Research and teaching activities in the Cry S

Research and teaching activities in the Cry. S Lab Levente Buttyán Laboratory of Cryptography and System Security (Cry. S) Budapest University of Technology and Economics Department of Telecommunications www. crysys. hu

Current members § faculty: – – Boldizsár Bencsáth, Ph. D, Assistant Professor Levente Buttyán, Ph. D, Associate Professor (head of the lab) Márk Félegyházi, Ph. D, Assistant Professor István Vajda, DSc, Professor § post doc researcher: – Amit Dvir, Ph. D (from Israel) § Ph. D candidates and Ph. D students: – – – Tamás Holczer (privacy in RFID systems, vehicular networks, sensor networks) Gergely Kótyuk (privacy in social networks, applications of machine learning) Áron Lászka (robustness of network toplogies) Gábor Pék (security of virtualized systems, code attestation, verification of code execution) Ta Vinh Thong (formal verification of security protocols) + ~10 students working on diploma and semester projects Laboratory of Cryptography and System Security Cry. S Adat- és Rendszerbiztonság Laboratórium www. crysys. hu 2

Mission § internationally recognized, high quality research on security and privacy in computer networks and systems – problem driven, project oriented research we are committed to establish and participate in R&D projects, in which we collaborate with industrial and other academic partners § teaching network and system security, privacy, and cryptography in the context of university courses, laboratory exercises, and semester projects § provision of consulting services without compromising the general academic objectives Laboratory of Cryptography and System Security Cry. S Adat- és Rendszerbiztonság Laboratórium www. crysys. hu 3

Research § main research domains – economics of security and privacy (incentive design, quantitative risk management, cyber insurance) – security of cloud computing (vulnerability analysis of virtual machines, malware analysis techniques) – security and privacy in wireless networked embedded systems (sensor networks, body area networks, vehicular communications, RFID systems) § funding – international projects funded by the European Commission – Ericsson through the HSN Lab – national funding agencies (OTKA, NKTH) Laboratory of Cryptography and System Security Cry. S Adat- és Rendszerbiztonság Laboratórium www. crysys. hu 4

Overview of projects 2006 2007 2008 2009 2010 2011 2012 2013 Ubi. Sec. Sens Se. Ve. Com DESEREC BIONETS EU-MESH WSAN 4 CIP CHIRON Mobil. SEC MIK 2. 3. 1 … SPUC … EU FP 6 EU FP 7 Laboratory of Cryptography and System Security Cry. S Adat- és Rendszerbiztonság Laboratórium www. crysys. hu EU ARTEMIS national 5

Project highlights Se. Ve. Com – Secure Vehicle Communications (www. sevecom. org) (EU STREP , supervised by L. Buttyan) Ubi. Sec&Sens – Ubiquitous Sensing and Security (www. ist-ubisecsens. org) (EU STREP , supervised by L. Buttyan) WSAN 4 CIP – Wireless Sensor Networks for Critical Infrastructure Protection (EU STREP, supervised by L. Buttyan) EU-MESH – Enhanced, Ubiquitous, and Dependable Broadband Access using MESH Networks (www. eu-mesh. eu) (EU STREP, supervised by L. Buttyan) CHIRON – Cyclic and Person Centric Health Management (ARTEMIS IP, supervised by L. Buttyan and R. Schulz) Laboratory of Cryptography and System Security Cry. S Adat- és Rendszerbiztonság Laboratórium www. crysys. hu 6

Se. Ve. Com Project § context – funded by the EC within FP 6 (project no. 027795 ) – started in Jan 2006, duration 3 years § objectives – development of a security architecture for vehicular safety communication systems • key and identity management for cars, secured communication protocols, location privacy enhancing techniques – extensive liaison with other related EU and non-EU funded projects • C 2 C-CC, CVIS, SAFESPOT, COMe. Safety, … § partners – industry: Trialog, Daimler, CR Fiat, Bosch – academia: EPFL, U Ulm, KU Leuven, BME/HIT/Cry. S § more information: www. sevecom. org Laboratory of Cryptography and System Security Cry. S Adat- és Rendszerbiztonság Laboratórium www. crysys. hu 7

Ubi. Sec&Sens Project § context – funded by the EC within FP 6 (project no. 026820 ) – started in Jan 2006, duration 3 years § objectives – development of a security toolbox for wireless sensor networks • secure routing and clustering, concealed data aggregation, persistent distributed data storage (Tiny. PEDS), key management, crypto support (ECC, Tiny. RNG) – implementation and demonstration • vineyard monitoring, road condition monitoring, homeland security (in cooperation with the Portuguese police) § partners – industry: NEC Europe – academia: RWTH, RU Bohum, Lulea TU, IHP, INRIA, INOV, BME/HIT/Cry. S § more information: www. ist-ubisecsens. org Laboratory of Cryptography and System Security Cry. S Adat- és Rendszerbiztonság Laboratórium www. crysys. hu 8

WSAN 4 CIP Project § context – funded by the EC within FP 7 – started in Jan 2009, duration 3 years § objectives – investigate the applicability of wireless sensor technology for monitoring critical infrastructures (cost efficiency and large scale surveillance) – dependable networking and services, secured OS – implementation and demonstration • monitoring a drinking water distribution system in Frankfurt/Oder, • monitoring power lines and substations in the Lisbon area of Portugal § partners – industry: NEC Europe, Sirrix AG, Tecnatom SA, FWA, EDP – academia: U Malaga, Lulea TU, IHP, INRIA, INOV, BME/HIT/Cry. S § more information: www. wsan 4 cip. eu Laboratory of Cryptography and System Security Cry. S Adat- és Rendszerbiztonság Laboratórium www. crysys. hu 9

