Research Interests

I am primarily interested in all aspects of security in distributed systems. I have been working on applying cryptographic techniques in building secure protocols to solve various problems in distributed systems. Recently, I have also been investigating the use of Trusted Computing technologies for securing endnodes, and ways to make secure systems usable.

Recent talks

Usable Mobile Security [slides (version of February 2012)]
Intuitive security policy configuration in mobile devices using context profiling [slides (version of February 2012)]
A Perspective on the Evolution of Mobile Platform Security Architectures [slides (version of March 2011)]
Intuitive and Sensible Access Control [slides (updated: Jan 2010)]
On-board Credentials with Open Provisioning [slides (updated: Aug 2010)]
Initializing Security Associations for Personal Devices
Phishing and Mobile Phones

List of publications

Disclaimer

The documents distributed from this page have been provided as a means to ensure timely dissemination of scholarly and technical work on a noncommercial basis. Copyright and all rights therein are maintained by the authors or by other copyright holders, notwithstanding that they have offered their works here electronically. It is understood that all persons copying this information will adhere to the terms and constraints invoked by each author's copyright. These works may not be reposted without the explicit permission of the copyright holder.
Authenticated encryption primitives for size-constrained trusted computing (with Jan-Erik Ekberg and Alexandra Afanasyeva)
Is this App Safe? A Large Scale Study on Application Permissions and Risk Signals (with Pern Hui Chia and Yusuke Yamamoto)
ACM DL Author-ize serviceIdentity verification schemes for public transport ticketing with NFC phones
Sandeep Tamrakar, Jan-Erik Ekberg, N. Asokan
STC '11 Proceedings of the sixth ACM workshop on Scalable trusted computing, 2011
ACM DL Author-ize serviceCredential life cycle management in open credential platforms (short paper)
Kari Kostiainen, N. Asokan
STC '11 Proceedings of the sixth ACM workshop on Scalable trusted computing, 2011
Practical Property-Based Attestation on Mobile Devices. (with Kari Kostiainen and Jan-Erik Ekberg)
Towards User-Friendly Credential Transfer on Open Credential Platforms (with Kari Kostiainen and Alexandra Afanasyeva)
Using context-profiling to aid access control decisions in mobile devices (with Aditi Gupta and Markus Miettinen)
Vibrate-to-unlock: Mobile phone assisted user authentication to multiple personal RFID tags (with Nitesh Saxena et al.)
ACM DL Author-ize serviceOld, new, borrowed, blue --: a perspective on the evolution of mobile platform security architectures
Kari Kostiainen, Elena Reshetova, Jan-Erik Ekberg, N. Asokan
CODASPY '11 Proceedings of the first ACM conference on Data and application security and privacy, 2011
ACM DL Author-ize serviceTowards security policy decisions based on context profiling
Markus Miettinen, N. Asokan
AISec '10 Proceedings of the 3rd ACM workshop on Artificial intelligence and security, 2010
ACM DL Author-ize serviceA closer look at recognition-based graphical passwords on mobile devices
Paul Dunphy, Andreas P. Heiner, N. Asokan
SOUPS '10 Proceedings of the Sixth Symposium on Usable Privacy and Security, 2010
Key Attestation from Trusted Execution Environments (with Kari Kostiainen, Alexandra Dmitrienko, Jan-Erik Ekberg and Ahmad-Reza Sadeghi)
Security associations for wireless devices (with Kaisa Nyberg)
  • In Stefanos Gritzalis, Tom Karygiannis, and Charalabos Skianis, editors, Security and Privacy in Mobile and Wireless Networking. Troubador Publishing Ltd, Leicester, UK, 2009. (pre-print at Aalto publications site)
External Authenticated Non-Volatile Memory with Lifecycle Management for State Protection in Trusted Computing (with Jan-Erik Ekberg)
Controlling Resource Hogs in Delay-Tolerant Networks (with John Solis, Kari Kostiainen, Philip Ginzboorg and Jörg Ott)
ACM DL Author-ize serviceOn-board credentials with open provisioning
Kari Kostiainen, Jan-Erik Ekberg, N. Asokan, Aarne Rantala
ASIACCS '09 Proceedings of the 4th International Symposium on Information, Computer, and Communications Security, 2009
Standards for security associations in personal networks: a comparative analysis (with Jani Suomalainen and Jukka Valkonen)
  • Interational Journal of Security in Networks 4(1/2): 87-100, 2009 (DOI bookmark)
ACM DL Author-ize serviceScheduling execution of credentials in constrained secure environments
Jan-Erik Ekberg, N. Asokan, Kari Kostiainen, Aarne Rantala
STC '08 Proceedings of the 3rd ACM workshop on Scalable trusted computing, 2008
Using Salience Differentials to Making Visual Cues Noticeable (with Andreas Heiner)
ACM DL Author-ize serviceSecure roaming with identity metasystems
Long Nguyen Hoang, Pekka Laitinen, N. Asokan
IDtrust '08 Proceedings of the 7th symposium on Identity and trust on the Internet, 2008
A Platform for OnBoard Credentials (with Jan-Erik Ekberg)
ACM DL Author-ize serviceBeyond secure channels
Yacine Gasmi, Ahmad-Reza Sadeghi, Patrick Stewin, Martin Unger, N. Asokan
STC '07 Proceedings of the 2007 ACM workshop on Scalable trusted computing, 2007
Enabling Fairer Digital Rights Management with Trusted Computing (with Ahmad-Reza Sadeghi, Christian Stüble, Marko Wolf and Jan-Erik Ekberg)
ACM DL Author-ize serviceSecure software installation in a mobile environment
Andreas P. Heiner, N. Asokan
SOUPS '07 Proceedings of the 3rd symposium on Usable privacy and security, 2007
ACM DL Author-ize serviceApplicability of identity-based cryptography for disruption-tolerant networking
N. Asokan, Kari Kostiainen, Philip Ginzboorg, Jörg Ott, Cheng Luo
MobiOpp '07 Proceedings of the 1st international MobiSys workshop on Mobile opportunistic networking, 2007
Security Associations in Personal Networks: A Comparative Analysis (with Jani Suomalainen and Jukka Valkonen)
Usability Analysis of Secure Pairing Methods (with Ersin Uzun and Kristiina Karvonen)
Ad Hoc Security Associations for Groups (with Jukka Valkonen and Kaisa Nyberg)
  • In the Proceedings of the Third European Workshop on Security and Privacy in Ad hoc and Sensor Networks, Hamburg, Germany, September 2006. Volume 4357 of Lecture Notes in Computer Science, Springer. (available in Springerlink.)
Secure Device Pairing based on a Visual Channel (with Nitesh Saxena, Jan-Erik Ekberg and Kari Kostiainen)
Efficient Mutual Data Authentication Using Manually Authenticated Strings (with Sven Laur and Kaisa Nyberg)
Remote storage for mobile devices (with Jarkko Tolvanen, Jaakko Lipasti and Tapio Suihko)
Visitor management in Personal wireless networks (with Seamus Moloney, Philip Ginzboorg, and Kari Kostiainen)

