1 Key Management in Mobile Ad Hoc Networks Presented by Edith Ngai Spring 2003.

Slides:

Advertisements

Similar presentations

Chris Karlof and David Wagner

Advertisements

Mitigating Routing Misbehavior in Mobile Ad-Hoc Networks Reference: Mitigating Routing Misbehavior in Mobile Ad Hoc Networks, Sergio Marti, T.J. Giuli,

By Md Emran Mazumder Ottawa University Student no:

Authors: Yanchao Zhang, Member, IEEE, Wei Liu, Wenjing Lou,Member, IEEE, and Yuguang Fang, Senior Member, IEEE Source: IEEE TRANSACTIONS ON DEPENDABLE.

Group Protocols for Secure Wireless Ad hoc Networks Srikanth Nannapaneni Sreechandu Kamisetty Swethana pagadala Aparna kasturi.

Maximum Battery Life Routing to Support Ubiquitous Mobile Computing in Wireless Ad Hoc Networks By C. K. Toh.

Efficient Public Key Infrastructure Implementation in Wireless Sensor Networks Wireless Communication and Sensor Computing, ICWCSC International.

TAODV: A Trusted AODV Routing Protocol for MANET Li Xiaoqi, GiGi March 22, 2004.

 Introduction  Benefits of VANET  Different types of attacks and threats  Requirements and challenges  Security Architecture  Vehicular PKI.

URSA: Providing Ubiquitous and Robust Security Support for MANET

PROVIDING ROBUST AND UBIQUITOUS SECURITY SUPPORT FOR MOBILE AD- HOC NETWORKS Georgios Georgiadis 6/5/2008.

Secure and Efficient Key Management in Mobile Ad Hoc Networks Bing Wu, Jie Wu, Eduardo B. Fernandez, Mohammad Ilyas, Spyros Magliveras Department of Computer.

1 Key Establishment in Ad Hoc Networks Part 1 of 2 S. Capkun, JP Hubaux.

An Authentication Service Based on Trust and Clustering in Wireless Ad Hoc Networks: Description and Security Evaluation Edith C.H. Ngai and Michael R.

SUMP: A Secure Unicast Messaging Protocol for Wireless Ad Hoc Sensor Networks Jeff Janies, Chin-Tser Huang, Nathan L. Johnson.

Dept. of Computer Science & Engineering, CUHK1 Trust- and Clustering-Based Authentication Services in Mobile Ad Hoc Networks Edith Ngai and Michael R.

Random Key Predistribution Schemes for Sensor Networks Authors: Haowen Chan, Adrian Perrig, Dawn Song Carnegie Mellon University Presented by: Johnny Flowers.

Trust Level Based Self-Organized Routing Protocol for Secure Ad Hoc Networks Li Xiaoqi, GiGi 12/3/2002.

An Authentication Service Against Dishonest Users in Mobile Ad Hoc Networks Edith Ngai, Michael R. Lyu, and Roland T. Chin IEEE Aerospace Conference, Big.

Trust-Level Based Authentication Services in Mobile Ad Hoc Networks MPhil Term 2 Presentation (Spring 2003) by Edith Ngai Advisor: Prof. Michael R. Lyu.

Kemal AkkayaWireless & Network Security 1 Department of Computer Science Southern Illinois University Carbondale CS 591 – Wireless & Network Security Lecture.

Routing Security in Ad Hoc Networks

Security & Efficiency in Ad- Hoc Routing Protocol with emphasis on Distance Vector and Link State. Ayo Fakolujo Wichita State University.

Security in Wireless Sensor Networks Perrig, Stankovic, Wagner Jason Buckingham CSCI 7143: Secure Sensor Networks August 31, 2004.

Public Key Distribution and X.509 Wade Trappe. Distribution of Public Keys There are several techniques proposed for the distribution of public keys:

1 A Novel Mechanism for Flooding Based Route Discovery in Ad hoc Networks Jian Li and Prasant Mohapatra Networks Lab, UC Davis.

