Research and teaching activities in the CrySyS Lab Levente Buttyán Laboratory of Cryptography and System Security (CrySyS) Budapest University of Technology

Research and teaching activities in the CrySyS Lab

Levente ButtyánLaboratory of Cryptography and System Security (CrySyS)

Budapest University of Technology and EconomicsDepartment of Telecommunications

www.crysys.hu

2Laboratory of Cryptography and System SecurityCrySyS Adat- és Rendszerbiztonság Laboratóriumwww.crysys.hu

Current members

faculty:– Boldizsár Bencsáth, PhD, Assistant Professor– Levente Buttyán, PhD, Associate Professor (head of the lab)– Márk Félegyházi, PhD, Assistant Professor– István Vajda, DSc, Professor

post doc researcher:– Amit Dvir, PhD (from Israel)

PhD candidates and PhD students:– Tamás Holczer (privacy in RFID systems, vehicular networks, sensor networks)

– Gergely Kótyuk (privacy in social networks, applications of machine learning)

– Áron Lászka (robustness of network toplogies)

– Gábor Pék (security of virtualized systems, code attestation, verification of code execution)

– Ta Vinh Thong (formal verification of security protocols)

+ ~10 students working on diploma and semester projects


Mission

internationally recognized, high quality research on security and privacy in computer networks and systems– problem driven, project oriented research we are committed to

establish and participate in R&D projects, in which we collaborate with industrial and other academic partners

teaching network and system security, privacy, and cryptography in the context of university courses, laboratory exercises, and semester projects

provision of consulting services without compromising the general academic objectives


Research

main research domains– economics of security and privacy

(incentive design, quantitative risk management, cyber insurance)– security of cloud computing

(vulnerability analysis of virtual machines, malware analysis techniques)– security and privacy in wireless networked embedded systems

(sensor networks, body area networks, vehicular communications, RFID systems)

funding– international projects funded by the European Commission– Ericsson through the HSN Lab– national funding agencies (OTKA, NKTH)


Overview of projects

2006 2007 2008 2009 2010 2011 2012 2013

nationalEU FP7EU FP6

UbiSecSens

SeVeCom

BIONETS

DESEREC

EU-MESH

WSAN4CIP

MobilSEC

MIK 2.3.1

SPUC

…

…

CHIRON

EU ARTEMIS


Project highlights

SeVeCom – Secure Vehicle Communications (www.sevecom.org)(EU STREP , supervised by L. Buttyan)

UbiSec&Sens – Ubiquitous Sensing and Security (www.ist-ubisecsens.org)(EU STREP , supervised by L. Buttyan)

WSAN4CIP – Wireless Sensor Networks for Critical Infrastructure Protection (EU STREP, supervised by L. Buttyan)

EU-MESH – Enhanced, Ubiquitous, and Dependable Broadband Access using MESH Networks (www.eu-mesh.eu)(EU STREP, supervised by L. Buttyan)

CHIRON – Cyclic and Person Centric Health Management (ARTEMIS IP, supervised by L. Buttyan and R. Schulz)


SeVeCom Project

context– funded by the EC within FP6 (project no. 027795 )– started in Jan 2006, duration 3 years

objectives– development of a security architecture for vehicular safety communication

systems • key and identity management for cars, secured communication protocols, location

privacy enhancing techniques– extensive liaison with other related EU and non-EU funded projects

• C2C-CC, CVIS, SAFESPOT, COMeSafety, …

partners– industry: Trialog, Daimler, CR Fiat, Bosch– academia: EPFL, U Ulm, KU Leuven, BME/HIT/CrySyS

more information: www.sevecom.org


UbiSec&Sens Project

context– funded by the EC within FP6 (project no. 026820 )– started in Jan 2006, duration 3 years

objectives– development of a security toolbox for wireless sensor networks

• secure routing and clustering, concealed data aggregation, persistent distributed data storage (TinyPEDS), key management, crypto support (ECC, TinyRNG)

– implementation and demonstration• vineyard monitoring, road condition monitoring, homeland security (in

cooperation with the Portuguese police)

partners– industry: NEC Europe– academia: RWTH, RU Bohum, Lulea TU, IHP, INRIA, INOV, BME/HIT/CrySyS

more information: www.ist-ubisecsens.org


WSAN4CIP Project

context– funded by the EC within FP7– started in Jan 2009, duration 3 years

objectives– investigate the applicability of wireless sensor technology for monitoring critical

infrastructures (cost efficiency and large scale surveillance)– dependable networking and services, secured OS– implementation and demonstration

