Adrian Perrig

Adrian Perrig

Adjunct Faculty

Office: 2107 Collaborative Innovation Center

Email: adrian@andrew.cmu.edu

Phone: (412) 268-2242

My research interest is in computer security, and my current research focuses on network security, in particular security for mobile environments, sensor networks and broadcast networks.

Mobile computing is rapidly expanding. Most travelers today are equipped with cell phones, PDAs, and other gadgets. New security research challenges arise in such an environment. I am particularly interested in the following research challenges:

  • In an open network where anybody can join and communicate, how can we set up trust and securely distribute cryptographic keys? An attacker could easily perform a denial-of-service attack by claiming multiple identities and consuming large amounts of network resources. Can we prevent such attacks?
  • Secure location-based services. Mobile devices can provide a wealth of useful services when the devices know their locations, e.g., emergency services, location-based todo lists, or resource-tracking systems. If ill-designed, such features come at the price of privacy erosion, unauthorized access, location spoofing, and denial-of-service attacks. What are the required security properties, and how do we design a secure location system?
  • Design secure and efficient medium access control protocols for wireless communication. The insecurity of the 802.11 medium access control protocol hampers its adoption. The protocol is also relatively inefficient. Can we design a secure and highly efficient wireless link-layer protocol?
  • Design a secure ad hoc network routing protocol. Even if some network nodes are compromised by an attacker, the remaining nodes can engage in a reliable and robust routing protocol.

Sensor networks are beginning to be widely deployed. We envision a future where thousands to millions of small sensors form self-organizing wireless networks, providing useful services such as emergency response systems, energy management, logistics and inventory management. Security is necessary to make such applications reliable and trustworthy. Sensor nodes are severely resource constrained, with limited processing power, storage, bandwidth, and battery energy. They will be deployed in a hostile environment, but to keep costs low, they are not equipped with tamper-proof hardware. These constraints present new challenges for security solutions. I will work on the following challenging problems:

  • Secure and efficient key distribution in a sensor network. Such a system needs to be robust to key compromise, such that a single compromised sensor node does not result in a total network compromise.
  • Secure data aggregation. Even is some sensors are compromised, we can extract useful information from the sensor network.
  • Secure and efficient routing and flooding. Due to unreliable communication and the hidden terminal problem, reliably flooding the sensor network with a message is a challenge. Due to the resource-starved sensors, routing is also challenging. Designing secure and reliable algorithms for routing and flooding is even more challenging.

Broadcast is an important mechanism for large scale information dissemination, in satellite-based communications, wireless networks, and the Internet. Security is central for broadcast applications: (1) data injection or message spoofing is easy in many broadcast networks, so the receivers need to verify the authenticity of messages they receive; (2) anybody can receive broadcast packets, so applications require technologies to restrict access to content to legitimate receivers. I will continue to work on the following problems:

  • Scalable and efficient key distribution for large networks.
  • Secure membership management protocols, such as secure multicast join protocols, or secure membership counting protocols.