1 Self-Certified Group Key-Generation for Ad Hoc Clusters in Wireless Sensor Networks Ortal Arazi, Hairong Qi Dept. Electrical & Computer Engineering The.

Slides:



Advertisements
Similar presentations
Chris Karlof and David Wagner
Advertisements

KEY MANAGEMENT TECHNIQUES IN WIRELESS SENSOR NETWORKS JOHNSON C.LEE, VICTOR C.M.LUENG, KIRK H.WONG, JIANNANO CAO, HENRY C.B. CHAN Presented By Viplavi.
ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.
Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
A Security Protocol for Sensor Networks Khadija Stewart, Themistoklis Haniotakis and Spyros Tragoudas Dept. of Electrical and Computer Engineering Southern.
Efficient Public Key Infrastructure Implementation in Wireless Sensor Networks Wireless Communication and Sensor Computing, ICWCSC International.
1 Network Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Introduction to Wireless Sensor Networks
Sec-TEEN: Secure Threshold sensitive Energy Efficient sensor Network protocol Ibrahim Alkhori, Tamer Abukhalil & Abdel-shakour A. Abuznied Department of.
DoS Attacks on Sensor Networks Hossein Nikoonia Department of Computer Engineering Sharif University of Technology
LOGO A Public Key Cryptographic Method for Denial of Service Mitigation in Wireless Sensor Networks O. Arazi, H. Qi, D. Rose IEEE SECON 2007 proceedings.
Securing Wireless Sensor Networks Wenliang (Kevin) Du Department of Electrical Engineering and Computer Science Syracuse University.
Secure and Efficient Key Management in Mobile Ad Hoc Networks Bing Wu, Jie Wu, Eduardo B. Fernandez, Mohammad Ilyas, Spyros Magliveras Department of Computer.
Murat Demirbas Youngwhan Song University at Buffalo, SUNY
研 究 生:蔡憲邦 指導教授:柯開維 博士 Design of Efficient and Secure Multiple Wireless Mesh Network 具安全性及自我組織能力的 無線網狀網路.
1 Key Management in Mobile Ad Hoc Networks Presented by Edith Ngai Spring 2003.
An Authentication Service Based on Trust and Clustering in Wireless Ad Hoc Networks: Description and Security Evaluation Edith C.H. Ngai and Michael R.
Spring 2002CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Dept. of Computer Science & Engineering, CUHK1 Trust- and Clustering-Based Authentication Services in Mobile Ad Hoc Networks Edith Ngai and Michael R.
Adaptive Security for Wireless Sensor Networks Master Thesis – June 2006.
T H E O H I O S T A T E U N I V E R S I T Y Computer Science and Engineering 1 Wenjun Gu, Xiaole Bai, Sriram Chellappan and Dong Xuan Presented by Wenjun.
Presented by Xiaoping Yu Cryptography and PKI Cosc 513 Operating System Presentation Presented to Dr. Mort Anvari.
Design of Efficient and Secure Multiple Wireless Mesh Network Speaker: Hsien-Pang Tsai Teacher: Kai-Wei Ke Date: 2005/06/28.
An Authentication Service Against Dishonest Users in Mobile Ad Hoc Networks Edith Ngai, Michael R. Lyu, and Roland T. Chin IEEE Aerospace Conference, Big.
Secure Group Communications in Wireless Sensor Networks December 8, 2003 CS 526 Advance Internet and Web Systems Patrick D. Cook.
Key management in wireless sensor networks Kevin Wang.
Security Management.
1 CS 194: Distributed Systems Security Scott Shenker and Ion Stoica Computer Science Division Department of Electrical Engineering and Computer Sciences.
Computer Science 1 Research on Sensor Network Security Peng Ning Cyber Defense Laboratory Department of Computer Science NC State University 2005 TRES.
C HAPTER 13 Asymmetric Key Cryptography Slides adapted from "Foundations of Security: What Every Programmer Needs To Know" by Neil Daswani, Christoph Kern,
Computer Science Public Key Management Lecture 5.
Security Considerations for Wireless Sensor Networks Prabal Dutta (614) Security Considerations for Wireless Sensor Networks.
Overview of Security Research in Ad Hoc Networks Melanie Agnew John Folkerts Cory Virok.
Brian Padalino Sammy Lin Arnold Perez Helen Chen
MOBILE AD-HOC NETWORK(MANET) SECURITY VAMSI KRISHNA KANURI NAGA SWETHA DASARI RESHMA ARAVAPALLI.
A scalable key pre-distribution mechanism for large-scale wireless sensor networks Author: A. N. Shen, S. Guo, H. Y. Chien and M. Y. Guo Source: Concurrency.
