Presentation is loading. Please wait.

Presentation is loading. Please wait.

SPLASH Sécurisation des ProtocoLes dans les réseAux mobileS ad Hoc 12 Décembre 2003 Refik Molva Institut EURECOM.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "SPLASH Sécurisation des ProtocoLes dans les réseAux mobileS ad Hoc 12 Décembre 2003 Refik Molva Institut EURECOM."— Presentation transcript:

1 SPLASH Sécurisation des ProtocoLes dans les réseAux mobileS ad Hoc http://www.inrialpes.fr/planete/splash.html 12 Décembre 2003 Refik Molva Institut EURECOM molva@eurecom.fr

2 MANET Security Requirements Wireless & Mobile Limited Energy Lack of physical security Ad Hoc Lack of(or limited) infrastructure Lack of a priori trust Cooperation Enforcement Secure Routing Key management [Recent security solutions for mobile ad hoc networks In “Ad Hoc Networks” IEEE Press - Wiley Ed]

3 Key Management Objectives Bootstrapping from scratch Fully distributed Minimum dependency

4 Key Management Approaches Symmetric crypto [Basagni et al.] (ID, PK) binding –Certificate = (ID,PK) CA Self-organized Authorities [Zhou, Haas] [Kong, et al.] [Yi, Kravets] [Lehane, et al.] Web of trust(PGP) [Hubaux, Buttyan, Capkun] –Certificate-less Crypto-based IDs: ID = h(PK) [Montenegro, Castellucia] [O’Shea, Roe] [Bobba, et al] ID-based Crypto: PK = f(ID) [Halili, Katz, Arbaugh] Context-dependent authentication –location-limited channels [Balfanz, et al.] –Shared passwords [Asokan, Ginzborg]   

5 Self-organized Admission Control Performance Comparison Centralized (simple signatures) –member gets t signatures from other members –Server grants GMC when t or more signatures are shown. Distributed (threshold signatures) –member gets “partial” certificates (m SKi ) from other members. –member combines t certificates to get a GMC GMC = m SK1 m SK2 m SK3.. m SKt = m SK  Threshold signatures are NOT suitable in MANET and sensor networks. C urrently investigating Bilinear mappings [Admission Control in Peer-to-Peer: Design and Performance Evaluation, ACM SASN Workshop, October 2003.] [On the Utility of Distributed Cryptography in P2P and MANETs, ICNP 2003.]

6 Feature Summary RSAASMTS-RSATS-DSA Dealer involved  Simultaneous on-line presence  Accountability  Unlinkability  Verifiable Secret Share NA 

7 Some Results Signature generation Signature verification

8 (ID, PK) binding without a PKI Crypto-Generated Addresses (CGA) Statistically Unique Cryptographically Verifiable IDs [Montenegro, Castellucia] [O’Shea, Roe] IPv6 @ = prefix | h( prefix | PK ) Secure Routing using CGA: AODV [Castellucia, Montenegro] DSR [Bobba, et al] PROs: no certificates, no PKI CONs: generation of bogus IDs New: CGA based on the small primes variation of the Feige-Fiat- Shamir (MFFS) [Statistically Unique and Cryptographically Verifiable Addresses: concepts and applications. ACM TISSEC, Feb. 2004] [Protecting AODV against impersonation attacks, ACM MC2R, October 2002]

9 Cooperation Enforcement in MANET Routing and Packet Forwarding cost energy. Selfish node saves energy for itself Without any incentive for cooperation network performance can be severely degraded. [Michiardi, Molva, EW’02]

10 Cooperation enforcement mechanisms Token-based [Yang,Meng,Lu] Nuglets [Buttyan,Hubaux] SPRITE [Zhong, Chen, Yang ] CONFIDANT [Buchegger,Le Boudec] CORE [Michiardi,Molva] Beta-Reputation [Josang,Ismail] Reputation-based Threshold cryptography Micro-payment

11 CORE a b c d E f g h Packet forwarding Source Node: g Destination Node: f Route: Reputation(b)  Reputation(d)  Reputation(E)  Packet forwarding Source Node: a Destination Node: f Route: Reputation(E) 

12 Cooperation Enforcement Evaluation with Game Theory Cooperative GT –Study the size (k) of a coalition of cooperating nodes –Nash Equilibrium  lower bound on k Non-cooperative GT –Utility function with pricing –Pricing used to guide the operating point (i.e. maximum of utility function) to a fair position –r i : dynamic reputation of node n i evaluated by her neighbors [Michiardi,Molva,CMS’02, WiOpt’03] [Srinivasan,et al.,INFOCOM’03]

13 Simulations: CORE – uniform traffic

14 Simulations: TFT – uniform traffic

15 Simulations: CORE – random traffic

16 Simulations: TFT – random traffic

17 Non-cooperative GT with pricing

18 Summary Specific requirements –Self organized bootstrapping of security associations –Cooperation enforcement Prospects –New tools from crypto bag of tricks (Id-based crypto,...) –Integrated mechanisms: reputation + key management Participation in MOBILEMAN project on Ad Hoc Networks ESAS 2004 1st European Workshop on Security in Ad-Hoc and Sensor Networks. (5.-6. August, 2004)

19 ESORICS 2004 – RAID 2004 September 13-17 Institut EURECOM Sophia Antipolis - FRANCE

20 THANK YOU

Download ppt "SPLASH Sécurisation des ProtocoLes dans les réseAux mobileS ad Hoc 12 Décembre 2003 Refik Molva Institut EURECOM."

