1 A few challenges in security & privacy in the context of ubiquitous computing Gene Tsudik SCONCE: Secure Computing and Networking Center UC Irvine

Slides:



Advertisements
Similar presentations
ACHIEVING NETWORK LEVEL PRIVACY IN WIRELESS SENSOR NETWORKS.
Advertisements

Chris Karlof and David Wagner
SPLASH Project INRIA-Eurecom-UC Irvine November 2006.
GRS: The Green, Reliability, and Security of Emerging Machine to Machine Communications Rongxing Lu, Xu Li, Xiaohui Liang, Xuemin (Sherman) Shen, and Xiaodong.
Optionally Identifiable Private Handshakes Yanjiang Yang.
Efficient Public Key Infrastructure Implementation in Wireless Sensor Networks Wireless Communication and Sensor Computing, ICWCSC International.
 Introduction  Benefits of VANET  Different types of attacks and threats  Requirements and challenges  Security Architecture  Vehicular PKI.
Claudia Diaz, Hannelore Dekeyser, Markulf Kohlweiss, Girma Nigusse K.U.Leuven IDIS Workshop 29/05/2008 [Work done in the context of the ADAPID project]
CSE 6590 Department of Computer Science & Engineering York University 1 Introduction to Wireless Ad-hoc Networking 5/4/2015 2:17 PM.
Lect. 18: Cryptographic Protocols. 2 1.Cryptographic Protocols 2.Special Signatures 3.Secret Sharing and Threshold Cryptography 4.Zero-knowledge Proofs.
URSA: Providing Ubiquitous and Robust Security Support for MANET
SUBJECTIVE LOGIC BASED PROBABILISTIC KEY MANAGEMENT FOR MANETS Mahdieh Ahmadi Performance and Dependability Laboratory Sharif University of Technology.
Computer Science Dr. Peng NingCSC 774 Adv. Net. Security1 CSC 774 Advanced Network Security Topic 7. Wireless Sensor Network Security.
IAW 2006 Cascaded Authorization with Anonymous- Signer Aggregate Signatures Danfeng Yao Department of Computer Science Brown University Joint work with.
Secret Handshakes from CA-Oblivious Encryption Asiacrypt 2004, Jeju-do, Korea Claude Castelluccia, Stanisław Jarecki, Gene Tsudik UC Irvine.
SPLASH Project INRIA-Eurecom-UC Irvine November 2006.
Multicasting in Mobile Ad-Hoc Networks (MANET)
A Pairwise Key Pre-Distribution Scheme for Wireless Sensor Networks Wenliang (Kevin) Du, Jing Deng, Yunghsiang S. Han and Pramod K. Varshney Department.
Lect. 11: Public Key Cryptography. 2 Contents 1.Introduction to PKC 2.Hard problems  IFP  DLP 3.Public Key Encryptions  RSA  ElGamal 4.Digital Signatures.
CMSC 414 Computer (and Network) Security Lecture 2 Jonathan Katz.
Random Key Predistribution Schemes for Sensor Networks Authors: Haowen Chan, Adrian Perrig, Dawn Song Carnegie Mellon University Presented by: Johnny Flowers.
A Survey on Sensor Networks Rick Han CSCI 7143 Secure Sensor Networks Fall 2004.
Unlinkable Secret Handshakes and Key-Private Group Key Management Schemes Author: Stanislaw Jarecki and Xiaomin Liu University of California, Irvine From:
1 Hidden Exponent RSA and Efficient Key Distribution author: He Ge Cryptology ePrint Archive 2005/325 PDFPDF 報告人:陳昱升.
Wireless Sensor Network Security Anuj Nagar CS 590.
Security Considerations for Wireless Sensor Networks Prabal Dutta (614) Security Considerations for Wireless Sensor Networks.
Brian Padalino Sammy Lin Arnold Perez Helen Chen
Seminar on Internetworking: Routing - from baseline to state-of-the-art Topic proposals Zheng Yan Nokia Research Center
30/04/2004Gene Tsudik, UCLA CSD Research Review1 Some Security Issues & Challenges in MANETs and Sensor Nets Gene Tsudik SCONCE: Secure Computing and Networking.
Overview of Privacy Preserving Techniques.  This is a high-level summary of the state-of-the-art privacy preserving techniques and research areas  Focus.
1 / 18 Fariba alamshahi Secure Routing and Intrusion Detection in Ad Hoc Networks Supervisor: Mr.zaker Translator: fariba alamshahi.
KAIS T Decentralized key generation scheme for cellular-based heterogeneous wireless ad hoc networks 임 형 인 Ananya Gupta, Anindo Mukherjee, Bin.
1 Secure Ad-Hoc Network Eunjin Jung
Security for the Optimized Link- State Routing Protocol for Wireless Ad Hoc Networks Stephen Asherson Computer Science MSc Student DNA Lab 1.
IDRM: Inter-Domain Routing Protocol for Mobile Ad Hoc Networks C.-K. Chau, J. Crowcroft, K.-W. Lee, S. H.Y. Wong.
