40 %
60 %
Information about Wise2003

Published on October 7, 2007

Author: Gabir

Source: authorstream.com

What could we submit next year to WiSe ? Research challenges in wireless security:  What could we submit next year to WiSe ? Research challenges in wireless security Jean-Pierre Hubaux EPFL WiSe 2003 Outline:  Outline Key establishment in ad hoc and sensor networks With central authority Without central authority Secure routing: the (routing protocol / attack) matrix Selfish routing Without incentives With incentives Pure ad hoc networks Multi-hop cellular networks Other topics Conclusion Key establishment techniques in ad hoc networks:  Key establishment techniques in ad hoc networks With an authority:  With an authority Avoid single point of vulnerability by means of threshold cryptography Principle: share the secret among n nodes; require t+1 nodes for reconstruction the secret key of the system is split into k shares (threshold cryptography) Zhou and Haas (1999) : specialized servers Kong, Zerfos, Luo, Lu, and Zhang (2001) : any group of k nodes can create a certificate, provided that they already have a share of the secret Without authority: Self Organized Public Key Management (2001) :  Without authority: Self Organized Public Key Management (2001) Each node generates its own private / public key pair (as in PGP) and issues public key certificates The system works in two phases: Initialization: each user stores a set of certificates When a user wants to verify the public key of another user, they merge their local repositories and try to find a path of certificates between them 1. i 2. i j Without authority : Mobility helps peer-to-peer security (2003):  Without authority : Mobility helps peer-to-peer security (2003) Mobile networks are often considered to be more difficult to secure, because they depart from the classical desktop model … But human mobility often aims at improving security features: integrity, authentication, confidentiality, non-repudiation Mobile devices can leverage on the encounters of their owners See also The Resurrecting Duckling, by Stajano and Anderson (1999) Establishment of security associations :  Establishment of security associations Infrared link (Alice, PuKAlice, XYZ) (Bob, PuKBob , UVW)   Visual recognition, conscious establishment of a two-way security association Secure side channel Typically short distance (a few meters) Line of sight required - Ensures integrity - Confidentiality not required Name Name NodeId NodeId Alice Bob Pace of establishment of the security associations:  Pace of establishment of the security associations Depends on several factors: Area size Number of communication partners: s Number of nodes: n Number of friends Mobility model and its parameters (speed, pause times, …) Established security associations : Desired security associations : Convergence : Simulation results, random waypoint:  Simulation results, random waypoint Various power ranges (automatic establishment of security associations) Key setup in sensor networks:  Key setup in sensor networks Off-line operations: Generate a large number P of keys Randomly draw k keys to establish the key ring of a sensor Load the key ring into the memory of each sensor Save the key identifiers of a key ring and associated sensor identifier on a trusted controller node Principle: P and k should be computed as to guarantee that the probability of any 2 nodes to share a key is sufficiently high. Basic principle: Eschenauer and Gligor (2002) Further refinements: Chan, Perrig, and Song (2003) Publish on key establishment ?:  Publish on key establishment ? The most fundamental problem Plenty of publishing opportunities (all the proposed solutions have severe limitations, notably in terms of scalability) Secure routing in ad hoc networks:  Secure routing in ad hoc networks DSR AODV FRESH OLSR General Wormhole Rushing attacks Routing protocol Attack Blackhole attack … … SECTOR: provable encounters (SASN 2003):  SECTOR: provable encounters (SASN 2003) Initial distribution of keys/hash values Encounter certification comprised of the following phases: Authentication Distance bounding (Cf also Brands and Chaum, 1993) Issuing of the encounter guarantees a) Guaranteeing Encounter Freshness (GEF) b) Guaranteeing the Time of Encounter (GTE) Encounter verification comprised of the following phases: Authentication Verification claimant certifier Encounter certification claimant verifier Encounter verification Publish on secure routing in ad hoc networks ?:  Publish on secure routing in ad hoc networks ? The security of mainstream routing protocols has already been pretty extensively investigated However, new attacks can still be found The topic of routing itself is not yet closed… Selfish routing without incentives (1/3):  Selfish routing without incentives (1/3) Question: Can cooperation spontaneously emerge? Approach 1: Energy-efficient cooperation: Willingness to cooperate, taking into account the energy class of the nodes (Srinivasan, Nuggehalli, Chiasserini, and Rao, 2003) S R3 R1 R2 D session: energy class: energy class of the session two mechanisms: class distribution mechanism session acceptance mechanism Limitations: no network topology; no protection of the class mechanism Contribution: conditions in which Generous TIT-FOR-TAT is a dominant strategy Selfish routing without incentives (2/3):  Selfish routing without incentives (2/3) Theorem 1: If a node does not have any dependency loops, then its best strategy is AllD. s2 s1 s3 s2 s1 s3 Theorem 2: If a node has only non-reactive dependency loops, then its best strategy is AllD. If node s1 plays AllD: Corollary 1: If every node plays AllD, it is a Nash-equilibrium. Approach 2: identify the network configurations in which cooperation may be spontaneous (PWC, 2003; limited to static networks) Selfish routing without incentives (3/3):  Selfish routing without incentives (3/3) Theorem 3: The best strategy for node i is TFT, if: Node i has a dependency loop with all of its sources, the other nodes play TFT and (G + L) ¢ i > |Fi| ¢ C s2 s1 s3 s2 s1 s3 routes dependency graph Corollary 2: If Theorem 3 holds for every node, it is a Nash-equilibrium. Selfish routing with incentives in pure ad hoc networks (1/2):  Selfish routing with incentives in pure ad hoc networks (1/2) Proposal 1: Mitigating Routing Misbehavior in Mobile Ad Hoc Networks, by S. Marti, T. Giuli, K. Lai, and M. Baker (2000) malicious nodes agree to forward but fail to do so watchdog: identifies misbehaving nodes path rater: helps to identify the best route avoiding misbehaving nodes + total throughput is maintained at an acceptable level, but ... - selfish nodes do not seem to be castigated Proposal 2: CONFIDANT – Cooperation Of Nodes – Fairness in Distributed Ad Hoc NeTworks, by S. Buchegger and JY Le Boudec (2002) nodes bear grudges (analogy with ecological system) reputation system: keeps track of previous behavior of the nodes + selfish nodes are castigated + not restricted to packet forwarding, covers also other operations Limitations: overhead; risk of Sybil attack Selfish routing with incentives in pure ad hoc networks (2/2):  Selfish routing with incentives in pure ad hoc networks (2/2) B – initial battery level C – initial credit level N – constant charge b – battery c – credit counter outo – own packets sent (during whole lifetime) outf – forwarding packets sent (during whole lifetime) Selfishness: maximize outo subject to (1) outo, outf ³ 0 (2) N outo – outf £ C (3) outo + outf = B b,c Proposal 3: “Nuglets” (2000) Proposal 4: “Ad-hoc VCG”, by L. Anderegg and S. Eidenbenz (2003) Selfish routing in multi-hop cellular networks (1/2):  Selfish routing in multi-hop cellular networks (1/2) Combine the characteristics of cellular and ad hoc networks Advantages: Increase the coverage of the network Small number of base stations (fixed antennas) Reduce the energy consumption of the sending mobile station Reduced interference Slide21:  Selfish routing in multi-hop cellular networks (2/2) Multi-hop cellular networks represent a new and promising paradigm, but … No cooperation = the network does not work 2 solutions (both 2003) : a) Systematic charging/rewarding b) Statistical Publish on selfish routing ?:  Publish on selfish routing ? Requires some knowledge of networking, game theory, and cryptography The connection with the other layers (MAC) still needs to be investigated Other research areas:  Other research areas Intrusion detection Motivation: as is the case today with the Internet, wireless ad hoc networks and sensor networks will be attacked Intrusion Detection Systems (IDS) can be one of the responses Idea : run an IDS agent on each node Problems: overhead, protection of the IDS, consistency of the observed behaviors,… Traffic analysis Motivation: a lot of information about the network activity can be obtained by eavesdropping (even if encryption is used) Idea: Fool the attacker by generating artificial traffic; encrypt also the addresses (as in Onion routing) Problem: tremendous overhead Secure location Attacks (including Denial of Service) at the MAC layer Privacy (including location privacy) Conclusion:  Conclusion Security is the area of wireless networking which deserves the highest level of investigation Very young field The kind of considered scenario (civilian / military, personal devices / sensors, …) can radically influence the solution to be chosen Example: The presence or absence of an authority (e.g., in charge of distributing the keys) can lead to very different solutions Best wishes…

