@inproceedings {morales2022cc, title = {Real-time Crowd Counting based on Wearable Ephemeral IDs}, booktitle = {19th International Conference on Security and Cryptography (SECRYPT 2022)}, year = {2022}, month = {07/2022}, pages = {249-260}, publisher = {Scitepress}, organization = {Scitepress}, address = {Lisbon}, abstract = {Crowd Counting is a very interesting problem aiming at counting people typically based on density averages and/or aerial images. This is very useful to prevent crowd crushes, especially on urban environments with high crowd density, or to count people in public demonstrations. In addition, in the last years, it has become of paramount importance for pandemic management. For those reasons, giving users automatic mechanisms to anticipate high risk situations is essential. In this work, we analyze ID-based Crowd Counting, and propose a real-time Crowd Counting system based on the Ephemeral ID broadcast by contact tracing applications on wearable devices. We also performed some simulations that show the accuracy of our system in different situations. }, keywords = {Crowd Counting, IDS, Pandemics, privacy, Secure Multiparty computation}, isbn = {978-989-758-590-6}, issn = {2184-7711}, doi = {10.5220/0011327200003283}, author = {Daniel Morales and Isaac Agudo and Javier Lopez} } @article {Agudo2020, title = {A Blockchain Approach for Decentralized V2X (D-V2X)}, journal = {IEEE Transactions on Vehicular Technology}, volume = {70}, number = {5}, year = {2021}, month = {05/2021}, pages = {4001 - 4010}, publisher = {IEEE}, abstract = {

New mobility paradigms have appeared in recent years, and everything suggests that some more are coming. This fact makes apparent the necessity of modernizing the road infrastructure, the signalling elements and the traffic management systems. Many initiatives have emerged around the term Intelligent Transport System (ITS) in order to define new scenarios and requirements for this kind of applications. We even have two main competing technologies for implementing Vehicular communication protocols (V2X), C-V2X and 802.11p, but neither of them is widely deployed yet.

One of the main barriers for the massive adoption of those technologies is governance. Current solutions rely on the use of a public key infrastructure that enables secure collaboration between the different entities in the V2X ecosystem, but given its global scope, managing such infrastructure requires reaching agreements between many parties, with conflicts of interest between automakers and telecommunication operators. As a result, there are plenty of use cases available and two mature communication technologies, but the complexity at the business layer is stopping the drivers from taking advantage of ITS applications.

Blockchain technologies are defining a new decentralized paradigm for most traditional applications, where smart contracts provide a straightforward mechanism for decentralized governance. In this work, we propose an approach for decentralized V2X (D-V2X) that does not require any trusted authority and can be implemented on top of any communication protocol. We also define a proof-of-concept technical architecture on top of a cheap and highly secure System-on-Chip (SoC) that could allow for massive adoption of D-V2X.\ 

}, issn = {0018-9545}, doi = {10.1109/TVT.2020.3046640}, author = {Isaac Agudo and Manuel Montenegro-G{\'o}mez and Javier Lopez} } @inproceedings {1985, title = {Desarrollo de un sem{\'a}foro inteligente basado en comunicaciones seguras}, booktitle = {XIV Jornadas de Ingenier{\'\i}a Telem{\'a}tica (JITEL 2019)}, year = {2019}, month = {10/2019}, abstract = {

En los nuevos paradigmas de movilidad surgidos durante los {\'u}ltimos a{\~n}os y en aquellos a{\'u}n por llegar ha quedado patente la necesidad de modernizar la infraestructura viaria y los elementos de se{\~n}alizaci{\'o}n y gesti{\'o}n del tr{\'a}fico. En el presente trabajo se presenta una propuesta para esta nueva generaci{\'o}n de dispositivos de gesti{\'o}n del tr{\'a}fico: un prototipo de sem{\'a}foro inteligente conectado que implementa diversas medidas de seguridad. Adem{\'a}s de las tradicionales se{\~n}ales luminosas, los usuarios de la v{\'\i}a pueden conocer a trav{\'e}s de sus dispositivos el estado del sem{\'a}foro, adem{\'a}s de otra informaci{\'o}n complementaria a trav{\'e}s de la difusi{\'o}n de mensajes BLE firmados con criptograf{\'\i}a de curva el{\'\i}ptica. A su vez, el sem{\'a}foro puede ser gestionado remotamente a trav{\'e}s de la tecnolog{\'\i}a LTE Cat M1 protegida por TLS. Esto abre la puerta, entre otros, a facilitar el tr{\'a}nsito de los veh{\'\i}culos de emergencia cuando estos se acercan a un cruce o modificar el tiempo de los estados del ciclo en funci{\'o}n de las necesidades del tr{\'a}fico.

