Author:

Abstract:

The observation that people already carry lots of personal devices (e.g., a smart phone, an electronic identity card, an access badge, an electronic car key, a laptop, ...), serves as starting point for this thesis. Furthermore, with the arrival of smart objects, the number of things that think one carries is expected to grow. Sensors will be built into clothing and attached to the body to monitor our health. It is clear that these devices need to be protected. However, due to the vast amount of devices involved, the traditional approach of protecting each device on its own, results in a usability nightmare.We investigate how to tap into the potential that arises from cooperation between these devices. This is done by deploying threshold cryptography on personal devices. Threshold cryptography has the benefit of increased overall security, since an adversary can compromise a number (up to the threshold number) of devices without gaining any advantage towards breaking the overall security. Furthermore, the end-user does not need to carry all his personal devices, any subset of size at least the threshold number is sufficient to make use of the threshold security system.We propose technical solutions to tackle some of the practical issues related to this approach, paving the road for real world implementations. First, we show how one can include devices that do not have the necessary (secure) storage capabilities needed to store shares (e.g., car keys) in our threshold scheme. Second, we investigate how the end-user can add or remove devices from his set of personal devices used in this threshold scheme. Finally, in order to get user acceptance, the (location) privacy of consumers should not be disregarded. Towards this goal we examine how to achieve private and secure device authentication over an open channel. This is done specifically for RFID tags, which are the least powerful devices that can be included in our threshold system. Hence, the location of the end-user can be kept private, while all communication between his personal devices, that arises from our threshold solution, goes over an open channel.