The primary objective of the group is to bring together expertise in education, research and practice in the field of information security and algorithms. Our group members conduct research in areas spanning from the theoretical foundations of cryptography to the design and implementation of leading edge efficient and secure communication protocols. Key areas of our technological expertise include:
- Design and development of practical cryptographic mechanisms and protocols that can be employed by resource-limited devices such as sensor nodes and RFIDs.
- Design of specific middleware security services that can be easily integrated in larger applications of wireless sensor networks. Implementation and deployment of realistic sensor networks with applications in environmental monitoring, health care, energy management of buildings, etc.
- Design of protocols that focus on providing security and enhancing user privacy in ubiquitous environments that use RFID and other similar technologies.
- Securing transactions in peer-to-peer networks.
- Design of security protocols and intrusion detection techniques for Ad-Hoc networks, such as authentication and key agreement protocols based on challenge-response and zero-knowledge techniques.
- Design of security architectures for wireless and telecommunication networks (UMTS). Smart card security for e-voting and passport control.
- Design and development low-level cryptographic primitives that can be used in securing the communications in critical applications.
Security and Resilience in Sensor Networks
Our research is focused on building scalable and efficient architectures and technologies that enable secure services and transmission of data across wireless networks of tiny resource-constrained devices such as sensors.
In particular our research has shown results in the following areas:
- Real time detection and recovery against intrusions, malfunctions and failures in sensor networks, in order to guarantee availability and continuous provision of services.
- Support tools to secure network wide reprogramming of large-scale deployed sensor networks.
- Composition of middleware security services for sensor networks with managed operation and administrative capabilities.
- Security of data and services that can be incorporated in the development of new applications in sensor networks
- Simulation environments and test-beds for comparative evaluation of protocols addressing security, dependability and privacy.
Sensor Network Applications
Our group is working on software infrastructures that support and enable the development of sensor network applications. We concentrate our research on building new distributed applications for wireless sensor networks in order to promote health, safety, productivity and interaction with the environment.
Having made several test deployments of newly developed technologies, our group is now deploying operational sensor networks in the outside world that do real work. This process includes:
- Deployment of dedicated monitoring hardware
- Aggregation of data from virtually any sensor
- Integration with IT notification systems providing sophisticated event detection and notification applications.
Our research efforts are concentrated on innovative applications that use wireless sensor networks in monitoring and management with perspectives for new market opportunities. In particular, we target the following class of applications:
- Systems that enable future buildings to become more energy efficient
- Healthcare systems for personalized monitoring and homecare
- Forest fire detection and fighting
- Intelligent vehicles and traffic management systems
- Integrating sensor networks in systems for large scale infrastructures and plants.
- Monitoring and management of ecosystems
Example sensor networks applications that we have developed include
- The dotSense project: monitoring in-doors building environment gathering real-time data, available to the end-user through the internet.
- The Zakynthos project: environmental monitoring of the protected area of Laganas in Zakynthos island where the Caretta-Caretta sea-turtles are laying their eggs.
- The body sensor network project: integration of medical sensors with motes for monitoring patient’s vital signs.
The research opportunities on this area at the Algorithms and Security group are very exciting. Many new sensor networks applications are being developed, that require not only a strong theoretical background but also hands-on experience on programming frameworks and different hardware platforms.
Radio Frequency Identification (RFID) is a new technology for automated object identification. An RFID tag is an electronic device that consists of an antenna and an inexpensive chip, often smaller than a grain of rice, which can be read from distance by a nearby reader. This device is typically attached to an object and upon request it can return information related to the tagged item, such as product characteristics, date of manufacture, date of purchase, and so on.
RFID tagged items can have remarkable applications. One can imagine a future where passive RFID tags are in every human-made object and even in some natural ones (such are animals or even people). This would allow better tracking of items in complex automated chains, thus permitting goods to be traced from manufacturers to retail stores. The introduction of RFID tags in all objects could also directly benefit the consumer: One could imagine refrigerators issuing warnings about expired food or about remaining bottles of milk. Laundry machines could select washing cycles based on color and sensitivity of clothes. Pharmaceutical products may be checked for being counterfeit or expired and animals (or more controversially children) could be retrieved in case they are lost.
Despite this increased productivity and convenience, one must wonder about the social consequences of a world full of tagged items. Will this pervasive use of RFID tags open up the possibility for violating user privacy? In this line of research we focus in developing protocols that can be used in enhancing user privacy and help realizing Mark Weiser’s vision of ubiquitous computing in which small computers embedded in everyday objects could respond to people’s presence and needs without being actively manipulated.