Key Management in Mobile and Sensor Networks Class 17.
1 ? Admission Control in Peer Groups Gene Tsudik, School of ICS, UC Irvine Yongdae Kim, CS Dept., U. of Minnesota Peer Groups:
KAIS T Security architecture in a multi-hop mesh network Conference in France, Presented by JooBeom Yun.
Privacy-Preserving Trust Negotiations* Mikhail Atallah CERIAS and Department of Computer Sciences Purdue University * Joint work with Keith Frikken and.
1 Membership Control in P2P and MANETs Nitesh Saxena, Gene Tsudik, Jeong H. Yi Computer Science Department University of California at Irvine {nitesh,
A security framework combining access control and trust management for mobile e-commerce applications Gregor v.Bochmann, Zhen Zhang, Carlisle Adams School.
Secure Routing in Wireless Sensor Networks: Attacks and Countermeasures Chris Karlof and David Wagner (modified by Sarjana Singh)
Rushing Attacks and Defense in Wireless Ad Hoc Network Routing Protocols ► Acts as denial of service by disrupting the flow of data between a source and.
Taiming Feng, Chuang wang, Wensheng Zhang and Lu Ruan INFOCOM 2008 Presented by Mary Nader.
A Two-Layer Key Establishment Scheme for Wireless Sensor Networks Yun Zhou, Student Member, IEEE, Yuguang Fang, Senior Member, IEEE IEEE TRANSACTIONS ON.
WISTP’08 ©LAM /05/2008 A Self-Certified and Sybil-Free Framework for Secure Digital Identity Domain Buildup Christer Andersson Markulf Kohlweiss.
Security in Mobile Ad Hoc Networks: Challenges and Solutions (IEEE Wireless Communications 2004) Hao Yang, et al. October 10 th, 2006 Jinkyu Lee.
Pairing Based Cryptography Standards Terence Spies VP Engineering Voltage Security
Security in Wireless Ad Hoc Networks. 2 Outline  wireless ad hoc networks  security challenges  research directions  two selected topics – rational.
An Improved Efficient Secret Handshakes Scheme with Unlinkability Author: Jie Gu and Zhi Xue Source: IEEE Comm. Letters 15 (2) (2011) Presenter: Yu-Chi.
Security Patterns for Web Services 02/03/05 Nelly A. Delessy.
10/25/04 Security of Ad Hoc and Sensor Networks (SASN) 1/22 An Attack on the Proactive RSA Signature Scheme in the URSA Ad Hoc Network Access Control Protocol.
Security Issues in Distributed Sensor Networks Yi Sun Department of Computer Science and Electrical Engineering University of Maryland, Baltimore County.
Research Overview Nitesh Saxena Research areas: computer and network security, applied cryptography.
Computer Science and Engineering 1 Mobile Computing and Security.
Mobile Systems Availability Integrity and Confidentiality MoSAIC M.O.Killijian, D.Powell, M.Banâtre, P.Couderc, Y.Roudier LAAS-CNRS - IRISA- Eurécom.
June All Hands Meeting Security in Sensor Networks Tanya Roosta Chris Karlof Professor S. Sastry.
Security Review Q&A Session May 1. Outline  Class 1 Security Overview  Class 2 Security Introduction  Class 3 Advanced Security Constructions  Class.
Challenges of Mobile ad-hoc Grids and their Applications in e-Healthcare Zhuoqun Li, Lingfen Sun and Emmanuel C. Ifeachor School of Computing, Communications.
多媒體網路安全實驗室 A Secure Privacy-Preserving Roaming Protocol Based on Hierarchical Identity-Based Encryption for mobile Networks 作者 :Zhiguo Wan,Kui Ren,Bart.
Security of the Internet of Things: perspectives and challenges
Database Management Systems, 3ed, R. Ramakrishnan and J. Gehrke1 Database architecture and security Workshop 4.
1 Secret Handshakes or Privacy-Preserving Interactive Authentication Gene Tsudik University of California, Irvine joint work with: Claude Castelluccia,
Further Simplifications in Proactive RSA Signatures
Some Issues in MANET, Wireless & Cellular Security/Privacy
SRDP: Securing Route Discovery in DSR
Privacy Preservation and Protection Scheme over ALARM on Geographical routing B. Muthusenthil, S. Murugavalli Results The PPS is geographical routing protocol,
SCONCE: Secure Computing and Networking Center
Afzal Hussain Mohammad and Abdul Ahad Yahiya Mohammed
Outline A. Perrig, R. Szewczyk, V. Wen, D. Culler, and J. D. Tygar. SPINS: Security protocols for sensor networks. In Proceedings of MOBICOM, 2001 Sensor.
Presentation transcript:

