Sentinels was pioneer’s work

3 August 2012

From mobile phones and RFID chips to large-scale company networks: with his sentinels research at Eindhoven University of Technology and the University of Twente and with his spin-off company SecurityMatters, professor Sandro Etalle Briggs focuses on security in a wide range of digital environments. From theoretical to very practical: ‘Because such a variety is both enjoyable and instructive.’

Professor of computer security Sandro Etalle has his finger in many pies. Within the Sentinels programme alone he is involved in 5 of the 18 projects. In the project PEARL, Etalle and his group investigated RFID chips. ‘These still pose a lot of challenges for security experts. Certain fundamental questions have not yet been answered. Two important aspects we examined in the theory group at Eindhoven are anonymity and unlinkability. You must to be able to guarantee users that an attacker cannot discover where you have been and when. We asked ourselves what exactly was needed to define these requirements.’

Prof. Sandro Etalle, project leader van MobileIDMen PEARL and involved in IPID, S-Mobile and VRIEND  

Although it seems logical to start with such a question, in practice the sequence is often different, says Etalle. ‘Usually a protocol is made first and only then it is qualified to what extent the protocol can guarantee certain requirements. It should of course be the other way round. But that is only possible if you have a clear idea about the exact content of the terms and which requirements you must pose for such protocols. There is too little expertise in these definitions at present.’

Three areas

PEARL, however, extends far beyond Eindhoven and is not only concerned with theory says Etalle. ‘Together with colleagues from Delft and Nijmegen we have achieved results in three areas. We have developed algorithms that can determine how sensitive a RFID architecture is for attacks. Subsequently we drew up new algorithms to resist those attacks. And finally, we have demonstrated that existing theories about anonymity and unlinkability do not contradict each other; instead they compliment each other.’

RFID chips are increasingly becoming part and parcel of everyday life. It is expected that they will ultimately replace barcodes. That imposes high demands on their security. ‘You want to be able to make these chips secure in different ways. If somebody reads such a chip, he must not be able to see what has happened with it before. And he must not be able to discover which keys will be used in future to code the data. We refer to this as backward and forward privacy: the user’s data must be rendered safe in the past as well as in the future.’

Door ajar

In the project S-Mobile small mobile devices were also the subject of study. ‘Nowadays everybody walks around with small devices in their pocket that can be used to download programs. These devices have an open connection with the outside world, but usually they also contain data that the user would prefer to keep secret. Examples are contacts on your smartphone, log-in details for banking sites, but also the content of previously sent text or whatsapp messages. Some of these programs had to use confidential information, for example a telephone number from your contact list, but they must not be able to spread this information further. That is a difficult problem. If you could completely lock the door to that information then it would not be so difficult, and if the door is completely open it is not a problem either. But keeping the door ajar... then you need a good security mechanism which knows exactly who may enter and who may not. We worked on developing such a system.’

In Eindhoven we mainly work on the theoretical foundations of such problems, says Etalle. ‘For example, we think about questions like "What is leakage?" Initially, in the case of a phone, you think of the transmission of phone numbers, but that does not have to happen so literally. Information is sometimes sent from which such a phone number can easily be derived. But that is a lot more difficult to detect because what exactly do you look for? We are developing techniques to detect and seal such leaks.’ S-Mobile has achieved has achieved its first breakthrough says the professor from Eindhoven. ‘ We are the first to have successfully allowed a small bit of derived information with access rights for the user. He himself can indicate if a program may transmit certain derived information.’

Etalle warns against unrealistic expectations for this category of solutions. ‘You must remember that we are working at a theoretically deeper level and we are not delivering ready-made solutions for industry. That is not usually our task as a university. We deliver a proof-of-concept and industry must then develop this further.’

From idea to start-up

However, that was not the case for the Sentinels project IPID, which Etalle was also involved in. That research led not just to the development of a product but also to a highly successful start-up. ‘Within IPID we are searching for an experimental solution for attacks on company networks. Therefore in this case we do real tests in practice.’

SecurityMatters was set up as a spin-off from the University of Twente by Sandro Etalle and the IPID and VRIEND PhD students Damiano Bolzoni and Emmanuele Zambon. This company has developed a system to detect attacks on network protocols. As this is based on abnormal behaviour of the network in question, it can also recognise completely new zero-day attacks.

‘The company is doing really well. We have now completed the design and development of the first products and we already have our first clients. It is a healthy company, a start-up with huge potential.’ Etalle explains that success: ‘We are tackling a universal problem for which we have a completely new solution. I see it as a beautiful success story of the Dutch approach to financing. The Sentinels project IPID laid the foundations. Two brilliant PhD students have given it a first push forwards and the collaboration with industry via the user committee has helped us further along the way. The support from Technology Foundation STW in the form of the Valorisation Grant was crucial for getting us through that phase of marketing studies, product development et cetera.’

Etalle is not easy to pin down. From pure theoretical academic to entrepreneur in his own company, interested in everything between RFID chips and complete networks... ‘This variety of subjects and different approaches keeps you focused. And everything complements each other. A project such as S-Mobile will not lead to a spin-off that easily. It has too fundamental a focus. However, we must never discard those fundaments as they are the source of the really big innovations. In the end IPID yielded highly practical solutions more or less by accident.’
Etalle is optimistic about the future. ‘I consider the Cyber Security research programme to be an excellent successor to Sentinels. When Sentinels started it was still pioneering work. As a result of Sentinels a community has developed and all of the Dutch researchers in this area know each other. New professorships have been created and we have now built up an international reputation. Society is demanding solutions for security problems and we are ready to tackle these.’


Photo: Sjoerd van der Hucht Fotografie
Text: Sonja Knols, IngenieuSe
Translation: NST