}, author = {Isaac Agudo and Manuel Montenegro-G{\'o}mez} } @inproceedings {nunez2017fallout, title = {The fallout of key compromise in a proxy-mediated key agreement protocol}, booktitle = {31st Annual IFIP WG 11.3 Conference on Data and Applications Security and Privacy (DBSec{\textquoteright}17)}, volume = {LNCS 10359}, year = {2017}, month = {07/2017}, pages = {453-472}, publisher = {Springer}, organization = {Springer}, address = {Philadelphia, USA}, abstract = {

In this paper, we analyze how key compromise affects the protocol by Nguyen et al. presented at ESORICS 2016, an authenticated key agreement protocol mediated by a proxy entity, restricted to only symmetric encryption primitives and intended for IoT environments. This protocol uses long-term encryption tokens as intermediate values during encryption and decryption procedures, which implies that these can be used to encrypt and decrypt messages without knowing the cor- responding secret keys. In our work, we show how key compromise (or even compromise of encryption tokens) allows to break forward secu- rity and leads to key compromise impersonation attacks. Moreover, we demonstrate that these problems cannot be solved even if the affected user revokes his compromised secret key and updates it to a new one. The conclusion is that this protocol cannot be used in IoT environments, where key compromise is a realistic risk.\ 

}, isbn = {978-3-319-61176-1}, doi = {10.1007/978-3-319-61176-1_25}, author = {David Nu{\~n}ez and Isaac Agudo and Javier Lopez} } @article {1752, title = {Security of Industrial Sensor Network-based Remote Substations in the context of the Internet of Things}, journal = {Ad Hoc Networks}, volume = {11}, year = {2013}, month = {2013}, pages = {1091{\textendash}1104}, publisher = {Elsevier}, abstract = {

The main objective of remote substations is to provide the central system with sensitive information from critical infrastructures, such as generation, distribution or transmission power systems. Wireless sensor networks have been recently applied in this particular context due to their attractive services and inherent benefits, such as simplicity, reliability and cost savings. However, as the number of control and data acquisition systems that use the Internet infrastructure to connect to substations increases, it is necessary to consider what connectivity model the sensor infrastructure should follow: either completely isolated from the Internet or integrated with it as part of the Internet of Things paradigm. This paper therefore addresses this question by providing a thorough analysis of both security requirements and infrastructural requirements corresponding to all those TCP/IP integration strategies that can be applicable to networks with constrained computational resources.

}, keywords = {Industrial Control Networks, Internet of Things, Supervisory Control and Data Acquisition (SCADA) Systems, The Internet, wireless sensor networks}, issn = {1570-8705}, doi = {http://dx.doi.org/10.1016/j.adhoc.2012.12.001}, author = {Cristina Alcaraz and Rodrigo Roman and Pablo Najera and Javier Lopez} } @article {roman2011, title = {Key management systems for sensor networks in the context of the Internet of Things}, journal = {Computers \& Electrical Engineering}, volume = {37}, year = {2011}, month = {Mar 2011}, pages = {147-159}, publisher = {Elsevier}, abstract = {

If a wireless sensor network (WSN) is to be completely integrated into the Internet as part of the Internet of Things (IoT), it is necessary to consider various security challenges, such as the creation of a secure channel between an Internet host and a sensor node. In order to create such a channel, it is necessary to provide key management mechanisms that allow two remote devices to negotiate certain security credentials (e.g. secret keys) that will be used to protect the information flow. In this paper we will analyse not only the applicability of existing mechanisms such as public key cryptography and pre-shared keys for sensor nodes in the IoT context, but also the applicability of those link-layer oriented key management systems (KMS) whose original purpose is to provide shared keys for sensor nodes belonging to the same WSN.

}, issn = {0045-7906}, doi = {10.1016/j.compeleceng.2011.01.009}, url = {http://www.sciencedirect.com/science/article/B6V25-527FRSD-1/2/62661c595153993639c43b9b331d8d66}, author = {Rodrigo Roman and Cristina Alcaraz and Javier Lopez and Nicolas Sklavos} } @inproceedings {calcaraz10, title = {Wireless Sensor Networks and the Internet of Things: Do We Need a Complete Integration?}, booktitle = {1st International Workshop on the Security of the Internet of Things (SecIoT{\textquoteright}10)}, year = {2010}, month = {December}, pages = {xxxx}, publisher = {IEEE}, organization = {IEEE}, address = {Tokyo (Japan)}, abstract = {

Wireless sensor networks (WSN) behave as a digital skin, providing a virtual layer where the information about the physical world can be accessed by any computational system. As a result, they are an invaluable resource for realizing the vision of the Internet of Things (IoT). However, it is necessary to consider whether the devices of a WSN should be completely integrated into the Internet or not. In this paper, we tackle this question from the perspective of security. While we will mention the different security challenges that may arise in such integration process, we will focus on the issues that take place at the network level.

}, issn = {xxxx}, author = {Cristina Alcaraz and Pablo Najera and Javier Lopez and Rodrigo Roman} } @inproceedings {roman2009, title = {Do Wireless Sensor Networks Need to be Completely Integrated into the Internet?}, booktitle = {3rd CompanionAble Workshop - Future Internet of People, Things and Services (IoPTS) eco-Systems}, year = {2009}, month = {December}, pages = {xxxx}, publisher = {xxxx}, organization = {xxxx}, address = {Brussels (Belgium)}, abstract = {

Wireless sensor networks are considered as an integral part of the Internet of Things paradigm. Not only they provide a virtual presence to elements of the real world, but also allow any computationalsystem to know about the physical state of those elements thanks to the use of embedded sensors. In order to belong to the Internet of Things, the elements of a sensor network can implement Internet protocols and services such as the TCP/IP stack and web services. Still, a question that must be raised at this point of time is whether all sensor network applications should be completely integrated into the Internet or not. The purpose of this paper is to analyze this question, reviewing the challenges and security requirements of Internet-enabled sensor networks.

}, issn = {xxxx}, author = {Rodrigo Roman and Javier Lopez and Cristina Alcaraz} }