1 A few challenges in security & privacy in the context of ubiquitous computing Gene Tsudik SCONCE: Secure Computing and Networking Center UC Irvine 06/13/2005

2 Some Challenges Location privacy, network unobservability and location verification Distributed decision-making in MANETs Privacy-preserving authentication and authorization Secure data and tag aggregation Device pairing with varying degrees of human intervention

3 Objective: A set of practical, robust and secure techniques for distributed decision-making in multi-hop MANETs. Employ (and design) state-of-the-art (threshold and proactive) cryptographic methods to construct protocols for distributed admission and eviction of nodes in a MANET. Implement in a general-purpose toolkit & integrate with sample applications; experiment with limited deployment scenarios. Secure Membership Control in MANETs Technical Approach: Architecture: consider security needs of various applications. Short-lived versus long-lived MANETs/groups Interaction with outside: closed vs open groups Is non-repudiation needed? Is communication pair-wise or group-wise? RSA doesn’t work DSA, Schnorr, ID-based techniques for long-lived groups Bivariate polynomial secret sharing for short-lived groups Why is Membership Control Hard?  No omni-present centralized/trusted authority  Dynamic topology  Sporadic connectivity  Frequent outages/failures  New nodes can “appear” at any time, esp. in a battlefield setting  Trust in nodes is ephemeral, e.g., captured nodes/units must be evicted from network Membership control is the foundation of all security features/services in a MANET

4 Some Recent Results: An Attack on the Proactive RSA Signature Scheme in the URSA Ad Hoc Network Access Control Protocol, Stanislaw Jarecki, Nitesh Saxena and Jeong H. Yi, ACM Workshop on Security of Ad Hoc and Sensor Networks (SASN), October Identity-based Access Control for Ad Hoc Groups, Nitesh Saxena, Gene Tsudik and Jeong H. Yi, International Conference on Information Security and Cryptology (ICISC), December Futher Simplifications in Proactive RSA Signature Schemes, Stanislaw Jarecki and Nitesh Saxena, Theory of Cryptography Conference (TCC), February Efficient Node Admission for Short-Lived MANETs Nitesh Saxena, Gene Tsudik and Jeong H. Yi, in submission.

5 Privacy-preserving Authentication and Authorization A few basic concepts: Oblivious Envelopes –Alice is an informant, has secret info for police –Bob claims to be a cop, doesn’t want to show his credentials –See, e.g., Li, et al. PODC’03 Secret Handshakes –Alice wants to talk to Bob iff Bob is a CIA agent –Bob wants to talk to Alice iff Alice is a CIA agent –Must be unobservable to others, anonymous, unlinkable –Generalizable to groups? –See, e.g., Balfanz, et al. S&P’03, Castelluccia, et al. AC’04 Privacy-Preserving Trust Negotiation (Hidden Credentials) –Alice wants to access one of Bob’s resources –Bob doesn’t want to divulge his access control policies –More generally, Alice has many credentials; doesn’t want Bob to know them; as long as at least one satisfies one of Bob’s policies –See, e.g., Bradshaw et al. CCS’04

6 Secure Data and Tag Aggregation Data Aggregation: how to reduce bw if only interested in statistical values? –E.g., in sensor nets and MANETs Tag Aggregation: how to reduce bw consumed by multiple MACs, signatures, etc? –E.g., in reliable multicast, sensor nets, MANET routing, etc. Aggregated MACs are easy, but… Aggregated signatures by same signer are cheap (e.g., RSA) Aggregated signatures by different signers are viable but expensive (e.g., BLS ID/pairing-based) Some require partial interaction, e.g., Schnorr-based ASM

7 Some Recent Results: Securing Route Discovery in DSR. Jihye Kim and Gene Tsudik IEEE Mobiquitous, July Secure and Robust Acknowledgement Aggregation Claude Castelluccia, Stas Jarecki and Gene Tsudik Security in Computer Networks (SCN). September Aggregation of Encrypted Data in WSNs Claude Castelluccia, Einar Mykletun and Gene Tsudik IEEE Mobiquitous July Authentication and Integrity for Outsourced Data Maithili Narasimha, Einar Mykletun and Gene Tsudik Network and Distributed System Security (NDSS) February 2004.

8 Secure Device Pairing Two devices must be securely paired on-the-fly No prior association No specialized connection No common PKI  authentication irrelevant Involving human as an aid –E.g., “Seeing-is-believing” (S&P’05) or “Shake-them-up” (Mobihoc’05) What if we want to pair more than 2 devices?

9 The end…