SPLASH Sécurisation des ProtocoLes dans les réseAux mobileS ad Hoc 12 Décembre 2003 Refik Molva Institut EURECOM.

Slides:



Advertisements
Similar presentations
Security in Mobile Ad Hoc Networks
Advertisements

Security in Mobile Ad Hoc Networks Security Protocols and Applications Seminar Rudi Belotti, Frank Lyner April 29, 2003.
Security Issues in Mobile Ad hoc Networks
P: 1 / 24 Situated and Autonomic Communications FET Integrated Project CASCADAS ( Mécanismes de sécurité et de coopération entre.
By Md Emran Mazumder Ottawa University Student no:
SPLASH Project INRIA-Eurecom-UC Irvine November 2006.
EPFL, Lausanne, Switzerland Márk Félegyházi Equilibrium Analysis of Packet Forwarding Strategies in Wireless Ad Hoc Networks – the Static Case Márk Félegyházi.
Self-Organized Anonymous Authentication in Mobile Ad Hoc Networks Julien Freudiger, Maxim Raya and Jean-Pierre Hubaux SECURECOMM, 2009.
Counter-measuring MAC Misbehaviors in Ad Hoc Networks using Game Theory March 25, 2010 EE5723 – Computer & Network Security.
Stimulation for Cooperation in Ad Hoc Networks: Beyond Nuglets Levente Buttyán, Jean-Pierre Hubaux, and Naouel Ben Salem Swiss Federal Institute of Technology.
Efficient Public Key Infrastructure Implementation in Wireless Sensor Networks Wireless Communication and Sensor Computing, ICWCSC International.
TAODV: A Trusted AODV Routing Protocol for MANET Li Xiaoqi, GiGi March 22, 2004.
Hubaux Ne X tworking’03 June 23-25,2003, Chania, Crete, Greece The First COST-IST(EU)-NSF(USA) Workshop on EXCHANGES & TRENDS IN N ETWORKING 1 Self-organization.
© 2007 Levente Buttyán and Jean-Pierre Hubaux Security and Cooperation in Wireless Networks Chapter 4: Naming and addressing.
Security Improvement for Ad Hoc Wireless Network Visal Kith ECE /05/2006.
SPLASH Project INRIA-Eurecom-UC Irvine November 2006.
NGMAST- WMS workshop17/09/2008, Cardiff, Wales, UK A Simulation Analysis of Routing Misbehaviour in Mobile Ad hoc Networks 2 nd International Conference.
Secure Routing and Intrusion Detection For Mobile Ad Hoc Networks Secure Routing and Intrusion Detection For Mobile Ad Hoc Networks Anand Patwardhan Jim.
1 A few challenges in security & privacy in the context of ubiquitous computing Gene Tsudik SCONCE: Secure Computing and Networking Center UC Irvine
1 Key Management in Mobile Ad Hoc Networks Presented by Edith Ngai Spring 2003.
An Authentication Service Based on Trust and Clustering in Wireless Ad Hoc Networks: Description and Security Evaluation Edith C.H. Ngai and Michael R.
Security in Ad Hoc Networks Steluta Gheorghiu Universitat Politecnica de Catalunya Departament d’Arquitectura de Computadors.
Trust Level Based Self-Organized Routing Protocol for Secure Ad Hoc Networks Li Xiaoqi, GiGi 12/3/2002.
A Reputation Based Scheme for Stimulating Cooperation Aruna Balasubramanian, Joy Ghosh and Xin Wang University at Buffalo (SUNY), Buffalo, NY {ab42, joyghosh,
Motivating Corporation in Mobile Ad Hoc Networks: A Step Forward
Kemal AkkayaWireless & Network Security 1 Department of Computer Science Southern Illinois University Carbondale CS 591 – Wireless & Network Security Lecture.
Secure Routing in Ad Hoc Wireless Networks
Security of wireless ad-hoc networks. Outline Properties of Ad-Hoc network Security Challenges MANET vs. Traditional Routing Why traditional routing protocols.
1 Laboratory for Computer Communications and Application (LCA) Swiss Federal Institute of Technology (EPFL) Srdjan Čapkun joint work with Jean-Pierre Hubaux.
Key Distribution CS 470 Introduction to Applied Cryptography
MOCA : Mobile Certificate Authority for Wireless Ad Hoc Networks The 2nd Annual PKI Research Workshop (PKI 2003) Seung Yi, Robin Kravets September. 25,
Network-layer Security of Mobile Ad hoc Networks Jiangyi Hu Advisor: Dr. Mike Burmester.
Brian Padalino Sammy Lin Arnold Perez Helen Chen
30/04/2004Gene Tsudik, UCLA CSD Research Review1 Some Security Issues & Challenges in MANETs and Sensor Nets Gene Tsudik SCONCE: Secure Computing and Networking.
Nodes Bearing Grudges: Towards Routing Security, Fairness, and Robustness in Mobile Ad Hoc Networks Sonja Buchegger Jean-Yves Le Boudec.
