The Resurrecting Duckling: Security Issues for Ad-hoc Wireless Networks

  • Frank Stajano
  • Ross Anderson
Part of the Lecture Notes in Computer Science book series (LNCS, volume 1796)


In the near future, many personal electronic devices will be able to communicate with each other over a short range wireless channel. We investigate the principal security issues for such an environment. Our discussion is based on the concrete example of a thermometer that makes its readings available to other nodes over the air. Some lessons learned from this example appear to be quite general to ad-hoc networks, and rather different from what we have come to expect in more conventional systems: denial of service, the goals of authentication, and the problems of naming all need re-examination. We present the resurrecting duckling security policy model, which describes secure transient association of a device with multiple serialised owners.


Shared Secret Access Control List Battery Exhaustion Peanut Node Personal Electronic Device 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Anderson, R., Kuhn, M.: Tamper resistance – a cautionary note. In: Proc. 2nd USENIX Workshop on Electronic Commerce (1996)Google Scholar
  2. 2.
    Anderson, R., Kuhn, M.: Low cost attacks on tamper resistant devices. In: Christianson, B., Lomas, M. (eds.) Security Protocols 1997. LNCS, vol. 1361, pp. 125–136. Springer, Heidelberg (1998)CrossRefGoogle Scholar
  3. 3.
    Infrared Data Association,
  4. 4.
    Bennett, F., Clarke, D., Evans, J.B., Hopper, A., Jones, A., Leask, D.: Piconet: Embedded mobile networking. IEEE Personal Communications 4(5), 8–15 (1997)CrossRefGoogle Scholar
  5. 5.
    Biba, K.J.: Integrity considerations for secure computer systems. Technical Report MTR-3153, MITRE Corporation(April 1975)Google Scholar
  6. 6.
    HomeRF Working Group,
  7. 7.
    Haartsen, J., Naghshineh, M., Inouye, J., Joeressen, O.J., Allen, W.: Bluetooth: Visions, goals, and architecture. ACM Mobile Computing and Communications Review 2(4), 38–45 (1998)CrossRefGoogle Scholar
  8. 8.
    IEEE. IEEE standard for a high performance serial bus. IEEE Standard 1394 (1995)Google Scholar
  9. 9.
    Johnston, R.G., Garcia, A.R.E.: Vulnerability assessment of security seals. Journal of Security Administration 20(1), 15–27 (1997)Google Scholar
  10. 10.
    Lorenz, K.: Er redete mit dem Vieh, den Vögeln und den Fischen (King Solomon’s ring). Borotha-Schoeler, Wien (1949)Google Scholar
  11. 11.
  12. 12.
    Negus, K.J., Waters, J., Tourrilhes, J., Romans, C., Lansford, J., Hui, S.: HomeRF and SWAP: Wireless networking for the connected home. ACM Mobile Computing and Communications Review 2(4), 28–37 (1998)CrossRefGoogle Scholar
  13. 13.

Copyright information

© Springer-Verlag Berlin Heidelberg 2000

Authors and Affiliations

  • Frank Stajano
    • 1
    • 2
  • Ross Anderson
    • 1
  1. 1.University of Cambridge Computer LaboratoryCambridgeUK
  2. 2.AT&T Laboratories CambridgeCambridgeUK

Personalised recommendations