DOCSLIB.ORG

Optical PUF for Non-Forwardable Vehicle Authentication

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Optical PUF for Non-Forwardable Vehicle Authentication Computer Communications 93 (2016) 52–67 Contents lists available at ScienceDirect Computer Communications journal homepage: www.elsevier.com/locate/comcom R Optical PUF for Non-Forwardable Vehicle Authentication ∗ Shlomi Dolev a,1, Łukasz Krzywiecki b,2, Nisha Panwar a, , Michael Segal c a Department of Computer Science, Ben-Gurion University of the Negev, Israel b Department of Computer Science, Wrocław University of Technology, Poland c Department of Communication Systems Engineering, Ben-Gurion University of the Negev, Israel a r t i c l e i n f o a b s t r a c t Article history: Modern vehicles are configured to exchange warning messages through IEEE 1609 Dedicated Short Range Available online 1 June 2016 Communication over IEEE 802.11p Wireless Access in Vehicular Environment. Essentially, these warning messages must associate an authentication factor such that the verifier authenticates the message origin Keywords: Authentication via visual binding. Interestingly, the existing vehicle communication incorporates the message forward- Certificate ability as a requested feature for numerous applications. On the contrary, a secure vehicular communica- Wireless radio channel tion relies on a message authentication with respect to the sender identity. Currently, the vehicle security Optical channel infrastructure is vulnerable to message forwarding in a way that allows an incorrect visual binding with Challenge response pairs the malicious vehicle, i.e., messages seem to originate from a malicious vehicle due to non-detectable Verification message relaying instead of the actual message sender. We introduce the non-forwardable authentication to avoid an adversary coalition attack scenario. These messages should be identifiable with respect to the immediate sender at every hop. According to a coalition attack scenario, the group of adversaries in coalition adopt the fabricated attributes of a target vehicle and resembles it to be alike. The adversaries in coalition then reroute the eavesdropped messages in order to impersonate the target vehicle. We propose to utilize immediate optical response verification in association with the authenticated key exchange over radio channel. These optical response are generated through hardware means, i.e., a certified Physically Unclonable Function device embedded on the front and rear of the vehicle. To the best of our knowl- edge, this is the first work proposing a solution based on physically unclonable function for a secure non-forwardable vehicle to vehicle authentication. In addition a formal correctness sketch is derived using Strand Space methodology. ©2016 Elsevier B.V. All rights reserved. 1. Introduction Furthermore, vehicles are customized to predict a crash event ahead of time through ultrasonic and infrared radars, detection Vehicle networks [21,24,50] provide safe and efficient maneu- vs ranging optical-sensors, and a night vision camera [59] . A de- vering among the vehicles and across the road. Smart vehicles are centralized multi-channel communication [80] is standardized in equipped with wireless radio devices and comply with the Ded- IEEE 1609.4 [8] . Our protocol is secure to create an information icated Short Range Communication (DSRC) IEEE 1609 [1,9] and rich map of the surrounding vehicles and correspondingly attribute Wireless Access in Vehicular Environment (WAVE) 802.11p [61] . these messages (arriving through the radio) to the correct vehicle in the map. Such an up-to-date map would assist in real-time deci- sion making, e.g., accelerating, decelerating, or lane changing. Once R A preliminary version of this paper has appeared in proceedings of the 14th the vehicle has established a secure session with a near-by vehicle IEEE International Symposium on Network Computing and Applications (IEEE NCA) the map can be updated using the information received over the 2015 [14] . radio channel, thereby, attributing the responsibility of any mal- ∗ Corresponding author. functioning. E-mail addresses: [email protected] (S. Dolev), [email protected] (Ł. Krzywiecki), [email protected] (N. Panwar), [email protected] (M. Segal). Wireless radio communication is widely supported by the 1 Partially supported by the Lynne and William Frankel Center for Computer Sci- portable user devices. There exists a sufficient number of Authen- ences, Rita Altura Trust Chair in Computer Sciences, Ben-Gurion University of the ticated Key Exchange (AKE) protocols for a secure wireless com- Negev and Israel Science Foundation (Grant Number 428/11); the Israeli-Italian Sci- munication. Interestingly, the majority of these AKE protocols are entific & Technological Cooperation grant; the Israel-Taiwan Scientific Research Co- implemented over the radio channel for identifying a valid public operation grant and Israel Prime Minister Office, BGU Cyber Center. key holder and establishing a