1 Laboratory for Computer Communications and Application (LCA) Swiss Federal Institute of Technology (EPFL) Srdjan Čapkun joint work with Jean-Pierre Hubaux.

Slides:

Advertisements

Similar presentations

1 Security for Ad Hoc Network Routing. 2 Ad Hoc Networks Properties Mobile Wireless communication Medium to high bandwidth High variability of connection.

Advertisements

Internet Protocol Security (IP Sec)

Secure Location Verification with Hidden and Mobile Base Stations -TMC Apr, 2008 Srdjan Capkun, Kasper Bonne Rasmussen, Mario Cagalj, Mani Srivastava.

Self-Organized Anonymous Authentication in Mobile Ad Hoc Networks Julien Freudiger, Maxim Raya and Jean-Pierre Hubaux SECURECOMM, 2009.

IPv6 Multihoming Support in the Mobile Internet Presented by Paul Swenson CMSC 681, Fall 2007 Article by M. Bagnulo et. al. and published in the October.

Stimulation for Cooperation in Ad Hoc Networks: Beyond Nuglets Levente Buttyán, Jean-Pierre Hubaux, and Naouel Ben Salem Swiss Federal Institute of Technology.

Efficient Public Key Infrastructure Implementation in Wireless Sensor Networks Wireless Communication and Sensor Computing, ICWCSC International.

Topic 8: Secure communication in mobile devices. Choice of secure communication protocols, leveraging SSL for remote authentication and using HTTPS for.

How to Design Wireless Security Mechanisms Manel Guerrero Zapata Mobile Networks Laboratory Nokia Research Center.

 Introduction  Benefits of VANET  Different types of attacks and threats  Requirements and challenges  Security Architecture  Vehicular PKI.

A Survey of Secure Wireless Ad Hoc Routing

Hubaux Ne X tworking’03 June 23-25,2003, Chania, Crete, Greece The First COST-IST(EU)-NSF(USA) Workshop on EXCHANGES & TRENDS IN N ETWORKING 1 Self-organization.

David B. Johnson Rice University Department of Computer Science DSR Status Update Monarch Project 55th.

Lect. 18: Cryptographic Protocols. 2 1.Cryptographic Protocols 2.Special Signatures 3.Secret Sharing and Threshold Cryptography 4.Zero-knowledge Proofs.

Security Improvement for Ad Hoc Wireless Network Visal Kith ECE /05/2006.

© 2007 Levente Buttyán and Jean-Pierre Hubaux Security and Cooperation in Wireless Networks Chapter 5: Establishment of security.

1 Security in Wireless Sensor Networks Group Meeting Fall 2004 Presented by Edith Ngai.

1 Key Establishment in Ad Hoc Networks Part 1 of 2 S. Capkun, JP Hubaux.

Secure Routing and Intrusion Detection For Mobile Ad Hoc Networks Secure Routing and Intrusion Detection For Mobile Ad Hoc Networks Anand Patwardhan Jim.

SPLASH Sécurisation des ProtocoLes dans les réseAux mobileS ad Hoc 12 Décembre 2003 Refik Molva Institut EURECOM.

1 SOWER: Self-Organizing Wireless Network for Messaging Márk Félegyházi {mark.felegyhazi, srdan.capkun, Srdjan Čapkun Jean-Pierre.

Secure Data Communication in Mobile Ad Hoc Networks Authors: Panagiotis Papadimitratos and Zygmunt J Haas Presented by Sarah Casey Authors: Panagiotis.

An Authentication Service Based on Trust and Clustering in Wireless Ad Hoc Networks: Description and Security Evaluation Edith C.H. Ngai and Michael R.

Security in Ad Hoc Networks Steluta Gheorghiu Universitat Politecnica de Catalunya Departament d’Arquitectura de Computadors.

Dept. of Computer Science & Engineering, CUHK1 Trust- and Clustering-Based Authentication Services in Mobile Ad Hoc Networks Edith Ngai and Michael R.

Cooperation between Nodes in Multi-Hop Wireless Networks Jean-Pierre Hubaux 1 Joint work with Naouel Ben Salem 1, Levente Buttyan 2, Srdjan Čapkun 1, Mark.

Random Key Predistribution Schemes for Sensor Networks Authors: Haowen Chan, Adrian Perrig, Dawn Song Carnegie Mellon University Presented by: Johnny Flowers.

8-1 What is network security? Confidentiality: only sender, intended receiver should “understand” message contents m sender encrypts message m receiver.

