Dr Stephan Wesemeyer

Teaching Fellow, Secure Systems
+44 (0)1483 682259
05 BB 02

Academic and research departments

Department of Computer Science.


My publications


Wesemeyer S, Sweeney P (1998) Suboptimal soft-decision decoding for some RS-codes, ELECTRONICS LETTERS 34 (10) pp. 983-984 IEE-INST ELEC ENG
Sweeney P, Wesemeyer S (2000) Iterative soft-decision decoding of linear block codes, IEE PROCEEDINGS-COMMUNICATIONS 147 (3) pp. 133-136 IEE-INST ELEC ENG
Wesemeyer S (1998) On the automorphism group of various Goppa codes, IEEE TRANSACTIONS ON INFORMATION THEORY 44 (2) pp. 630-643 IEEE-INST ELECTRICAL ELECTRONICS ENGINEERS INC
Diakos, TP, Briffa, JA, Brown TWC, Wesemeyer, S (2013) Eavesdropping near-field contactless payments: a quantitative analysis, IET Journal of Engineering
This paper presents an assessment of how successful an eavesdropping attack on a contactless payment transaction can be in terms of bit and frame error rates, using an easily concealable antenna and low-cost electronics. Potential success of an eavesdropping attack largely depends on the correct recovery of the data frames used in the ISO 14443 standard. A near-field communication inductive loop antenna was used to emulate an ISO 14443 transmission. For eavesdropping, an identical inductive loop antenna as well as a shopping trolley modified to act like an antenna were used. The authors present and analyse frame error rates obtained with the authors equipment over a range of distances, up to 100 cm, well above the official maximum operating distance depending on the magnetic field strength.
Wesemeyer S, Sweeney P, Burgess DRB (1999) Some soft-decision decoding algorithms for Reed-Solomon codes, CRYPTOGRAPHY AND CODING 1746 pp. 290-299 SPRINGER-VERLAG BERLIN
Alfraih AS, Briffa JA, Wesemeyer S (2015) Cloning Localization Based on Feature Extraction and K-means Clustering, DIGITAL-FORENSICS AND WATERMARKING, IWDW 2014 9023 pp. 410-419 SPRINGER-VERLAG BERLIN
Alfraih AS, Briffa JA, Wesemeyer S (2015) Cloning localization approach using k-means clustering and support vector machine, JOURNAL OF ELECTRONIC IMAGING 24 (4) ARTN 04301 IS&T & SPIE
Alshehri AA, Briffa JA, Schneider SA, Wesemeyer S (2013) Formal Security Analysis of NFC M-coupon Protocols using Casper/FDR, IEEE
Near field communication (NFC) is a standard-based,
radio frequency (RF), wireless communication technology that
allows data to be exchanged between devices that are less than 20 cm apart. NFC security protocols require formal security analysis before massive adoptions, in order to check whether these protocols meet its requirements and goals. In this paper we formally analyse NFC-based mobile coupon protocols using formal methods (Casper/FDR). We find an attack against the advanced protocol, and then we provide a solution that addresses the vulnerability formally.
Alfraih AA, Briffa JA, Wesemeyer S Forgery Localization Based on Image Chroma Feature Extraction, Intern. Conf. on Imaging for Crime Detection and Prevention (ICDP)
Briffa JA, Schaathun HG, Wesemeyer S (2010) An Improved Decoding Algorithm for the Davey-MacKay Construction, Proc. IEEE Intern. Conf. on Commun. pp. 1-5 IEEE
The Deletion-Insertion Correcting Code construction proposed by Davey and MacKay consists of an inner code that recovers synchronization and an outer code that provides substitution error protection. The inner code uses low-weight codewords which are added (modulo two) to a pilot sequence. The receiver is able to synchronise on the pilot sequence in spite of the changes introduced by the added codeword. The original bit-level formulation of the inner decoder assumes that all bits in the sparse codebook are identically and independently distributed. Not only is this assumption inaccurate, but it also prevents the use of soft a- priori input to the decoder. We propose an alternative symbol-level inner decoding algorithm that takes the actual codebook into account. Simulation results show that the proposed algorithm has an improved performance with only a small penalty in complexity, and it allows other improvements using inner codes with larger minimum distance.
Whitefield J, Chen L, Kargl F, Paverd A, Schneider S, Treharne H, Wesemeyer S (2017) Formal Analysis of V2X Revocation Protocols., Proceedings of STM?17. Lecture Notes in Computer Science. 10547 pp. 147-163 Springer
Research on vehicular networking (V2X) security has produced
a range of security mechanisms and protocols tailored for this
domain, addressing both security and privacy. Typically, the security
analysis of these proposals has largely been informal. However, formal
analysis can be used to expose flaws and ultimately provide a higher level
of assurance in the protocols. This paper focusses on the formal analysis
of a particular element of security mechanisms for V2X found in many
proposals, that is the revocation of malicious or misbehaving vehicles
from the V2X system by invalidating their credentials. This revocation
needs to be performed in an unlinkable way for vehicle privacy even in
the context of vehicles regularly changing their pseudonyms. The Rewire
scheme by Förster et al. and its subschemes Plain and R-token aim
to solve this challenge by means of cryptographic solutions and trusted
hardware. Formal analysis using the Tamarin prover identifies two flaws:
one previously reported in the literature concerned with functional correctness
of the protocol, and one previously unknown flaw concerning an
authentication property of the R-token scheme. In response to these
flaws we propose Obscure Token (O-token), an extension of Rewire
to enable revocation in a privacy preserving manner. Our approach addresses
the functional and authentication properties by introducing an
additional key-pair, which offers a stronger and verifiable guarantee of
successful revocation of vehicles without resolving the long-term identity.
Moreover O-token is the first V2X revocation protocol to be co-designed
with a formal model.