session key. However, these ap- 2 The research was financed by the Polish National Science Centre decision (DEC- 2013/08/M/ST6/00928), project HARMONIA. proaches do not suffice for a more sophisticated form of a coalition http://dx.doi.org/10.1016/j.comcom.2016.05.016 0140-3664/© 2016 Elsevier B.V. All rights reserved. S. Dolev et al. / Computer Communications 93 (2016) 52–67 53 attack. In order to avoid such attacks a correct mapping to the ac- ing vehicle attributes and public key) are actually far away from tual vehicle in secret session is necessary. Subsequently, a location- the communication range still connected through an adversary information rich map can provide a precise identification of the coalition channel. The term adversary coalition denotes the fact original source. Recently, authors in [62] have presented a far prox- that adversary is allowed to forward and re-route messages to- imity identification approach by measuring overall multipath prop- wards a second adversary via separate channel. Interestingly, the agation effect, although it estimates that a specific target is at least static [13] and dynamic attribute [11,15] based authentication is not a certain distance away (conceptually quite opposite to the exist- sufficient to avoid the coalition attack scenario. ing distance bounding protocols [6] ); however, the source of sig- Evidently, a non-forwardable authentication property must be nal origination is still unidentifiable and seems to comply with the augmented to expand more upfront schemes based on static and certified credentials. In particular, the dispersed nature of the ra- dynamic attributes. Specifically, the technique should prevent the dio signals might impose an incorrect binding between the ses- verifier to visually misidentify the attacker (that only forwards sion messages and the actual source of the message. Our scheme messages) with the original authenticator (that actually produced promises a correct binding between the session messages (over a the authentication messages). wireless radio channel) and correspondingly identifiable source of Apparently, some ad-hoc solutions such as timing analysis, ra- the message (certified attribute holder). dio fingerprinting, regular mirror and holographic mirror identifi- We utilize the (inherently) directed nature of optical channel cation, potentially seems to immune against the coalition attack to produce optical fingerprints in association with a secure radio scenario. We further elaborate these solutions with respect to the channel. Optical communication (or an equivalent technology for a inapplicability against a coalition attack scenario. It must be no- clear geographic mapping and to identify communicating vehicle ticed that the coalition attack is unavoidable within the existing monolithically-coupled with the information received) is an im- state of vehicle to vehicle security standards IEEE 1609.2 [2] . In- portant ingredient in our proposed scheme. The directed nature terestingly, neither the wireless radio nor the optical communica- of the optical communication channel eliminates the possibility of tion channel, individually is enough to provide a complete solu- an adversary, present in the line of sight between mutually au- tion against the coalition attack scenario. We require a dynamic thenticated vehicles. However, the optical communication or di- scheme for immediate commitment verification that would not re- rected microwaves alone are not sufficient and requires additional main static for a long time. Our goal is to couple the communi- assumptions to enable the existing DSRC IEEE 1609.2 [2] infrastruc- cating vehicles within the scope of multiple channels such as an ture immune against a coalition attack, as presented in this paper. optical and radio channel. An optical channel is essential during Vehicles authenticate a peer vehicle over radio channel to be the the authentication phase and the radio channel resumes beyond same vehicle as visually identified over the optical channel. Our the authentication phase for the authenticated message exchange. Physically Unclonable Function (PUF) based solution can withstand Optical PUF assisted unforgeable fingerprints provide a robust vehi- more sophisticated adversarial coalition attacks than in previous cle identification. The proposed authentication approach utilizes a works [11–13,15] . non-forwardable fingerprint from the peer vehicle. A PUF [41] de- We propose to achieve a secure binding property with respect to vice is used to produce these output responses and a supplemen- vehicles and corresponding communication channels. Essentially, tary optical communication is used to convey PUF input
Load more

Recommended publications
  • Edsger Dijkstra: the Man Who Carried Computer Science on His Shoulders
