Univ. of Pisa

Laurea Magistrale in Ingegneria Informatica

Security in Networked Computing Systems


Here, I suggest a number of readings that may help the students to refine their preparation for the final exams. These readings can also be considered as a starting point for those who are interested in deepening their knowledge in the related topics. The most of, perhaps all, suggested papers are adequate to the average student background and thus they can be profitably read with a relatively small effort.

Symmetric cryptography

Xor-based attacks

It is well-known that the Vernam One-Time Pad (OTP) is subject to xor-based attacks if the same keystream is reused. [Dawson96] presents the main results of these attacks.

(In)Security of WEP

There are several papers that discuss the (in)security of WEP. [Fluhrer01] describes the the ¨famous¨ FMS attack which exploits the fact that RC4, the PRG in WEP, is input by means of correlated keys. [Stubblefield02] describes an efficient implementation of the FMS attack. Finally, [Borisov01] presents an overview of the vulnerabilities of WEP. It mentions the FMS attack but it also presents other system-level attacks.

Public-Key Cryptography

Asymmetric Cryptosystems

The Diffie-Hellman protocol can be found in [Diffie76]. Whereas, [Diffie88] provides a general overview of public key cryptography (algorithms, applications, open problems), ten years later its discovery.

A concise explanation of RSA can be found in wikipedia. The original paper can be found here.

Digital signatures and Public key Infrastructures

Bruce Schneier argues about ten risks of PKIs. This paper highlights pros and cons of PKIs.

Gianluca Dalla Riva presents I mille problemi della firma digitale. This is actually a collection of four paper that present the problems of digital signature from a legal standpoint. The paper dates back to 2002 and therefore references to laws may be obsolete. However, some problems are still there.

Side-channel attacks

[Lawson09] shows that when it comes to cryptographic software, side channels are often-overlooked threat. Crypto is especially vulnerable to side-channel attacks because of its strict requirements for absolute secrecy. In the software world, side-channel attacks have sometimes been dismissed as impractical. However, new system architecture features, such as larger cache sizes and multicore processors, have increased the prevalence of side channels and quality of measurement available to an attacker. Software developers must be aware of the potential for side-channel attacks and plan appropriately.

Analysis and design of cryptographic protocols

The original paper describing the BAN Logic is:

M. Burrows, M. Abadi, and R.M.Needham, A logic of authentication, ACM Transactions on Computer Systems, Vol. 8, No. 1, February 1990, Pages 18-36
In the far 1994, when I was PhD student, I met Prof. Roger Needham in Cambridge, during an EU Project Review meeting. In order to get a slight idea of him as both a person and a researcher, I suggest to read his obituaries published on the main British newspapers: Independent, The Guardian, The Telegraph.

Group key management

In 2003, Rafaeli and Hutchison wrote a comphrensive and clear survey on key management for group communication [Rafaeli03]. New schemes have been proposed since then. However the paper is still very good for those who need an initial smattering on the topic.

Secure distance bounding and secure localization

Distance bounding

[Brands94] introduces the first distance bounding protocols, with Brands-Chaum style. We suggest to read Sections 1 and 2 only. Section 2.3 presents the "Brands-Chaum type-1 protocol", while Section 2.5 presents the "Brands-Chaum type-2 protocol". The paper is also useful for an explanation of mafia fraud (Section 2.2) and distance fraud (Section 2.4).

[Hancke05] introduces the the Hancke-Kuhn distance bounding protocols. It talks also about related issues, for example noise tolerance and overclock attacks.

Secure localization

[Capkun06] introduces the verifiable multilateration for secure positioning against external adversaries or dishonest provers (only Sections 1, 2, and 4). [Chiang12]  is about intertwined distance bounding and simultaneous verifiable multilateration for multiple colluding internal adversaries (only Section 1, 3, 4). [Montgomery09] introduces the multi-antenna defense for secure GPS.


[Borisov01] N. Borisov, I. Goldberg, and D. Wagner. Intercepting mobile communications: The insecurity of 802.11. Proceedings of the International Conference on Mobile Computing and Networking, pp. 180–189, July 2001. [PDF].

[Brands94] Brands, Stefan, and David Chaum. "Distance-bounding protocols." Advances in Cryptology—EUROCRYPT’93. Springer Berlin Heidelberg, 1994. [pdf]

[Capkun06] Čapkun, Srdjan, and Jean-Pierre Hubaux. "Secure positioning in wireless networks." IEEE Journal on Selected Areas in Communications. 2006.

[Chiang12] Chiang, Jerry T., et al. "Secure location verification using simultaneous multilateration." Wireless Communications, IEEE Transactions on 11.2 (2012): 584-591.

[Dawson96] E. Dawson and L. Nielsen. Automated cryptanalysis of XOR plaintext strings. Cryptologia, (2):165–181, April 1996. [PDF].

[Diffie76] W. Diffie and M. Hellman. New directions in cryptography. IEEE Transactions on Information Theory. Vol. IT-22, no. 6, pages, 644-654, November 1976. [PDF]

[Diffie88] W. Diffie. The first ten years of public-key cryptography. IEEE Transactions on Information Technology, vol. 76, no.5, pages 560-577, 1988. [PDF]

[Fluhrer01] S. Fluhrer, I. Mantin, and A. Shamir. A weakness in the key schedule algorithm of RC4.
Proceedings of the 4th Annual Workshop on Selected Areas of Cryptography, 2001.  [PDF]

[Hancke05] Hancke, Gerhard P., and Markus G. Kuhn. "An RFID distance bounding protocol." Security and Privacy for Emerging Areas in Communications Networks, 2005. SecureComm 2005. First International Conference on. IEEE, 2005.

[Lawson09] Nate Lawson, Side-Channel Attacks on Cryptographic Software, IEEE Security & Privacy, Nov.-Dec. 2009, pp.65-68. [PDF]

[Montgomery09] Montgomery, Paul Y., Todd E. Humphreys, and Brent M. Ledvina. "Receiver-autonomous spoofing detection: Experimental results of a multi-antenna receiver defense against a portable civil GPS spoofer." Proceedings of the ION International Technical Meeting. 2009.

[Rafaeli03] S.Rafaeli and Hutchison, A Survey of Key Management for Secure Group Communication, ACM Computing Surveys, Vol. 35, No. 3, September 2003, pp. 309–329. [pdf]

[Stubblefield02] Adam Stubblefield, John Ioannidis Aviel D. Rubin. Using the Fluhrer, Mantin, and Shamir Attack to Break WEP. Proceedings of the Network and Distributed System Security Symposium, NDSS 2002, San Diego, California, USA [PDF]