Upload
others
View
1
Download
0
Embed Size (px)
Citation preview
Security in Mobile Systems:Current Challenges and Selected Approaches
Wissenschaftlicher Fachvortrag zu Netzwerke und Sicherheit
6. Februar 2013 15:00 – 16:00JKU Linz, SCP1 MT 127
Priv.-Doz. DI Dr. René Mayrhofer
2013-02-06 Fachvortrag Netzwerke und Sicherheit: Security in Mobile Systems 2René Mayrhofer
Academic and research profile
Diploma thesis on Artificial Intelligence (Oct. 2002, event based simulation of Spiking Neural Networks)1998 – 2002, JKU
IT Security (network security, firewalls, industry projects)2001 – now, Project manager of Gibraltar Firewall and Security Consultant
Dissertation on Context-aware Systems (Nov. 2004, prediction of future contexts)2002 – 2005, JKU Inst. for Pervasive Computing
Habilitation thesis on Ubiquitous Computing Security (submitted Sept. 2008, venia docenci granted Mar. 2009)2008 – 2009, Guest Prof. at Vienna Univ.Sept.
2002
since2000
Security for Mobile Systems(Josef Ressel Center u'smile)2010 – now, Prof. for Mobile Computing, FH Hagenberg
Context-based Security and Security for Spontaneous Interaction2005 – 2008, Marie Curie Fellow at Lancaster Univ.
Aug. 2005
Feb.2008
Shared-Nothing Server Virtualization 2009 – 2010, FWF Impulsprojekt with eSYS GmbH
Feb.2009Feb
2010
IntroductionAuthentication in Mobile SystemsSelected Research Contributions
Future Research
Personal ProfileScientific Area: Networks and Security
2013-02-06 Fachvortrag Netzwerke und Sicherheit: Security in Mobile Systems 3René Mayrhofer
Research and industry projects
2010 -20172012201120092005-20081999-
IntroductionAuthentication in Mobile SystemsSelected Research Contributions
Future Research
Personal ProfileScientific Area: Networks and Security
JRC u'smile12 people, 1430k€
CDG
Joint Int. PhD Program4 PhD students, 588k€
Upper Austria
Server Virt.106k€
FWF
CAPER128k€
EC FP6
SESAME16 (3) people, 810 (135) k€ SESAME-S
17 (3) people, 771 (128) k€
FFGCOIN
Gibraltar Firewall5 people
NLN7 people
(Co-)
Pro
ject
lea
dPa
rtner
Indust
ry
Server Virt.106k€
2013-02-06 Fachvortrag Netzwerke und Sicherheit: Security in Mobile Systems 4René Mayrhofer
Summary of academic activities
Publications● 9 journal articles, 6 as first author (2 since 2010)● 38 conference/workshop papers, 20 as first author (15 since 2010)● guest editor for 2 journal special issues
Organization● program chair for MoMM 2013● co-organizer of 7 workshops● co-organizer of 2 doctoral colloquiums● JKU/UAS Joint International PhD Program (together with Josef Küng for JKU)
Reviews● PC member of 58 international conferences/workshops● reviewer for 10 journals and 31 conferences
Teaching● 7 courses at FH Hagenberg, 4 at Vienna Univ., 2 at Lancaster Univ., 2 at JKU● 3 finished dissertations (7 ongoing), 9 finished Master's students (5 ongoing)
IntroductionAuthentication in Mobile SystemsSelected Research Contributions
Future Research
Personal ProfileScientific Area: Networks and Security
2013-02-06 Fachvortrag Netzwerke und Sicherheit: Security in Mobile Systems 5René Mayrhofer
Networks and Security
IntroductionAuthentication in Mobile SystemsSelected Research Contributions
Future Research
Personal ProfileScientific Area: Networks and Security
Networks Security
protocols&
VPNs
usability
restrictedresources
&embedded
devices
sensing
socialethical
legalpolitical
aspects
privacy
hardwareOS
appsecurity
cryptography
userdevice authentication
virtualization
physicaldata linknetwork
transport
layer
wireless networks
ad-hoc
peer-to-peer
PANLAN
WANMAN
virtualization(overlays)
distributedsystems
mobile computing
wireless sensornetworks
Internetof Things
biometry
2013-02-06 Fachvortrag Netzwerke und Sicherheit: Security in Mobile Systems 6René Mayrhofer
Networks and Security
IntroductionAuthentication in Mobile SystemsSelected Research Contributions
Future Research
Personal ProfileScientific Area: Networks and Security
Networks Security
protocols&
VPNs
usability
restrictedresources
&embedded
devices
sensing
socialethical
legalpolitical
aspects
privacy
hardwareOS
appsecurity
cryptography
userdevice authentication
virtualization
physicaldata linknetwork
transport
layer
wireless networks
ad-hoc
peer-to-peer
PANLAN
WANMAN
virtualization(overlays)
distributedsystems
mobile computing
wireless sensornetworks
Internetof Things
biometrySESAME
GibraltarFirewall
GibraltarFirewall
SiLiConP2P
GibraltarFirewall
GibraltarFirewall
Server Virt.