1 Hidden Exponent RSA and Efficient Key Distribution author: He Ge Cryptology ePrint Archive 2005/325 PDFPDF 報告人：陳昱升.

Address Auto-configuration in Mobile Ad Hoc Networks Current Approaches and Future Directions Date ： 2005 / 1 / 20 Speaker ： Xu Jia-Hao Advisor ： Ke Kai-Wei.

MOCA : Mobile Certificate Authority for Wireless Ad Hoc Networks The 2nd Annual PKI Research Workshop (PKI 2003) Seung Yi, Robin Kravets September. 25,

Smartening the Environment using Wireless Sensor Networks in a Developing Country Presented By: Al-Sakib Khan Pathan SECRET: A Secure and Efficient Certificate.

Effect of Intrusion Detection on Reliability Jin-Hee Cho, Member, IEEE, Ing-Ray Chen, Member, IEEE, and Phu-Gui Feng IEEE TRANSACTIONS ON RELIABILITY,

Brian Padalino Sammy Lin Arnold Perez Helen Chen

Copyright © 2006, Dr. Carlos Cordeiro and Prof. Dharma P. Agrawal, All rights reserved. 1 Carlos Cordeiro Philips Research North America Briarcliff Manor,

MOBILE AD-HOC NETWORK(MANET) SECURITY VAMSI KRISHNA KANURI NAGA SWETHA DASARI RESHMA ARAVAPALLI.

1 / 18 Fariba alamshahi Secure Routing and Intrusion Detection in Ad Hoc Networks Supervisor: Mr.zaker Translator: fariba alamshahi.

Ad Hoc Networks Curtis Bolser Miguel Turner Kiel Murray.

An efficient secure distributed anonymous routing protocol for mobile and wireless ad hoc networks Authors: A. Boukerche, K. El-Khatib, L. Xu, L. Korba.

Denial of Service (DoS) Attacks in Green Mobile Ad–hoc Networks Ashok M.Kanthe*, Dina Simunic**and Marijan Djurek*** MIPRO 2012, May 21-25,2012, Opatija,

1 Secure Ad-Hoc Network Eunjin Jung

Security in Mobile Ad Hoc Networks (MANETs) Group : ►NS. Farid Zafar Sheikh ►NS. Muhammad Zulkifl Khalid ►NS. Muhammad Ali Akbar ►NS. Wasif Mehmood Awan.

Key Management in Mobile and Sensor Networks Class 17.

Terminodes and Sybil: Public-key management in MANET Dave MacCallum (Brendon Stanton) Apr. 9, 2004.

Shambhu Upadhyaya 1 Ad Hoc Networks Routing Security Shambhu Upadhyaya Wireless Network Security CSE 566 (Lecture 19)

02/22/2005 Joint Seminer Satoshi Koga Information Technology & Security Lab. Kyushu Univ. A Distributed Online Certificate Status Protocol with Low Communication.

Trust- and Clustering-Based Authentication Service in Mobile Ad Hoc Networks Presented by Edith Ngai 28 October 2003.

Group Rekeying for Filtering False Data in Sensor Networks: A Predistribution and Local Collaboration-Based Approach Wensheng Zhang and Guohong Cao.

Yu-Li Lin and Chien-Lung Hsu Department of Information Management, Chang-Gung University Information Science(SCI) Reporter: Tzer-Long Chen.

DDR-based Multicast routing Protocol with Dynamic Core (DMPDC) Shiyi WU, Navid Nikaein, Christian BONNET Mobile Communications Department EURECOM Institute,

Secure Routing in Wireless Sensor Networks: Attacks and Countermeasures Chris Karlof and David Wagner (modified by Sarjana Singh)

Rushing Attacks and Defense in Wireless Ad Hoc Network Routing Protocols ► Acts as denial of service by disrupting the flow of data between a source and.

WIRELESS AD-HOC NETWORKS Dr. Razi Iqbal Lecture 6.

