: Key agreement protocols for First Connect
- Vesa Vaskelainen: Theoretical bounds for human mediated data authentication protocols
  - Efficient Mutual Data Authentication Using Manually Authenticated Strings (Ask the co-ordinators for a copy)
  - Tight Bounds for Unconditional Authentication Protocols in the Manual Channel and Shared Key Models
- Jani Suomalainen Comparative survey of AKE in "First Connect" standard proposals, in terms of security, usability, and extensibility.
  - Bluetooth SIG: Simple Pairing
  - Microsoft Windows Connect Now-NET
  - Wireless USB Specification 1.0 -- Association Models Supplement (in the "Downloads" section: download the zip file, which contains the AM specification, and the FAQ file)
  - HomePlug AV (Protecting Domestic Powerline Communications)
Authentication of humans
- Kristiina Karvonen: Phishing-resistant authentication with human users
Identity-based cryptography
- Dan Forsberg: Identity-based authentication and key agreement
  - A New Two-Party Identity-Based Authenticated Key Agreement
Key agreement in groups
- Petri Jokela: Key agreement and key management for Secure multicast
- Jukka Valkonen: Key agreement and key management for Secure multicast in practise, Case: WiMedia
  - A Standard ECMA-368, High Rate Ultra Wideband PHY and MAC Standard
- Group key agreement protocols
- Maarit Hietalahti: Key agreement in clustered ad hoc networks
  - On the Security of Group Communication Schemes based on Symmetric Key Cryptosystems
  - A communication-efficient key agreement protocol in ad hoc networks
  - Authenticated and communication efficient group key agreement for clustered ad hoc networks (Ask co-ordinators for a copy)
- Jan Hlinovsky: Password-authenticated group key agreement
Analyzing AKE protocols
- Laura Takkinen: Analyzing security protocols with AVISPA
RFID authentication
- Protocols for authentication and/or key agreement
  - YA-TRAP: Yet Another Trivial RFID Authentication Protocol (also see)
  - Noisy Tags: A Pretty Good Key Exchange Protocol for RFID Tags
- Correctness of RFID authentication protocols

Last modified: Tue Dec 19 14:44:15 EET 2006

[TCS main] [Current] [Contact Info] [Personnel] [Research] [Publications] [Software] [Studies] [Links]

T-79.7001 Postgraduate Course in Theoretical Computer Science T-110.7290 Research Seminar on Network Security (3–5 cr) P V