Han Jinguang, Chen Liqun, Schneider Steve, Treharne Helen, Wesemeyer Stephan (2018) Anonymous Single-Sign-On for n designated services with traceability, Computer Security: 23rd European Symposium on Research in Computer Security, ESORICS 2018, Barcelona, Spain, September 3-7, 2018, Proceedings, Part I (Lecture Notes in Computer Science Book 11098) 11098 Springer
Anonymous Single-Sign-On authentication schemes have been proposed to allow
users to access a service protected by a verifier without revealing their identity. This has
become more important with the introduction of strong privacy regulations. In this paper we
describe a new approach whereby anonymous authentication to different verifiers is achieved
via authorisation tags and pseudonyms. The particular innovation of our scheme is that authentication
can occur only between a user and its designated verifier for a service, and the
verification cannot be performed by any other verifier. The benefit of this authentication approach
is that it prevents information leakage of a user's service access information, even if the
verifiers for these services collude. Our scheme also supports a trusted third party who is authorised
to de-anonymise the user and reveal her whole service access information if required.
Furthermore, our scheme is lightweight because it does not rely on attribute or policy-based
signature schemes to enable access to multiple services. The scheme's security model is given
together with a security proof, an implementation and a performance evaluation.
Han Jinguang, Chen Liqun, Schneider Steve, Treharne Helen, Wesemeyer Stephan, Wilson Nick (2020) Anonymous Single Sign-On With Proxy Re-Verification, IEEE Transactions on Information Forensics and Security 15 (1) pp. 223-236 Institute of Electrical and Electronics Engineers (IEEE)
An anonymous single sign-on (ASSO) scheme allows users to access multiple services anonymously using one credential. We propose a new ASSO scheme, where users can access services anonymously through the use of anonymous credentials and unlinkably through the provision of designated verifiers. Notably, verifiers cannot link a user?s service requests even if they collude. The novelty is that when a designated verifier is unavailable, a central authority can authorize new verifiers to authenticate the user on behalf of the original verifier. Furthermore, a central verifier can also be authorized to de-anonymize users and trace their service requests. We formalize the scheme along with a security proof and provide an empirical evaluation of its performance. This scheme can be applied to smart ticketing where minimizing the collection of personal information of users is increasingly important to transport organizations due to privacy regulations such as general data protection regulations (GDPRs).
Han Jinguang, Chen Liqun, Schneider Steve, Treharne Helen, Wesemeyer Steve (2019) Privacy-Preserving Electronic Ticket Scheme with Attribute-Based Credentials, IEEE Transactions on Dependable and Secure Computing pp. 1-1 IEEE
Users accessing services are often required to provide personal information, for example, age, profession and location, in order to satisfy access polices. This personal information is evident in the application of e-ticketing where discounted access is granted to visitor attractions or transport services if users satisfy policies related to their age or disability or other defined over attributes. We propose a privacy-preserving electronic ticket scheme using attribute-based credentials to protect users? privacy. The benefit of our scheme is that the attributes of a user are certified by a trusted third party so that the scheme can provide assurances to a seller that a user?s attributes are valid. The scheme makes the following contributions: (1) users can buy different tickets from ticket sellers without releasing their exact attributes; (2) two tickets of the same user cannot be linked; (3) a ticket cannot be transferred to another user; (4) a ticket cannot be double spent. The novelty of our scheme is to enable users to convince ticket sellers that their attributes satisfy the ticket policies and buy discounted tickets anonymously. This is a step towards identifying an e-ticketing scheme that captures user privacy requirements in transport services. The security of our scheme is proved and reduced to a well-known complexity assumption. The scheme is also implemented and its performance is empirically evaluated.
Wesemeyer Steve, Newton Christopher, Treharne Helen, Chen Liqun, Sasse Ralf, Whitefield Jordan (2019) Formal Analysis and Implementation of a TPM 2.0-based
Direct Anonymous Attestation Scheme,
15th ACM ASIA Conference on Computer and Communications Security
Direct Anonymous Attestation (Daa) is a set of cryptographic
schemes used to create anonymous digital signatures. To provide additional assurance, Daa schemes can utilise a Trusted Platform Module (Tpm) that is a tamper-resistant hardware device embedded in a computing platform and which provides cryptographic primitives
and secure storage. We extend Chen and Li?s Daa scheme to
support: 1) signing a message anonymously, 2) self-certifying Tpm keys, and 3) ascertaining a platform?s state as recorded by the Tpm?s platform configuration registers (PCR) for remote attestation, with
explicit reference to Tpm 2.0 API calls.We perform a formal analysis of the scheme and are the first symbolic models to explicitly include the low-level Tpm call details. Our analysis reveals that a fix proposed
by Whitefield et al. to address an authentication attack on an Ecc-Daa scheme is also required by our scheme. Developing a finegrained,
formal model of a Daa scheme contributes to the growing
body of work demonstrating the use of formal tools in supporting
security analyses of cryptographic protocols. We additionally provide
and benchmark an open-source C++ implementation of this
Daa scheme supporting both a hardware and a software Tpm and
measure its performance.