CAPER
CAPER
SESAME
CAPER
CAPERNLN
JRC u'smile
JRC u'smile
JRC u'smile
CAPERServer Virt.
JRCu'smile
JRC u'smile
JRCu'smile
2013-02-06 Fachvortrag Netzwerke und Sicherheit: Security in Mobile Systems 7René Mayrhofer
Security in production: Gibraltar Firewall
● first installation in July 2000● product- and project lead,
10 employees, 2-5 freelancers● during past 4 years >1000
commercial licenses in use● 1 Magister/Masters thesis
1 Bachelors thesis7 Student projects
IntroductionAuthentication in Mobile SystemsSelected Research Contributions
Future Research
Personal ProfileScientific Area: Networks and SecuritySidenote: Industry projects on Network Security
2013-02-06 Fachvortrag Netzwerke und Sicherheit: Security in Mobile Systems 8René Mayrhofer
Gibraltar – selected installations
References in Austria Universität Linz Fachhochschulen Kufstein,
Hagenberg Technikum Wien Stadtgemeinde Vöcklabruck Doubrava COPYright by Josef Schürz Kirsch – Muchitsch und Partner GIG Karasekgroup Wolf Systembau Stubai Werkzeugindustrie Financial Adivsory GmbH Ebnerbau Mondsee HGS Unternehmensberatung Profactor Steyr Datacontact CARE Österreich Gerstl Bau …
International references• Universität Washington• Universität der Bundeswehr• Universität Stuttgart• Universität Oxford• P&T Luxemburg• Graziano Transmissioni, Italien• Scotcomms, GB• ARIS AG, Schweiz• Calistel, Frankreich• COOPService Noncello, Italien• Kniel System Electronics• Noske-Kaeser GmbH, Deutschland• Städtische Überlandwerke Coburg• Scene Double, GB• …
IntroductionAuthentication in Mobile SystemsSelected Research Contributions
Future Research
Personal ProfileScientific Area: Networks and SecuritySidenote: Industry projects on Network Security
2013-02-06 Fachvortrag Netzwerke und Sicherheit: Security in Mobile Systems 9René Mayrhofer
Project NLN
Goal: “Zero-interaction” secure gateway devices● installed by non-experts● managed by cloud service● always online, updates and configuration delivered automatically● target: >1M devices online at the same time within 24 months
IntroductionAuthentication in Mobile SystemsSelected Research Contributions
Future Research
Personal ProfileScientific Area: Networks and SecuritySidenote: Industry projects on Network Security
2013-02-06 Fachvortrag Netzwerke und Sicherheit: Security in Mobile Systems 10René Mayrhofer
If security and/or privacy and usability collide, then usability always wins!
Most important aspect: Usability
● When security methods or implications on users' privacy are not properly understood, systems will be used incorrectly.
● Annoying and obtrusive security measures are simply deactivated so that users can get their jobs done.
● For example: – sharing passwords, never logging out
– writing PIN on back of card, most often used PINs “1234” and “0000”
– “ALERT: The URL says www.mybank.com, but the certificate is for cracker.net, really continue?” - “Yeah, whatever, just let me enter my PIN and TAN codes now...”
IntroductionAuthentication in Mobile SystemsSelected Research Contributions
Future Research
Personal ProfileScientific Area: Networks and Security
2013-02-06 Fachvortrag Netzwerke und Sicherheit: Security in Mobile Systems 11
The most profound technologies are those that disappear. They
weave themselves into the fabric of everyday life until they are
indistinguishable from it.Mark Weiser, 1991, „The Computer for the 21st Century“
2013-02-06 Fachvortrag Netzwerke und Sicherheit: Security in Mobile Systems 12
… as long as they do not ask for a password …
2013-02-06 Fachvortrag Netzwerke und Sicherheit: Security in Mobile Systems 13
… or fail spectacularly with regards to securing their user's
data.
2013-02-06 Fachvortrag Netzwerke und Sicherheit: Security in Mobile Systems 14René Mayrhofer
Spontaneous interaction to do it now
Core topic of Mobile and Pervasive/Ubiquitous Computing:
use of service when and where it is most appropriate● everywhere, anytime
● triggered by the user or automatically
● highly dependent on the specific situation
Interaction that can happen spontaneously without administrative overhead
● spontaneous as in “unplanned”: encounters, opportunities, serendipity ● spontaneous as in “self-acting”: operation out of the box, “plug and play”
IntroductionAuthentication in Mobile Systems
Selected Research ContributionsFuture Research
Mobile ComputingSecurity Issues
2013-02-06 Fachvortrag Netzwerke und Sicherheit: Security in Mobile Systems 15René Mayrhofer
Mobile Computing – Everything new?
