A Lightweight Hop-by-Hop Authentication Protocol For Ad- Hoc Networks Speaker: Hsien-Pang Tsai Teacher: Kai-Wei Ke Date:2005/01/20.

Slides:

Advertisements

Similar presentations

Chris Karlof and David Wagner

Advertisements

Computer Science Dr. Peng NingCSC 774 Adv. Net. Security1 CSC 774 Advanced Network Security Topic 6. Security in Mobile Ad-Hoc Networks.

By Md Emran Mazumder Ottawa University Student no:

Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Efficient Public Key Infrastructure Implementation in Wireless Sensor Networks Wireless Communication and Sensor Computing, ICWCSC International.

1 Network Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

TAODV: A Trusted AODV Routing Protocol for MANET Li Xiaoqi, GiGi March 22, 2004.

A Survey of Secure Wireless Ad Hoc Routing

Packet Leashes: Defense Against Wormhole Attacks Authors: Yih-Chun Hu (CMU), Adrian Perrig (CMU), David Johnson (Rice)

Network Access Control for Mobile Ad Hoc Network Pan Wang North Carolina State University.

Secure and Efficient Key Management in Mobile Ad Hoc Networks Bing Wu, Jie Wu, Eduardo B. Fernandez, Mohammad Ilyas, Spyros Magliveras Department of Computer.

Nov.6, 2002 Secure Routing Protocol for Ad Hoc Networks Li Xiaoqi.

研究生：蔡憲邦指導教授：柯開維博士 Design of Efficient and Secure Multiple Wireless Mesh Network 具安全性及自我組織能力的無線網狀網路.

An Authentication Service Based on Trust and Clustering in Wireless Ad Hoc Networks: Description and Security Evaluation Edith C.H. Ngai and Michael R.

Security Issues In Sensor Networks By Priya Palanivelu.

Spring 2002CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Packet Leashes: A Defense against Wormhole Attacks in Wireless Networks Yih-Chun Hu (Carnegie Mellon University) Adrian Perrig (Carnegie Mellon University)

Centre for Wireless Communications University of Oulu, Finland

Design of Efficient and Secure Multiple Wireless Mesh Network Speaker: Hsien-Pang Tsai Teacher: Kai-Wei Ke Date: 2005/06/28.

Sencun Zhu Sanjeev Setia Sushil Jajodia Presented by: Harel Carmit

Key Distribution in Sensor Networks (work in progress report) Adrian Perrig UC Berkeley.

Security & Efficiency in Ad- Hoc Routing Protocol with emphasis on Distance Vector and Link State. Ayo Fakolujo Wichita State University.

Secure Routing in Ad Hoc Wireless Networks

SPINS: Security Protocols for Sensor Networks Adrian Perrig, Robert Szewczyk, Victor Wen, David Culler, J.D. Tygar Research Topics in Security in the context.

Spring 2003CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

1 Hidden Exponent RSA and Efficient Key Distribution author: He Ge Cryptology ePrint Archive 2005/325 PDFPDF 報告人：陳昱升.

SPINS: Security Protocols for Sensor Networks Adrian Perrig Robert Szewczyk Victor Wen David Culler Doug TygarUC Berkeley.

A Preferred Link Based Multicast Protocol for Wireless Mobile Ad hoc Networks R. S. Sisodia, Karthigeyan. I, B. S. Manoj, and C. Siva Ram Murthy ICC 2003.

ITIS 6010/8010: Wireless Network Security Weichao Wang.

LEAP: Efficient Security Mechanisms for Large-Scale Distributed Sensor Networks By: Sencun Zhu, Sanjeev Setia, and Sushil Jajodia Presented By: Daryl Lonnon.

MAC Reliable Broadcast in Ad Hoc Networks Ken Tang, Mario Gerla University of California, Los Angeles (ktang,

Network Security. Contents Security Requirements and Attacks Confidentiality with Conventional Encryption Message Authentication and Hash Functions Public-Key.

Mitigating DoS Attacks against Broadcast Authentication in Wireless Sensor Networks Peng Ning, An Liu North Carolina State University and Wenliang Du Syracuse.

MOBILE AD-HOC NETWORK(MANET) SECURITY VAMSI KRISHNA KANURI NAGA SWETHA DASARI RESHMA ARAVAPALLI.

1 / 18 Fariba alamshahi Secure Routing and Intrusion Detection in Ad Hoc Networks Supervisor: Mr.zaker Translator: fariba alamshahi.

