Security problems of systems of extremely weak devices

In this paper we discuss some fundamental security issues of distributed systems of weak devices. We briefly describe two extreme kinds of such systems - the sensor network and theRadio Frequency IDentification (RFID) system from the point of view of security mechanisms designer. We describe some most important particularities and issues (including unsolved problems) that have to be taken into account in security design and analysis. Finally we present some fundamental concepts and paradigms of research on security of weak devices. In the paper we also give a brief survey of ultra–light HB/HB+ - family of encryption schemes and so-called predistribution protocols

09031 Abstracts Collection -- Symmetric Cryptography

From 11.01.09 to 16.01.09, the Seminar 09031 in ``Symmetric Cryptography \u27\u27 was held in Schloss Dagstuhl~--~Leibniz Center for Informatics. During the seminar, several participants presented their current research, and ongoing work and open problems were discussed. Abstracts of the presentations given during the seminar as well as abstracts of seminar results and ideas are put together in this paper. The first section describes the seminar topics and goals in general. Links to extended abstracts or full papers are provided, if available

Lightweight cryptography on ultra-constrained RFID devices

Devices of extremely small computational power like RFID tags are used in practice to a rapidly growing extent, a trend commonly referred to as ubiquitous computing. Despite their severely constrained resources, the security burden which these devices have to carry is often enormous, as their fields of application range from everyday access control to human-implantable chips providing sensitive medical information about a person. Unfortunately, established cryptographic primitives such as AES are way to 'heavy' (e.g., in terms of circuit size or power consumption) to be used in corresponding RFID systems, calling for new solutions and thus initiating the research area of lightweight cryptography. In this thesis, we focus on the currently most restricted form of such devices and will refer to them as ultra-constrained RFIDs. To fill this notion with life and in order to create a profound basis for our subsequent cryptographic development, we start this work by providing a comprehensive summary of conditions that should be met by lightweight cryptographic schemes targeting ultra-constrained RFID devices. Building on these insights, we then turn towards the two main topics of this thesis: lightweight authentication and lightweight stream ciphers. To this end, we first provide a general introduction to the broad field of authentication and study existing (allegedly) lightweight approaches. Drawing on this, with the (n,k,L)^-protocol, we suggest our own lightweight authentication scheme and, on the basis of corresponding hardware implementations for FPGAs and ASICs, demonstrate its suitability for ultra-constrained RFIDs. Subsequently, we leave the path of searching for dedicated authentication protocols and turn towards stream cipher design, where we first revisit some prominent classical examples and, in particular, analyze their state initialization algorithms. Following this, we investigate the rather young area of small-state stream ciphers, which try to overcome the limit imposed by time-memory-data tradeoff (TMD-TO) attacks on the security of classical stream ciphers. Here, we present some new attacks, but also corresponding design ideas how to counter these. Paving the way for our own small-state stream cipher, we then propose and analyze the LIZARD-construction, which combines the explicit use of packet mode with a new type of state initialization algorithm. For corresponding keystream generator-based designs of inner state length n, we prove a tight (2n/3)-bound on the security against TMD-TO key recovery attacks. Building on these theoretical results, we finally present LIZARD, our new lightweight stream cipher for ultra-constrained RFIDs. Its hardware efficiency and security result from combining a Grain-like design with the LIZARD-construction. Most notably, besides lower area requirements, the estimated power consumption of LIZARD is also about 16 percent below that of Grain v1, making it particularly suitable for passive RFID tags, which obtain their energy exclusively through an electromagnetic field radiated by the reading device. The thesis is concluded by an extensive 'Future Research Directions' chapter, introducing various new ideas and thus showing that the search for lightweight cryptographic solutions is far from being completed