IntroductionAuthentication in Mobile Systems
Selected Research ContributionsFuture Research
Mobile ComputingSecurity Issues
2013-02-06 Fachvortrag Netzwerke und Sicherheit: Security in Mobile Systems 16René Mayrhofer
Wireless communication
Small, mobile devices● limited user interfaces
● limited resources (run time!)
Many devices● integrated with/into physical objects
● communicate among each other
● communicate with the user
Sensing
⇒ (mobile and stationary) devices and communication become more and moreinvisible, unobservable, and uncontrollable
Mobile Computing – Everything new?
IntroductionAuthentication in Mobile Systems
Selected Research ContributionsFuture Research
Mobile ComputingSecurity Issues
2013-02-06 Fachvortrag Netzwerke und Sicherheit: Security in Mobile Systems 17René Mayrhofer
Issue 1: Device OS/platform security
Security of mobile/smart/pervasive devices is hard to achieve
● many different (wireless) network interfaces ⇒ no more centralized firewalls
● security architectures (slightly) better than for client/server or desktops, but immature implementations and weak (non-existent) additional layers of protection
● proliferation of platforms, hardly any security updates for products older than 1 year
Small is beautiful, but:● easy to pocket ⇒ easy to forget, easy to steal● malicious wireless nodes nearly impossible to find
IntroductionAuthentication in Mobile Systems
Selected Research ContributionsFuture Research
Mobile ComputingSecurity Issues
2013-02-06 Fachvortrag Netzwerke und Sicherheit: Security in Mobile Systems 18René Mayrhofer
Issue 2: Secure channels to users
Assumption: devices can be made secure (or at least some parts)● certified/validated type-1 hypervisor ⇒ secure virtual guests on application CPU● integrated tamper-resistant hardware for crypto operations and key storage (e.g. NFC
secure elements as embedded JavaCard) ⇒ secure applets on crypto CPU
Components need to communicate among each other● secure virtual guest and applet● virtual guest and/or applet with infrastructure
Components need to communicate with user● e.g. financial transaction details,
PIN code to unlock smart card applet, OK for reading virtual passport, etc.
IntroductionAuthentication in Mobile Systems
Selected Research ContributionsFuture Research
Mobile ComputingSecurity Issues
2013-02-06 Fachvortrag Netzwerke und Sicherheit: Security in Mobile Systems 19René Mayrhofer
Issue 3: Secure channels to devices/infrastructure
Securing communication● between mobile/embedded (and/or
stationary) devices● that are under direct user control or
human-verifiable● for a specific interaction
⇒ associating with THIS device
Main issues● wireless communication● lack of user interfaces● scalability of user attention
Example applications● Bluetooth headset● printer in airport lounge● projector in conference room● Vcard exchange● micro payment● reading electronic ID card● access to health data● ...
IntroductionAuthentication in Mobile Systems
Selected Research ContributionsFuture Research
Mobile ComputingSecurity Issues
2013-02-06 Fachvortrag Netzwerke und Sicherheit: Security in Mobile Systems 20René Mayrhofer
Issue 4: Usability
Even more important for mobile security
● don't get hit by a bus while unlocking your phone to answer a call on-the-go
● don't make users read a manual for securing their device(they won't)
IntroductionAuthentication in Mobile Systems
Selected Research ContributionsFuture Research
Mobile ComputingSecurity Issues
2013-02-06 Fachvortrag Netzwerke und Sicherheit: Security in Mobile Systems 21
“The problem with passwords is that they're too easy to lose control of.”