Extending Cellular Authentication as a Service (with Pekka Laitinen et al.)
Issues in Initializing Security
On the usefulness of proof-of-possession (with Valtteri Niemi and Pekka Laitinen)
Man-in-the-middle in tunneled authentication protocols (with Kaisa Nyberg and Valtteri Niemi)
Defining authorization domains using virtual devices (with Sampo Sovio and Kaisa Nyberg)
  • In the Proceedings of the 2003 Symposium on Applications and the Internet Workshops (SAINT'03 Workshops), 2003. Available at IEEExplore
ACM DL Author-ize serviceSecuring ad hoc routing protocols
Manel Guerrero Zapata, N. Asokan
WiSE '02 Proceedings of the 1st ACM workshop on Wireless security, 2002
Secure Vickrey Auctions without Threshold Trust. (with Helger Lipmaa and Valtteri Niemi).
  • In Financial Cryptography 2002, Lecture Notes in Computer Science, Volume 2357, pages 87-101, 2002. Springer-Verlag.
Authentication and key generation for mobile IP using GSM authentication and roaming (with Henry Haverinen and Tuomas Määttänen)
  • In Proceedings of the 2001 IEEE International Conference on Communications (ICC 2001), Helsinki, Finland. Pages 2453-2457, vol. 8. Available at IEEExplore
SEMPER - Secure Electronic Marketplace for Europe (edited by Gerard Lacoste et al), Springer, Lecture Notes in Computer Science 1854, 2000
  • Architecture -- Chapter 6 (with Birgit Baum-Waidner et al)
  • The Payment Framework -- Chapter 11 (with Michael Steiner)
Key Agreement in Ad-hoc Networks (with Philip Ginzboorg)
  • in Computer Communications Review, 23(17):1627-1637, November 2000. (DOI Bookmark)
  • A preliminary version was presented at the Nordsec '99 workshop in Nov. 1999. But there is no formal proceedings.
Authenticating Public Terminals (with Michael Steiner, Hervé Debar, and Michael Waidner)
  • Computer Networks and ISDN Systems, 31(8):861-870, May 1999. (DOI Bookmark)
Towards a Framework for Handling Disputes in Payment Systems (with Michael Steiner and Els van Herreweghen)
Protecting the Computation Results of Free-roaming Agents (with Ceki Gülcü and Günter Karjoth)
  • Proceedings of the Second International Workshop on Mobile Agents (MA '98), LNCS 1477, pp. 195-207, Sep. 1998. (DOI Bookmark)
  • Personal Technologies, 2(2):92-99, Dec. 1998. (DOI Bookmark)
Fairness in Electronic Commerce