MOBILE AD-HOC NETWORK(MANET) SECURITY VAMSI KRISHNA KANURI NAGA SWETHA DASARI RESHMA ARAVAPALLI.
1 / 18 Fariba alamshahi Secure Routing and Intrusion Detection in Ad Hoc Networks Supervisor: Mr.zaker Translator: fariba alamshahi.
Implementation and Evaluation of Certificate Revocation List Distribution for Vehicular Ad-hoc Networks Petra Ardelean Advisor: Panos Papadimitratos.
Securing AODV Routing Protocol in Mobile Ad-hoc Networks Phung Huu Phu, Myeongjae Yi, and Myung-Kyun Kim Network-based Automation Research Center and School.
Fuzzy Trust Recommendation Based on Collaborative Filtering for Mobile Ad-hoc Networks Junhai Luo 1,2, Xue Liu 1, Yi Zhang 3,Danxia Ye 2,Zhong Xu 1 1 McGill.
1 Secure Ad-Hoc Network Eunjin Jung
SECURITY-AWARE AD-HOC ROUTING FOR WIRELESS NETWORKS Seung Yi, Prasad Naldurg, Robin Kravets Department of Computer Science University of Illinois at Urbana-Champaign.
A Security-Aware Routing Protocol for Wireless Ad Hoc Networks
Key Management in Mobile and Sensor Networks Class 17.
Integrity-regions: Authentication Through Presence in Wireless Networks Srdjan Čapkun 1 and Mario Čagalj 2 1 Department of Computer Science, ETH Zurich.
Shambhu Upadhyaya 1 Ad Hoc Networks Routing Security Shambhu Upadhyaya Wireless Network Security CSE 566 (Lecture 19)
KAIS T Security architecture in a multi-hop mesh network Conference in France, Presented by JooBeom Yun.
Trust- and Clustering-Based Authentication Service in Mobile Ad Hoc Networks Presented by Edith Ngai 28 October 2003.
SECURITY SCHEMES FOR AMI Jincheol Kim et al. – Korea – Distribution business and impact of regulation – 0845 Jincheol Kim, Seongji Ahn, Youngeok Kim Jongman.
New Cryptographic Techniques for Active Networks Sandra Murphy Trusted Information Systems March 16, 1999.
1 Objective and Secure Reputation-Based Incentive Scheme for Ad-Hoc Networks Dapeng Oliver Wu Electrical and Computer Engineering University of Florida.
1 Membership Control in P2P and MANETs Nitesh Saxena, Gene Tsudik, Jeong H. Yi Computer Science Department University of California at Irvine {nitesh,
Rushing Attacks and Defense in Wireless Ad Hoc Network Routing Protocols ► Acts as denial of service by disrupting the flow of data between a source and.
Security in Ad Hoc Networks. What is an Ad hoc network? “…a collection of wireless mobile hosts forming a temporary network without the aid of any established.
© 2007 Levente Buttyán and Jean-Pierre Hubaux Security and Cooperation in Wireless Networks Chapter 4: Naming and addressing.
Security in Mobile Ad Hoc Networks: Challenges and Solutions (IEEE Wireless Communications 2004) Hao Yang, et al. October 10 th, 2006 Jinkyu Lee.
Security in Wireless Ad Hoc Networks. 2 Outline  wireless ad hoc networks  security challenges  research directions  two selected topics – rational.
By Ajith U Kamath Project
10/25/04 Security of Ad Hoc and Sensor Networks (SASN) 1/22 An Attack on the Proactive RSA Signature Scheme in the URSA Ad Hoc Network Access Control Protocol.
Security Issues in Distributed Sensor Networks Yi Sun Department of Computer Science and Electrical Engineering University of Maryland, Baltimore County.
Routing Security in Wireless Ad Hoc Networks Chris Zingraf, Charisse Scott, Eileen Hindmon.
Integrating Quality of Protection into Ad Hoc Routing Protocols Seung Yi, Prasad Naldurg, Robin Kravets University of Illinois at Urbana-Champaign.
 Attacks and threats  Security challenge & Solution  Communication Infrastructure  The CA hierarchy  Vehicular Public Key  Certificates.
Mobile Ad Hoc Networking By Shaena Price. What is it? Autonomous system of routers and hosts connected by wireless links Can work flawlessly in a standalone.
Security in Self-organizing Systems Refik Molva Institut EURECOM
Enforce Collaboration in Mobile Ad Hoc Network Ning Jiang School of EECS University of Central Florida
Presented by Edith Ngai MPhil Term 3 Presentation
Privacy Preservation and Protection Scheme over ALARM on Geographical routing B. Muthusenthil, S. Murugavalli Results The PPS is geographical routing protocol,
SCONCE: Secure Computing and Networking Center
Cross-layer Analysis for detecting Wireless Misbehavior
Presentation transcript:

