Toward secure wireless protocols in the context of internet of things

Abstract

List of Figures

List of Tables

1 Introduction

• 1.1 Motivation and Research Objectives

• 1.2 Approach and Contributions

• 1.3 Thesis Outline

2 Secure Device Pairing Protocols

• 2.1 Out-of-Band Channels

  • 2.1.1 OOB Security Properties

  • 2.1.2 OOB Classification

  • 2.1.3 OOB Penetrator Model

• 2.2 Overview on Secure Device Pairing Schemes

  • 2.2.1 Long Authenticated String-Based Authentication Key Agreement Protocols

  • 2.2.2 Manual Authentication Protocols

  • 2.2.3 Ephemeral Pairing Protocols

  • 2.2.4 Wong-Stajano Multichanel Security Protocols

  • 2.2.5 Short Authenticated String-Based Authentication Key Agreement Protocols

  • 2.2.6 Comparison of pairing protocols

• 2.3 2-Move Secure Device Pairing Protocol

  • 2.3.1 Security Analysis

• 2.4 Flaws Found in Some Pairing Protocols

  • 2.4.1 Attack on Wong-Stajano Protocol using Bidirectional Channel

  • 2.4.2 Attack on Wong-Stajano Protocol using Unidirectional Channels

  • 2.4.3 Attack on SRS-AKA Protocol

  • 2.4.4 Attack on Hoepman AKA Protocol

• 2.5 Conclusion

3 Analysis of Secure Device Pairing Protocols

• 3.1 Related Work

• 3.2 Extended Strand Spaces with Out-of-Band Channels

  • 3.2.1 Model Assumptions

  • 3.2.2 Notations

  • 3.2.3 Algebra Extension

  • 3.2.4 Extended Penetrator Model

  • 3.2.5 Pairing Agreement

• 3.3 Analysis of Wong-Stajano Protocol

  • 3.3.1 Responder's Guarantee

  • 3.3.2 Initiator's Guarantee

• 3.4 Analysis of 2-Move Secure Device Pairing Protocol

  • 3.4.1 Initiator's Guarantee

  • 3.4.2 Responder's Guarantee

• 3.5 Out-of-band Channel Transformation

  • 3.5.1 Related Work

  • 3.5.2 Channel Property Transformation

  • 3.5.3 Attack Transformation

  • 3.5.4 Reversed Attack

  • 3.5.5 Analysis of Transformed Wong-Stajano Protocol

• 3.6 Conclusion

4 Secure Neighbour Discovery Protocols

• 4.1 Overview on Neighbour Discovery Protocols

  • 4.1.1 Neighbour Discovery Applications

  • 4.1.2 Threat and Vulnerabilities

  • 4.1.3 Secure Neighbour Discovery Techniques

• 4.2 Examples of Vulnerabilites in Existing Protocols

  • 4.2.1 Brands & Chaum Protocol Vulnerability

  • 4.2.2 ADVSIG Vulnerability

• 4.3 Revised version of ADVSIG

• 4.4 Formal Analysis of Neighbour Discovery Protocol

  • 4.4.1 Related Work on Physical Characteristics Modelling

  • 4.4.2 Notations

  • 4.4.3 Assumptions

  • 4.4.4 Wireless Strand Spaces

  • 4.4.5 Modified Penetrator Model

  • 4.4.6 Secure Neighbour Discovery Goal

  • 4.4.7 Logical Link Test

  • 4.4.8 Authentication Physical Link Tests

• 4.5 Example: Analysis of ADVSIG

  • 4.5.1 Initiator Guarantee

  • 4.5.2 Responder Guarantee

  • 4.5.3 Link spoofing attack on ADVSIG

• 4.6 Conclusion

5 A Secure Bootstrapping for Constrained Devices

• 5.1 Environment, Problem Definition, Attacker Model

  • 5.1.1 Environment

  • 5.1.2 Problem Definition

  • 5.1.3 Attack Model

• 5.2 Related Work

  • 5.2.1 Pairing Process

  • 5.2.2 Registration Process

  • 5.2.3 Association Process

• 5.3 A Proposal For Secure Bootstrapping in IoT

  • 5.3.1 Notations

  • 5.3.2 Overview

  • 5.3.3 Pairing Process

  • 5.3.4 Registration Process

  • 5.3.5 Association Process

  • 5.3.6 Re-association Process

  • 5.3.7 Re-boostrapping Process

• 5.4 Security Analysis

• 5.5 An Implementation of Device Pairing Protocol

• 5.6 Conclusion

6 Conclusion and Future Work

• 6.1 Summary

• 6.2 Perspectives

A Strand Spaces Model

• A.1 Fundamental Theory

• A.2 Penetrator Model

• A.3 Component, Authentication Tests

• A.4 Shape and Skeleton

B Analysis Wong-Stajano Protocol in AVISPA

• B.1 Transformed Protocol

• B.2 Source Code

• B.3 Results

C Implementation of 2-Move Secure Device Pairing on Arduino

• C.1 UDP Client Source Code

• C.2 UDP Server Source Code

Bibliography