More on Optimistic Fair Exchange (with Victor Shoup and Michael Waidner)
  • A detailed report, Optimistic Fair Exchange of Digital Signatures, describing the use of verifiable encryption in fair exchange protocols is available as IBM Research Report RZ 2973, Nov. 1997. An extended abstract with the same title appears in the proceedings of Eurocrypt '98. LNCS 1403, pp. 591-606.
  • A detailed report, Asynchronous Protocols for Optimistic Fair Exchange, describing an improved fair exchange protocol is available as IBM Research Report RZ 2976, Nov. 1997. An extended abstract with the same title appears in the Proceedings of the 1998 IEEE Symposium on Security and Privacy, pp. 86-99 (DOI Bookmark).
  • The jounal version appeared in the IEEE Journal on Selected Areas in Communications, 18(4):593-610, April 2000 (DOI Bookmark). The pre-print version is here.
Design of a Generic Payment Service (with Jose Abad-Peiro, Michael Steiner, and Michael Waidner)
Electronic Payment Systems (with Phil Janson, Michael Steiner, and Michael Waidner)
  • IBM Research Report RZ 2890, Dec. 1996.
  • An edited version appeared in the IEEE Computer Magazine, Sep. 1997, 30(9):28-35.
  • A Japanese translation appeared in Nikkei Computer, pp. 195-201, issue of March 30, 1998.
  • An updated version appeared as a chapter in volume 53 of the series Advances in Computers published in 2000. (this is the final version submitted for publication.)
ACM DL Author-ize serviceOptimistic protocols for fair exchange
N. Asokan, Matthias Schunter, Michael Waidner
CCS '97 Proceedings of the 4th ACM conference on Computer and communications security, 1997
Server-Supported Signatures (with Gene Tsudik and Michael Waidner)
  • Proceedings of the Fourth European Symposium on Research in Computer Security (ESORICS), LNCS 1146, pp. 131-143. Springer-Verlag, Sep. 1996. (DOI Bookmark)
  • A slightly extended version appeared in the Journal of Computer Security, 5(1), pp 91-108, 1997.
ACM DL Author-ize serviceUntraceability in mobile networks
Didier Samfat, Refik Molva, N. Asokan
MobiCom '95 Proceedings of the 1st annual international conference on Mobile computing and networking, 1995
Security Issues in Mobile Computing
  • CS 690B - Research Proposal, April 1995.
Anonymity in a Mobile Computing Environment
  • Proceedings of the Workshop on Mobile Computing Systems and Applications, Santa Cruz, Dec. 1994. (DOI Bookmark)

In a previous life...

Parallel Algorithms for Constructing the Convex Hull in 2-Dimensions.
  • Term Paper for the Computational Geometry course, Summer 1990 (for Prof. Anna Lubiw).
A Neural Network Simulator for the Connection Machine. (with Ravi Shankar et al)
A Parallel Free-text Search System with Indexing. (with Ophir Frieder and Sanjay Ranka)
A Parallel Implementation of the Hough Transform Method. (with Ravi Shankar)
  • Term Paper for the Parallel Programming course, Fall 1988 (for Prof. E. E. Sibert).
  • Proceedings of the 32nd Midwest Symposium on Circuits and Systems, Page(s): 321 -324 vol.1, Urbana-Champaign, August 1989. (DOI Bookmark)
godaddy stats
Last modified: Tue May 1 13:17:44 EEST 2012
N. Asokan http://member.acm.org/~asokan

gif with e-mail address