Authentication and Message Integrity Verification Without Prior Secrets

Nirnimesh Ghose

Event Details
Tuesday, February 19, 2019
Talk:
4 p.m., 115 Avery Hall

Reception:
3:30 p.m., 348 Avery Hall

Nirnimesh Ghose

Ph.D. Candidate , University of Arizona, Tucson

Abstract

Embedding network capabilities in a plethora of new devices and infrastructures–the Internet of things, vehicular and aviation networks, the critical national infrastructure, industrial plants–are dramatically transforming the modern way of living. The rapid deployment pace of these emerging applications has brought unprecedented security challenges related to data confidentiality, user privacy, and critical infrastructure availability. A significant portion of these threats is attributed to the broadcast nature of the wireless medium, which exposes systems to easy-to-launch passive and active attacks. The slow security standards rollout combined with the ever-shrinking time-to-market, the device heterogeneity and the lack of user-friendly input interfaces (screen, key- board, etc.) only exacerbate the security challenges.

In this talk, I will discuss the fundamental problem of establishing trust in the context of emerging network applications. I will articulate the limitations of conventional cryptographic techniques relying on passwords, preloaded secrets, and deployment of keying infrastructures. I will present my recent works on integrating physical layer properties with cryptographic primitives to guarantee message integrity and achieve device pairing without relying on any prior secrets. I will describe the “helper” security paradigm in which security is outsourced to one or more dedicated devices to allow for the scalable bootstrapping of off-the-shelf heterogeneous devices.

Speaker Bio

Nirnimesh Ghose is a Ph.D. candidate in the Electrical and Computer Engineering depart- ment at the University of Arizona, Tucson. He received his MS degree in Electrical and Computer Engineering from the Illinois Institute of Technology, Chicago in 2012, and his B.Tech. degree in Electronics and Communication Engineering from the Uttar Pradesh Technical University (now Dr. A.P.J. Abdul Kalam Technical University), Lucknow, India in 2010. His research focuses on net- work security and privacy with applications to emerging wireless networks, cyber-physical systems, Internet of Things, aviation and transportation networks, and the interaction between cybersecurity and social networks. Nirnimesh has authored papers in flagship peer-reviewed conferences and journals like IEEE Security and Privacy, IEEE INFOCOM, USENIX Security, and IEEE Transactions on Mobile Communications. He has served as a web chair for IEEE CNS 2018 and as a reviewer for numerous conferences and journals.