• monitoring a drinking water distribution system in Frankfurt/Oder, • monitoring power lines and substations in the Lisbon area of Portugal

partners– industry: NEC Europe, Sirrix AG, Tecnatom SA, FWA, EDP – academia: U Malaga, Lulea TU, IHP, INRIA, INOV, BME/HIT/CrySyS

more information: www.wsan4cip.eu


EU-MESH Project

context– funded by the EC within FP7– started in Jan 2008, duration 2.5 years

objectives– design and experiment with QoS-aware wireless mesh networks for broadband

access to the Internet– work package on security deals with

• fast mesh client authentication to support seamless hand-over• secure routing and misbehaving router detection• secured multipath communications based on IPsec

partners– industry: Proximetry, Ozone, FORTHNET, Thales– academia: FORTH, CNR Italy, TU Berlin, SUPSI, BME/HIT/CrySyS

more information: www.eu-mesh.eu


CHIRON Project

context– funded by the ARTEMIS JU (subprogram: person-centric healthcare)– started in Mar 2010, duration 3 years

objectives– combine state-of-the art technologies and innovative solutions into an integrated

framework designed for an effective and person-centric health management along the complete care cycle

– we are working on• in-door positioning techniques (BME/HIT/MCL)• security and privacy at the body area sensor network level (BME/HIT/CrySyS)

– prevention of traffic analysis– privacy preserving access control to collected data at the BAN level

partners– 27 partners from 8 countries– 7 large enterprises, 7 SMEs, 6 universities (including BME/HIT), 6 research

centers, 1 medical institution

more information: www.chiron-project.eu


Our sensor network test bed

prototypes developed:– secure and resilient routing protocols– implementation of the IETF ROLL routing protocol RPL (Linux, TinyOS)– resilient data aggregation algorithms– secure and reliable cluster head election protocols– secure and reliable transport protocols– secure distributed data storage schemes (also for forensics purposes)– crypto toolbox (symmetric key encryption and message integrity algs)

ZigBee compatible / TinyOS:– 4 Crossbow MicaZ motes +

programming board – 20 MoteIV TmoteSky motes

WiFi / Linux:– 6 Silex SX-560 wireless

embedded modules


Our mesh network test bed

~10 MikroTik Routerboard 153175MHz, 32MB RAM, 2 GB CF, 3 radio interfaces (802.11a/b/g)

prototypes developed:– security extensions to the OLSR routing protocol

– fast user authentication protocols for seamless handover

– IPsec based secure multi-path communication protocol


International collaborations

EPFL, Switzerland (Prof. Jean-Pierre Hubaux) University of Twente, The Netherlands (Dr. Frank Kargl) KTH, Sweden (Prof. Panagiotis Papadimitratos, Prof. György Dán) NEC Laboratories, Germany (Dr. Dirk Westhoff) IHP, Germany (Prof. Dr. Peter Langendoerfer) INRIA Rhone-Alpes (Dr. Claude Castelluccia)

University of Washington, Seattle (Prof. Radha Poovendran) University of California, Berkeley (Prof. Jean Walrand) ICSI, Berkeley (Prof. Vern Paxson) University of Münster, Germany (Prof. Rainer Böhme) …


Teaching

Base course in Computer Networking– Computer Networking (Info BSc German, Computernetzwerke) (M. Félegyházi)

Base courses in Information Security– Information Security (Info MSc, Adatbiztonság) (I. Vajda, L. Buttyán, B. Bencsáth) – Information Security (GaIn MSc, Adatbiztonság) (I. Vajda, L. Buttyán, B. Bencsáth)

Special on Security of Communication Systems (Hírközlő rendszerek biztonsága MSc informatikus szakirány)

– Cryptography and its applications (Kriptográfia és alkalmazásai) (I. Vajda)

– Security protocols (Biztonsági protokollok) (L. Buttyán)

– Foundations of secure e-commerce (A biztonságos elektronikus kereskedelem alapjai) (L. Buttyán)

– Network security in practice (Hálózatbiztonság a gyakorlatban) (B. Bencsáth)

– Economics of security and privacy (A biztonság és a privátszféra védelmének közgazdaságtana) (M. Félegyházi)

+ laboratory exercises, semester and diploma projects (all members)


Consulting

Hungarian Telecom (T-Com)– security for VoIP systems

Budapest Transport Ltd– security requirements for automated fare collection (electronic ticketing)

NETI– secure smart card based authentication system

evopro– cryptography for embedded devices

ethical hacking– penetration testing and vulnerability analysis for numerous Hungarian

companies


Further information

www.crysys.hu– contact information– description of research projects– full list of publications– publications in downloadable format

(including the book Security and Cooperation in Wireless Networks)

– course material (slides)– description of laboratory exercises– best student project reports– …

Documents

Research and teaching activities in the CrySyS Lab Levente Buttyán Laboratory of Cryptography and System Security (CrySyS) Budapest University of Technology