    INFERENCE / Vol. 5, No. 3 Edsger Dijkstra The Man Who Carried Computer Science on His Shoulders Krzysztof Apt s it turned out, the train I had taken from dsger dijkstra was born in Rotterdam in 1930. Nijmegen to Eindhoven arrived late. To make He described his father, at one time the president matters worse, I was then unable to find the right of the Dutch Chemical Society, as “an excellent Aoffice in the university building. When I eventually arrived Echemist,” and his mother as “a brilliant mathematician for my appointment, I was more than half an hour behind who had no job.”1 In 1948, Dijkstra achieved remarkable schedule. The professor completely ignored my profuse results when he completed secondary school at the famous apologies and proceeded to take a full hour for the meet- Erasmiaans Gymnasium in Rotterdam. His school diploma ing. It was the first time I met Edsger Wybe Dijkstra. shows that he earned the highest possible grade in no less At the time of our meeting in 1975, Dijkstra was 45 than six out of thirteen subjects. He then enrolled at the years old. The most prestigious award in computer sci- University of Leiden to study physics. ence, the ACM Turing Award, had been conferred on In September 1951, Dijkstra’s father suggested he attend him three years earlier. Almost twenty years his junior, I a three-week course on programming in Cambridge. It knew very little about the field—I had only learned what turned out to be an idea with far-reaching consequences. a flowchart was a couple of weeks earlier.
    [Show full text]
  • Resource Bounds for Self-Stabilizing Message Driven Protocols
    RESOURCE BOUNDS FOR SELF-STABILIZING MESSAGE DRIVEN PROTOCOLS SHLOMI DOLEV¤, AMOS ISRAELIy , AND SHLOMO MORANz Abstract. Self-stabilizing message driven protocols are defined and discussed. The class weak- exclusion that contains many natural tasks such as `-exclusion and token-passing is defined, and it is shown that in any execution of any self-stabilizing protocol for a task in this class, the configuration size must grow at least in a logarithmic rate. This last lower bound is valid even if the system is supported by a time-out mechanism that prevents communication deadlocks. Then we present three self-stabilizing message driven protocols for token-passing. The rate of growth of configuration size for all three protocols matches the aforementioned lower bound. Our protocols are presented for two processor systems but can be easily adapted to rings of arbitrary size. Our results have an interesting interpretation in terms of automata theory. Key words. self-stabilization, message passing, token-passing, shared-memory AMS subject classifications. 68M10, 68M15, 68Q10, 68Q20 1. Introduction. A distributed system is a set of state machines, called pro- cessors, which communicate either by shared variables or by message-passing. In the first case, the system is a shared memory system, in the second case the system is a message-passing system. A distributed system is self-stabilizing if it can be started in any possible global state. Once started, the system regains its consistency by itself, without any kind of an outside intervention. The self-stabilization property is very useful for systems in which processors may crash and then recover spontaneously in an arbitrary state.
    [Show full text]
  • Resource-Competitive Algorithms1 1 Introduction
    Resource-Competitive Algorithms1 Michael A. Bender Varsha Dani Department of Computer Science Department of Computer Science Stony Brook University University of New Mexico Stony Brook, NY, USA Albuquerque, NM, USA [email protected] [email protected] Jeremy T. Fineman Seth Gilbert Department of Computer Science Department of Computer Science Georgetown University National University of Singapore Washington, DC, USA Singapore [email protected] [email protected] Mahnush Movahedi Seth Pettie Department of Computer Science Electrical Eng. and Computer Science Dept. University of New Mexico University of Michigan Albuquerque, NM, USA Ann Arbor, MI, USA [email protected] [email protected] Jared Saia Maxwell Young Department of Computer Science Computer Science and Engineering Dept. University of New Mexico Mississippi State University Albuquerque, NM, USA Starkville, MS, USA [email protected] [email protected] Abstract The point of adversarial analysis is to model the worst-case performance of an algorithm. Un- fortunately, this analysis may not always reflect performance in practice because the adversarial assumption can be overly pessimistic. In such cases, several techniques have been developed to provide a more refined understanding of how an algorithm performs e.g., competitive analysis, parameterized analysis, and the theory of approximation algorithms. Here, we describe an analogous technique called resource competitiveness, tailored for dis- tributed systems. Often there is an operational cost for adversarial behavior arising from band- width usage, computational power, energy limitations, etc. Modeling this cost provides some notion of how much disruption the adversary can inflict on the system. In parameterizing by this cost, we can design an algorithm with the following guarantee: if the adversary pays T , then the additional cost of the algorithm is some function of T .