Bruce Schneier, March 2005
2013-02-06 Fachvortrag Netzwerke und Sicherheit: Security in Mobile Systems 22René Mayrhofer
New model for device authentication
Main threat scenario: MITM on wireless communication channel
– all parties have full access to the wireless (in-band) channel
– intended communication partners (A and B) share some context (out-of-band)
– attacker (E) has inferior access to this context
– respective aspect of context represented by sensor data streams ⇒ shared (weakly) secret information
IntroductionAuthentication in Mobile Systems
Selected Research ContributionsFuture Research
Model for Out-of-Band AuthenticationOut-of-Band Authentication ChannelsUACAP: Unified Auxiliary Channel Authentication Protocol
2013-02-06 Fachvortrag Netzwerke und Sicherheit: Security in Mobile Systems 24René Mayrhofer
Taxonomy of security properties
IntroductionAuthentication in Mobile Systems
Selected Research ContributionsFuture Research
[Ma 2008] R. Mayrhofer, “Ubiquitous computing security: Authenticating spontaneous interactions,” September 2008. Habilitation thesis, University of Vienna
Model for Out-of-Band AuthenticationOut-of-Band Authentication ChannelsUACAP: Unified Auxiliary Channel Authentication Protocol
2013-02-06 Fachvortrag Netzwerke und Sicherheit: Security in Mobile Systems 25René Mayrhofer
Taxonomy of user interaction
[Ma 2008] R. Mayrhofer, “Ubiquitous computing security: Authenticating spontaneous interactions,” September 2008. Habilitation thesis, University of Vienna
IntroductionAuthentication in Mobile Systems
Selected Research ContributionsFuture Research
Model for Out-of-Band AuthenticationOut-of-Band Authentication ChannelsUACAP: Unified Auxiliary Channel Authentication Protocol
2013-02-06 Fachvortrag Netzwerke und Sicherheit: Security in Mobile Systems 26René Mayrhofer
Spatial References:
verifiable by the user and the device – both can come to the same conclusions as to
which device they are interacting with
[MGH 2007] R. Mayrhofer, H. Gellersen, M.Hazas: “Security by spatial reference: Using relative positioning to authenticate devices for spontaneous interaction”, Ubicomp 2007
[MaGe 2007a] R. Mayrhofer, H. Gellersen: “On the security of ultrasound as out-of-band channel”, IPDPS 2007
Security by Spatial Reference
IntroductionAuthentication in Mobile Systems
Selected Research ContributionsFuture Research
Model for Out-of-Band AuthenticationOut-of-Band Authentication ChannelsUACAP: Unified Auxiliary Channel Authentication Protocol
2013-02-06 Fachvortrag Netzwerke und Sicherheit: Security in Mobile Systems 27René Mayrhofer
● ultrasound signals travel comparatively slowly in air ⇒ possible to measure time of flight ⇒ distance estimation
● angle-of-arrival estimation using multiple receivers difficult based on relative time of arrival
● angle-of-arrival estimation based on relative signal strengths works in practice
Quantitative measurements with ultrasound
Relate:● <10 cm accuracy for
distance measurements● ~33° accuracy for local
angle-of-arrival● without infrastructure● implemented as USB
dongles + Java host software
[HKG+ 2005] G. Kortuem, C. Kray, H. Gellersen: “Sensing and visualizing spatial relations of positioning system for co-located mobile devices”, In: Proc. MobiSys 2005
IntroductionAuthentication in Mobile Systems
Selected Research ContributionsFuture Research
Model for Out-of-Band AuthenticationOut-of-Band Authentication ChannelsUACAP: Unified Auxiliary Channel Authentication Protocol
2013-02-06 Fachvortrag Netzwerke und Sicherheit: Security in Mobile Systems 31René Mayrhofer
Visible laser channel as intuitive means of selecting THIS device
But, in contrast to previous assumptions:● laser channel is not confidential attacker can read
● laser channel is not completely authentic ⇒ “semi-authentic” attacker can modify
(add but not subtract)
Visible laser for authentication
[MaWe 2007] R. Mayrhofer, M. Welch: “A human-verifiable authentication protocol using visible laser light”, ARES 2007
IntroductionAuthentication in Mobile Systems
Selected Research ContributionsFuture Research
Model for Out-of-Band AuthenticationOut-of-Band Authentication ChannelsUACAP: Unified Auxiliary Channel Authentication Protocol
2013-02-06 Fachvortrag Netzwerke und Sicherheit: Security in Mobile Systems 32René Mayrhofer
Sender● prototype with pulsed laser based on
iMote1 (ARM7, 12 MHz) and TinyOS
Receiver● prototype for connecting to standard
serial port based on photo resistor and simple high-pass and thresholding
Protocol● DH key agreement and verification● continuous stream of nonces over laser
with double hash commitments over wireless channel
Prototype implementation
[MaWe 2007] R. Mayrhofer, M. Welch: “A human-verifiable authentication protocol using visible laser light”, ARES 2007
IntroductionAuthentication in Mobile Systems
Selected Research ContributionsFuture Research
Model for Out-of-Band AuthenticationOut-of-Band Authentication ChannelsUACAP: Unified Auxiliary Channel Authentication Protocol
2013-02-06 Fachvortrag Netzwerke und Sicherheit: Security in Mobile Systems 34René Mayrhofer
Shaking as shared context
Shaking is common movement● both (all) devices will experience very similar movement patterns● both (all) devices will experience very similar accelerations
Acceleration is a local physical phenomenon
⇒ difficult for an attacker (MITM) to estimate or replicate● not used for identifying users, only as shared context!
