Since 2002 the Information Security Group Smart Card Centre has been conducting pioneering research in the fields of smart cards tokens security and applications. This has resulted in more than 160 papers in international conferences and journals and two books published by Springer.
However, the SCC is naturally involved in number of research areas touching the boundaries of embedded systems, mobile devices and Internet of Things (IoTs). A snapshot of our research activities can be obtain from our list of publications but also from the following list.
We have been conducting research on smart card protocols, applications and associated security issues since the very early days of the SCC. In this research thread we examined various payment protocols based on smart cards, algorithms for SIMs on mobile phones, all the way to
providing countermeasures for side channel attacks on smart card microprocessors. Additionally, we also looked into secure application on Java card runtime environments.
We have been working on a number of very exciting challenges in embedded devices. For example, some of the areas that have been working on are control flow verification and verifying the integrity of executed instructions through power consumption. We are also looking into how to protect runtime data and verified instruction interpretation.
Every day, security researchers discover new (critical) vulnerabilities on IoT devices. Our current research goals entail understand the risks posed by IoT devices and propose novel research solutions to protect them. We are particularly interested in discovering vulnerabilities in smart-home devices, such as smart light-bulbs, smart-cameras (IP cameras, CCTVS, DVRs), smart electronic locks, baby monitors and the likes.
Avionics – Drone Security
We have been working with other industrial partners on enhancing the security provisions of non-flight control wireless sensors and management systems. We have also established a very active research thread of work on drone security, along with colleagues from France.
We have be examining the security of in-vehicle sensors and communication protocols. We have also provided enhancements on firmware update protocols.
We have also been examining how intrinsic functionality of cyber physical systems can be used in order to enhance the overall platform security and in order to withstand a specific range of attacks.
RFIDs, Mobile phone security and Near Field Communications
We have conducted extensive research on low cost authentication protocols, supply chain and RFIDs, and grouping proofs for RFID tokens. We are currently investigating the issues, interactions and performance of HCE implementations in relation to payment and transport applications.
We have long-standing research thread on EMV security and decentralized payment systems. We have also worked on tokenization and fair exchange protocols in relation to anonymity and accountability.
Among others, we have looked into relay attacks using NFC and proposed relevant countermeasures. Furthermore, we have also examined countermeasures for repackaged applications. More recently we have also been examining the security relevance of ambient sensors in mobile devices.
These are some indicative areas of research work. If you require further information on our most recent research challenges with the aim of establishing funding and research collaborations please do contact us.