Ad Hoc Networks Curtis Bolser Miguel Turner Kiel Murray
Towards Flexible Credential Verification in Mobile Ad-hoc Networks - Goals “To propose a flexible verification mechanism to ascertain a user’s identity and credentials based on assertions from peers.” “To propose a flexible verification mechanism to ascertain a user’s identity and credentials based on assertions from peers.” Similar to PGP’s web-of-trust concept. Similar to PGP’s web-of-trust concept. Lessen the number of signature verifications needed. Lessen the number of signature verifications needed. Allow interoperability between different certificate formats and paradigms (X.509, PGP, SPKI). Allow interoperability between different certificate formats and paradigms (X.509, PGP, SPKI).
Towards Flexible Credential Verification in Mobile Ad-hoc Networks – Requirements Due to generation and verification of credentials and assertions, significant processing power may be required. Due to generation and verification of credentials and assertions, significant processing power may be required. For X.509 and SPKI verification, a connection to a wired or fixed network is required. For X.509 and SPKI verification, a connection to a wired or fixed network is required. The devices must have enough space to store a public key ring and trustworthiness levels for each key. The devices must have enough space to store a public key ring and trustworthiness levels for each key.
Towards Flexible Credential Verification in Mobile Ad-hoc Networks – Architecture The general architecture is shown in the following figure. The general architecture is shown in the following figure. Verification Module Key Management XML Credential Generator Security Assertion Module Key management: Public keys can be added provided their validity has been checked beforehand. Key management: Public keys can be added provided their validity has been checked beforehand. Only assertions made from trusted keys in the ring are considered, all other assertions are discarded. Only assertions made from trusted keys in the ring are considered, all other assertions are discarded. Four trust levels; Full, Partial, Untrustworthy, Unknown. Four trust levels; Full, Partial, Untrustworthy, Unknown.
Towards Flexible Credential Verification in Mobile Ad-hoc Networks – Architecture XML Credential Generator: Used to create Credential Assertion Statements (CAS) by grouping the user’s credentials together. XML Credential Generator: Used to create Credential Assertion Statements (CAS) by grouping the user’s credentials together. Information in X.509 certificates and SPKI are extracted and then converted into XML form to produce the CAS. Information in X.509 certificates and SPKI are extracted and then converted into XML form to produce the CAS. The CAS itself need not be encrypted, but it is signed. The CAS itself need not be encrypted, but it is signed. Contains X.509 certificate data and attribute certificate data through and tags in the XML document. Contains X.509 certificate data and attribute certificate data through and tags in the XML document. The tag denotes where the certificate is stored in its original form (ASN.1 DER encoded) The tag denotes where the certificate is stored in its original form (ASN.1 DER encoded)
Towards Flexible Credential Verification in Mobile Ad-hoc Networks – Architecture Security Assertion Model: Main functionality is to issue assertions to other peers after successfully verifying the credentials listed in the CAS. Security Assertion Model: Main functionality is to issue assertions to other peers after successfully verifying the credentials listed in the CAS. This is done through Assertion Signature Statements (ASS) which are distributed to the Ad-hoc network. This is done through Assertion Signature Statements (ASS) which are distributed to the Ad-hoc network. Peers must have explicitly declared trust of the issuer of the ASS for it to be considered. Peers must have explicitly declared trust of the issuer of the ASS for it to be considered. More trusted nodes would lead to more ability to validate credentials via peers in the Ad-hoc network instead of through Credential Authorities via a wired network. More trusted nodes would lead to more ability to validate credentials via peers in the Ad-hoc network instead of through Credential Authorities via a wired network.
