SPLASH Scurisation des ProtocoLes dans les rseAux mobileS ad Hoc

1
SPLASH Sécurisation des ProtocoLes dans les
réseAux mobileS ad Hoc 

• http//www.inrialpes.fr/planete/splash.html
• 12 Décembre 2003

Refik Molva Institut EURECOM molva_at_eurecom.fr
2
MANET Security Requirements

• Wireless Mobile
• Limited Energy
• Lack of physical security
• Ad Hoc
• Lack of(or limited) infrastructure
• Lack of a priori trust

• Cooperation Enforcement

• Secure Routing

Recent security solutions for mobile ad hoc
networks In Ad Hoc Networks IEEE Press - Wiley
Ed
3
Key Management Objectives

• Bootstrapping from scratch
• Fully distributed
• Minimum dependency

4
Key Management Approaches

• Symmetric crypto Basagni et al.
• (ID, PK) binding
• Certificate (ID,PK)CA
• Self-organized Authorities Zhou, Haas Kong, et
  al. Yi, Kravets Lehane, et al.
• Web of trust(PGP) Hubaux, Buttyan, Capkun
• Certificate-less
• Crypto-based IDs ID h(PK) Montenegro,
  Castellucia OShea, Roe Bobba, et al
  
• ID-based Crypto PK f(ID) Halili, Katz,
  Arbaugh
• Context-dependent authentication
• location-limited channels Balfanz, et al.
• Shared passwords Asokan, Ginzborg

5
Self-organized Admission Control

• Performance Comparison
• Centralized (simple signatures)
• member gets t signatures from other members
• Server grants GMC when t or more signatures are
  shown.
• Distributed (threshold signatures)
• member gets partial certificates (mSKi) from
  other members.
• member combines t certificates to get a GMC
  
• GMC mSK1 mSK2 mSK3.. mSKt mSK
• ?Threshold signatures are NOT suitable in MANET
  and sensor networks.
• Currently investigating Bilinear mappings
• Admission Control in Peer-to-Peer Design and
  Performance Evaluation, ACM SASN Workshop,
  October 2003.
• On the Utility of Distributed Cryptography in
  P2P and MANETs, ICNP 2003.

6
Feature Summary
7
Some Results
Signature verification

• Signature generation

8
(ID, PK) binding without a PKICrypto-Generated
Addresses (CGA)

• Statistically Unique Cryptographically Verifiable
  IDs Montenegro, Castellucia OShea, Roe
• IPv6 _at_ prefix h( prefix PK )
• Secure Routing using CGA AODV Castellucia,
  Montenegro DSRBobba, et al
• PROs no certificates, no PKI CONs
  generation of bogus IDs
• New CGA based on the small primes variation of
  the Feige-Fiat-Shamir (MFFS)
• Statistically Unique and Cryptographically
  Verifiable Addresses concepts and applications.
  ACM TISSEC, Feb. 2004
• Protecting AODV against impersonation attacks,
  ACM MC2R, October 2002

9
Cooperation Enforcement in MANET

• Routing and Packet Forwarding cost energy.
• Selfish node saves energy for itself
• Without any incentive for cooperation network
  performance can be severely degraded.

Michiardi, Molva, EW02
10
Cooperation enforcement mechanisms

• Token-based Yang,Meng,Lu
• Nuglets Buttyan,Hubaux
• SPRITE Zhong, Chen, Yang
• CONFIDANTBuchegger,Le Boudec
• CORE Michiardi,Molva
• Beta-Reputation Josang,Ismail

Threshold cryptography
Micro-payment
Reputation-based
11
CORE
Packet forwarding Source Node g Destination
Node f Route ltg,b,d,E,fgt
Packet forwarding Source Node a Destination
Node f Route lta,E,fgt
Reputation(b) ?
Reputation(d) ?
Reputation(E) ?
Reputation(E) ?
12
Cooperation Enforcement Evaluation with Game
Theory

• Cooperative GT
• Study the size (k) of a coalition of cooperating
  nodes
• Nash Equilibrium ? lower bound on k
• Non-cooperative GT
• Utility function with pricing
• Pricing used to guide the operating point (i.e.
  maximum of utility function) to a fair position
• ri dynamic reputation of node ni evaluated by
  her neighbors

Michiardi,Molva,CMS02, WiOpt03
Srinivasan,et al.,INFOCOM03
13
Simulations CORE uniform traffic
14
Simulations TFT uniform traffic
15
Simulations CORE random traffic
16
Simulations TFT random traffic
17
Non-cooperative GT with pricing
18
Summary

• Specific requirements
• Self organized bootstrapping of security
  associations
• Cooperation enforcement
• Prospects
• New tools from crypto bag of tricks (Id-based
  crypto, . . .)
• Integrated mechanisms reputation key
  management
• Participation in MOBILEMAN project on Ad Hoc
  Networks
• ESAS 2004
• 1st European Workshop on Security in Ad-Hoc and
  Sensor Networks. (5.-6. August, 2004) 

19
ESORICS 2004 RAID 2004September
13-17Institut EURECOMSophia Antipolis -
FRANCE
20

• THANK YOU