Securing Wireless Ad Hoc Networks: An ID-Based Cryptographic Approach - PowerPoint PPT Presentation

Loading...

PPT – Securing Wireless Ad Hoc Networks: An ID-Based Cryptographic Approach PowerPoint presentation | free to download - id: 5cf515-N2ZkZ



Loading


The Adobe Flash plugin is needed to view this content

Get the plugin now

View by Category
About This Presentation
Title:

Securing Wireless Ad Hoc Networks: An ID-Based Cryptographic Approach

Description:

Securing Wireless Ad Hoc Networks: An ID-Based Cryptographic Approach Yuguang Michael Fang, Professor JSPS Visiting Invitation Fellow University of Florida ... – PowerPoint PPT presentation

Number of Views:52
Avg rating:3.0/5.0
Slides: 43
Provided by: Dr1042
Category:

less

Write a Comment
User Comments (0)
Transcript and Presenter's Notes

Title: Securing Wireless Ad Hoc Networks: An ID-Based Cryptographic Approach


1
Securing Wireless Ad Hoc NetworksAn ID-Based
Cryptographic Approach
Yuguang Michael Fang, Professor JSPS Visiting
Invitation Fellow University of Florida Research
Foundation Professor Department of Electrical
Computer Engineering University of
Florida Changjiang Scholar Chair Professor
Xidian University, China In Collaboration
with Xiaoyan Zhu and Yanchao Zhang http//winet.
ece.ufl.edu/
2
Outline
  • Introduction
  • Resource-constrained wireless ad hoc networks
  • Security requirements
  • Security issues to tackle
  • Our ID-based public key approach
  • Conclusion future work

3
Future CyberspaceIntegrated Wired-Wireless
Internet
Cellular Networks
Wi-Fi Networks
WiMAX Networks
Current Internet
Mobile Ad-Hoc Networks
Wireless Mesh Networks
NSF GENI Vision
www.geni.net
4
Wireless Movement
  • There are many interesting applications
  • Cellular phones
  • PDAs or iPods
  • Bluetooth earphones
  • Wi-Fi (hot-spot technologies)
  • Tactical radios (missions for war or peace
    keeping))
  • Smart phones (healthcare monitoring)
  • iPhone
  • Wireless sensors (tagging the environments)
  • Digital cameras or camcorder (wireless
    connections)

You are being watched!!!
5
Wireless Advantage
  • There are many good things wireless can offer
  • Frees us from physical attachment
  • Provides freedom of movement while engaging in
    communications
  • Can be self-configured with rapid setup
  • Could be made high speed (broadband)
  • Could be made small and be embedded in everything
    (everything goes wireless)

6
Wireless Disadvantage
  • There are many design challenges
  • Poor channel conditions (e.g., fading)
  • Time-varying links
  • Failure due to mobility/power depletion
  • Susceptible to interference
  • Limited bandwidth
  • Limited power
  • Limited computing resources (memory and CPU)
  • Open access (subject to interception or
    eavesdropping)
  • Lack of trusted infrastructure (sometimes)!

7
Design Challenges
  • Resource constraints pose many secure design
    challenges
  • Security schemes for wired networks may NOT be
    feasible for wireless networks
  • Computationally intensive scheme will not work
    well
  • Power hungry operations should be avoided (due to
    either computation or communications)
  • Trust model should be re-evaluated
  • Non-conventional attacks should be investigated
    and appropriate strategy should be designed

8
Design Challenges
  • PKI or not PKI? This is the question!
  • Public (asymmetric) key approach PKI
  • Pros scalable, easier key establishment, better
    authentication and embedded digital signature
  • Cons computationally intensive, larger key size,
    demand trusted infrastructure (certificate
    management) and more overhead due to certificate
    management, and subject to DoS attacks
  • Secret (symmetric) key approach not PKI
  • Pros low computational overhead, no certificate
    is necessary
  • Cons not scalable, more communication overhead,
    no support of digital signature
  • dilemma indeed!!!

9
ID-based Public Key Cryptography (PKC)
  • ID-based Signature (Shamir 1984)
  • ID-based PKC (Non-interactive PKC)
  • Joux (2000) pairing does some magicthree-party
    key agreement
  • Boneh and Franklin (2001) alternative PKI
    (encryption)
  • Any string (or ID) such as email, telephone
    number, or any string can be used as the public
    key
  • No certificate is necessary does not need to
    maintain (ID,PublicKey) binding because the
    public key is directly derivable from the ID
  • Elliptic curve cryptography can be easily
    incorporated

10
Why ID-based PKC
  • Advantages
  • Non-interactive key establishment shared secret
    without exchanging informationconserving energy!
  • No certificate saving memory space! No need of
    trusted infrastructure!
  • The fact that any string can be a part of public
    key offers the flexibility of adding specialized
    property to a user instead of Michael, we can
    use Michael _at_UF
  • Scalable as long as private key is given from
    the same master secret, secure communication can
    be enabled

