Authentication and identity privacy in the wireless domain

Authentication and privacy in wireless systems is becoming an increasingly important field: More and more people are using more and more wireless system on personal devices that process vast amounts of personal data, at home and abroad, and on a daily basis. Laptops, smartphones, and tablet PCs are examples for devices in a world of ubiquitous wireless services. With the growing amount of personal data at risk, awareness for this issue is picking up with some users. The goal of this thesis is to extend the state-of-the-art in the field of security and privacy for wireless services and to show that achieving security and privacy is possible even on hardware with a minimum of computational capabilities, and in scenarios where it has not been considered at all so far to foster new research directions. We will present self-contained and thorough solutions for authentication and privacy challenges in three different scenarios. All these solutions fulfill security and privacy goals not achieved by prior works. All solutions are analyzed on a theoretical and a practical level, i.e., the theoretical background of the solution shows its feasibility and that it achieves the security and privacy goals desired. Furthermore, all solutions are implemented on inexpensive commercially available hardware and benchmarked for performance. Where possible, our new solutions were compared to existing solutions. All the proposed solutions are meant to be useful in the real world, i.e., we consider performance and user experience. We first propose a protocol suite for wireless roaming. It allows clients of certain home operators to access wireless networks of other local operators without disclosing their personal data to the local operators, and it prevents the home operators from obtaining any information on the services used beyond the amount paid. The roaming solution includes electronic payment and does not require prepaid credit. Attacks on the wireless connection are prevented. When connected, users may also allow their devices act as access points for others user and earn money therewith. We present solutions with and without the participation of the home operator in each connection. We next propose a protocol suite for electronic health monitoring. It allows secure and privacy preserving handling of real-time measured data on bodily functions, e.g., the heart rate. The data never leaves the control of the user unless explicitly authorized. Finally, we present a solution for time synchronization in wireless sensor networks, which is the first to guarantee the privacy of the nodes taking part in the synchronization. The individual nodes are unobservable and cannot be influenced by an attacker through modifications on the wireless channel. Beyond the work on privacy, as an excursus, we present the implementation of an attack on the authentication in Bluetooth, which, to the best of our knowledge and belief, is the first implemented attack on the Bluetooth versions 2.1, 3.0, or 4.0. The attack targets devices with numerical keyboards, e.g., wireless keyboards for tablet computers, when the same PIN is used twice. Potential victims are also devices with fixed PINs