SPLASH Sécurisation des ProtocoLes dans les réseAux mobileS ad Hoc 12 Décembre 2003 Refik Molva Institut EURECOM

MANET Security Requirements Wireless & Mobile Limited Energy Lack of physical security Ad Hoc Lack of(or limited) infrastructure Lack of a priori trust Cooperation Enforcement Secure Routing Key management [Recent security solutions for mobile ad hoc networks In “Ad Hoc Networks” IEEE Press - Wiley Ed]

Key Management Objectives Bootstrapping from scratch Fully distributed Minimum dependency

Key Management Approaches Symmetric crypto [Basagni et al.] (ID, PK) binding –Certificate = (ID,PK) CA Self-organized Authorities [Zhou, Haas] [Kong, et al.] [Yi, Kravets] [Lehane, et al.] Web of trust(PGP) [Hubaux, Buttyan, Capkun] –Certificate-less Crypto-based IDs: ID = h(PK) [Montenegro, Castellucia] [O’Shea, Roe] [Bobba, et al] ID-based Crypto: PK = f(ID) [Halili, Katz, Arbaugh] Context-dependent authentication –location-limited channels [Balfanz, et al.] –Shared passwords [Asokan, Ginzborg]   

Self-organized Admission Control Performance Comparison Centralized (simple signatures) –member gets t signatures from other members –Server grants GMC when t or more signatures are shown. Distributed (threshold signatures) –member gets “partial” certificates (m SKi ) from other members. –member combines t certificates to get a GMC GMC = m SK1 m SK2 m SK3.. m SKt = m SK  Threshold signatures are NOT suitable in MANET and sensor networks. C urrently investigating Bilinear mappings [Admission Control in Peer-to-Peer: Design and Performance Evaluation, ACM SASN Workshop, October 2003.] [On the Utility of Distributed Cryptography in P2P and MANETs, ICNP 2003.]

Feature Summary RSAASMTS-RSATS-DSA Dealer involved  Simultaneous on-line presence  Accountability  Unlinkability  Verifiable Secret Share NA 

Some Results Signature generation Signature verification

(ID, PK) binding without a PKI Crypto-Generated Addresses (CGA) Statistically Unique Cryptographically Verifiable IDs [Montenegro, Castellucia] [O’Shea, Roe] = prefix | h( prefix | PK ) Secure Routing using CGA: AODV [Castellucia, Montenegro] DSR [Bobba, et al] PROs: no certificates, no PKI CONs: generation of bogus IDs New: CGA based on the small primes variation of the Feige-Fiat- Shamir (MFFS) [Statistically Unique and Cryptographically Verifiable Addresses: concepts and applications. ACM TISSEC, Feb. 2004] [Protecting AODV against impersonation attacks, ACM MC2R, October 2002]

Cooperation Enforcement in MANET Routing and Packet Forwarding cost energy. Selfish node saves energy for itself Without any incentive for cooperation network performance can be severely degraded. [Michiardi, Molva, EW’02]

Cooperation enforcement mechanisms Token-based [Yang,Meng,Lu] Nuglets [Buttyan,Hubaux] SPRITE [Zhong, Chen, Yang ] CONFIDANT [Buchegger,Le Boudec] CORE [Michiardi,Molva] Beta-Reputation [Josang,Ismail] Reputation-based Threshold cryptography Micro-payment

CORE a b c d E f g h Packet forwarding Source Node: g Destination Node: f Route: Reputation(b)  Reputation(d)  Reputation(E)  Packet forwarding Source Node: a Destination Node: f Route: Reputation(E) 

Cooperation Enforcement Evaluation with Game Theory Cooperative GT –Study the size (k) of a coalition of cooperating nodes –Nash Equilibrium  lower bound on k Non-cooperative GT –Utility function with pricing –Pricing used to guide the operating point (i.e. maximum of utility function) to a fair position –r i : dynamic reputation of node n i evaluated by her neighbors [Michiardi,Molva,CMS’02, WiOpt’03] [Srinivasan,et al.,INFOCOM’03]

Simulations: CORE – uniform traffic

Simulations: TFT – uniform traffic

Simulations: CORE – random traffic

Simulations: TFT – random traffic

Non-cooperative GT with pricing

Summary Specific requirements –Self organized bootstrapping of security associations –Cooperation enforcement Prospects –New tools from crypto bag of tricks (Id-based crypto,...) –Integrated mechanisms: reputation + key management Participation in MOBILEMAN project on Ad Hoc Networks ESAS st European Workshop on Security in Ad-Hoc and Sensor Networks. (5.-6. August, 2004)

ESORICS 2004 – RAID 2004 September Institut EURECOM Sophia Antipolis - FRANCE

THANK YOU