    [Show full text]
  • Cyber Security Cryptography and Machine Learning
    Lecture Notes in Computer Science 12716 Founding Editors Gerhard Goos Karlsruhe Institute of Technology, Karlsruhe, Germany Juris Hartmanis Cornell University, Ithaca, NY, USA Editorial Board Members Elisa Bertino Purdue University, West Lafayette, IN, USA Wen Gao Peking University, Beijing, China Bernhard Steffen TU Dortmund University, Dortmund, Germany Gerhard Woeginger RWTH Aachen, Aachen, Germany Moti Yung Columbia University, New York, NY, USA More information about this subseries at http://www.springer.com/series/7410 Shlomi Dolev · Oded Margalit · Benny Pinkas · Alexander Schwarzmann (Eds.) Cyber Security Cryptography and Machine Learning 5th International Symposium, CSCML 2021 Be’er Sheva, Israel, July 8–9, 2021 Proceedings Editors Shlomi Dolev Oded Margalit Ben-Gurion University of the Negev Ben-Gurion University of the Negev Be’er Sheva, Israel Be’er Sheva, Israel Benny Pinkas Alexander Schwarzmann Bar-Ilan University Augusta University Tel Aviv, Israel Augusta, GA, USA ISSN 0302-9743 ISSN 1611-3349 (electronic) Lecture Notes in Computer Science ISBN 978-3-030-78085-2 ISBN 978-3-030-78086-9 (eBook) https://doi.org/10.1007/978-3-030-78086-9 LNCS Sublibrary: SL4 – Security and Cryptology © Springer Nature Switzerland AG 2021 This work is subject to copyright. All rights are reserved by the Publisher, whether the whole or part of the material is concerned, specifically the rights of translation, reprinting, reuse of illustrations, recitation, broadcasting, reproduction on microfilms or in any other physical way, and transmission or information storage and retrieval, electronic adaptation, computer software, or by similar or dissimilar methodology now known or hereafter developed. The use of general descriptive names, registered names, trademarks, service marks, etc.
    [Show full text]
  • Dagstuhl-Seminar-Report
    Dagstuhl Seminar on Time Service Danny Dolev, Hebrew University R¨udiger Reischuk, Med. Universitdt zu L¨ubeck Fred B. Schneider, Cornell University H. Raymond Strong, IBM Almaden Research Schloß Dagstuhl, March 11. – March 15. 1996 Contents Introduction ................................................... ........ 3 Final Seminar Programme ............................................. 4 Abstracts of Presentation: David Mills: Precision Network Time Synchronization ................... 5 Keith Marzullo: Synchronizing Clocks and Reading Sensors .............. 5 John Rushby: Formal Verification of Clock Synchronization Algorithms .. 6 Ulrich Schmid: Interval-based Clock Synchronization..................... 7 Klaus Schossmaier: UTCSU - An ASIC for Supporting Clock Synchronization for Distributed Real-Time Systems ................................ 8 Wolfgang Halang: Time Services Based on Radio Transmitted Official UTC................................................... .......... 9 Christof Fetzer: Fail-Aware Clock Synchronization....................... 9 Paulo Verissimo: Cesium Spray: a Precise and Accurate Time Services on Large-Scaled Distributed Systems ............................. 10 Shlomi Dolev: Self-Stabilizing Clock Synchronization Algorithms ........ 10 Wolfgang Reisig: A Temporal Logic for “As Soon As Possible” ......... 11 Augusto Ciuffoletti: Self-Stabilization Issues in Clock Synchronization Algorithms ................................................... ... 11 Sergio Rajsbaum:Extending Causal Order with Real-Time Specifications and
    [Show full text]
  • Fast and Compact Distributed Verification and Self-Stabilization Of
