2019 Completed Security Analysis of LoRaWAN: An Experimental Evaluation of Attacks Supervisor: Lars Almon Flor Maria Alvarez Zurita
2019 Completed Bluetooth Mesh Network Security Analysis: An Experimental Evaluation of Attacks Using Btlejack Supervisor: Flor Maria Alvarez Zurita Lars Almon
2019 Completed Secure Device Pairing Using Short-Range Acoustic Communication Supervisor: Flor Maria Alvarez Zurita Jiska Classen
2017 Completed Reverse Engineering the Apple Wireless Direct Link Protocol Supervisor: Milan Stute Flor Maria Alvarez Zurita Apple Wireless Direct Link (AWDL) is a proprietary and undocumented 802.11 based peer-to-peer protocol. It is implemented in all of Apple's operating systems. In this thesis a reverse engineering method using binary analysis complemented by runtime analysis with traces and logs was applied. We found that each device in AWDL provides its own channel sequence. An elected master node is used to synchronize these sequences. Outside these windows of time, devices can use their wireless radio for other protocols or save energy by turning it off. Each node adapts its channel sequence, e.g. depending on network load, shifting the ratio between infrastructure and peer-to-peer Wi-Fi. This thesis also provides a first analysis of AWDL, includes the frame format documentation and presents a Wireshark dissector and a prototype implementation for AWDL.
2016 Completed A Framework for Adaptive Energy-efficient Neighbour Discovery in Oppertunistic Networks Supervisor: Flor Maria Alvarez Zurita
2016 Completed Secure key exchange protocol for a group communication during emergency responses Supervisor: Flor Maria Alvarez Zurita
2020 13th ACM Conference on Security and Privacy in Wireless and Mobile Networks Conference Acoustic Integrity Codes: Secure Device Pairing Using Short-Range Acoustic Communication Florentin Putz Flor Álvarez Jiska Classen PDF BibTeX DOI: 10.1145/3395351.3399420 Abstract Secure Device Pairing (SDP) relies on an out-of-band channel to authenticate devices. This requires a common hardware interface, which limits the use of existing SDP systems. We propose to use short-range acoustic communication for the initial pairing. Audio hardware is commonly available on existing off-the-shelf devices and can be accessed from user space without requiring firmware or hardware modifications. We improve upon previous approaches by designing Acoustic Integrity Codes (AICs): a modulation scheme that provides message authentication on the acoustic physical layer. We analyze their security and demonstrate that we can defend against signal cancellation attacks by designing signals with low autocorrelation. Our system can detect overshadowing attacks using a ternary decision function with a threshold. In our evaluation of this SDP scheme’s security and robustness, we achieve a bit error ratio below 0.1% for a net bit rate of 100 bps with a signal-to-noise ratio (SNR) of 14 dB. Using our open-source proof-of-concept implementation on Android smartphones, we demonstrate pairing between different smartphone models.