Two-tier authentication for cluster and individual sets in mobile ad hoc networks Authors: Yuh-Ren Tsai and Shiuh-Jeng Wang Sources: Computer Networks,

Secure and efficient key management in mobile ad hoc networks Authors: Bing Wu, Jie Wu, Eduardo B. Fernandez, Mohammad Ilyas, and Spyros Magliveras Sources:

Security in Wireless Ad Hoc Networks. 2 Outline  wireless ad hoc networks  security challenges  research directions  two selected topics – rational.

Shambhu Upadhyaya 1 Ad Hoc Networks – Network Access Control Shambhu Upadhyaya Wireless Network Security CSE 566 (Lecture 20)

Fall, Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Cryptographic Security Identity-Based Encryption.

Performance of Adaptive Beam Nulling in Multihop Ad Hoc Networks Under Jamming Suman Bhunia, Vahid Behzadan, Paulo Alexandre Regis, Shamik Sengupta.

Routing Security in Wireless Ad Hoc Networks Chris Zingraf, Charisse Scott, Eileen Hindmon.

Communication in heterogeneous ad hoc grid Shan Natarajan.

1 An Ordered Multi-Proxy Multi-Signature Scheme Authors: Min-Shiang Hwang, Shiang-Feng Tzeng, Shu-Fen Chiou Speaker: Shu-Fen Chiou.

A Bandwidth Scheduling Algorithm Based on Minimum Interference Traffic in Mesh Mode Xu-Yajing, Li-ZhiTao, Zhong-XiuFang and Xu-HuiMin International Conference.

1 Routing security against Threat models CSCI 5931 Wireless & Sensor Networks CSCI 5931 Wireless & Sensor Networks Darshan Chipade.

1 Self-Certified Group Key-Generation for Ad Hoc Clusters in Wireless Sensor Networks Ortal Arazi, Hairong Qi Dept. Electrical & Computer Engineering The.

VEHICULAR AD HOC NETWORKS GAURAV KORDE KAPIL SHARMA.

 Attacks and threats  Security challenge & Solution  Communication Infrastructure  The CA hierarchy  Vehicular Public Key  Certificates.

Dept. of Computer Science & Engineering, CUHK1 Trust- and Clustering-Based Authentication Service in Mobile Ad Hoc Networks Presented by Edith Ngai Supervised.

Mobile Ad Hoc Networking By Shaena Price. What is it? Autonomous system of routers and hosts connected by wireless links Can work flawlessly in a standalone.

Presented by Edith Ngai MPhil Term 3 Presentation

Recommendation Based Trust Model with an Effective Defense Scheme for ManetS Adeela Huma 02/02/2017.

Routing protocols in Mobile Ad Hoc Network

Presentation transcript:

1 Key Management in Mobile Ad Hoc Networks Presented by Edith Ngai Spring 2003

2 Outline Introduction Ad hoc network security Key management in ad hoc networks Fully distributed CA Trust-based and dynamic fully distributed CA Future work Conclusion

3 Introduction An ad hoc network is a collection of nodes that do not need to rely on predefined infrastructure to keep the network connected. Nodes of ad hoc networks are often mobile, apply wireless communication MANET (mobile ad hoc network) Applications Personal area networks Collaborative networks Military communications Sensor networks Disaster area networks

4 Characteristics Dynamic network topology Limited physical security Limited bandwidth Energy constrained nodes Natures of ad hoc networks makes them vulnerable to security attacks Passive eavesdropping Denial of service attacks by malicious nodes Attacks from compromised entities or stolen devices

5 Security – w ired network vs Ad hoc network Wired network Adversary must gain physical access to wired link Adversary has to sneak through security holes at firewalls or routers Ad hoc network Infrastructureless network does not have a clear line of defense Wireless attacks may come from all directions Every node must be prepared to encounter with an adversary

6 Key management in ad hoc networks Security in networking is in many cases dependent on proper key management A centralized approach in key management may not be available Centralized approaches are vulnerable as single point of failures Distributed approach is used Partially distributed certificate authority Fully distributed certificate authority

7 It uses a (k,n) threshold scheme to distribute an RSA certificate signing key to all nodes in the network Any operation requiring the CA’s private key SK CA can only be performed by a coalition of k or more nodes Certificate renewal and revocation Share initialization for incorporating joining nodes into the CA

8 Fully distributed certificate authority Polynomial secret sharing f(x) = SK + f 1 x + … + f k-1 x k-1 is the secret polynomial, where SK is the certificate signing key, PK is the certificate verification key assumed to be well-known Each node holds a polynomial share Pv i = f(v i ) mod N Node v i firstly chooses a coalition of k nodes from its neighborhood.