Towards Flexible Credential Verification in Mobile Ad-hoc Networks – Architecture Verification Module: Used to determine if the CAS is authentic and based on authentic credentials. Verification Module: Used to determine if the CAS is authentic and based on authentic credentials. Checks the signatures in the ASSs corresponding to the CAS against the key ring to determine trust. Checks the signatures in the ASSs corresponding to the CAS against the key ring to determine trust. Trust relationships are not transitive except in the case of partially verified information. Trust relationships are not transitive except in the case of partially verified information. Ex: Node A trusts Node B, Node B trusts Node C. Node C asserts that node L’s credential is valid. Ex: Node A trusts Node B, Node B trusts Node C. Node C asserts that node L’s credential is valid. If Node A can partially validate L’s credential, it can trust it due to trusting Node B which trusts Node C. If Node A can partially validate L’s credential, it can trust it due to trusting Node B which trusts Node C. Does NOT imply trust of further assertions from Node C. Does NOT imply trust of further assertions from Node C.
Ad Hoc Sensor Networks Authentication Authentication Typically requires high levels of computational and communication capabilities Typically requires high levels of computational and communication capabilities Sensors Sensors Low-powered, mobile devices Low-powered, mobile devices Many applications for sensors where strong authentication is desirable Many applications for sensors where strong authentication is desirable
Three-tier Hierarchy Tier 1: Access Points Tier 1: Access Points High-power High-power Route radio packets to wired infrastructure Route radio packets to wired infrastructure Tier 2: Forwarding Nodes Tier 2: Forwarding Nodes Medium-power, mobile Medium-power, mobile Relay information to access points Relay information to access points Tier 3: Sensor Nodes Tier 3: Sensor Nodes Low-power, mobile Low-power, mobile Collect data to send to application Collect data to send to application
Authentication TESLA Certificate TESLA Certificate Short lifetime Short lifetime Sensors assigned certificates by access points Sensors assigned certificates by access points Forwarding nodes only authenticate themselves in assured mode Forwarding nodes only authenticate themselves in assured mode
Authentication Weak mode Weak mode Only the origin of the data is verified Only the origin of the data is verified The data can be routed through any series of forwarding nodes The data can be routed through any series of forwarding nodes Assured mode Assured mode Each forwarding node will append its signature to the data Each forwarding node will append its signature to the data This allows the route to be verified This allows the route to be verified
Mobility Helps Security in Ad Hoc Networks – Idea Mimic human behavior; to communicate securely get close to each other and establish mutual credentials. Mimic human behavior; to communicate securely get close to each other and establish mutual credentials. Two separate models: Two separate models: 1 – Allows for security without any kind of central authority. 1 – Allows for security without any kind of central authority. 2 – Allows for an offline authority authorizing nodes to join the network. 2 – Allows for an offline authority authorizing nodes to join the network.
Mobility Helps Security in Ad Hoc Networks – Assumptions The ability to establish a “secure side channel,” through an infrared link, physical connection, or some other secure, local method for model 1. The ability to establish a “secure side channel,” through an infrared link, physical connection, or some other secure, local method for model 1. Nodes in a given Ad Hoc network move around. Nodes in a given Ad Hoc network move around. This mobility will actually assist in establishing security associations between nodes on the network. This mobility will actually assist in establishing security associations between nodes on the network. Each node is able to generate cryptographic keys, check signatures, and accomplish any task required to secure its communications (specifically; agree on cryptographic protocols with other nodes) Each node is able to generate cryptographic keys, check signatures, and accomplish any task required to secure its communications (specifically; agree on cryptographic protocols with other nodes)
Mobility Helps Security in Ad Hoc Networks – Overview 1 Network is fully self-organized (no infrastructure, no central authority, no centralized trusted third party). Network is fully self-organized (no infrastructure, no central authority, no centralized trusted third party). Secure side channel is used to set up security associations between nodes by exchanging cryptographic material. Secure side channel is used to set up security associations between nodes by exchanging cryptographic material. This exchange is made by both users consciously and simultaneously (associate a “human face” with the established security association). This exchange is made by both users consciously and simultaneously (associate a “human face” with the established security association). Use of “Friends” to further distribute public keys. Use of “Friends” to further distribute public keys.
