10 research outputs found
Forward Secure Signatures on Smart Cards
We introduce the forward secure signature scheme XMSS and present an implementation for smart cards. It is based on the hash-based signature scheme XMSS. In contrast to the only previous implementation of a hash-based signature scheme on smart cards by Rohde et al., we solve the problem of on-card key generation. Compared to XMSS, we reduce the key generation time from to , where is the number of signatures that can be created with one key pair. To the best of our knowledge this is the first implementation of a forward secure signature scheme and the first full implementation of a hash-based signature scheme on smart cards. The resulting runtimes are comparable to those of RSA and ECDSA on the same device. This shows the practicality of forward secure signature schemes, even on constrained devices
IoTSan: Fortifying the Safety of IoT Systems
Today's IoT systems include event-driven smart applications (apps) that
interact with sensors and actuators. A problem specific to IoT systems is that
buggy apps, unforeseen bad app interactions, or device/communication failures,
can cause unsafe and dangerous physical states. Detecting flaws that lead to
such states, requires a holistic view of installed apps, component devices,
their configurations, and more importantly, how they interact. In this paper,
we design IoTSan, a novel practical system that uses model checking as a
building block to reveal "interaction-level" flaws by identifying events that
can lead the system to unsafe states. In building IoTSan, we design novel
techniques tailored to IoT systems, to alleviate the state explosion associated
with model checking. IoTSan also automatically translates IoT apps into a
format amenable to model checking. Finally, to understand the root cause of a
detected vulnerability, we design an attribution mechanism to identify
problematic and potentially malicious apps. We evaluate IoTSan on the Samsung
SmartThings platform. From 76 manually configured systems, IoTSan detects 147
vulnerabilities. We also evaluate IoTSan with malicious SmartThings apps from a
previous effort. IoTSan detects the potential safety violations and also
effectively attributes these apps as malicious.Comment: Proc. of the 14th ACM CoNEXT, 201
Key2Share for Authentication Services
Key2Share is a smartphone-based solution for authentication services that allows users to manage their access rights to different physical resources on their mobile device. The system is applicable to various application scenarios, such as access control to enterprise facilities, hotel rooms, houses and cars. Key2Share complies with high security standards by providing reliable protection for keys in transit and on the mobile platform. Particularly, it employs modern cryptography to protect keys in transfer and leverages secure hardware (such as smartcards) for storing and handling cryptographic secrets in isolation from untrusted code, such as mobile operating system and apps
Key2Share for Authentication Services
Key2Share is a smartphone-based solution for authentication services that allows users to manage their access rights to different physical resources on their mobile device. The system is applicable to various application scenarios, such as access control to enterprise facilities, hotel rooms, houses and cars. Key2Share complies with high security standards by providing reliable protection for keys in transit and on the mobile platform. Particularly, it employs modern cryptography to protect keys in transfer and leverages secure hardware (such as smartcards) for storing and handling cryptographic secrets in isolation from untrusted code, such as mobile operating system and apps
Forward secure signatures on smart cards preliminary version
\u3cp\u3eWe introduce the forward secure signature scheme XMSS \u3csup\u3e+\u3c/sup\u3e and present an implementation for smart cards. It is based on the hash-based signature scheme XMSS. In contrast to the only previous implementation of a hash-based signature scheme on smart cards by Rohde et al., we solve the problem of on-card key generation. Compared to XMSS, we reduce the key generation time from to, where n is the number of signatures that can be created with one key pair. To the best of our knowledge this is the first implementation of a forward secure signature scheme and the first full implementation of a hash-based signature scheme on smart cards. The resulting runtimes are comparable to those of RSA and ECDSA on the same device. This shows the practicality of forward secure signature schemes, even on constrained devices.\u3c/p\u3
Forward secure signatures on smart cards preliminary version
We introduce the forward secure signature scheme XMSS + and present an implementation for smart cards. It is based on the hash-based signature scheme XMSS. In contrast to the only previous implementation of a hash-based signature scheme on smart cards by Rohde et al., we solve the problem of on-card key generation. Compared to XMSS, we reduce the key generation time from to, where n is the number of signatures that can be created with one key pair. To the best of our knowledge this is the first implementation of a forward secure signature scheme and the first full implementation of a hash-based signature scheme on smart cards. The resulting runtimes are comparable to those of RSA and ECDSA on the same device. This shows the practicality of forward secure signature schemes, even on constrained devices