An Authentication Service Against Dishonest Users in Mobile Ad Hoc Networks Edith Ngai, Michael R. Lyu, and Roland T. Chin IEEE Aerospace Conference, Big.

Kemal AkkayaWireless & Network Security 1 Department of Computer Science Southern Illinois University Carbondale CS 591 – Wireless & Network Security Lecture.

1 Jean-Pierre Hubaux EPFL/School of Information and Communication Secure Mobility.

Security Risks for Ad Hoc Networks and how they can be alleviated By: Jones Olaiya Ogunduyilemi Supervisor: Jens Christian Godskesen © Dec

1 CS 194: Distributed Systems Security Scott Shenker and Ion Stoica Computer Science Division Department of Electrical Engineering and Computer Sciences.

Seeing-Is-Believing: Using Camera Phones for Human- Verifiable Authentication Jonathan M. McCune Adrian Perrig Michael K. Reiter Carnegie Mellon University.

Chapter 10: Authentication Guide to Computer Network Security.

Overview of Security Research in Ad Hoc Networks Melanie Agnew John Folkerts Cory Virok.

Brian Padalino Sammy Lin Arnold Perez Helen Chen

Copyright © 2006, Dr. Carlos Cordeiro and Prof. Dharma P. Agrawal, All rights reserved. 1 Carlos Cordeiro Philips Research North America Briarcliff Manor,

MOBILE AD-HOC NETWORK(MANET) SECURITY VAMSI KRISHNA KANURI NAGA SWETHA DASARI RESHMA ARAVAPALLI.

1 / 18 Fariba alamshahi Secure Routing and Intrusion Detection in Ad Hoc Networks Supervisor: Mr.zaker Translator: fariba alamshahi.

© 2007 Levente Buttyán Security and Privacy in Upcoming Wireless Networks Key establishment in ad hoc networks exploiting - physical contact; - mobility.

Implementation and Evaluation of Certificate Revocation List Distribution for Vehicular Ad-hoc Networks Petra Ardelean Advisor: Panos Papadimitratos.

GROUP N Charles Barrasso Carter May Chih-Yu (Joey) Tang.

Ad Hoc Networks Curtis Bolser Miguel Turner Kiel Murray.

1 Secure Ad-Hoc Network Eunjin Jung

Using Directional Antennas to Prevent Wormhole Attacks Lingxuan HuDavid Evans Department of Computer Science University of Virginia.

Key Management in Mobile and Sensor Networks Class 17.

Integrity-regions: Authentication Through Presence in Wireless Networks Srdjan Čapkun 1 and Mario Čagalj 2 1 Department of Computer Science, ETH Zurich.

Shambhu Upadhyaya 1 Ad Hoc Networks Routing Security Shambhu Upadhyaya Wireless Network Security CSE 566 (Lecture 19)

Practices in Security Bruhadeshwar Bezawada. Key Management Set of techniques and procedures supporting the establishment and maintenance of keying relationships.

KAIS T Security architecture in a multi-hop mesh network Conference in France, Presented by JooBeom Yun.

Trust- and Clustering-Based Authentication Service in Mobile Ad Hoc Networks Presented by Edith Ngai 28 October 2003.

SECURITY SCHEMES FOR AMI Jincheol Kim et al. – Korea – Distribution business and impact of regulation – 0845 Jincheol Kim, Seongji Ahn, Youngeok Kim Jongman.

1 Objective and Secure Reputation-Based Incentive Scheme for Ad-Hoc Networks Dapeng Oliver Wu Electrical and Computer Engineering University of Florida.

Rushing Attacks and Defense in Wireless Ad Hoc Network Routing Protocols ► Acts as denial of service by disrupting the flow of data between a source and.

A Membership Management Protocol for Mobile P2P Networks Mohamed Karim SBAI, Emna SALHI, Chadi BARAKAT.

Security in Mobile Ad Hoc Networks: Challenges and Solutions (IEEE Wireless Communications 2004) Hao Yang, et al. October 10 th, 2006 Jinkyu Lee.

Security in Wireless Ad Hoc Networks. 2 Outline  wireless ad hoc networks  security challenges  research directions  two selected topics – rational.

Security Issues in Distributed Sensor Networks Yi Sun Department of Computer Science and Electrical Engineering University of Maryland, Baltimore County.

Seeing-Is-Believing: Using Camera Phones for Human-Verifiable Authentication McCune, J.M., Perrig, A., Reiter, M.K IEEE Symposium on Security and.

Using Public Key Cryptography Key management and public key infrastructures.

