Research Team Status
- Names of researchers and position
- Mohit Jangid (PhD Student)
- Christopher Ellis (PhD Student)
- Any new collaborations with other universities/researchers?
- None
Project Goals
- What is the current project goal?
- Continuing the development of the formal model to uncover exclusive-use patterns in wireless protocols, particularly why such patterns can leak privacy, what the fundamental mathematic prosperities, and how we formulate it using formal verification tool such as Tamarin.
- Continuing the development of the formal model to uncover exclusive-use patterns in wireless protocols, particularly why such patterns can leak privacy, what the fundamental mathematic prosperities, and how we formulate it using formal verification tool such as Tamarin.
- How does the current goal factor into the long-term goal of the project?
- Current goal is a milestone in the long-term goal of the project.
Accomplishments
- Address whether project milestones were met. If milestones were not met, explain why, and what are the next steps.
We have met the milestones as planned during this quarter
- What is the contribution to foundational cybersecurity research? Was there something discovered or confirmed?
With the surge in privacy-sensitive data from sources such as social media and IoT devices, there is a pressing need for formal, automated methods to assess privacy risks within these intricate systems. During this reporting period, we have started to formally investigate the root sources of exclusive-use based privacy threats exploited using replay/relay techniques in wireless communication. Our research harnesses condition-oblivious responses, replay-resistant, and secure proximity measures vital for protocols utilizing persistent and sensitive local shared data for authenticated connections. Particularly, we are developing formal modeling for notable wireless networks, like Wi-Fi P2P persistent group formation and Bluetooth Low Energy reconnection procedure, to illustrate the root causes and countermeasures. Our model rigorously validates the IDBleed attacks we devloped earlier, along with existing formalizations of well-authentication, frame opacity, and no-desynchronization. The ensuing analysis reveals not only uncharted privacy realms in wireless communication but also identifies old and new vulnerabilities.
- Impact of research
- Internal to the university (coursework/curriculum)
- N/A
- External to the university (transition to industry/government (local/federal); patents, start-ups, software, etc.)
- Our finding has been disclosed to the Bluetooth Special Interests group, and we are in close contact with the stake holders for the root causes and how to fix them.
- Any acknowledgements, awards, or references in media?
- N/A
- Internal to the university (coursework/curriculum)
Publications and presentations
- Add publication reference in the publications section below. An authors copy or final should be added in the report file(s) section. This is for NSA's review only.
- N/A
- Optionally, upload technical presentation slides that may go into greater detail. For NSA's review only.