Mobility Helps Security in Ad Hoc Networks – Overview 2 Ad Hoc network with a central authority (off-line). Ad Hoc network with a central authority (off-line). Central Authority controls network membership, deciding which nodes can join and how. Central Authority controls network membership, deciding which nodes can join and how. Each node has a unique identity, assigned to it by the authority, binding the node’s identity and public key. Each node has a unique identity, assigned to it by the authority, binding the node’s identity and public key. Each node holds the public key of the central authority. Each node holds the public key of the central authority. If a node A possesses a certificate signed by the central authority binding node B and its public key, then there is a one-way security association between node A and B. If a node A possesses a certificate signed by the central authority binding node B and its public key, then there is a one-way security association between node A and B. If each node has a one-way security association of the other, they have a two-way security association. If each node has a one-way security association of the other, they have a two-way security association.
Mobility Helps Security in Ad Hoc Networks – Comparisons Mobility-based approach allows insertion of new nodes and secure transfers without on-line key distribution. Mobility-based approach allows insertion of new nodes and secure transfers without on-line key distribution. Drawback: takes time to establish security associations. Drawback: takes time to establish security associations. Self-organized approach is useful in securing personal communications on the application level. Self-organized approach is useful in securing personal communications on the application level. Offline authority approach useful in securing networking mechanisms such as routing. Offline authority approach useful in securing networking mechanisms such as routing. In the self-organized approach, users must establish security associations consciously; In the authority-based approach, these associations are established automatically. In the self-organized approach, users must establish security associations consciously; In the authority-based approach, these associations are established automatically.
Generic Implementation of Elliptic Curve Cryptography using Partial Reduction Elliptic curve cryptography (ECC) is becoming an attractive alternative to traditional RSA and DH Elliptic curve cryptography (ECC) is becoming an attractive alternative to traditional RSA and DH Elliptic Curve Digital Signature Algorithm (ECDSA) Elliptic Curve Digital Signature Algorithm (ECDSA) Government a big fan Government a big fan Paper outlines hardware and software approach to implementing ECC Paper outlines hardware and software approach to implementing ECC
ECC Security per bit rivals other common cryptosystems Security per bit rivals other common cryptosystems Involves modular addition, multiplication, and division Involves modular addition, multiplication, and division Coupled with partial reduction, selection of curves becomes more flexible Coupled with partial reduction, selection of curves becomes more flexible
Self-Organized Network-Layer Security in Mobile Ad Hoc Networks Assumes no initial trust, no central trusting entity Assumes no initial trust, no central trusting entity Based on On-demand Distance Vector (AODV) routing protocol Based on On-demand Distance Vector (AODV) routing protocol Path discovery is on-demand Path discovery is on-demand Uses Route request/response packets Uses Route request/response packets Is susceptible to routing updates misbehavior and packet forwarding misbehavior Is susceptible to routing updates misbehavior and packet forwarding misbehavior
Self-Organized Network-Layer Security in Mobile Ad Hoc Networks Goals Goals No central trust authority or key distributor No central trust authority or key distributor Tolerant to the existence of compromised nodes Tolerant to the existence of compromised nodes Isolate the attacker Isolate the attacker Credit based system where nodes will incur less security overhead as time passes Credit based system where nodes will incur less security overhead as time passes
Self-Organized Network-Layer Security in Mobile Ad Hoc Networks How it works How it works Each node has a token signed by the system key (SK) Each node has a token signed by the system key (SK) This token will expire without renewing it in a timely manner This token will expire without renewing it in a timely manner Bad tokens are known to all nodes via their Token Revocation Lists Bad tokens are known to all nodes via their Token Revocation Lists
Self-Organized Network-Layer Security in Mobile Ad Hoc Networks How it works How it works Nodes collaborate to monitor each other and issue new tokens Nodes collaborate to monitor each other and issue new tokens Only when the group decides a node is an attacker is it isolated from the network Only when the group decides a node is an attacker is it isolated from the network