Lecture 11 Overview. Digital Signature Properties CS 450/650 Lecture 11: Digital Signatures 2 Unforgeable: Only the signer can produce his/her signature.

A Mechanism for Communication- Efficient Broadcast Encryption over Wireless Ad Hoc Networks Johns Hopkins University Department of Computer Science Reza.

Lecture 9 Overview. Digital Signature Properties CS 450/650 Lecture 9: Digital Signatures 2 Unforgeable: Only the signer can produce his/her signature.

Security Review Q&A Session May 1. Outline  Class 1 Security Overview  Class 2 Security Introduction  Class 3 Advanced Security Constructions  Class.

1 Self-Certified Group Key-Generation for Ad Hoc Clusters in Wireless Sensor Networks Ortal Arazi, Hairong Qi Dept. Electrical & Computer Engineering The.

 Attacks and threats  Security challenge & Solution  Communication Infrastructure  The CA hierarchy  Vehicular Public Key  Certificates.

Dept. of Computer Science & Engineering, CUHK1 Trust- and Clustering-Based Authentication Service in Mobile Ad Hoc Networks Presented by Edith Ngai Supervised.

SYNERGY: A Game-Theoretical Approach for Cooperative Key Generation in Wireless Networks Jingchao Sun, Xu Chen, Jinxue Zhang, Yanchao Zhang, and Junshan.

Presented by Edith Ngai MPhil Term 3 Presentation

Presentation transcript:

1 Laboratory for Computer Communications and Application (LCA) Swiss Federal Institute of Technology (EPFL) Srdjan Čapkun joint work with Jean-Pierre Hubaux and Levente Buttyàn + {srdan.capkun, Mobility Helps Security in Ad Hoc Networks + Now with Laboratory of Cryptography and Systems Security (CrySyS) Department of Telecommunications Budapest University of Technology and Economics

2 Does mobility increase or reduce security ? Mobility is usually perceived as a major security challenge Wireless communications Unpredictable location of the user/node Sporadic availability of the user/node Higher vulnerability of the device Reduced computing capability of the devices However, very often, people gather and move to increase security Face to face meetings Transport of assets and documents Authentication by physical presence - In spite of the popularity of PDAs and mobile phones, this mobility has not been exploited to provide digital security - So far, client-server security has been considered as a priority (e-business) - Peer-to-peer security is still in its infancy

3 Two scenarios - Mobile ad hoc networks with a central authority - off-line or on-line authority - nodes or authorities generate keys - authorities certify keys and node ids - authorities control network security settings and membership - Fully self-organized mobile ad hoc networks - no central authority (not even in the initialization phase !) - each user/node generates its own keys and negotiates keys with other users - membership and security controlled by users themselves trust CA trust Fully self organized Authority-based

4 Secure routing requirements and assumptions - A network controlled by the central authority - All security associations established between all nodes prior to protocol execution - The most stringent assumption: Routes are established between nodes with which a source and the destination have security associations Secure routing proposals - Securing Ad Hoc Routing Protocols, Zappata, Asokan, WiSe, Ariande, Hu, Perrig, Johnson, MobiCom Secure Routing for Ad Hoc Networks, Papadimitratos, Haas CNDS, A Secure Routing Protocol for Ad Hoc Networks, Sanzgiri et al. ICNP, SEAD, Hu, Perrig, Johnson, WMCSA 2002 i j m

5 Key management in Ad Hoc networks Solutions proposed so far (not exhaustive) Providing. Robust and Ubiquitous Security Support for MANETs (threshold cryptography, cooperation) UCLA: Kong et al., ICNP 2001 Key Agreement in Ad Hoc Networks (shared password) Asokan and Ginzboorg, Computer Communications 2000 Securing Ad Hoc Networks (1999) (threshold cryptography, servers) Cornell: Zhou and Haas, IEEE Network 1999 Ariadne (Key distribution with on-line servers) Hu et al., Mobicom 2002 Self-organized Public-Key Management for Mobile Ad Hoc Networks (certificate chains) EPFL: Capkun et al., TMC 2003 SUCV (Montenegro and Castelluccia) NDSS 2002 CAM (O'Shea and Roe) ACM Computer Communications Review 2001

6 Routing – security interdependence Routing can not work until security associations are set up. Security associations can not be set up via multi-hop routes because routing does not work Existing solutions: - Preloading all pairs of keys into nodes (it makes it difficult to introduce new keys and to perform rekeying) - On-line authentication servers (problematic availability and in some cases routing-security inter-dependence, rekeying) - CAM, SUCV i j