An efficient secure distributed anonymous routing protocol for mobile and wireless ad hoc networks Authors: A. Boukerche, K. El-Khatib, L. Xu, L. Korba.

GZ06 : Mobile and Adaptive Systems A Secure On-Demand Routing Protocol for Ad Hoc Networks Allan HUNT Wandao PUNYAPORN Yong CHENG Tingting OUYANG.

Security in Mobile Ad Hoc Networks (MANETs) Group : ►NS. Farid Zafar Sheikh ►NS. Muhammad Zulkifl Khalid ►NS. Muhammad Ali Akbar ►NS. Wasif Mehmood Awan.

Security for the Optimized Link- State Routing Protocol for Wireless Ad Hoc Networks Stephen Asherson Computer Science MSc Student DNA Lab 1.

Shambhu Upadhyaya 1 Ad Hoc Networks Routing Security Shambhu Upadhyaya Wireless Network Security CSE 566 (Lecture 19)

Authors: Yih-Chun Hu, Adrian Perrig, David B. Johnson

Secure routing in wireless sensor network: attacks and countermeasures Presenter: Haiou Xiang Author: Chris Karlof, David Wagner Appeared at the First.

Network Security David Lazăr.

Secure Routing in Wireless Sensor Networks: Attacks and Countermeasures Chris Karlof and David Wagner (modified by Sarjana Singh)

Rushing Attacks and Defense in Wireless Ad Hoc Network Routing Protocols ► Acts as denial of service by disrupting the flow of data between a source and.

Secure and efficient key management in mobile ad hoc networks Authors: Bing Wu, Jie Wu, Eduardo B. Fernandez, Mohammad Ilyas, and Spyros Magliveras Sources:

Secure Communication between Set-top Box and Smart Card in DTV Broadcasting Authors: T. Jiang, Y. Hou and S. Zheng Source: IEEE Transactions on Consumer.

Computer Science 1 TinySeRSync: Secure and Resilient Time Synchronization in Wireless Sensor Networks Speaker: Sangwon Hyun Acknowledgement: Slides were.

Security in Mobile Ad Hoc Networks: Challenges and Solutions (IEEE Wireless Communications 2004) Hao Yang, et al. October 10 th, 2006 Jinkyu Lee.

Shambhu Upadhyaya 1 Ad Hoc Networks – Network Access Control Shambhu Upadhyaya Wireless Network Security CSE 566 (Lecture 20)

Establishing authenticated channels and secure identifiers in ad-hoc networks Authors: B. Sieka and A. D. Kshemkalyani (University of Illinois at Chicago)

Efficient and Secure Source Authentication for Multicast 報告者 : 李宗穎 Proceedings of the Internet Society Network and Distributed System Security Symposium.

SEAD: Secure Efficient Distance Vector Routing for Mobile Wireless Ad Hoc Network Raymond Chang March 30, 2005 EECS 600 Advanced Network Research, Spring.

Shambhu Upadhyaya 1 Sensor Networks – Hop- by-Hop Authentication Shambhu Upadhyaya Wireless Network Security CSE 566 (Lecture 22)

Security for Broadcast Network

1 An Interleaved Hop-by-Hop Authentication Scheme for Filtering of Injected False Data in Sensor Networks Sencun Zhu, Sanjeev Setia, Sushil Jajodia, Peng.

1 Routing security against Threat models CSCI 5931 Wireless & Sensor Networks CSCI 5931 Wireless & Sensor Networks Darshan Chipade.

A Key Management Scheme for Distributed Sensor Networks Laurent Eschaenauer and Virgil D. Gligor.

1 Security for Broadcast Network Most slides are from the lecture notes of prof. Adrian Perrig.

Security Review Q&A Session May 1. Outline  Class 1 Security Overview  Class 2 Security Introduction  Class 3 Advanced Security Constructions  Class.

S E A D Secure Efficient Distance Vector Routing for Mobile Wireless Ad Hoc Networks Yih-Chun Hu,David B.Johnson, Adrian Perrig.

Computer Science Least Privilege and Privilege Deprivation: Towards Tolerating Mobile Sink Compromises in Wireless Sensor Network Presented by Jennifer.

Packet Leashes: Defense Against Wormhole Attacks

Ariadne A Secure On-Demand Routing Protocol for Ad Hoc Networks

Message Digest Cryptographic checksum One-way function Relevance

SPINS: Security Protocols for Sensor Networks

SPINS: Security Protocols for Sensor Networks

A Survey of Secure Wireless Ad Hoc Routing

Outline A. Perrig, R. Szewczyk, V. Wen, D. Culler, and J. D. Tygar. SPINS: Security protocols for sensor networks. In Proceedings of MOBICOM, 2001 Sensor.

