Dear all,

 

I have submitted a paper to SP2I’21 (ARES’21) and it was accepted. It acknowledges the SPARTA project.

 

Title: A Formal Analysis of EnOcean's Teach-in and Authentication

 

Author: Katharina Hofer-Schmitz

 

Abstract: The security of protocols and the absence of design-related weaknesses and vulnerabilities is crucial for the prevention of cyber attacks. This paper provides the first formal model for EnOcean, an IoT protocol widely used in home automation systems. Based on EnOcean's security specification a formal model of its teach-in and high security authentication is created in the applied pi calculus. In an automated security analysis with the security protocol model checker ProVerif several security requirements are checked. While the analysis shows that all the secrecy statements can be verified, it identifies some weaknesses for the authentication. Based on an analysis of the potential attacks, we suggest a provable fix for the detected attacks.

 

Best regards,

Katharina Hofer-Schmitz

 

 

Dipl.-Ing. Dr. Katharina Hofer-Schmitz
Senior Researcher – Cyber Security & Defence

 

JOANNEUM RESEARCH Forschungsgesellschaft mbH

DIGITAL – Institute for Information and Communication Technologies

Steyrergasse 17, 8010 Graz, Austria

 

phone: +43 316 876-5702

E-Mail: katharina.hofer-schmitz@joanneum.at

 

Headquarters: JOANNEUM RESEARCH Forschungsgesellschaft mbH, Leonhardstrasse 59, 8010 Graz, Austria

Company register: FN 48282 d Landesgericht für Zivilrechtssachen Graz ¦ VAT number: ATU28781306 ¦ www.joanneum.at/en

Data Protection: www.joanneum.at/en/joanneum/imprint/dataprotection