    Fast and Compact Distributed Verification and Self-Stabilization of a DFS Tree Shay Kutten and Chhaya Trehan Faculty of Industrial Engineering and Management, Technion, Haifa, Israel [email protected], [email protected] Abstract. We present algorithms for distributed verification and silent- stabilization of a DFS(Depth First Search) spanning tree of a connected network. Computing and maintaining such a DFS tree is an important task, e.g., for constructing efficient routing schemes. Our algorithm im- proves upon previous work in various ways. Comparable previous work has space and time complexities of O(n log ∆) bits per node and O(nD) respectively, where ∆ is the highest degree of a node, n is the number of nodes and D is the diameter of the network. In contrast, our algo- rithm has a space complexity of O(log n) bits per node, which is optimal for silent-stabilizing spanning trees and runs in O(n) time. In addition, our solution is modular since it utilizes the distributed verification al- gorithm as an independent subtask of the overall solution. It is possible to use the verification algorithm as a stand alone task or as a subtask in another algorithm. To demonstrate the simplicity of constructing ef- ficient DFS algorithms using the modular approach, we also present a (non-silent) self-stabilizing DFS token circulation algorithm for general networks based on our silent-stabilizing DFS tree. The complexities of this token circulation algorithm are comparable to the known ones. Keywords: Fault Tolerance, Self-* Solutions, Silent-Stabilization, DFS, Spanning Trees 1 Introduction A clear separation is common between the notions of computing and verification in sequential systems.
    [Show full text]
  • SYSTOR 2007 IBM Haifa Systems & Storage Conference Virtualization
    IBM Haifa Leadership Seminar œ Call for Participation Keynote speakers: SYSTOR 2007 Willy Zwaenepoel, EPFL IBM Haifa Systems & Storage Conference Danny Dolev, HUJI Virtualization Workshop October 29, 2007 Organizing committee: Organized by the IBM Haifa Research Lab Erez Hadad, HRL The Systems Technologies and Services Department at IBM's Haifa Research Lab Muli Ben-Yehuda, HRL (HRL), in collaboration with the Technion - Israel Institute of Technology, cordially invite you to a full-day workshop on the subject of virtualization within the SYSTOR Eliezer Dekel, HRL 2007 conference. SYSTOR 2007 is the first high-quality refereed systems and storage Miriam Allalouf, HRL conference organized by IBM Haifa Labs, drawing upon the successful foundation of previous systems and storage seminars. The purpose of this conference is to forge Ben-Ami Yassour, HRL and nourish research and working relations within the academic and industrial Yaron Wolfsthal, HRL community in Israel and in the world, targeting researchers and practitioners alike. Dalit Naor, HRL The virtualization workshop in SYSTOR 2007 will present contemporary Assaf Schuster, Technion advancements in the field of systems virtualization and will feature two renowned keynote speakers: Danny Dolev from the Hebrew University of Jerusalem, Israel, Yitzhak (Tsahi) Birk, Technion and Willy Zwaenepoel from Lausanne Federal Institute of Technology (EPFL), Switzerland. Program committee: SYSTOR 2007 will be held on Monday and Tuesday, October 29-30, 2007, at the HRL site at the Haifa University campus from 09:15 to 17:15. The Virtualization Workshop Assaf Schuster, Technion will take place on the first day followed by the Storage: Market Trends and Future Yitzhak (Tsahi) Birk, Technion R&D Seminar for practitioners, organized by the IBM Haifa Storage Lab, on the second day.
