Problem Statement

Ever since the birth of the Internet, the number of connected devices has been growing exponentially. Not only servers, desktops, tablets and smartphones are connected, but also smart embedded electronics hence leading to an ubiquitous Internet of Things.
Another important recent trend is that the connection between the Internet and elements of the physical world (such as machines, robots, cars, energy facilities) is getting stronger and stronger. The resulting cyber-physical systems enables dramatic perspectives such as the Industry 4.0 or energy smart grids.

The wireless nature of IoT is very challenging. For instance, in 2017 was discovered a weakness in WPA2, the protocol that secures all modern protected Wi-Fi networks. An attacker within the vicinity of a victim could intercept the key exchange phase and force a key re-installation, hence leading to insecure communication (possibly zeroing the key).

Contribution: Physical Unclonable Functions

In this proposal we focus on the root of trust in IoT: the digital hardware. A physical unclonable function (PUF) is a device that exploits inherent randomness introduced during CMOS manufacturing to give a physical entity a unique fingerprint of the device (similar to human biometrics). PUFs are most often based on unique physical variations which occur naturally during semiconductor manufacturing but can also be embodied in side electronics designed for that purpose. Examples include clock drifts, SRAM memory states at power-up, logical gates response, etc.

From a security perspective, any challenge presented to a device will lead to a different response, based on the unique characteristics of the electronics. This in turn can be used to develop a certificateless architecture (where a digital certificate is no more needed or impossible to verify online like with TLS).

Contribution: Privacy preserving data collection for IoT

IoT systems are widely deployed to collect and process data. The data provided is sometimes (but not always) anonymized and somewhat aggregated, so there are generally no personally identifying markers. Still, this anonymization takes place at the data processing site (datacenter, application, etc.).
Several questions arise since the original data are usually now anonymous by themselves. The data collector (also called broker) is aware of what is collected, when, where, by what devices and who processes it.
In this research, we develop a generic architecture (demonstrated with MQTT) that allows to completely anonymize the data collection such that the broker (considered as honest but curious) cannot re-identify the content or the origins of the data. Our solutions is based on zero-knowledge proofs and oblivious transfer.

Contribution: Wireless channel security

A practical counter-measure to Man-in-the-Middle attacks in wireless communications is to authenticate the communication channel. In practice, we make use the physical properties of the wireless channel (i.e., reciprocity and large-scale fading) to determine if a relaying antenna has been inserted or not between the terminals.

A recent thesis work conducted in our lab showed that a shared secret key can be silently computed by Alice and Bob (without any exchange of information). Then, this key can be used to authenticate the communication channel (using a zero-knowledge approach) and/or bootstrap a key scheduling for secure communication.