[MaGe 2007b] R. Mayrhofer, H. Gellersen: “Shake well before use: Authentication based on accelerometer data”, Pervasive 2007[MaGe 2009] R. Mayrhofer and H. Gellersen, “Shake well before use: Intuitive and secure pairing of mobile devices,” IEEE Transactions on Mobile Computing, vol. 8, pp. 792-806, June 2009
IntroductionAuthentication in Mobile Systems
Selected Research ContributionsFuture Research
Model for Out-of-Band AuthenticationOut-of-Band Authentication ChannelsUACAP: Unified Auxiliary Channel Authentication Protocol
2013-02-06 Fachvortrag Netzwerke und Sicherheit: Security in Mobile Systems 35René Mayrhofer
„Shake well before use“ in media outlets
● http://technology.newscientist.com/article/dn12912● http://www.youtube.com/watch?v=ktJC0S4_X58● http://www.heise.de/newsticker/meldung/99142● http://futurezone.orf.at/produkte/stories/236278/● http://mobile.slashdot.org/article.pl?sid=07/11/17/1231254&from=rss● Blogs, technical new sites, etc.
IntroductionAuthentication in Mobile Systems
Selected Research ContributionsFuture Research
Model for Out-of-Band AuthenticationOut-of-Band Authentication ChannelsUACAP: Unified Auxiliary Channel Authentication Protocol
2013-02-06 Fachvortrag Netzwerke und Sicherheit: Security in Mobile Systems 36René Mayrhofer
Creating keys from common sensor data
Candidate Key Protocol (CKP)● generates secret shared keys directly
from sensor data streams● computes feature vectors (e.g. of
quantized FFT coefficients)● exchanges and compares hashes of
feature vectors ⇒ candidate key parts
● matching vectors concatenated⇒ candidate keys
[May 2007b] R. Mayrhofer: “The candidate key protocol for generating secret shared keys from similar sensor data streams”. In Proc. ESAS 2007: 4th European Workshop on Security and Privacy in Ad hoc and Sensor Networks. Springer-Verlag, July 2007
IntroductionAuthentication in Mobile Systems
Selected Research ContributionsFuture Research
Model for Out-of-Band AuthenticationOut-of-Band Authentication ChannelsUACAP: Unified Auxiliary Channel Authentication Protocol
2013-02-06 Fachvortrag Netzwerke und Sicherheit: Security in Mobile Systems 37René Mayrhofer
Unified Auxiliary Channel Authentication Protocol (UACAP)
● uses Diffie-Hellman for key agreement
● exchanges sensor time series (after pre-processing) for key verification (e.g. with interlock* protocol)
● both devices verify locally (e.g. compare time series with coherence)
Verifying keys with accelerometer data
[MaGe 2007b] R. Mayrhofer, H. Gellersen: “Shake well before use: Authentication based on accelerometer data”, Pervasive 2007[MaGe 2009] R. Mayrhofer and H. Gellersen, “Shake well before use: Intuitive and secure pairing of mobile devices,” IEEE Transactions on Mobile Computing, vol. 8, pp. 792-806, June 2009
IntroductionAuthentication in Mobile Systems
Selected Research ContributionsFuture Research
Model for Out-of-Band AuthenticationOut-of-Band Authentication ChannelsUACAP: Unified Auxiliary Channel Authentication Protocol
2013-02-06 Fachvortrag Netzwerke und Sicherheit: Security in Mobile Systems 38René Mayrhofer
Protocol properties
UACAP● two phases:
– key agreement
– key verification
● either with opportunistic key agreement or slight delay
● only one-off chance for online attack
● independent signal analysis
CKP● single, continuous phase● devices “tune into” each other's
key streams● multi-device authentication ● offline lookup table attacks
possible when feature vectors have insufficient entropy(can be prevented with asymmetric key agreement and additional commitment)
[MaGe 2007b] R. Mayrhofer, H. Gellersen: “Shake well before use: Authentication based on accelerometer data”, Pervasive 2007[MaGe 2009] R. Mayrhofer and H. Gellersen, “Shake well before use: Intuitive and secure pairing of mobile devices,” IEEE Transactions on Mobile Computing, vol. 8, pp. 792-806, June 2009
IntroductionAuthentication in Mobile Systems
Selected Research ContributionsFuture Research
Model for Out-of-Band AuthenticationOut-of-Band Authentication ChannelsUACAP: Unified Auxiliary Channel Authentication Protocol
2013-02-06 Fachvortrag Netzwerke und Sicherheit: Security in Mobile Systems 39René Mayrhofer
Data collection from accelerometers
