Study and Implementation of Efficient Security for Wireless Networks 8/25/20151 M. Razvi Doomun Faculty of Engineering University of Mauritius Project Supervisor: Prof. K.M.S. Soyjaudah Research Week 2009/2010 Doctoral Consortium e-Poster

Objectives Design efficient security and privacy mechanisms for resource-constrained wireless networks Analysis of operational complexity and efficiency of IEEE i security protocol Propose integrated security and privacy of source and destination in ad hoc wireless networks against global attackers. 2

Energy-efficient security protocol can be achieved by: Software optimization techniques and better hardware implementation, or a combination of both, for constituent cryptographic operations. Use equivalent alternative cipher primitives that consume less energy Reduce workload of a security protocol Modify or simplify the structure of security protocol components Frame formatting, minimize redundant operations and overheads Innovative and energy-aware security provisioning with flexible security framework Different combinations of security primitives for different security requirements at different operating conditions M. R. Doomun, K.M.S. Soyjaudah, “Adaptive IEEE i security for energy-security optimization,” In Proceedings of The Third Advanced International Conference on Telecommunications AICT ’07, IARIA- Mauritius, May, 2007.

General Energy Cost of Security Protocol

Comparative complexity of WEP, TKIP, AES-CCMP Complexity of TKIP is proportional to the message size encrypted With message size less than 100 bytes, TKIP has faster execution speed than AES-CCMP Complexity of CCMP increases linearly with increasing key length, more encryption rounds, as well as larger payload size. CTR-mode and CBC-MAC contributes almost equally to the overall complexity of CCMP M. R. Doomun, K.M.S. Soyjaudah, D. Bundhoo, “Energy Consumption and Computational Analysis of Rijndael-AES,” In Proceedings of Third IEEE International Conference in Central Asia on Internet The Next Generation of Mobile, Wireless and Optical Communications Networks, September 26-28, M. R. Doomun and K.M.S. Soyjaudah, “Analytical Comparison of Cryptographic Techniques for Resource Constrained Wireless Security”, International Journal of Network Security, Vol.9, No.1, pp. 82–94, July 2009.

Complexity comparison of WEP, TKIP and CCMP

M. R. Doomun, K.M. Sunjiv Soyjaudah, “Modified Temporal Key Integrity protocol for efficient wireless network security,” In Proceedings of International Conference on Security and Cryptography (SECRYPT 2007) IEEE, Spain, July M. R.Doomun and K.M.S. Soyjaudah “LOTKIP: Low Overhead TKIP optimization for Wireless Ad hoc Networks” International Journal of Network Security (IJNS).

Communication Privacy Traffic analysis in large wireless ad hoc networks Passive attack Reveal contextual information Direction of traffic flow, nodes with high packet transmission rate Locate of source and destination nodes Traffic analysis countermeasures: Use multipath to spread the network traffic Use anonymous routing techniques All packets encrypted link-by-link 8

Two types of attackers Local attacker : Eavesdrop on transmitted packets around one node at a time Does not know the overall network traffic flow Global attacker : Visualize the overall network traffic flow Capable of network-wide traffic rate monitoring and time- correlation attacks. Network-wide rate monitoring attack involves counting the number of transmitted/received packets around every node in the network. Time-correlation attack involves finding the communication patterns by analyzing latencies between packet transmissions around nodes in the network. 9

Models and Assumptions (1) Network model Ad hoc grid-distribution or random-distribution network nodes MAC and routing protocol messages are encrypted Assume existing key management protocol that can distribute pair-wise keys between nodes or public-private key pairs for each node All packets are transmitted in the same format and have same length (by padding or fragmenting). Route discovery communications are assumed to be anonymous using any of the anonymous routing protocols 10

Models and Assumptions (2) Attacker Model An external, global, and powerful attacker model Attacker is passive and cannot compromise nodes in the network Knowledge of network topology and can keep statistical measurements for all of the network traffic A possible method for this attack is by deploying an overlay network with several malicious nodes simply to sense traffic from the given ad hoc network

Privacy Evaluation Metrics Anonymity The level of anonymity is defined as the probability that a node of interest is incorrectly identified in an anonymous group Depends on the number of nodes in the anonymous zone If a node is hidden among A nodes that have the same behavior, then the level of anonymity Unlinkability 3-D graph of transmitted data around nodes to determine whether or not a global attacker can visualize the existence of communication between a source and destination. Edge detection algorithms to extract traffic pattern Entropy If node i transmits u i packets and a total of V packets were transmitted in the network in time T, the fraction of packets sent by i is p i = u i /V and the entropy is defined as 12

Privacy Protocol (1) Initialization Source node S broadcasts a hello message to discover all its one - hop neighbors N (1, i ) for i = 1,2, …, m, where m is the total number of neighbor nodes. The nodes in N (1, i ) discover their respective neighbors N (2, i ) which are two - hops away from node S. Consequently, source node S constructs the list : N (1, i ), N (2, i ), N (3, i ), …, N ( k, i ), where N ( k, i ) is the set of k th hop neighbors of node S. This initialization process of neighbor discovery is done periodically by all nodes in the network. 13

Privacy Protocol (2) Cloud Construction Let the cloud region be of maximum width k hops from the source S. For e. g, with k = 3, source node S will randomly select a number of nodes, B < 4 k ( k +1), such that B  { N (1, i )  N (2, i )  N (3, i )}. Nodes in cloud B Marked as pseudosources in the cloud Requested to transmit encrypted dummy packets at a rate similar to the source transmission rate Forward real packets when available from source to delegated sources. Drop dummy packets.

Privacy Protocol (3) Destination node D : do same initialization procedure & also construct a cloud. Size of the source and the destination clouds can be different. Delegated Source and Delegated Destination Node S randomly selects one or more nodes from the set B to act as delegated sources. ( D will do the same ) R. Doomun, T. Hayajneh, P. Krishnamurthy and D. Tipper, “SECLOUD: Source and Destination Seclusion using Clouds for Wireless Ad Hoc Networks”, IEEE Symposium on Computers and Communications (ISCC) Tunisia, 5-8 July, 2009.

Simulation 400 nodes distributed in an area of 2000m x 2000m with average node degree between 7 and 8. Quasi-Unit disk graph (Q-UDG) The source sends 5000 data packets in a time window of T seconds The attacker: Will sample n of the nodes that have the highest number of packets transmitted in T and computes the average value U of packets transmitted. Will mark nodes that transmit at least βU packets where 0<β< 1. Will vizualize graph of nodes, the number of packets transmitted and the marked nodes to determine possible communication paths, sources, and destinations. We pick n = 10 in our simulations. Different values of n and β will create sharp or fuzzy boundaries in the graph 16

17 Results Privacy Technique With single Source-Destination With multiple paths

Example of Security-Privacy Policy Decision Matrix

Conclusions Complexity overhead analysis of existing i wireless security mechanisms Optimizing execution of TKIP and AES - CCM algorithm by minimizing redundant operations and reducing communication overhead E.g. Low Overhead TKIP & Resource Saving AES-CCMP Design with Hybrid Counter Mode Block Chaining –MAC Anonymity level and transmission overhead analysis of existing communication privacy mechanisms Communication overhead cannot be reduced without sacrificing some privacy strength because hiding traffic pattern comes at a cost. Future / Ongoing work Develop privacy techniques for better seclusion for both, source and destination nodes location Adaptive and resource - aware security - privacy model provides more efficient energy consumption