1 Securing Wireless Sensor Networks Wenliang (Kevin) Du Department of Electrical Engineering and Computer Science Syracuse University Excerpted from
The Cryptographic Sensor FTO Libor Dostálek, Václav Novák.
A Design for Secure and Survivable Wireless Sensor Networks Yi Qian, Kejie Lu, David Tipper Presented by: William Newton University of Maryland, Baltimore.
Security in Wireless Sensor Networks using Cryptographic Techniques By, Delson T R, Assistant Professor, DEC, RSET 123rd August 2014Department seminar.
Trust- and Clustering-Based Authentication Service in Mobile Ad Hoc Networks Presented by Edith Ngai 28 October 2003.
Cryptography and Network Security (CS435) Part Eight (Key Management)
Securing Distributed Sensor Networks Udayan Kumar Subhajit Sengupta Sharad Sonapeer.
1 Collaborative Processing in Sensor Networks Lecture 2 - Mobile-agent-based Computing Hairong Qi, Associate Professor Electrical Engineering and Computer.
1 Collaborative Processing in Sensor Networks Lecture 7 - Light-weight Security Solutions Hairong Qi, Associate Professor Electrical Engineering and Computer.
1 Security and Cryptography: basic aspects Ortal Arazi College of Engineering Dept. of Electrical & Computer Engineering The University of Tennessee.
Chapter 3 (B) – Key Management; Other Public Key Cryptosystems.
Two-tier authentication for cluster and individual sets in mobile ad hoc networks Authors: Yuh-Ren Tsai and Shiuh-Jeng Wang Sources: Computer Networks,
Security Issues in Distributed Sensor Networks Yi Sun Department of Computer Science and Electrical Engineering University of Maryland, Baltimore County.
Secure Messenger Protocol using AES (Rijndael) Sang won, Lee
A secure and scalable rekeying mechanism for hierarchical wireless sensor networks Authors: Song Guo, A-Ni Shen, and Minyi Guo Source: IEICE Transactions.
Secured key exchange protocol in wireless mobile ad hoc networks ► Shu-Hwang Liaw; Pin-Chang Su; Henry Ker-Chang Chang; Erl-Huei Lu; Shun-Fu Pon; ► CCST.
1 Routing security against Threat models CSCI 5931 Wireless & Sensor Networks CSCI 5931 Wireless & Sensor Networks Darshan Chipade.
1 Calculations over an Elliptic curve, HOW DO WE DO IT? Why do we need it for WSN? Ortal Arazi Electrical & Computer Engineering Department The University.
Efficient Pairwise Key Establishment Scheme Based on Random Pre-Distribution Keys in Wireless Sensor Networks Source: Lecture Notes in Computer Science,
A Protocol for Tracking Mobile Targets using Sensor Networks H. Yang and B. Sikdar Department of Electrical, Computer and Systems Engineering Rensselaer.
Unpredictable Software-based Attestation Solution for Node Compromise Detection in Mobile WSN Xinyu Jin 1 Pasd Putthapipat 1 Deng Pan 1 Niki Pissinou 1.
Cryptography services Lecturer: Dr. Peter Soreanu Students: Raed Awad Ahmad Abdalhalim
@Yuan Xue CS 285 Network Security Key Distribution and Management Yuan Xue Fall 2012.
 Attacks and threats  Security challenge & Solution  Communication Infrastructure  The CA hierarchy  Vehicular Public Key  Certificates.
Security of the Internet of Things: perspectives and challenges
Prof. Reuven Aviv, Nov 2013 Public Key Infrastructure1 Prof. Reuven Aviv Tel Hai Academic College Department of Computer Science Public Key Infrastructure.
Dept. of Computer Science & Engineering, CUHK1 Trust- and Clustering-Based Authentication Service in Mobile Ad Hoc Networks Presented by Edith Ngai Supervised.
Ing-Ray Chen, Member, IEEE, Hamid Al-Hamadi Haili Dong Secure and Reliable Multisource Multipath Routing in Clustered Wireless Sensor Networks 1.
Presented by Edith Ngai MPhil Term 3 Presentation
Key Management Techniques in Wireless Sensor Networks
Introduction to Wireless Sensor Networks
Net 435: Wireless sensor network (WSN)
Path key establishment using multiple secured paths in wireless sensor networks CoNEXT’05 Guanfeng Li  University of Pittsburgh, Pittsburgh, PA Hui Ling.
Install AD Certificate Services
Presentation transcript:

1 Self-Certified Group Key-Generation for Ad Hoc Clusters in Wireless Sensor Networks Ortal Arazi, Hairong Qi Dept. Electrical & Computer Engineering The University of Tennessee Knoxville, TN Oct. 18, 2005

