Gildas Avoine - Security of Ubiquitous Computing Systems Selected Topics

Dear reader, we thank you for your interest in this book, which we expect will help you gain an understanding of the state of the art in 2020 regarding the challenges and solutions in the security of ubiquitous computing systems.

The definition of the field itself is not without controversy, but in this book we will use the term ubiquitous computing or IoT to refer to generally small, embedded devices with serious constraints in terms of memory and processing power, typically with no batteries but with good connection capabilities and, frequently, a number of sensors. This definition is, of course, flexible. Electronic passports, contactless transportation cards, personal assistants such as Amazon Echo but also new connected cars and fridges can fall within this definition.

This book is targeted to advanced undergraduate students and masters and early Ph.D. students who want quick, direct, authoritative, insightful exposure to the topics covered, all generally falling under the umbrella of IoT security. Engineers and other practitioners can also benefit from the book by getting a quick introduction to a variety of practical security topics, their past and present solutions, and some new and promising ideas that may play important roles in its future.

This book would not have been possible without the support of the CRYPTACUS (Cryptanalysis in Ubiquitous Computing Systems) COST Action IC 1403, which started in 2014 and ended in December 2018. We are particularly thankful to the EU COST association, which was extremely positive for the community in Europe and associated countries such as Switzerland, Turkey, and Israel, and we are particularly grateful to the colleagues who were interested in our action.

In total, more than 120 researchers took part in related events or activities. We want to thank the Work Package Leaders and Vice-Leaders Prof. Serge Vaudenay, Prof. Frederic Armknecht, Prof. Andrey Bogdanov, Prof. Mirosaw Kutyowski, Prof. Lejla Batina, Prof. Ricardo Chaves, Prof. Flavio Garcia, and Prof. Alex Biryukov. A special thanks as well to Prof. Bart Preneel.

The book is divided into 13 chapters. They can be read independently, but are organised into 5 parts covering topics with some commonalities.

In Part I, the reader can find a very interesting and general introduction by Mirosaw Kutyowski, Piotr Syga, and Moti Yung called Emerging Security Challenges for Ubiquitous Devices.

After that, there is a part on Lightweight Cryptographic Primitives where 3 chapters try to offer insightful views of the state of the art on symmetric lightweight cryptographic primitives. The chapter Catalog and Illustrative Examples of Lightweight Cryptographic Primitives by Aleksandra Mileva, Vesna Dimitrova, Orhun Kara, and Miodrag Mihaljevi nicely exposes the state of the art in the discipline, covering the most important proposals in detail. This is aptly complemented by the next chapter Selected Design and Analysis Techniques in Contemporary Symmetric Encryption, where Vasily Mikhalev, Miodrag Mihaljevi, Orhun Kara, and Frederik Armknecht offer a splendid review of the techniques and reasoning behind the most successful approaches to designing and attacking these systems. Last, but not least, we conclude this part with an exceptional first-person account of the many issues that surrounded the failed attempts to standardise a couple of NSAs proposed lightweight block ciphers in An Account of the ISO/IEC Standardization of the Simon and Speck Block Cipher Families by Atul Luyks and Tomer Ashur.

In the next part of the book, called Authentication Protocols, we focus on lightweight and ultra-lightweight authentication protocols. The section starts with a chapter by Lucjan Hanzlik and Mirosaw Kutyowski titled ePassport and eID Technologies, where the authors examine the existing ePassport literature and offer some new solutions and open problems. Xavier Carpent, Paolo DArco, and Roberto De Prisco contributed the chapter Ultra-lightweight Authentication