7 Mobility helps security of routing { A, PuK A } Wireless channel - Typically long distance - No integrity - No confidentiality  PuKCA A B Certificate that binds B’s Public key with his id, issued and signed by the central authority - Each node holds a certificate that bind its id with its public key, signed by the CA { B, PuK B }  PuKCA

8 Establishment of security associations The establishment of security associations within the power range breaks the routing-security interdependence cycle

9 Discussion: advantages of the mobility approach (1) - Mobile ad hoc networks with authority based security systems - breaks the routing-security dependence circle - automatic establishment of security associations - no user involvement - associations can be established in power range - only off-line authorities are needed - straightforward rekeying

10 Fully self-organized scenario Infrared link (Alice, PuK Alice, XYZ) (Bob, PuK Bob, UVW) Visual recognition, conscious establishment of a two-way security association Secure side channel -Typically short distance (a few meters) - Line of sight required - Ensures integrity - Confidentiality not required Alice Bob

11 Two binding techniques Binding of the face or person name with his/her public key : by the Secure Side Channel, the Friend mechanism and the appropriate protocols Binding of the public key with the NodeId XYZ : by CAM or SUCV Assumption: static allocation of the NodeId: NodeId = h(PuK) G. O’Shea and and M. Roe: Child-proof authentication for IPv6 (CAM) ACM Computer Communications Review, April 2001 G. Montenegro and C. Castelluccia: Statistically unique and cryptographically verifiable (SUCV) identifiers and addresses. NDSS 2002 G. O’Shea and and M. Roe: Child-proof authentication for IPv6 (CAM) ACM Computer Communications Review, April 2001 G. Montenegro and C. Castelluccia: Statistically unique and cryptographically verifiable (SUCV) identifiers and addresses. NDSS 2002

12 Friends mechanism IR Colin Bob (Colin’s friend) Alice Colin and Bob are friends: They have established a Security Association at initialisation They faithfully share with each other the Security Associations they have set up with other users Colin and Bob are friends: They have established a Security Association at initialisation They faithfully share with each other the Security Associations they have set up with other users

13 Mechanisms to establish Security Associations Friendship : nodes know each others’ triplets Exchange of triplets over the secure side channel Two-way SA resulting from a physical encounter i j i knows the triplet of j ; the triplet has been obtained from a friend of i ifjifjifjifjijij a) Encounter and activation of the SSC b) Mutual friend c) Friend + encounter Note: there is no transitivity of trust (beyond your friends)

14 Discussion: advantages of the mobility approach (2) - Fully self-organized mobile ad hoc networks - There are no central authorities - Each user/node generates its own public/private key pairs - (No) trust transitivity - Intuitive for users - Can be easily implemented (vCard) - Useful for setting up security associations for secure routing in smaller networks or peer-to-peer applications - Requires some time until network is fully secure - User/application oriented

15 Pace of establishment of the security associations - Depends on several factors: - Area size - Number of communication partners: s - Number of nodes: n - Number of friends - Mobility model and its parameters (speed, pause times, …) Established security associations : Desired security associations : Convergence :

16 Mobility models - Random walk - discrete time - simple, symmetric random walk - area: Bounded and toroid grids (33x33, 100x100, 333x333) - number of nodes: Random waypoint - most commonly used in mobile ad hoc networks - continuous time - area size: 1000m x1000m - max speed: 5m/s, 20m/s - pause time: 5s, 100s, 200s - security power range: 5m (SSC), 50m 100m (radio) - Common simulation settings - simulations are run 20 times - confidence interval: 95% p=1/5

17 (Restricted) random waypoint  8  Any point on the plane If  =0  Regular random waypoint mobility model Restricts the movement of nodes to a set of points with a predefined probability - area size: 1000m x1000 m - max speed: 5m/s, 20m/s - pause time: 5s, 100s, 200s - restriction probability: 0.1, 0.5, 1 - number of restriction points: 20

18 Size matters t M =O(NlogN)

19 Friends help (f+1)

20 Security range matters

21 Meeting points help

22 Pause time

23 Conclusion and future work Conclusion Mobility can help security in mobile ad hoc networks, from the networking layer up to the applications Mobility “breaks” the security-routing interdependence cycle The pace of establishment of the security associations is strongly influenced by the area size, the number of friends, and the speed of the nodes The proposed solution also supports re-keying The proposed solution can easily be implemented with both symmetric and asymmetric crypto Current/future work Closed-form expression for the pace of establishment of security associations with random walk mobility Application of our scheme to secure routing protocols Key revocation Improved scalability Better mobility models