research overview nitesh saxena [email protected] research areas: computer and network security,...
TRANSCRIPT
![Page 1: Research Overview Nitesh Saxena nsaxena@poly.edu Research areas: computer and network security, applied cryptography](https://reader035.vdocument.in/reader035/viewer/2022070413/5697bfe11a28abf838cb3edb/html5/thumbnails/1.jpg)
Research Overview
Nitesh [email protected]
Research areas: computer and network security, applied cryptography
![Page 2: Research Overview Nitesh Saxena nsaxena@poly.edu Research areas: computer and network security, applied cryptography](https://reader035.vdocument.in/reader035/viewer/2022070413/5697bfe11a28abf838cb3edb/html5/thumbnails/2.jpg)
Research Group
5 Ph.D. students 2 M.S. students 1 undergraduate student You?
if you is creative if you likes math (at least not math-phobic) if you is good at programming if you does not like being spoon-fed if you is a team player if you have a life beyond work
![Page 3: Research Overview Nitesh Saxena nsaxena@poly.edu Research areas: computer and network security, applied cryptography](https://reader035.vdocument.in/reader035/viewer/2022070413/5697bfe11a28abf838cb3edb/html5/thumbnails/3.jpg)
Collaboration
NYU-Poly NYU Nokia Research, Finland INRIA, France UC Irvine CMU University of Split, Croatia
![Page 4: Research Overview Nitesh Saxena nsaxena@poly.edu Research areas: computer and network security, applied cryptography](https://reader035.vdocument.in/reader035/viewer/2022070413/5697bfe11a28abf838cb3edb/html5/thumbnails/4.jpg)
Secure Device Pairing
![Page 5: Research Overview Nitesh Saxena nsaxena@poly.edu Research areas: computer and network security, applied cryptography](https://reader035.vdocument.in/reader035/viewer/2022070413/5697bfe11a28abf838cb3edb/html5/thumbnails/5.jpg)
The Problem
How to bootstrap secure communication between Alice’s and Bob’s devices when they have no prior context no common trusted CA or TTP
Examples
Pairing a bluetooth cell phone with a headset
Pairing a WiFi laptop with an access point
Idea make use of a physical channel between devices with least involvement from Alice and Bob
Audio; Visual; Tactile
![Page 6: Research Overview Nitesh Saxena nsaxena@poly.edu Research areas: computer and network security, applied cryptography](https://reader035.vdocument.in/reader035/viewer/2022070413/5697bfe11a28abf838cb3edb/html5/thumbnails/6.jpg)
Research Challenges
OOB channels are low-bandwidth Devices may be constrained in terms of
interfaces User is constrained - Usability Multiple devices
Sensor network initialization Group formation
Ohh! I cannot even pair my socks!
![Page 7: Research Overview Nitesh Saxena nsaxena@poly.edu Research areas: computer and network security, applied cryptography](https://reader035.vdocument.in/reader035/viewer/2022070413/5697bfe11a28abf838cb3edb/html5/thumbnails/7.jpg)
RFID Security and Privacy
![Page 8: Research Overview Nitesh Saxena nsaxena@poly.edu Research areas: computer and network security, applied cryptography](https://reader035.vdocument.in/reader035/viewer/2022070413/5697bfe11a28abf838cb3edb/html5/thumbnails/8.jpg)
The Privacy Problem
Good tags, Bad readers
500 Eurosin wallet
Serial numbers:597387,389473
…
Wigmodel #4456
(cheap polyester)
30 items of lingerie
Das Kapital and Communist-
party handbook
Viagramedical drug #459382
![Page 9: Research Overview Nitesh Saxena nsaxena@poly.edu Research areas: computer and network security, applied cryptography](https://reader035.vdocument.in/reader035/viewer/2022070413/5697bfe11a28abf838cb3edb/html5/thumbnails/9.jpg)
The Authentication Problem
Good readers, Bad tags
500 Eurosin wallet
Serial numbers:597387,389473
…
Wigmodel #4456
(cheap polyester)
30 items of lingerie
Das Kapital and Communist-
party handbook
Viagramedical drug #459382
Counterfeit!!
![Page 10: Research Overview Nitesh Saxena nsaxena@poly.edu Research areas: computer and network security, applied cryptography](https://reader035.vdocument.in/reader035/viewer/2022070413/5697bfe11a28abf838cb3edb/html5/thumbnails/10.jpg)
Relay Attacks (e.g., Ghost-and-Leech Attacks)
challenge
challenge
challenge
response
response
response
![Page 11: Research Overview Nitesh Saxena nsaxena@poly.edu Research areas: computer and network security, applied cryptography](https://reader035.vdocument.in/reader035/viewer/2022070413/5697bfe11a28abf838cb3edb/html5/thumbnails/11.jpg)
Research Challenges
Very limited resources a $0.03 tag can’t do much computationally
only and-or-xor operations might be feasible has only ~2,000 gates for security
operations few bits to few bytes of memory
No user interfaces Atypical usage model Studying real-world deployments
![Page 12: Research Overview Nitesh Saxena nsaxena@poly.edu Research areas: computer and network security, applied cryptography](https://reader035.vdocument.in/reader035/viewer/2022070413/5697bfe11a28abf838cb3edb/html5/thumbnails/12.jpg)
Other Ongoing Projects
Mobile Phone Assisted Strong Password Authentication
Password-Protected Secret Sharing and Distributed Function Computation
Privacy of Web Search Security and Privacy of P2P Systems Inference of Private Attributes on
Facebook Games and Security
![Page 13: Research Overview Nitesh Saxena nsaxena@poly.edu Research areas: computer and network security, applied cryptography](https://reader035.vdocument.in/reader035/viewer/2022070413/5697bfe11a28abf838cb3edb/html5/thumbnails/13.jpg)
Thanks!
More details: http://cis.poly.edu/~nsaxena/research.html