Smart Cards Security
Our research is focused on access control techniques, encryption algorithms, secure storage and crypto-processor design. Several applications have been developed within our group. Some of these include:
- Smart Identity Card: A multipurpose cards for ATM transactions, e-commerce, Underground stations and parking spots.
- Key Escrow System: A key recovery system that uses smart cards to recover lost or erroneous encryption keys.
- Mobile Multimedia: Smart Cards have been applied in WAP applications for multimedia transmission.
- Biometric Storage: Framework for secure biometric template storage in smart cards.
- PKI enable: Crypto-processor design to efficiently perform public key computations.
Security in Adhoc networks
Our research is focused on building efficient authentication, key agreement, integrity mechanisms and intrusion detection techniques for (mobile) ad hoc networks. In particular, we have designed, analysed, and implemented:
- A layered security approach that is enabled with the main operations of ad hoc networks.
- Authentication and key agreement protocols based on challenge-response and zero knowledge techniques.
- A framework for two-step authentication and key agreement in combination with the layered security approach.
- A detection approach for unauthorised and compromised nodes.
- Intrusion detection modules based on neural networks and linear threshold schemes.
- Intrusion response modules based on watermarking techniques and binary trees.
- Intrusion detection with biometric templates.
Security in Telecommunication networks
Our research is focused on resourceful cryptographic algorithms, adaptive authentication and key agreement protocols, and efficient techniques that enable PKI systems in telecommunication networks. Some of our work is listed below:
- Security enhancement to GSM A5/1 encryption algorithm without loosing its hardware efficiency.
- Authentication mechanism that adapts to the environment it is being used.
- Secure communication protocol for mobile multimedia applications.
- Modified WAP for secure voice and video communication.
- Novel Methods for Enabling Public Key Schemes.
Applied Cryptography and Computer Security
In summary, our ongoing research applies to many different types of systems and focuses on:
- The design of both private and public key encryption systems which meet certain requirements against adversaries who not only can listen to messages but who can also intercept messages, and maybe alter them.
- Considering current proposals of encryption systems and evaluate them with respect to the security goal planned.
- The notion of provable security, i.e. show how to design systems which can be proved secure under various theoretic assumptions.
- Efficiency aspects of encryption systems and show how to improve efficiency without deteriorating the level of security achieved.
- The design of robust and light-weight cryptographic algorithms and primitives that can be applied in devices with low computational power and memory constraints.
Cryptography and Information Security Laboratory
The lab for Cryptography and Information Security provides a facility for R&D in Information and Systems security. The lab was founded with the following in mind:
- Demonstrate various key technologies (smart cards, biometrics, sensor networks, RFIDs, etc.)
- Help educate IT engineers in security infrastructures for personal communications, e-commerce and the Internet
- Provide services to high-technology companies.
- Research in the lab mainly falls within the framework of applications of cryptography in networking and e-commerce in order to guarantee:
- Fast, low-power, and user-friendly solutions for deployment in consumer markets, e.g., the development of smart credit cards, RFID/sensor protocols, etc.
- Advanced solutions for better and longer-term security, e.g., protocols based on elliptic curves and ciphers.
The lab is used for both educational and professional purposes and is equipped with state of art of workstations attached with smart cards for development of encryption algorithms, cryptographic protocols and end-to-end secure solutions.
The MoteLab is a part of the Algorithms and Security Group, and is physically located on the second floor of AIT building. We are engaged in research on architecture, design, and tools for networked and embedded computing and communication systems. Our current interests include wireless sensor and actuator networks, RFIDs, Smart Cards, low-power computing and networking, and pervasive computing.
Some of the equipment available for research work at the lab is as follows:
- Mica2 motes (Crossbow)
- MicaZ motes (Crossbow)
- Mica2DOT motes (Crossbow)
- Tmote Sky motes (Moteiv)
- Sensor/Data Acquisition Modules
- MIB – Programming and Interface Boards (Crossbow)
- Stargate – XScale Network Interface and Single Board Computer (Crossbow)
We have deployed a sensor network in AIT building gathering real-time data, available to the end-user through the internet. Click here to see Live Monitoring Graphs to your PC. The deployed sensor network is based on our system, called .Sense, which also provides security features, such as data integrity, confidentiality and authentication, making it one of the first secure deployed sensor networks.