	
URL:
http://www.tcs.hut.fi/Studies/T-79.7001/2006AUT/seminar-papers/Ekberg-paper-draft.pdf

1. Rating
 
  Technical quality
    5: Contents are completely correct. There are no errors.
    
  Originality
    4: Contains some new ideas, but can be developed as described
       below; good analysis of current state

  Editorial quality
    4: Mostly understandable, some improvements identified below

  Overall grade (overall, how do you rate this paper?)
    4: Very good
  
  Confidence (how confident are you about this review?)
    2: I have some general knowledge of this subject

2. Detailed comments

  2a. Technical quality

    First the paper provides some constraints for key agreement
    protocol design for small devices with unreliable and unsecure
    connections. Then one of the most important arguments for the
    overall protocol design is discussed, namely the cost. Reasoning
    and argumentation for hw implementation over sw is shown. Paper
    studies the existing key agreement proposals for static sensor
    networks along with an attack model based on key infection. Then
    the author provides new methods for security amplification, based
    on time, third party, and radio environment information, but
    mainly for paired devices mobile with respect to the attacker.

    Strength in the paper lies in the general ideas on how to amplify
    the security. However, slight weakness could be that the novel
    ideas are not directly in the same scope as the related art
    (static sensor networks, compared to mobile devices). Could
    further explain how they are related.

  2b. Originality

    The ideas presented in the paper are assumed to be new. Reviewer
    does not have enough knowledge in the area to judge the novelty of
    them.

    State of the art in the case of key distribution and agreement in
    sensor networks is explained, but pairing in general is not
    touched (it is out of the scope). Could touch more the
    state-of-the-art of the secrecy amplification area.

  2c. Editorial quality

- Each word in title should start with a capital letter, except "in"

- The language is fairly easy to follow. 

- Do not use abbreviations without first writing them open: TTP
  (Trusted Third Party?), ECC/DH (Elliptic Curve Crypto/Diffie-Hellman?)

- Should provide overview of the paper chapter in the end of the
  introduction chapter

- Too small figure 1 texts, not visible for the reader

- Could group the amplification proposals under one chapter, also the
  "security amplification"

- Chapter 4: What is the refered attack model of "key infection"?
  Section 3.4. was discussing about key injection..

- Chapter 4: What is the function E in the courier text describing the
  time domain amplification protocol? If Encrypt, then with with what
  key (e.g. k_1 = E(RAND_A, RAND_B))?

- Could explain more clear on what is novel and new. For example in
  the abstract could say that time-domain and fixed-device
  amplifications are new/novel. Environment monitoring is one type of
  amplification method as well, thus could name the chapter for
  example like "Radio environment info amplification"

- chapter 6: s/conenctions/connections/