A List by Author: Václav Matyá¹

home page:

Attackers in Wireless Sensor Networks Will Be Neither Random nor Jumping -- Secrecy Amplification Case, Extended Version

by Radim O¹»ádal, Petr ©véda, Václav Matyá¹, September 2016, 20 pages.

FIMU-RS-2016-04. Available as Postscript, PDF.


Partially compromised network is a pragmatic assumption in many real-life scenarios. Secrecy amplification protocols provide a significant increase in the number of secure communication links by re-establishing new keys via different communication paths. Our paper shows that so far research in the area of secrecy amplification protocols for wireless sensor networks has been based on rather simplified foundations with respect to attacker models. The attacker does not behave randomly and different attacker capabilities and behaviour have to be considered. We provide means to experimental work with parametrisable attacker capabilities and behaviour in realistic simulations, and evaluate the impact of the realistic attacker properties on the performance of major amplification protocols. We also show which secrecy amplification protocols perform best in different attacker settings and help to select a protocol that exhibits good results in a prevalent number of inspected scenarios. This is the extended version of our paper that is to be presented at 15th International Conference on Cryptology and Network Security (CANS 16) in Milan, Italy, November 14-16, 2016.

The Million-Key Question - Investigating the Origins of RSA Public Keys

by Petr ©venda, Matus Nemec, Peter Sekan, Rudolf Kvasnovsky, David Formanek, David Komarek, Václav Matyá¹, August 2016, 83 pages.

FIMU-RS-2016-03. Available as Postscript, PDF.


Can bits of an RSA public key leak information about design and implementation choices such as the prime generation algorithm? We analysed over 60 million freshly generated key pairs from 22 open- and closed-source libraries and from 16 different smartcards, revealing significant leakage. The bias introduced by different choices is sufficiently large to classify a probable library or smartcard with high accuracy based only on the values of public keys. Such a classification can be used to decrease the anonymity set of users of anonymous mailers or operators of linked Tor hidden services, to quickly detect keys from the same vulnerable library or to verify a claim of use of secure hardware by a remote party. The classification of the key origins of more than 10 million RSA-based IPv4 TLS keys and 1.4 million PGP keys also provides an independent estimation of the libraries that are most commonly used to generate the keys found on the Internet. Our broad inspection provides a sanity check and deep insight regarding which of the recommendations for RSA key pair generation are followed in practice, including closed-source libraries and smartcards. The inspection was not limited only to public part of a RSA keypair – the properties of private key were inspected including factorization of p-1 and p+1 for large number of 512-bit RSA keys followed by discussion of relevant factorization attacks.

Towards Better Selective Forwarding And Delay Attacks Detection in Wireless Sensor Networks

by Martin Stehlik, Václav Matyá¹, Andriy Stetsko, A full version of the paper presented at conference ICNSC 2016. April 2016, 30 pages.

FIMU-RS-2016-01. Available as Postscript, PDF.


A number of intrusion detection techniques have been proposed to detect different kinds of active attacks on wireless sensor networks (WSNs). Selective forwarding and delay attacks are two simple but effective attacks that can disrupt the communication in WSNs. In this work, we propose two parametrized collaborative intrusion detection techniques and optimize their parameters for a specific scenario using extensive simulations and multiobjective evolutionary algorithms. Moreover, we sample the whole search space to enable evaluation of evolution performance. The found optimized results are also compared to a simpler non-collaborative detection technique to demonstrate improvements of collaborative approach. We also evaluate the influence of changes of the number of malicious nodes on the intrusion detection performance. This technical report extends our paper presented at conference ICNSC 2016 by details of experiment settings and results.

On Secrecy Amplification Protocols - Extended Version

by Radim O¹»ádal, Petr ©venda, Václav Matyá¹, A full version of the paper presented at conference WISTP 2015 June 2015, 34 pages.

FIMU-RS-2015-01. Available as Postscript, PDF.


We review most important secrecy amplification protocols that are suitable for ad-hoc networks of devices with limited resources, providing additional resistance against various attacks on used cryptographic keys without necessity for asymmetric cryptography. We discuss and evaluate different designs as well as approaches to create new protocols. A special focus is given to suitability of these protocols with respect to different underlying key distribution schemes and also to open issues. This technical report provides details of our research that will be presented at the 9th WISTP International Conference on Information Security Theory and Practice (WISTP`2015), where a subset of this technical report will be published in this conference proceedings.

Improving Intrusion Detection Systems for Wireless Sensor Networks

by Andriy Stetsko, Tobias Smolka, Václav Matyá¹, Martin Stehlik, March 2014, 29 pages.

FIMU-RS-2014-01. Available as Postscript, PDF.