Electrical & Computer Engineering Department The University of Tennessee 2 Outline Introduction Motivation and goal Foundations for self-certified key generation Two-node self-certified key generation Group self-certified key-generation Conclusions and future work

Electrical & Computer Engineering Department The University of Tennessee 3 Introduction Self-Certified Group Key-Generation for Ad Hoc Clusters in Wireless Sensor Networks ? Cluster A Cluster B Collaborative processing

Electrical & Computer Engineering Department The University of Tennessee 4 Introduction Self-Certified Group Key-Generation for Ad Hoc Clusters in Wireless Sensor Networks ? Same shared key

Electrical & Computer Engineering Department The University of Tennessee 5 Introduction Self-Certified Group Key-Generation for Ad Hoc Clusters in Wireless Sensor Networks ? Authenticated nodes are able to prove their identity to other nodes

Electrical & Computer Engineering Department The University of Tennessee 6 Motivation Wireless sensor network (WSN) applications are growing Military and civilian Military and civilian Supported by diverse research on entire protocol stack Supported by diverse research on entire protocol stack Security is expected to play a key role … Confidentiality – nodes need to be able to exchange data “securely” Confidentiality – nodes need to be able to exchange data “securely” Authentication – nodes should be able to prove their identity to other nodes Authentication – nodes should be able to prove their identity to other nodes Message integrity – a node receiving a message should be able to prove it has not been altered Message integrity – a node receiving a message should be able to prove it has not been altered

Electrical & Computer Engineering Department The University of Tennessee 7 Motivation and goal Public key infrastructure (PKI) is a powerful and proven technology for addressing the three issues mentioned However, due to resource limitations in WSN, existing PKI solutions can not be directly applied Low computational capabilities Low computational capabilities Limited memory resources Limited memory resources Energy constraints imposed on communications Energy constraints imposed on communications Obtain an efficient and scalable self-certified key generation methodologies, specifically optimized for ad-hoc clusters of wireless sensor nodes. ad-hoc clusters of wireless sensor nodes.

Electrical & Computer Engineering Department The University of Tennessee 8 Foundations for self-certified key generation Once a dynamic cluster is established: 1.Initialize symmetric private keys (fixed or ephemeral) for pair nodes within the cluster (using self- certified DH) 2.Generate the group key: Node #1 generates the group Node #1 generates the group key and via XOR it is key and via XOR it is transferred to nodes 2 and 3 transferred to nodes 2 and 3 12 K 12 K 21 K 12 = K K 12 K 21 K 23 K 32

Electrical & Computer Engineering Department The University of Tennessee 9 Two-node self-certified key-generation Fixed key: The private key shared by a pair of nodes is constant is constant Ephemeral key: The private key shared by the same pair of nodes change nodes change The nodes use random terms that yield The nodes use random terms that yield different keys for each session (much more secure) different keys for each session (much more secure)self-certification Each pair of nodes nodes will validate each others’ identities Each pair of nodes nodes will validate each others’ identities Inherent in the key generation process Inherent in the key generation process Cluster A Cluster B

Electrical & Computer Engineering Department The University of Tennessee 10 Diffie-Hellman Key Generation using ECC Uses 163 bits (equivalent of 1024 in RSA) and still retain the same “security strength” Calculations take less time, less memory and less hardware A B X- private key (scalar) Y - private key (scalar) P is a known point on the elliptic curve X x P (Y x P) x X= XY x P = (X x P) x Y Y x P The Discreet Log problem in ECC: by knowing X x P and P, one can not obtain x Two-node self-certified key-generation

Electrical & Computer Engineering Department The University of Tennessee 11 Fixed Key Generation Node iNode j ID j, U j ID i, U i ID v : identification of node v - scalar U v : node v’s public key - a point on the curve X v : node v’s private key - scalar Each node has a set of public and private keys: (U v, X v ) First option: issued by the CA (Certifying authority) First option: issued by the CA (Certifying authority) Second option: calculated by the node, using information issued by the CA Second option: calculated by the node, using information issued by the CA x i [ H ( ID j, U j ) * U j + R ] = x i [ H ( ID j, U j ) * U j + R ] = x j [ H ( ID i, U i ) * U i + R ] Key confirmation authentication

Electrical & Computer Engineering Department The University of Tennessee 12 Fixed Key Generation (cont.) R : the CA’s public key = d*G - a point on the curve d : the CA’s private key - scalar G : a generating group-point, used by all relevant nodes - a point on the curve h v : a random 163 bit number generated by the CA - scalar Node i calculates: x i [ H ( ID j, U j ) * U j + R ] : : x i * x j *G x i * x j *G The case where (U v, X v ) are issued by the CA: CA provides: U i = h i * G U j = h j * G x i = [ H ( ID i, U i ),* h i + d ] mod org G x j = [ H ( ID j, U j ),* h j + d ] mod org G Node j calculates: x j [ H ( ID i, U i ) * U i + R ] :: = x j * x i *G