Tecnologias IoT para pastoreio e controlo de postura animal

The unwanted and adverse weeds that are constantly growing in vineyards, force wine producers to repeatedly remove them through the use of mechanical and chemical methods. These methods include machinery such as plows and brushcutters, and chemicals as herbicides to remove and prevent the growth of weeds both in the inter-row and under-vine areas. Nonetheless, such methods are considered very aggressive for vines, and, in the second case, harmful for the public health, since chemicals may remain in the environment and hence contaminate water lines. Moreover, such processes have to be repeated over the year, making it extremely expensive and toilsome. Using animals, usually ovines, is an ancient practice used around the world. Animals, grazing in vineyards, feed from the unwanted weeds and fertilize the soil, in an inexpensive, ecological and sustainable way. However, sheep may be dangerous to vines since they tend to feed on grapes and on the lower branches of the vines, which causes enormous production losses. To overcome that issue, sheep were traditionally used to weed vineyards only before the beginning of the growth cycle of grapevines, thus still requiring the use of mechanical and/or chemical methods during the remainder of the production cycle. To mitigate the problems above, a new technological solution was investigated under the scope of the SheepIT project and developed in the scope of this thesis. The system monitors sheep during grazing periods on vineyards and implements a posture control mechanism to instruct them to feed only from the undesired weeds. This mechanism is based on an IoT architecture, being designed to be compact and energy efficient, allowing it to be carried by sheep while attaining an autonomy of weeks. In this context, the thesis herein sustained states that it is possible to design an IoT-based system capable of monitoring and conditioning sheep’s posture, enabling a safe weeding process in vineyards. Moreover, we support such thesis in three main pillars that match the main contributions of this work and that are duly explored and validated, namely: the IoT architecture design and required communications, a posture control mechanism and the support for a low-cost and low-power localization mechanism. The system architecture is validated mainly in simulation context while the posture control mechanism is validated both in simulations and field experiments. Furthermore, we demonstrate the feasibility of the system and the contribution of this work towards the first commercial version of the system.O constante crescimento de ervas infestantes obriga os produtores a manter um processo contínuo de remoção das mesmas com recurso a mecanismos mecânicos e/ou químicos. Entre os mais populares, destacam-se o uso de arados e roçadores no primeiro grupo, e o uso de herbicidas no segundo grupo. No entanto, estes mecanismos são considerados agressivos para as videiras, assim como no segundo caso perigosos para a saúde pública, visto que os químicos podem permanecer no ambiente, contaminando frutos e linhas de água. Adicionalmente, estes processos são caros e exigem mão de obra que escasseia nos dias de hoje, agravado pela necessidade destes processos necessitarem de serem repetidos mais do que uma vez ao longo do ano. O uso de animais, particularmente ovelhas, para controlar o crescimento de infestantes é uma prática ancestral usada em todo o mundo. As ovelhas, enquanto pastam, controlam o crescimento das ervas infestantes, ao mesmo tempo que fertilizam o solo de forma gratuita, ecológica e sustentável. Não obstante, este método foi sendo abandonado visto que os animais também se alimentam da rama, rebentos e frutos da videira, provocando naturais estragos e prejuízos produtivos. Para mitigar este problema, uma nova solução baseada em tecnologias de Internet das Coisas é proposta no âmbito do projeto SheepIT, cuja espinha dorsal foi construída no âmbito desta tese. O sistema monitoriza as ovelhas enquanto estas pastoreiam nas vinhas, e implementam um mecanismo de controlo de postura que condiciona o seu comportamento de forma a que se alimentem apenas das ervas infestantes. O sistema foi incorporado numa infraestrutura de Internet das Coisas com comunicações sem fios de baixo consumo para recolha de dados e que permite semanas de autonomia, mantendo os dispositivos com um tamanho adequado aos animais. Neste contexto, a tese suportada neste trabalho defende que é possível projetar uma sistema baseado em tecnologias de Internet das Coisas, capaz de monitorizar e condicionar a postura de ovelhas, permitindo que estas pastem em vinhas sem comprometer as videiras e as uvas. A tese é suportada em três pilares fundamentais que se refletem nos principais contributos do trabalho, particularmente: a arquitetura do sistema e respetivo sistema de comunicações; o mecanismo de controlo de postura; e o suporte para implementação de um sistema de localização de baixo custo e baixo consumo energético. A arquitetura é validada em contexto de simulação, e o mecanismo de controlo de postura em contexto de simulação e de experiências em campo. É também demonstrado o funcionamento do sistema e o contributo deste trabalho para a conceção da primeira versão comercial do sistema.Programa Doutoral em Informátic

Safety and Reliability - Safe Societies in a Changing World

The contributions cover a wide range of methodologies and application areas for safety and reliability that contribute to safe societies in a changing world. These methodologies and applications include: - foundations of risk and reliability assessment and management - mathematical methods in reliability and safety - risk assessment - risk management - system reliability - uncertainty analysis - digitalization and big data - prognostics and system health management - occupational safety - accident and incident modeling - maintenance modeling and applications - simulation for safety and reliability analysis - dynamic risk and barrier management - organizational factors and safety culture - human factors and human reliability - resilience engineering - structural reliability - natural hazards - security - economic analysis in risk managemen