11
Why ID-based PKC
  • Disadvantages
  • The master secret holder (Trusted Authority or
    TA) knows everything somebody is watching!
  • Computational complexity of pairing more complex
    than exponentiation!
  • Fitting Wireless Ad Hoc Networks (WANETs)
  • WANETs is designed for a single mission, hence
    collaborative in nature and TA is the network
    owner!
  • Pairing computational efficiency is progressing
  • Hardware implementation Tate pairing needs 6ms
    to compute
  • Platform implementation sub-second
    implementation on sensor platform has been
    proposed lately (Wisec2009)

12
Notation
13
Pairing Technique
Similar to the exponentiation function in RSA
Modified Weil pairing or Tate pairing can be
used
14
Key Generation and Establishment
  • Key Generation
  • Given (ID, K), it is infeasible to derive s, as
    the Discrete Logarithm Problem is computationally
    hard in G1.
  • Key establishment node A (IDA,KA) and node B
    (IDB,KB)

A shared key is established without exchanging
any information!!!
15
Wireless Sensor Networks
  • A wireless sensor network (WSN) is composed of a
    large number of low-cost sensor nodes randomly
    deployed to sense/monitor the field of interest,
    collect and process information, and make
    intelligent decision (actuation)
  • Sensor nodes
  • Limited in energy, computation, and storage
  • Sense/monitor their local environment
  • Perform limited data processing
  • Communicate over short distances
  • Actuate/control (decision making)
  • E.g., sink model
  • Gather data from sensor nodes and connect the WSN
    to the outside world

16
Wireless Sensor Networks
sink
17
Security Requirements
Message confidentiality
Message authenticity integrity
An attacker at (20,18)
An attacker at (20,18)
A
B
U
Node mutual authentication
More
sink
18
Security Issues
  • Authentication
  • Key agreement
  • Mitigating specific serious attacks
  • Secure location discovery
  • Broadcast authentication
  • Secure data aggregation
  • Secure clock synchronization
  • Secure routing and MAC protocols
  • Intrusion detection

19
1 Pair-wise Authentication
  • Two neighboring nodes verify that the other party
    is who it claims to be
  • Chan et al. (IEEE SP03)
  • Otherwise, attackers can
  • Inject false data reports via good nodes
  • Distribute wrong routing information
  • Impersonate good nodes to misbehave

20
2 Key Agreement
  • Two neighboring nodes establish a shared secret
    key known only to themselves
  • Eschenauer and Gligor (CCS03), Chan et al.
    (SP03), Liu and Ning (IEEE CCS03),
  • The shared key is a prerequisite for
  • Message encryption/decryption
  • Message authentication

21
3 Sybil Attack
  • Sybil (1976) staring Sally Field a girl with at
    least 13 personalities
  • A malicious node claims multiple identities
  • Severely interrupt routing, fair resource
    allocation, distributed storage, misbehavior
    detection
  • Douceur (IPTPS02), Newsome et al. (IPSN04)

E
F
I am V
I am U
Correct path
A
D
I am F
I am W
wrong path
C
B
22
4 Node Duplication Attack
  • The attacker put clones of a captured node at
    random or strategic locations in the network
  • Parno et al. (IEEE SP05)

A
sink
23
5 Random Walk Attack
  • The attacker uses secret information of a
    captured node to roam in the network

A
sink
24
6 Wormhole Attack
  • Attackers tunnel packets received at one location
    to another distant network location
  • Hu et al. (INFOCOM03), Karlof et al. (SNPA03)
  • Allowing the attacker to
  • Disrupt routing, selectively drop packets,

A
B
secret Wormhole link
25
Previous Research
  • Many separate solutions exist, but
  • Difficult to combine due to different or even
    conflicting underlying assumptions
  • Even if possible, far too complex a solution
    stack
  • Most prior solutions do not work when a small
    number of nodes are captured by attackers
  • Many schemes address one problem but create other
    problems
  • Most schemes apply the symmetric key approach.
    Many do reduce the computational cost however,
    they tend to dramatically increase the
    communications cost (often ignored by many)

26
Observation
  • Almost all WSN applications are
    location-dependent and require a sensor node to
    know its own location
  • E.g., military sensing and tracking
  • Most sensor nodes are stationary once deployed
  • Can be identified by their IDs plus locations
  • Most sensor nodes have a limited comm. range
  • Can only directly communicate with others inside
    their communication range

27
Location-based Security Solution
  • Location-based authentication
  • Neighbor-to-neighbor authentication
  • Key agreement
  • Sybil attack
  • Node duplication attack
  • Random walk attack
  • Wormhole attack

28
Location-based Keys
  • Conventional way ID-based keys
  • Name a node merely with its ID
  • Bind sensor nodes keys only to their IDs
  • Vulnerable to many attacks, e.g., node
    duplication
  • Our method location-based keys (LBKs)
  • Name a node with both its ID and location
  • Michael_at_UF is more specific than Michael!
  • Bind sensor nodes keys to both IDs and locations