[MaGe 2007b] R. Mayrhofer, H. Gellersen: “Shake well before use: Authentication based on accelerometer data”, Pervasive 2007[MaGe 2009] R. Mayrhofer and H. Gellersen, “Shake well before use: Intuitive and secure pairing of mobile devices,” IEEE Transactions on Mobile Computing, vol. 8, pp. 792-806, June 2009
IntroductionAuthentication in Mobile Systems
Selected Research ContributionsFuture Research
Model for Out-of-Band AuthenticationOut-of-Band Authentication ChannelsUACAP: Unified Auxiliary Channel Authentication Protocol
2013-02-06 Fachvortrag Netzwerke und Sicherheit: Security in Mobile Systems 40René Mayrhofer
1. Sensor data acquisition● potential problem: side-channel attacks
2. Temporal alignment● triggering
● synchronization
⇒ use motion detection
3. Spatial alignment● devices arbitrarily aligned in 3D
● alignment changes when picked up (between “silent” and “active”)
⇒ reduce to 1 dimension (magnitude)
Pre-processing
[MaGe 2007b] R. Mayrhofer, H. Gellersen: “Shake well before use: Authentication based on accelerometer data”, Pervasive 2007[MaGe 2009] R. Mayrhofer and H. Gellersen, “Shake well before use: Intuitive and secure pairing of mobile devices,” IEEE Transactions on Mobile Computing, vol. 8, pp. 792-806, June 2009
IntroductionAuthentication in Mobile Systems
Selected Research ContributionsFuture Research
Model for Out-of-Band AuthenticationOut-of-Band Authentication ChannelsUACAP: Unified Auxiliary Channel Authentication Protocol
2013-02-06 Fachvortrag Netzwerke und Sicherheit: Security in Mobile Systems 41René Mayrhofer
Features for shaking:● frequency domain
– less accuracy required for synchronization
– less sensitive to noise and alignment problems
● Coherence: measures power spectrum correlation between two signals split into overlapping slices, produces similarity value in [0; 1]
● Quantized FFT coefficients: pairwise added FFT coefficients quantized into exponential bands as feature vectors, compare equality
Feature extraction
[MaGe 2007b] R. Mayrhofer, H. Gellersen: “Shake well before use: Authentication based on accelerometer data”, Pervasive 2007[MaGe 2009] R. Mayrhofer and H. Gellersen, “Shake well before use: Intuitive and secure pairing of mobile devices,” IEEE Transactions on Mobile Computing, vol. 8, pp. 792-806, June 2009
IntroductionAuthentication in Mobile Systems
Selected Research ContributionsFuture Research
Model for Out-of-Band AuthenticationOut-of-Band Authentication ChannelsUACAP: Unified Auxiliary Channel Authentication Protocol
2013-02-06 Fachvortrag Netzwerke und Sicherheit: Security in Mobile Systems 42René Mayrhofer
3 experiments:– How do people shake?– “hacking” competition– live mode – does it work?
Quantitative evaluation
Results:– parameters for no false positives– false negatives 10.24%, 11.96%– 25/30 subjects successful
[MaGe 2007b] R. Mayrhofer, H. Gellersen: “Shake well before use: Authentication based on accelerometer data”, Pervasive 2007[MaGe 2009] R. Mayrhofer and H. Gellersen, “Shake well before use: Intuitive and secure pairing of mobile devices,” IEEE Transactions on Mobile Computing, vol. 8, pp. 792-806, June 2009
IntroductionAuthentication in Mobile Systems
Selected Research ContributionsFuture Research
Model for Out-of-Band AuthenticationOut-of-Band Authentication ChannelsUACAP: Unified Auxiliary Channel Authentication Protocol
2013-02-06 Fachvortrag Netzwerke und Sicherheit: Security in Mobile Systems 43René Mayrhofer
Quantitative evaluation
[MaGe 2009] R. Mayrhofer and H. Gellersen, “Shake well before use: Intuitive and secure pairing of mobile devices,” IEEE Transactions on Mobile Computing, vol. 8, pp. 792-806, June 2009
IntroductionAuthentication in Mobile Systems
Selected Research ContributionsFuture Research
Model for Out-of-Band AuthenticationOut-of-Band Authentication ChannelsUACAP: Unified Auxiliary Channel Authentication Protocol
2013-02-06 Fachvortrag Netzwerke und Sicherheit: Security in Mobile Systems 46René Mayrhofer
Unified Auxiliary Channel Authentication Protocol (UACAP)
● need to distinguish between different scenarios
– transfer (T)
– input (I)
– verify (V)
● and channels– long (L) / short (S)
– confidential (C) / non-confidential (N)
UACAP overview
[MaFuIo 2012] “UACAP: A unified auxiliary channel authentication protocol,” IEEE Transactions on Mobile Computing, February 2012. currently in pre-print and available online, journal issue to appear in 2013
IntroductionAuthentication in Mobile Systems
Selected Research ContributionsFuture Research