Electrical & Computer Engineering Department The University of Tennessee 13 Fixed Key Generation (cont.) x i [ H ( ID j, U j ), * U j + R ] = x i H ( ID j, U j ), * U j + x i R scalar 2 multiplications of a scalar by a point on the elliptic curve, with only one dynamic Dynamic Point by scalar multiplication Offline point- by scalar multiplication Contribution:

Electrical & Computer Engineering Department The University of Tennessee 14 Ephemeral Key Generation ID v : identification of node v - scalar U v : node v’s public key - a point on the curve X v : node v’s private key - scalar Pv v : a random 163 bit number generated by node v - scalar Ev v = Pv v * G Pv i [ H(ID j, U j )* U j + R ] + ( x i + Pv i ) Ev j = Pv j [ H(ID i, U i )* U i + R ] + ( x j + Pv j ) Ev i Each node has a set of public and private keys: (U v, X v ) First option: issued by the CA First option: issued by the CA Second option: calculated by the node, using information issued by the CA Second option: calculated by the node, using information issued by the CA Node i Node j ID i, U i, Ev i ID j, U j, Ev j Key confirmation authentication

Electrical & Computer Engineering Department The University of Tennessee 15 Ephemeral Key Generation (cont.) Pv i * H(ID j, U j )* U j + ( x i + Pv i ) (Ev j + R) - x i * R Pv i * H(ID j, U j )* U j + ( x i + Pv i ) (Ev j + R) - x i * R DynamicMultiplication Performed by the node Off line Multiplication preformed ONCE DynamicMultiplication Performed by A neighbor (speed and energy) (speed and energy) Contribution: i ( x i + Pv i ), Ev j ( x i + Pv i ) (Ev j + R) Calculated offline

Electrical & Computer Engineering Department The University of Tennessee 16 Group-Key establishment based on Pairwise DH Key establishment K ij - Shared key of nodes i and j T - Required Public group key ajib T DES ? XOR K ab T T ’ T ‘’’.. ’ T ‘’’.. ’’ DES ? XOR K ij If T= T ‘’’.. ’’ then: 1) The system is Authenticated 2) we have a group key T ‘’’.. ’’ Self-certified group key-generation

Electrical & Computer Engineering Department The University of Tennessee 17 Conclusions We introduced an efficient ECC-based key generation methodology for ad hoc clusters in WSNs Authentication is inherently included through self- certification Both fixed and ephemeral key generations are treated Off-loading was proposed Gaining execution speed Gaining execution speed Better power distribution across the network Better power distribution across the network Group key generation was described

Electrical & Computer Engineering Department The University of Tennessee 18 Future work Fault tolerance Including all the nodes in the chain transferring the group key Including all the nodes in the chain transferring the group key What happens when one or more nodes fail on the chain (generation of redundant paths) What happens when one or more nodes fail on the chain (generation of redundant paths) Increasing the robustness of the key generation process: What happened when nodes are malicious? What happened when nodes are malicious? Analysis of energy consumption Protocol for neighbor node selection (Ephemeral key)

Electrical & Computer Engineering Department The University of Tennessee 19 Thank you. Questions?

Electrical & Computer Engineering Department The University of Tennessee 20 Backup slides

Electrical & Computer Engineering Department The University of Tennessee 21 Self certified DH key generation: Ephemeral key mathematical explanation - in the case where (U v, X v ) are issued by the CA: As given by the CA: U i = Pv i * G + h i * G = ( Pv i + h i ) * G U j = Pv j * G + h j * G = ( Pv j + h j ) * G x i = [ H ( ID i, U i ),* h i + d ] mod org G x j = [ H ( ID j, U j ),* h j + d ] mod org G R : the CA’s public key = d*G - a point on the curve d : the CA’s private key - scalar G : a generating group-point, used by all relevant nodes - a point on the curve h v : a random 163 bit number generated by the CA - scalar Node i calculates: Pv i [ H ( ID j, U j ), * U j + R ]+ ( x i + Pv i ) Ev j x j *G x j *G = Pv i * x j *G + x i * Pv j * G + Pv i * Pv j * G Ev j Ev j Ev j Ev j Node jcalculates: Pv j [ H ( ID i, U i ), * U i + R ]+ ( x j + Pv j ) Ev i x i *G x i *G = Pv j * x i *G + x j * Pv i * G + Pv j * Pv i * G Ev i Ev i Ev i Ev i