    [Show full text]
  • Blindly Follow: SITS CRT and FHE for DCLSMPC of DUFSM (Preliminary Version)
    Blindly Follow: SITS CRT and FHE for DCLSMPC of DUFSM (Preliminary Version) Shlomi Dolev and Stav Doolman Department of Computer Science, Ben-Gurion University of the Negev, Israel Abstract. A Statistical Information Theoretic Secure (SITS) system utilizing the Chinese Remainder Theorem (CRT), coupled with Fully Ho- momorphic Encryption (FHE) for Distributed Communication-less Se- cure Multiparty Computation (DCLSMPC) of any Distributed Unknown Finite State Machine (DUFSM) is presented. Namely, secret shares of the input(s) and output(s) are passed to/from the computing parties, while there is no communication between them throughout the computation. We propose a novel approach of transition table representation and poly- nomial representation for arithmetic circuits evaluation, joined with a CRT secret sharing scheme and FHE to achieve SITS communication-less within computational secure execution of DUFSM. We address the severe limitation of FHE implementation over a single server to cope with a ma- licious or Byzantine server. We use several distributed memory-efficient solutions that are significantly better than the majority vote in replicated state machines, where each participant maintains an FHE replica. A Dis- tributed Unknown Finite State Machine (DUFSM) is achieved when the transition table is secret shared or when the (possible zero value) coeffi- cients of the polynomial are secret shared, implying communication-less SMPC of an unknown finite state machine. Keywords: Secure Multiparty Computation, Replicated State Machine, Chinese Remainder Theorem 1 Introduction The processing of encrypted information where the computation program is un- known is an important task that can be solved in a distributed fashion using communication among several participants, e.g., [14].
    [Show full text]
  • Why Future Supercomputing Requires Optics H
    commentary Why future supercomputing requires optics H. John Caulfi eld and Shlomi Dolev Could optical technology off er a solution to the heat generation and bandwidth limitations that the computing industry is starting to face? The benefi ts of energy-effi cient passive components, low crosstalk and parallel processing suggest that the answer may be yes. here are points in time at which a Matrix SLM well-known technology, which has been used and gradually improved Output vector T detector array for decades, reaches its physical limitations, forcing a shift towards dramatically diff erent technology. Automobiles, television, computers, photography and communication are all domains in Input vector which such shift s have occurred. Th e VCSEL array point at which these massive shift s in technology occur is oft en decades aft er the initial invention and oft en requires substantial investment. Th e time is fast approaching for such a shift in computer technology, as the frequency (bandwidth) limitations of silicon electronics and printed metallic tracks are reached. Th e computer industry has already acknowledged the situation by introducing multicore technology Lenses which implicitly recognizes the use of a distributed and parallel architecture to Lenses scale computer power. For decades, optics have proved to be the best means of conveying information from one point to another, as can clearly Figure 1 | The Stanford Vector Matrix Multiplier. The use of a parallel approach greatly improves be seen by the growth of the massive computing performance. VCSEL, vertical cavity surface emitting laser; SLM, spatial light modulator. Figure fi bre optics communications industry.
    [Show full text]
  • Towards In-Vivo Radio Transmitting Nanorobots
    Towards In-Vivo Radio Transmitting Nanorobots (Brief Summary) Shlomi Dolev and Ram Prasadh Narayanan Department of Computer Science, Ben-Gurion University of the Negev, Israel fdolev,[email protected] ABSTRACT are used in cantilever based NEM devices for sensing and radio tranceiving applications [5, 6]. An implementable design of a Nano Electro Mechani- cal (NEM) Carbon Nanotube (CNT) cantilever for com- munication in nanorobots is sketched in this brief sum- mary. Nano communication devices can provide future 2 NANORADIO AND PULSE nanorobots with the ability to communicate its status GENERATION to an outside entity as well as synchronize in a medium, to form an intelligent swarm. We develop a model which There has been a growing interest in the miniaturiza- can help to tune the cantilever, based on its geometry tion of devices, specifically for active and passive elec- and other properties, for the intended oscillation fre- tronic systems, including devices used for radio com- quency. Electrostatic actuation over CNT cantilever is munication. Conventional nano particles in medicine used to omit radio signal transmission. The electric- are basically used for targeted treatment, imaging, flo- ity can be harvested from the blood sugar. The design rescence agents, magnetic and thermal induced actu- is envisioned to be a part of an autonomous inorganic ation [7]. Recent advances in material research and nanorobot for medical purposes. fabrication techniques has paved the way for testing newer combinations and material geometry to improve Keywords: nano-electro-mechanical systems (nems), the effect of nanoparticle-based treatment techniques. actuator, cancer, energy harvesting, carbon-nanotube Recently, researchers fabricated tiny autonomous DNA (cnt) detector, tumor detection nanorobots to be used in sensing and targeted delivery of drugs [8, 9, 10].