Add a comment

Related presentations

Related pages

4. WISE 2003: Roma, Italy - dblp: computer science ...

4th International Conference on Web Information Systems Engineering, WISE 2003, Rome, Italy, December 10-12, 2003. IEEE Computer Society 2003, ISBN 0-7695 ...
Read more

WiSe 2003/04

WiSe 2003/04. Wintersemester 2003/04. Bachelor. Orientierungs- und Qualifizierungsphase. Fuess, Albrecht (Dr.): „Islamische Institutionen und Vereine in ...
Read more

Kapitel 6. Di erenzialrechnung f ur Funktionen von ...

Mathematik I { WiSe 2003/2004 388. Beispiel 6.2 In der Ok onomie treten fast nur Funktionen in Abh angigk eit von mehreren Variablen auf.
Read more

eKVV: WISE2003 / 211023 Spezielle Toxikologie und ...

211023 Spezielle Toxikologie und Gefahrstoffrecht für Studierende der Chemie und Biochemie (V) (WiSe 2003/2004)
Read more

WiSe 2002/03

WiSe 2003/04; SoSe 2003; WiSe 2002/03; SoSe 2002; WiSe 2001/02; SoSe 2001; WiSe 2000/01; SoSe 2000; WiSe 1999/2000; Werkzeugkiste. Suche. Suchwort: Suchen ...
Read more

MathematikfürWirtschaftswissenschaftler/innen ...

MathematikfürWirtschaftswissenschaftler/innen TeilklausurMathematikI 1.Klausur WiSe2003/2004 Hamburg,10.02.2004 Aufgabe1 (8Punkte) GegebenseiendieMengenA ...
Read more

Kapitel 7. Integralrechnung f ur Funktionen einer Variablen

Mathematik I { WiSe 2003/2004 468. Also erhalten wir Z1 1 1 x2 dx = 1: (Uneigentliche Integrale II) Sei f : (a;b] ! R eine stetige Funktion. Falls der ...
Read more

HU Indogermanistik - Lehrveranstaltungen WiSe 2003/04

Die Lehrveranstaltungen des Wintersemesters 2003/2004 im Magisterstudiengang Historisch-vergleichende Sprachwissenschaft.
Read more

Kolloquium WiSe 2003/2004 : Kolloquiums-Archiv ...

Informatisches Kolloquium am Fachbereich Informatik ... Vorträge des Wintersemesters 2003/2004. Wenn nicht anders angegeben, finden die Vorträge montags ...
Read more

Übungsklausur zur Vorlesung Statistik I (WiSe 2003/2004)

Prof. W. Ludwig-Mayerhofer, Universität Siegen, WiSe 2003/04, Übungsklausur zur Vorlesung Statistik I 0 50 10 0 15 0 200 250 300 Wohnfläche in qm
Read more