Attackers in Wireless Sensor Networks Will Be Neither Random nor Jumping -- Secrecy Amplification Case, Extended Version

by Radim O¹»ádal, Petr ©véda, Václav Matyá¹, September 2016, 20 pages.

FIMU-RS-2016-04. Available as Postscript, PDF.


Partially compromised network is a pragmatic assumption in many real-life scenarios. Secrecy amplification protocols provide a significant increase in the number of secure communication links by re-establishing new keys via different communication paths. Our paper shows that so far research in the area of secrecy amplification protocols for wireless sensor networks has been based on rather simplified foundations with respect to attacker models. The attacker does not behave randomly and different attacker capabilities and behaviour have to be considered. We provide means to experimental work with parametrisable attacker capabilities and behaviour in realistic simulations, and evaluate the impact of the realistic attacker properties on the performance of major amplification protocols. We also show which secrecy amplification protocols perform best in different attacker settings and help to select a protocol that exhibits good results in a prevalent number of inspected scenarios. This is the extended version of our paper that is to be presented at 15th International Conference on Cryptology and Network Security (CANS 16) in Milan, Italy, November 14-16, 2016.

The Million-Key Question - Investigating the Origins of RSA Public Keys

by Petr ©venda, Matus Nemec, Peter Sekan, Rudolf Kvasnovsky, David Formanek, David Komarek, Václav Matyá¹, August 2016, 83 pages.

FIMU-RS-2016-03. Available as Postscript, PDF.


Can bits of an RSA public key leak information about design and implementation choices such as the prime generation algorithm? We analysed over 60 million freshly generated key pairs from 22 open- and closed-source libraries and from 16 different smartcards, revealing significant leakage. The bias introduced by different choices is sufficiently large to classify a probable library or smartcard with high accuracy based only on the values of public keys. Such a classification can be used to decrease the anonymity set of users of anonymous mailers or operators of linked Tor hidden services, to quickly detect keys from the same vulnerable library or to verify a claim of use of secure hardware by a remote party. The classification of the key origins of more than 10 million RSA-based IPv4 TLS keys and 1.4 million PGP keys also provides an independent estimation of the libraries that are most commonly used to generate the keys found on the Internet. Our broad inspection provides a sanity check and deep insight regarding which of the recommendations for RSA key pair generation are followed in practice, including closed-source libraries and smartcards. The inspection was not limited only to public part of a RSA keypair – the properties of private key were inspected including factorization of p-1 and p+1 for large number of 512-bit RSA keys followed by discussion of relevant factorization attacks.

Evaluation of the Impact of Question Difficulty on Engagement and Learning

by Jan Papou¹ek, Vít Stanislav, Radek Pelánek, April 2016, 13 pages.

FIMU-RS-2016-02. Available as Postscript, PDF.


We study the impact of question difficulty on learners’ engagement and learning using an experiment with an open online educational system for adaptive practice of geography. The experiment shows that easy questions are better for short term engagement, whereas difficult questions are better for long term engagement and learning. These results stress the necessity of careful formalization of goals and optimization criteria of open online education systems. We also present disaggregation of overall results into specific contexts of practice and highlight the issue of attrition bias. This paper is an extended version of the paper presented at Intelligent Tutoring Systems conference.

Towards Better Selective Forwarding And Delay Attacks Detection in Wireless Sensor Networks

by Martin Stehlik, Václav Matyá¹, Andriy Stetsko, A full version of the paper presented at conference ICNSC 2016. April 2016, 30 pages.

FIMU-RS-2016-01. Available as Postscript, PDF.


A number of intrusion detection techniques have been proposed to detect different kinds of active attacks on wireless sensor networks (WSNs). Selective forwarding and delay attacks are two simple but effective attacks that can disrupt the communication in WSNs. In this work, we propose two parametrized collaborative intrusion detection techniques and optimize their parameters for a specific scenario using extensive simulations and multiobjective evolutionary algorithms. Moreover, we sample the whole search space to enable evaluation of evolution performance. The found optimized results are also compared to a simpler non-collaborative detection technique to demonstrate improvements of collaborative approach. We also evaluate the influence of changes of the number of malicious nodes on the intrusion detection performance. This technical report extends our paper presented at conference ICNSC 2016 by details of experiment settings and results.