Model for Out-of-Band AuthenticationOut-of-Band Authentication ChannelsUACAP: Unified Auxiliary Channel Authentication Protocol
2013-02-06 Fachvortrag Netzwerke und Sicherheit: Security in Mobile Systems 47René Mayrhofer
UACAP specification – 1/3
[MaFuIo 2012] “UACAP: A unified auxiliary channel authentication protocol,” IEEE Transactions on Mobile Computing, February 2012. currently in pre-print and available online, journal issue to appear in 2013
IntroductionAuthentication in Mobile Systems
Selected Research ContributionsFuture Research
Model for Out-of-Band AuthenticationOut-of-Band Authentication ChannelsUACAP: Unified Auxiliary Channel Authentication Protocol
2013-02-06 Fachvortrag Netzwerke und Sicherheit: Security in Mobile Systems 48René Mayrhofer
UACAP specification – 2/3
[MaFuIo 2012] “UACAP: A unified auxiliary channel authentication protocol,” IEEE Transactions on Mobile Computing, February 2012. currently in pre-print and available online, journal issue to appear in 2013
IntroductionAuthentication in Mobile Systems
Selected Research ContributionsFuture Research
Model for Out-of-Band AuthenticationOut-of-Band Authentication ChannelsUACAP: Unified Auxiliary Channel Authentication Protocol
2013-02-06 Fachvortrag Netzwerke und Sicherheit: Security in Mobile Systems 49René Mayrhofer
UACAP specification – 3/3
[MaFuIo 2012] “UACAP: A unified auxiliary channel authentication protocol,” IEEE Transactions on Mobile Computing, February 2012. currently in pre-print and available online, journal issue to appear in 2013
IntroductionAuthentication in Mobile Systems
Selected Research ContributionsFuture Research
Model for Out-of-Band AuthenticationOut-of-Band Authentication ChannelsUACAP: Unified Auxiliary Channel Authentication Protocol
2013-02-06 Fachvortrag Netzwerke und Sicherheit: Security in Mobile Systems 50René Mayrhofer
OpenUAT: Ubicomp Authentication Toolkit
Documentation, demo applications, data sets: http://www.openuat.org
Source code, mailing list, bug tracker: http://sourceforge.net/projects/openuat
[R. Mayrhofer: “Towards an open source toolkit for ubiquitous device authentication”, PerSec/PerCom 2007][MaFuIo 2012] “UACAP: A unified auxiliary channel authentication protocol,” IEEE Transactions on Mobile Computing, February 2012. currently in pre-print and available online, journal issue to appear in 2013
IntroductionAuthentication in Mobile Systems
Selected Research ContributionsFuture Research
Model for Out-of-Band AuthenticationOut-of-Band Authentication ChannelsUACAP: Unified Auxiliary Channel Authentication Protocol
2013-02-06 Fachvortrag Netzwerke und Sicherheit: Security in Mobile Systems 51René Mayrhofer
Josef Ressel Center u'smile
Many open issues in research and development● fundamental research: hardware, cryptography, mobile operating systems● applied research: integration in devices and infrastructure● social aspects: comprehensibility by end-users
Consortium of the Josef Ressel Center„User-friendly Secure Mobile Environments“
● host institution: FH Hagenberg● academic partner: Secure Business Austria● company partners: NXP Semiconductors,
A1 Telekom Austria, Drei-Banken-EDV, LG Nexera
Mobile Security research group● 3 PhD students, 5 Master's students, 8 Bachelor students● www.usmile.at and https://dev.usmile.at (in progress)● JRC provides most of the funding● 1 PhD student funded by JKU/UAS Joint International PhD Program
IntroductionAuthentication in Mobile SystemsSelected Research Contributions
Future Research
Mobile Device Security… and beyond
2013-02-06 Fachvortrag Netzwerke und Sicherheit: Security in Mobile Systems 52René Mayrhofer
Vision: Convergence of security services
IntroductionAuthentication in Mobile SystemsSelected Research Contributions
Future Research
Mobile Device Security… and beyond
2013-02-06 Fachvortrag Netzwerke und Sicherheit: Security in Mobile Systems 53René Mayrhofer
Overview of current JRC topics
Figure created by JRC team
IntroductionAuthentication in Mobile SystemsSelected Research Contributions
Future Research
Mobile Device Security… and beyond
2013-02-06 Fachvortrag Netzwerke und Sicherheit: Security in Mobile Systems 54René Mayrhofer
User authentication on mobile phones...
… is difficult because it should be:
● secure● quick● unobtrusive● robust● fun● and much better than the one
published by <the other company> a few weeks ago.