29
Location-based Keys
  • Assume a secure way to decide node locations
  • Zhang et al., IEEE JSAC06
  • Node As LBKs
  • Given (IDA_at_LA, KA), it is infeasible to derive s,
    as the Discrete Logarithm Problem is hard in G1.
  • Each node only knows its unique LBK pair, and has
    no knowledge of s
  • Use a key pre-distribution model

30
Neighbor-to-Neighbor Authentication
  • Purpose
  • Discover and perform mutual authentication with
    neighboring sensor nodes
  • Idea
  • Check if the candidate is within the comm. range
    and has the correct location-based private key

31
Neighbor-to-Neighbor Authentication
32
Neighbor-to-Neighbor Authentication
33
Resilience to Sybil Attack
  • The captured node does not have the correct
    location-based private keys of the nodes it
    claims to be
  • Comparison to Newsome et al. (IPSN04)
  • Our solution has much higher network scalability
    (Random key pre-distribution with limited network
    size)

34
Resilience to Node Duplication Attack
B
A
R
  • A duplicate will be detected if talking to good
    nodes outside the communication range of node A
  • The impact range of a captured node is reduced
    from the whole network to a small circle of
    radius lt R
  • Comparison to Parno et al. (IEEE SP05)
  • Our solution is much more efficient in both
    communication and computation (periodic report on
    location and witness nodes help)

35
Resilience to Random Walk Attack
R
A
sink
  • The impact range of a capture node is reduced
    from the whole network to a small circle of
    radius lt R

36
Resilience to Wormhole Attack
A
B
R
R
Wormhole link
  • The wormhole attack is completely defeated
  • Comparison to Hu et al. (INFOCOM03)
  • Our solution has no stringent requirement on
    sensor hardware and time synchronization
    (restrict the maximum transmission distance of
    any packet)

37
Comparison to Prior Solutions
Our scheme Eschenauer02, Chan03, Du03, Liu03
Key agreement Deterministic Probabilistic
Neighborhood authentication Yes No or very limited
Support for digital signatures Yes No
Storage cost Low High
Network scalability High Poor
Attack resilience High Poor
Communication overhead Low High
Computation overhead High Low
Comm.Computation overhead Low High
38
ID-based Certificateless Key Management
  • Propose a novel construction method of ID-based
    public/private keys, in which each public or
    private key consists of a node-specific element
    and a network-wide common element
  • Design an efficient protocol to update public
    private keys of all non-compromised nodes with
    one broadcast message threshold cryptography

Y. Zhang, W. Liu, W. Lou and Yuguang Fang,
Securing mobile ad hoc networks with
certificateless public keys, IEEE Transactions
on Dependable and Secure Computing, 3(4)
386-399, 2006.
39
Anonymity in MANETs
  • ID-based approach can be used to generate
    multiple pseudonyms, which then generate dynamic
    link identifiers to hide real IDs
  • Anonymous MAC
  • Use pseudonyms instead of MAC addresses
  • Anonymous routing
  • Dynamic pseudo link ID management (dynamic link
    identifiers) to hide both source and destination

Y. Zhang, W. Liu, W. Lou and Yuguang Fang, MASK
anonymous on-demand routing in mobile ad hoc
networks, IEEE Transactions on Wireless
Communications, 5(9) 2376-2385, 2006
40
Security Billing in Wireless Mesh Networks
  • ID-based authentication schemes among mesh
    routers and mobile clients
  • Authentication for mesh router-mesh router, mesh
    router-mesh client, and client-client
  • Countermeasure against DoS attacks
  • Micro-payment schemes

Y. Zhang and Y. Fang, A secure authentication
and billing architecture for wireless mesh
networks,'' Accepted for publication in ACM
Wireless Networks Y. Zhang and Y. Fang, ARSA
an attack-resilient security architecture for
multi-hop wireless mesh networks, IEEE Journal
on Selected Areas in Communications, 24(10)
1916-1928, 2006.
41
Conclusions
  • Discuss challenges for information insurance
  • Demonstrate the innovative applications of
    ID-based cryptography
  • Minimize communication overhead (no certificate,
    establishing session keys without exchanging
    keying materials)
  • Exemplary application a location-based unified
    solution for wireless sensor networks to address
  • Neighbor-to-neighbor authentication, key
    agreement, Sybil attack, node duplication attack,
    random walk attack, wormhole attack, data
    injection attack

42
Future Research Directions
  • There are many research challenges ahead
  • How to reduce the pairing computational
    complexity (hardware?)
  • How to deal with heterogeneous ad hoc networks
    (more powerful nodes can be better used to our
    advantage)
  • How to take advantage of mobile nodes
  • Mission-dependent, light-weight and adaptive
    security schemes
  • How to harness the cooperative nature, if any.
  • How to proactively detect intrusion
  • How to secure distributed storage
  • How to secure routing protocol in the
    light-weight fashion
  • How to carry out secure target tracking
  • How to integrate the security schemes over
    resource-constrained networks with those over
    fixed infrastructure
About PowerShow.com