9 Fully distributed certificate authority Let the coalition be B={v 1, v 2, …, v k },vi broadcast the certificate renewal request The node vj returns a partial certificate CERTvj: Node vi then converts each of them according to the IDs of these k responding nodes: vi then combine the certificates received: By k-bounded coalition offsetting algorithm, vi can recovers its new certificate CERT

10 Fully distributed certificate authority An initialized node is defined as the node that possesses a valid polynomial share of SK The initialized nodes collaborately initialize the other nodes When vi requests for initialization, each vj can calculate its partial share by: By Lagrange interpolation, vi can obtain its partial secret key:

11 Trust-based and dynamic fully distributed CA Different assumptions Each node maintains a trust value to its neighbours. Each node holds c partial secret keys, instead of one in the old model Each node signs out different number of partial certificates according to the trust level of the requesting node.

12 Trust-based and dynamic fully distributed CA Trust model The trust value from node vj to node vi represent the different levels of trust that node vj towards node vi according to vj’s observation on the behaviour of node vi at that moment. There is a number of trust models proposed in the past. Our system can work with different trust models, no matter with continues or discrete, and different ranges of trust values.

13 Trust-based and dynamic fully distributed CA Each node holds a number of partial keys that can be used to sign certificates for its neighbours. We define c be the number of partial keys that a node holds. Each node has its unique ID, and this node ID will be used to generate the unique partial key IDs that the node holds. Node IDPartial Key IDs 1 1, 2, …, c 2 c+1, c+2, …, 2c 3 2c+1, 2c+2, …, 3c …… k (k-1)*c+1, (k-1)*c+2, …, k*c …… n (n-1)*c+1, (n-1)*c+2, …, n*c

14 Trust-based and dynamic fully distributed CA A node vi broadcasts its request for certificate renewal among its neighbourhood. A neighbouring node vj receives the request will return a number of its partial certificates according to the trust value it gives to vi. Define range of trust value is [w1, w2]. It should be noted that the smaller the trust value represents the less trust from vj to vi; and vice versa. Let x be the trust value that vj towards vi, (no. of partial certificates vj sends vi) nj =

15 Trust-based and dynamic fully distributed CA Upon receiving at least k such partial certificates, node vi picks k to form the coalition B. Suppose, vi chooses {CERT a1, CERT a2, …, CERT ak }, where a 1, a 2, …, a k are the IDs of the k partial keys. CERT’ aj = (CERT aj ) Laj(0) mod N, where vi then multiples {CERT a1, CERT a2, …, CERT ak } together to generate the candidate certificate CERT’: CERT’ = mod N Then, vi can employ the k-bounded coalition offsetting algorithm to recover its new certificate CERT.

16 Trust-based and dynamic fully distributed CA The threshold k originally represents the number of neighbors required, now is dynamic base on the trust of the requesting node In our system, a node vi may not need k neighbors to sign a certificate if it has high trust value Nodes can sign certificate according to a quantitative trust value with our system RequesterResponders K partial certificates Request Send 2 partial certificates in one unicast

17 Future Work Design the algorithm and protocol for initialization of incorporating joining nodes in the trust-based and dynamic fully distributed CA Consider the number of partial keys per node to be also dynamic Do performance evaluation on the proposed algorithm and protocol Increase the performance of the current design

18 Conclusion We studied the current security issues in ad hoc networks We reviewed the key management techniques in ad hoc networks We proposed a system of trust-based and dynamic fully distributed CA We designed algorithm and protocol for certificate renewal or revocation in our system