IntroductionAuthentication in Mobile SystemsSelected Research Contributions
Future Research
Mobile Device Security… and beyond
2013-02-06 Fachvortrag Netzwerke und Sicherheit: Security in Mobile Systems 55René Mayrhofer
Results for speaker recognition
Features: Mel frequency cepstral coecients (MFCC)Classifier: simple Vector Quantization (VQ) with k-means clustering for trainingHardware for evaluation: HTC Desire HD, 8kHz, 8 bit quantizationTraining set: 60 seconds with same text for all speakersTesting set: 15 seconds with different text for each speakerDetails: in the paper
IntroductionAuthentication in Mobile SystemsSelected Research Contributions
Future Research
[MaKa 2012] R. Mayrhofer and T. Kaiser, “Towards usable authentication on mobile phones: An evaluation of speaker and face recognition on off-the-shelf handsets,” in Proc. IWSSI/SPMU 2012
Mobile Device Security… and beyond
2013-02-06 Fachvortrag Netzwerke und Sicherheit: Security in Mobile Systems 59René Mayrhofer
2D pan shot face unlock● face detection + face recognition with multiple views● recognition: multiple classifiers, one for each window● first Android prototype: Eigenfaces for recognition
as baseline for comparison with extended methods
3D face recognition
IntroductionAuthentication in Mobile SystemsSelected Research Contributions
Future Research
[FiMa 2012] R. Findling and R. Mayrhofer, “Towards face unlock: On the difficulty of reliably detecting faces on mobile phones,” in Proc. MoMM 2012, ACM
Figure created by R. Findling
Mobile Device Security… and beyond
2013-02-06 Fachvortrag Netzwerke und Sicherheit: Security in Mobile Systems 60René Mayrhofer
2D+range pan shot face unlock● face detection (2D) + face segmentation (3D)
+ face recognition (currently multiple 2D, aiming for 3D)● separate 2D/range classifiers● recognition: neural networks,
support vector machines, boosting
3D face recognition
IntroductionAuthentication in Mobile SystemsSelected Research Contributions
Future Research
Figure created by R. Findling
[FiMa 2013a] R. Findling and R. Mayrhofer, “Towards Secure Personal Device Unlock using Stereo Camera Pan Shots”, accepted for publication at EUROCAST 2013
Mobile Device Security… and beyond
2013-02-06 Fachvortrag Netzwerke und Sicherheit: Security in Mobile Systems 61René Mayrhofer
There can be more then one!
Biometric authentication on mobile phones is hard
Why not use an arbitrary number of them together (e.g. gait recognition), driven by the application needs?
Framework for multi-method authentication and implementations for speaker and face recognition on Android online at https://gitorious.org/android-user-auth
IntroductionAuthentication in Mobile SystemsSelected Research Contributions
Future Research
Mobile Device Security… and beyond
2013-02-06 Fachvortrag Netzwerke und Sicherheit: Security in Mobile Systems 62René Mayrhofer
Advantages of embedded smartcard support● protected environment (Trusted Execution Environment)● hardware-based implementation guarantees protection or unauthorized
access or data manipulation● secure element is able to perform cryptographic operation● encryption directly on chip● smartcard OS is small enough to be certifiable
NFC Secure Element
IntroductionAuthentication in Mobile SystemsSelected Research Contributions
Future Research
Mobile Device Security… and beyond
2013-02-06 Fachvortrag Netzwerke und Sicherheit: Security in Mobile Systems 63René Mayrhofer
Virtualization on smart phones
IntroductionAuthentication in Mobile SystemsSelected Research Contributions
Future Research
Figure created by JRC team
Mobile Device Security… and beyond
2013-02-06 Fachvortrag Netzwerke und Sicherheit: Security in Mobile Systems 64René Mayrhofer
Secure (private)
Banking, ticketing, payment
Insecure (private)
Family photos, angry birds, private mail
switch switch
Secure (company)
ERP, VPN, company
Visualizing virtual state
IntroductionAuthentication in Mobile SystemsSelected Research Contributions
Future Research
Mobile Device Security… and beyond
Figure created by Peter Riedl
2013-02-06 Fachvortrag Netzwerke und Sicherheit: Security in Mobile Systems 67René Mayrhofer
Planned upcoming research topics
2021-2024 2033-2029-20322025-20282017-20202013-2016-2012
IntroductionAuthentication in Mobile SystemsSelected Research Contributions
Future Research
Mobile security
3Gconnectivity
Proje
ct lea
dIn
dust
ry
Privacy in car-to-carcommunication
“Smart” personalized security
Cloudsecurity
Devicemanagement
Mobile Device Security… and beyond
IPv6 securityand overlays
PANs
2013-02-06 Fachvortrag Netzwerke und Sicherheit: Security in Mobile Systems 68
“If we knew what it was we were doing, it would not be called research, would it?”
Albert Einstein
2013-02-06 Fachvortrag Netzwerke und Sicherheit: Security in Mobile Systems 69
Thank you for your attention!
Slides: http://www.mayrhofer.eu.org/presentationsLater questions: [email protected]
OpenPGP keys: 0x249BC034 and 0xC3C24BDE717A 033B BB45 A2B3 28CF B84B A1E5 2A7E 249B C034 7FE4 0DB5 61EC C645 B2F1 C847 ABB4 8F0D C3C2 4BDE