    [Show full text]
  • CURRICULUM VITAE and LIST of PUBLICATIONS July 2019 Personal Details: Name: Shlomi (Shlomo) Dolev
    CURRICULUM VITAE AND LIST OF PUBLICATIONS July 2019 Personal Details: Name: Shlomi (Shlomo) Dolev. Date and place of birth: 5/12/58, Israel. Regular military service: 13/2/77 to 12/8/80 (Cap- tain). Address and telephone number at work: Department of Computer Science, Ben-Gurion University of the Negev, Beer-Sheva 84105, Israel, Tel: 08-6472718, Fax: 08-6477650, Email: [email protected]. Parent of: Noa, Yorai, Hagar and Eden. Short Biography: Shlomi Dolev received his B.Sc. in Engineering and B.A. in Computer Science in 1984 and 1985, and his M.Sc. and D.Sc. in computer Science in 1990 and 1992 from the Technion Israel Institute of Technology. From 1992 to 1995 he was at Texas A&M University as a visiting research specialist. In 1995 he joined the Department of Mathematics and Computer Science at Ben-Gurion University. Shlomi is the founder and the first department head of the Computer Science Department at Ben-Gurion University, established in 2000. After just 15 years, the department has been ranked among the first 150 best departments in the world. He is the author of a book entitled Self-Stabilization published by MIT Press in 2000. His publications, more than three hundred conferences, journals and patents, include papers in JACM, SIAM journal on computing, Nature Photonics, Nature Communications, Physical Review, Journal of the Optical Society of America A, Distributed Computing, IEEE/ACM Trans. on Networking, ACM Trans. on Information and System Security, Journal of Cryptology, Journal of Computer and System Sciences, ACM Trans. on Knowledge Discovery from Data, ACM Trans.
    [Show full text]
  • Randomization Adaptive Self-Stabilization
    Randomization Adaptive Self-Stabilization Shlomi Dolev ∗ Nir Tzachar † August 14, 2018 Abstract We present a scheme to convert self-stabilizing algorithms that use randomization during and following convergence to self-stabilizing algorithms that use randomiza- tion only during convergence. We thus reduce the number of random bits from an infinite number to a bounded number. The scheme is applicable to the cases in which there exits a local predicate for each node, such that global consistency is implied by the union of the local predicates. We demonstrate our scheme over the token circulation algorithm of Herman [10] and the recent constant time Byzantine self-stabilizing clock synchronization algorithm by Ben-Or, Dolev and Hoch [3]. The application of our scheme results in the first constant time Byzantine self-stabilizing clock synchronization algorithm that uses a bounded number of random bits. 1 Introduction Self-stabilizing algorithms are designed to start from an arbitrary state and eventually exhibit a desired behaviour. Thus, a self-stabilizing algorithm can recover once the assumptions made for its convergence from the arbitrary state hold. Self-stabilizing al- gorithms that use randomization are able to achieve tasks that cannot be achieved by deterministic means. In some cases, randomization allows faster convergence of self- stabilizing algorithms. Often, randomized self-stabilizing algorithms are designed to use an infinite amount of random bits to operate correctly. However, the creation of (real) random bits is considered expensive; thus, a randomization adaptive self-stabilizing algo- rithm that uses random bits during convergence but does not use random bits following the convergence is desirable.
    [Show full text]