Learn More
We consider routing security in wireless sensor networks. Many sensor network routing protocols have been proposed, but none of them have been designed with security as a goal. We propose security goals for routing in sensor networks, show how attacks against ad-hoc and peer-to-peer networks can be adapted into powerful attacks against sensor networks,(More)
We introduce TinySec, the first fully-implemented link layer security architecture for wireless sensor networks. In our design, we leverage recent lessons learned from design vulnerabilities in security protocols for other wireless networks such as 802.11b and GSM. Conventional security protocols tend to be conservative in their security guarantees,(More)
We introduce distillation codes, a method for streaming and storing data. Like erasure codes, distillation codes allow information to be decoded from a sufficiently large quorum of symbols. In contrast to erasure codes, distillation codes are robust against pollution attacks, a powerful class of denial of service (DoS) attacks in which adversaries inject(More)
Cryptographic voting protocols offer the promise of verifiable voting without needing to trust the integrity of any software in the system. However, these cryptographic protocols are only one part of a larger system composed of voting machines, software implementations, and election procedures, and we must analyze their security by considering the system in(More)
Radio signal strength (RSS) is notorious for being a noisy signal that is difficult to use for ranging-based localization. In this study, we demonstrate that RSS can be used to localize a multi-hop sensor network, and we quantify the effects of various environmental factors on the resulting localization error. We achieve 4.1m error in a 49 node network(More)
This paper presents a study of how empirical ranging characteristics affect multihop localization in wireless sensor networks. We use an objective metric to evaluate a well-established parametric model of ranging called <i>Noisy Disk:</i> if the model accurately predicts the results of a real-world deployment, it sufficiently captures ranging(More)
We describe a new attack against web authentication, which we call <i>dynamic pharming</i>. Dynamic pharming works by hijacking DNS and sending the victim's browser malicious Javascript, which then exploits DNS rebinding vulnerabilities and the name-based same-origin policy to hijack a legitimate session after authentication has taken place. As a result,(More)
We introduce the notion of a conditioned-safe ceremony. A “ceremony” is similar to the conventional notion of a protocol, except that a ceremony explicitly includes human participants. Our formulation of a conditioned-safe ceremony draws on several ideas and lessons learned from the human factors and human reliability community: forcing functions, defense(More)
We present HMM attacks, a new type of cryptanalysis based on modeling randomized side channel countermeasures as Hidden Markov Models (HMM’s). We also introduce Input Driven Hidden Markov Models (IDHMM’s), a generalization of HMM’s that provides a powerful and unified cryptanalytic framework for analyzing countermeasures whose operational behavior can be(More)