Similar presentations

Security in Mobile Ad Hoc Networks

Security in Mobile Ad Hoc Networks
Security in Mobile Ad Hoc Networks Security Protocols and Applications Seminar Rudi Belotti, Frank Lyner April 29, 2003.

Security in Mobile Ad Hoc Networks Security Protocols and Applications Seminar Rudi Belotti, Frank Lyner April 29, 2003.
Security Issues in Mobile Ad hoc Networks

Security Issues in Mobile Ad hoc Networks
P: 1 / 24 Situated and Autonomic Communications FET Integrated Project CASCADAS (www.cascadas-project.org) Mécanismes de sécurité et de coopération entre.

P: 1 / 24 Situated and Autonomic Communications FET Integrated Project CASCADAS ( Mécanismes de sécurité et de coopération entre.
By Md Emran Mazumder Ottawa University Student no: 6282845.

By Md Emran Mazumder Ottawa University Student no:
SPLASH Project INRIA-Eurecom-UC Irvine November 2006.

SPLASH Project INRIA-Eurecom-UC Irvine November 2006.
EPFL, Lausanne, Switzerland Márk Félegyházi Equilibrium Analysis of Packet Forwarding Strategies in Wireless Ad Hoc Networks – the Static Case Márk Félegyházi.

EPFL, Lausanne, Switzerland Márk Félegyházi Equilibrium Analysis of Packet Forwarding Strategies in Wireless Ad Hoc Networks – the Static Case Márk Félegyházi.
Self-Organized Anonymous Authentication in Mobile Ad Hoc Networks Julien Freudiger, Maxim Raya and Jean-Pierre Hubaux SECURECOMM, 2009.

Self-Organized Anonymous Authentication in Mobile Ad Hoc Networks Julien Freudiger, Maxim Raya and Jean-Pierre Hubaux SECURECOMM, 2009.
Counter-measuring MAC Misbehaviors in Ad Hoc Networks using Game Theory March 25, 2010 EE5723 – Computer & Network Security.

Counter-measuring MAC Misbehaviors in Ad Hoc Networks using Game Theory March 25, 2010 EE5723 – Computer & Network Security.
Stimulation for Cooperation in Ad Hoc Networks: Beyond Nuglets Levente Buttyán, Jean-Pierre Hubaux, and Naouel Ben Salem Swiss Federal Institute of Technology.

Stimulation for Cooperation in Ad Hoc Networks: Beyond Nuglets Levente Buttyán, Jean-Pierre Hubaux, and Naouel Ben Salem Swiss Federal Institute of Technology.
Efficient Public Key Infrastructure Implementation in Wireless Sensor Networks Wireless Communication and Sensor Computing, 2010. ICWCSC 2010. International.

Efficient Public Key Infrastructure Implementation in Wireless Sensor Networks Wireless Communication and Sensor Computing, ICWCSC International.
TAODV: A Trusted AODV Routing Protocol for MANET Li Xiaoqi, GiGi March 22, 2004.

TAODV: A Trusted AODV Routing Protocol for MANET Li Xiaoqi, GiGi March 22, 2004.
Hubaux Ne X tworking’03 June 23-25,2003, Chania, Crete, Greece The First COST-IST(EU)-NSF(USA) Workshop on EXCHANGES & TRENDS IN N ETWORKING 1 Self-organization.

Hubaux Ne X tworking’03 June 23-25,2003, Chania, Crete, Greece The First COST-IST(EU)-NSF(USA) Workshop on EXCHANGES & TRENDS IN N ETWORKING 1 Self-organization.
© 2007 Levente Buttyán and Jean-Pierre Hubaux Security and Cooperation in Wireless Networks Chapter 4: Naming and addressing.

© 2007 Levente Buttyán and Jean-Pierre Hubaux Security and Cooperation in Wireless Networks Chapter 4: Naming and addressing.
Security Improvement for Ad Hoc Wireless Network Visal Kith ECE 695 05/05/2006.

Security Improvement for Ad Hoc Wireless Network Visal Kith ECE /05/2006.
SPLASH Project INRIA-Eurecom-UC Irvine November 2006.

SPLASH Project INRIA-Eurecom-UC Irvine November 2006.
NGMAST- WMS workshop17/09/2008, Cardiff, Wales, UK A Simulation Analysis of Routing Misbehaviour in Mobile Ad hoc Networks 2 nd International Conference.

NGMAST- WMS workshop17/09/2008, Cardiff, Wales, UK A Simulation Analysis of Routing Misbehaviour in Mobile Ad hoc Networks 2 nd International Conference.
Secure Routing and Intrusion Detection For Mobile Ad Hoc Networks Secure Routing and Intrusion Detection For Mobile Ad Hoc Networks Anand Patwardhan Jim.

Secure Routing and Intrusion Detection For Mobile Ad Hoc Networks Secure Routing and Intrusion Detection For Mobile Ad Hoc Networks Anand Patwardhan Jim.
1 A few challenges in security & privacy in the context of ubiquitous computing Gene Tsudik SCONCE: Secure Computing and Networking Center UC Irvine

1 A few challenges in security & privacy in the context of ubiquitous computing Gene Tsudik SCONCE: Secure Computing and Networking Center UC Irvine
1 Key Management in Mobile Ad Hoc Networks Presented by Edith Ngai Spring 2003.

1 Key Management in Mobile Ad Hoc Networks Presented by Edith Ngai Spring 2003.

Similar presentations

Ads by Google