Presentation transcript:

A Lightweight Hop-by-Hop Authentication Protocol For Ad- Hoc Networks Speaker: Hsien-Pang Tsai Teacher: Kai-Wei Ke Date:2005/01/20

2005/1/202 Outline Introduction LHAP Security Analysis Performance Analysis Conclusion

2005/1/203 Securing Ad hoc Networks Most ad hoc networks do not have any provisions for restricting or regulating the traffic. Recently researchers have proposed security extensions for authenticating routing control packets. A simple solution is to use a network-wide key shared by all nodes.

2005/1/204 Public Key Algorithm Two problems with shared-key ：  Key management  Digital signatures (Authentication) Key feature of public key cryptosystem  Two keys: Public Key & Private Key  Computational infeasible to determine decryption key.

2005/1/205 Public Key Algorithm (cont.) Public Key Encryption

2005/1/206 Public Key Algorithm (cont.) Public Key authentication

2005/1/207 Outline Introduction LHAP Security Analysis Performance Analysis Conclusion

2005/1/208 LHAP Lightweight hop-by-hop authentication. A node joining an ad hoc network only needs to perform some inexpensive authentication with its neighbors. Residing in between the data link layer and the network layer.

2005/1/209 Notation

2005/1/2010 Trust Management Trust Bootstrapping

2005/1/2011 Trust Management (1) Trust Maintenance  Each node broadcasts an KEYUPDATE message (with TTL=1) to its neighbors.  The KEYUPDATE message is authenticated with the next TESLA key in its key chain.  Preventing malicious nodes from forging traffic using the TRAFFIC keys node A has already released.

2005/1/2012 Trust Management (2) Trust Termination  When a compromised node is detected, all the node will terminate their trust relationship with that node permanently.  When a node doesn’t receive a valid KEYUPDATE message from a neighbor within a TESLA interval, it will terminate it trust of this neighbor temporarily.

2005/1/2013 Lightweight Traffic Authentication Each node generates a one-way key chain used for traffic authentication. Node A want to broadcast a packet M: Benefit:  Enable instant verification of traffic packets.  It is not necessary to disclose TRAFFIC keys periodically.

2005/1/2014 Outline Introduction LHAP Security Analysis Performance Analysis Conclusion

2005/1/2015 Security Analysis Outside attacks  Single outside attack  Collaborative outside attack  Hidden terminal attack Inside attacks  Single inside attack  Insider clone attack

2005/1/2016 Outside Attacks Single outside attack

2005/1/2017 Outside Attacks (1) Collaborative outside attack  Attacker P1 and P2 have a private channel.  P1 forwards every message it eavesdropped from node A, including KEYUPDATE messages and traffic packets.  Solution: Allow a receiving node to determine if they should be able to hear each other.

2005/1/2018 Outside Attacks (2) Hidden terminal attack  IEEE solves the problem using CSMA/CA with ACKs and optional RTS/CTS control packet.

2005/1/2019 Insider Attacks Single insider attack  A compromised node might attempt to flood the network with many traffic packets. Insider clone attack  When a compromised nod shares its private key with its outside conspirators. Solution  Instruction Detection System (IDS).

2005/1/2020 Outline Introduction LHAP Security Analysis Performance Analysis Conclusion

2005/1/2021 Performance Analysis Computational Overhead  RSA digital signature verifications.  Hash computation Latency  A node verifies a traffic packet it receives by computing one or more hashes. Traffic Byte Overhead  A node adds a traffic key to every traffic packet it sends,…

2005/1/2022 Performance Analysis (cont.)  JOIN message, a public key certificate and the size of a digital signature.  A node sends an ACK packet to every new neighbor…  KEYUPDATE message.

2005/1/2023 Outline Introduction LHAP Security Analysis Performance Analysis Conclusion

2005/1/2024 Conclusion Presented a lightweight hop-by-hop authentication protocol for network access control in ad hoc networks. Transparent to and independent of the routing protocol.

2005/1/2025 Reference 1. Sencun Zhu, and Shouhuai Xu, “LHAP:A lightweight Hop-by-Hop Authentication Protocol For Ad-Hoc Networks”, ICDCSW’03, IEEE Adrian Perrig, and Ran Canetti, “Efficient Authentication and Signing of Multicast Streams over Lossy Channels”, IEEE 2000.