A considerable amount of research has been undertaken in the field of intrusion detection in wireless sensor networks. Researchers proposed a number of relevant mechanisms, and it is not an easy task to select the right ones for a given application scenario. Even when a network operator knows what mechanism to use, it remains an open issue how to configure this particular mechanism in such a way that it is efficient for the particular needs. We propose a framework that optimizes the configuration of an intrusion detection system in terms of detection accuracy and memory usage. There is a variety of scenarios, and a single set of configuration values is not optimal for all of them. Therefore, we believe, such a framework is of a great value for a network operator who needs to optimize an intrusion detection system for his particular needs, e.g., attacker model, environment, node parameters.

Security of Biometric Authentication Systems -- Extended Version

by Václav Matyá¹, Zdenìk Øíha, A full version of the paper presented at conference Computer Information Systems and Industrial Management Applications 2010 June 2010, 27 pages.

FIMU-RS-2010-07. Available as Postscript, PDF.


This technical report outlines our views of actual security of biometric authentication and encryption systems. The attractiveness of some novel approaches like cryptographic key generation from biometric data is in some respect understandable, yet so far has lead to various shortcuts and compromises on security. The report starts with an introductory section that is followed by a section about variability of biometric characteristics, with a particular attention paid to biometrics used in large systems. The following sections then discuss the potential for biometric authentication systems, and for the use of biometrics in support of cryptographic applications as they are typically used in computer systems.

Neighbor-Based Intrusion Detection for Wireless Sensor Networks

by Andriy Stetsko, Luká¹ Folkman, Václav Matyá¹, May 2010, 33 pages.

FIMU-RS-2010-04. Available as Postscript, PDF.


The neighbor-based detection technique explores the principle that sensor nodes situated spatially close to each other tend to have similar behavior. A node is considered malicious if its behavior significantly differs from its neighbors. The detection technique is localized, unsupervised and adapts to changing network dynamics. Although the technique is promising, it has not been deeply researched in the context of wireless sensor networks yet. In this technical report we analyze symptoms of different attacks for the applicability of the neighbor-based technique. The analysis shows that the technique can be used for detection of selective forwarding, jamming and hello flood attacks. We implemented an intrusion detection system which employs the neighbor-based detection technique. The system was designed for and works on the TinyOS operating system running the Collection tree protocol. We evaluated accuracy of the technique in detection of selective forwarding, jamming and hello flood attacks. The results show that the neighbor-based detection technique is highly accurate, especially in the case when collaboration among neighboring nodes is used.

Key Distribution and Secrecy Amplification in Wireless Sensor Networks

by Petr ©venda, Václav Matyá¹, November 2007, 63 pages.

FIMU-RS-2007-05. Available as Postscript, PDF.


This report targets the area of wireless sensor networks, and in particular their security. Probabilistic key pre-distribution schemes were developed to deal with limited memory of a single node and high number of potential neighbours. We present a new idea of group support for authenticated key exchange that substantially increases the resilience of an underlaying probabilistic key pre-distribution scheme against the threat of node capturing. We also propose a new method for automatic protocol generation which utilizes Evolutionary Algorithms (EA). The approach is verified on the automatic generation of secrecy amplification protocols for wireless sensor networks. All human-designed secrecy amplification protocols proposed so far were re-invented by the method. A new protocol with better fraction of secure links was evolved. An alternative construction of secrecy amplification protocol was designed which exhibits only linear (instead of exponential) increase of needed messages when the number of communication neighbours is growing. As a message transmission is a battery expensive operation, this more efficient protocol can significantly save this resource.

Application-Level Firewall Protection Profile for High Robustness Environments-Initial Considerations

by Mark Kelly, Václav Matyá¹, Ahmed Patel, April 2004, 43 pages.

FIMU-RS-2004-02. Available as Postscript, PDF.


Firewalls act as access control policy mediators between networks. They either permit or block the exchange of data between networks. The ability to permit or block the transfer of data means firewalls can be used to selectively allow access to the resources it protects. Firewalls of varying security levels have been created to provide security that is adequate to the sensitivity of the data being protected. Firewalls are often formally evaluated to certify what level of security they are suitable for. They are evaluated against so-called security evaluation criteria -- standardised descriptions of security measures. Common Criteria (CC) is the current global standard for evaluations. Firewall security attributes are described in a Protection Profile (PP) that defines an implementation-independent set of security requirements and objectives for a category of products or systems that meet similar consumers needs for IT security. Our project set out to produce a summary of security issues for an Application-Level Firewall Protection Profile (PP) for a High Robustness Environment. We started our work with the Basic-Level Firewall PP, the Medium-Level Firewall PP and the High-Level Mail Guard PP. The two firewall PPs and the Mail Guard PP are compared to give an insight into what the issues concerning the High-Level Firewall PP are. This High-Level Firewall PP is then discussed in terms of its major principles.

Biometric Authentication Systems

by Zdenìk Øíha, Václav Matyá¹, November 2000, 44 pages.

FIMU-RS-2000-08. Available as Postscript, PDF.


Biometrics is the name of a security hype these days. Although biometrics are not completely new, they are becoming more and more popular nowadays. The first part of the technical report explains the principle of biometric systems and describes various biometric techniques. In the second part security issues of biometric systems are discussed.