EU-MESH Project § context – funded by the EC within FP 7 – started in Jan 2008, duration 2. 5 years § objectives – design and experiment with Qo. S-aware wireless mesh networks for broadband access to the Internet – work package on security deals with • fast mesh client authentication to support seamless hand-over • secure routing and misbehaving router detection • secured multipath communications based on IPsec § partners – industry: Proximetry, Ozone, FORTHNET, Thales – academia: FORTH, CNR Italy, TU Berlin, SUPSI, BME/HIT/Cry. S § more information: www. eu-mesh. eu Laboratory of Cryptography and System Security Cry. S Adat- és Rendszerbiztonság Laboratórium www. crysys. hu 10

CHIRON Project § context – funded by the ARTEMIS JU (subprogram: person-centric healthcare) – started in Mar 2010, duration 3 years § objectives – combine state-of-the art technologies and innovative solutions into an integrated framework designed for an effective and person-centric health management along the complete care cycle – we are working on • in-door positioning techniques (BME/HIT/MCL) • security and privacy at the body area sensor network level (BME/HIT/Cry. S) – prevention of traffic analysis – privacy preserving access control to collected data at the BAN level § partners – 27 partners from 8 countries – 7 large enterprises, 7 SMEs, 6 universities (including BME/HIT), 6 research centers, 1 medical institution § more information: www. chiron-project. eu Laboratory of Cryptography and System Security Cry. S Adat- és Rendszerbiztonság Laboratórium www. crysys. hu 11

Our sensor network test bed § Zig. Bee compatible / Tiny. OS: – 4 Crossbow Mica. Z motes + programming board – 20 Mote. IV Tmote. Sky motes § Wi. Fi / Linux: – 6 Silex SX-560 wireless embedded modules § prototypes developed: – – – – secure and resilient routing protocols implementation of the IETF ROLL routing protocol RPL (Linux, Tiny. OS) resilient data aggregation algorithms secure and reliable cluster head election protocols secure and reliable transport protocols secure distributed data storage schemes (also forensics purposes) crypto toolbox (symmetric key encryption and message integrity algs) Laboratory of Cryptography and System Security Cry. S Adat- és Rendszerbiztonság Laboratórium www. crysys. hu 12

Our mesh network test bed § ~10 Mikro. Tik Routerboard 153 175 MHz, 32 MB RAM, 2 GB CF, 3 radio interfaces (802. 11 a/b/g) § prototypes developed: – security extensions to the OLSR routing protocol – fast user authentication protocols for seamless handover – IPsec based secure multi-path communication protocol Laboratory of Cryptography and System Security Cry. S Adat- és Rendszerbiztonság Laboratórium www. crysys. hu 13

International collaborations § § § EPFL, Switzerland (Prof. Jean-Pierre Hubaux) University of Twente, The Netherlands (Dr. Frank Kargl) KTH, Sweden (Prof. Panagiotis Papadimitratos, Prof. György Dán) NEC Laboratories, Germany (Dr. Dirk Westhoff) IHP, Germany (Prof. Dr. Peter Langendoerfer) INRIA Rhone-Alpes (Dr. Claude Castelluccia) § § § University of Washington, Seattle (Prof. Radha Poovendran) University of California, Berkeley (Prof. Jean Walrand) ICSI, Berkeley (Prof. Vern Paxson) University of Münster, Germany (Prof. Rainer Böhme) … Laboratory of Cryptography and System Security Cry. S Adat- és Rendszerbiztonság Laboratórium www. crysys. hu 14

Teaching § Base course in Computer Networking – Computer Networking (Info BSc German, Computernetzwerke) (M. Félegyházi) § Base courses in Information Security – Information Security (Info MSc, Adatbiztonság) (I. Vajda, L. Buttyán, B. Bencsáth) – Information Security (Ga. In MSc, Adatbiztonság) (I. Vajda, L. Buttyán, B. Bencsáth) § Special on Security of Communication Systems (Hírközlő rendszerek biztonsága MSc informatikus szakirány) – Cryptography and its applications (Kriptográfia és alkalmazásai) (I. Vajda) – Security protocols (Biztonsági protokollok) (L. Buttyán) – Foundations of secure e-commerce (A biztonságos elektronikus kereskedelem alapjai) (L. Buttyán) – Network security in practice (Hálózatbiztonság a gyakorlatban) (B. Bencsáth) – Economics of security and privacy (A biztonság és a privátszféra védelmének közgazdaságtana) (M. Félegyházi) + laboratory exercises, semester and diploma projects (all members) Laboratory of Cryptography and System Security Cry. S Adat- és Rendszerbiztonság Laboratórium www. crysys. hu 15

Consulting § Hungarian Telecom (T-Com) – security for Vo. IP systems § Budapest Transport Ltd – security requirements for automated fare collection (electronic ticketing) § NETI – secure smart card based authentication system § evopro – cryptography for embedded devices § ethical hacking – penetration testing and vulnerability analysis for numerous Hungarian companies Laboratory of Cryptography and System Security Cry. S Adat- és Rendszerbiztonság Laboratórium www. crysys. hu 16

Further information www. crysys. hu – – contact information description of research projects full list of publications in downloadable format (including the book Security and Cooperation in Wireless Networks) – – course material (slides) description of laboratory exercises best student project reports … Laboratory of Cryptography and System Security Cry. S Adat- és Rendszerbiztonság Laboratórium www. crysys. hu 17