Presentation is loading. Please wait.

Presentation is loading. Please wait.

Διπλωματική Εργασία The Peer-to-Peer Wireless Network Confederation Protocol: Design Specification and Performance Analysis Παρουσίαση: Παντελής Φραγκούδης.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Διπλωματική Εργασία The Peer-to-Peer Wireless Network Confederation Protocol: Design Specification and Performance Analysis Παρουσίαση: Παντελής Φραγκούδης."— Presentation transcript:

1 Διπλωματική Εργασία The Peer-to-Peer Wireless Network Confederation Protocol: Design Specification and Performance Analysis Παρουσίαση: Παντελής Φραγκούδης Επιβλέπων: Γ. Πολύζος Εξωτερικός αξιολογητής: Κ. Κουρκουμπέτης

2 2/24 Outline  Introduction  System overview and architecture  P2PWNC protocol  Reference implementation  Performance evaluation  Conclusion

3 3/24 Introduction  Peer-to-Peer Wireless Network Confederation (P2PWNC) WLAN roaming scheme based on the P2P paradigm Sharing WLAN resources  Motivation Wide spread of WLAN low-cost equipment and broadband access Underutilized residential WLAN resources Limited WLAN roaming capabilities  Purpose Fueling ubiquitous internet access Exploiting underutilized residential WLAN resources Enforcing cooperation through reciprocity  Characteristics Deployment simplicity Agent autonomy Low managerial overhead

4 4/24 P2PWNC Overview  Users organized in teams  Rule of reciprocity Members of a team are freely served by other teams if their team also serves members of other teams  Autonomous decisions Decisions are based on transaction history Decision algorithms: not specified by the protocol  Trust model Team members know and trust each other Teams do not trust one another  Two operation modes: Centralized (TCA), Decentralized (no TCA)  ASCII-based communication protocol

5 5/24 System Entities (1/3)  Teams P2PWNC peers Team identifier: public/secret key pair Each team operates a number of access points  Team members Member identifier: public/secret key pair Team membership established via a certificate  Access Points

6 6/24 System Entities (2/3)  Receipts Proofs of prior transactions Issued (signed) by service consumer 1 receipt per session Consumer Certificate Consumer Signature Provider PK Timestamp Weight Member PK Team PK Team Signature

7 7/24 System Entities (3/3)  Receipt Repository Stores transaction history History used as input to the decision algorithm  Trusted Central Authority Issues key pairs for teams Manages a central receipt repository  Team Server Issues member key pairs and certificates Manages a team-local receipt repository Updates member repositories by answering UPDT messages

8 8/24 Centralized Operation Mode

9 9/24 Decentralized Operation Mode

10 10/24 The P2PWNC Protocol  ASCII-based messages  Support for RSA and Elliptic Curve Cryptography (ECC) digital signatures  Specifies cryptosystem parameters  Specifies key, certificate and signature data representations  Does not specify decision algorithms, data storage formats, software agent implementation details

11 11/24 Cryptosystem Parameters  RSA Bit lengths: 1024, 1536, 2048 Digest values produced by SHA-1  ECC Bit lengths: 160, 192, 224, 256 ECDSA algorithm (using SHA-1)

12 12/24 Protocol Messages  CONN: session initiation  CACK: session establishment  RREQ: receipt request  RCPT: receipt  QUER: query to the Receipt Repository  QRSP: query response (grant/deny access)  UPDT: repository update request

13 13/24 Mobile User – Access Point Session Mobile UserAccess PointRepository CONN QUER QRSP CACK RREQ RCPT Timeout/ Conn. closed RCPT RREQ

14 14/24 Reference Implementation (1/3)  AP module Runs on top of embedded Linux-based wireless access points Multithreaded TCP server Uses netfilter/iptables for network access control Kernel-level traffic measurements per session Mandatory support for RSA, ECC  Mobile User module Currently, C and Java implementations Need not support both RSA, ECC.

15 15/24 Reference Implementation (2/3)  Receipt Repository module Composite data structure for receipt storage Decision algorithms: pluggable modules Decisions based on the maximum-flow algorithm Push-Relabel Algorithm - O(V 3 ) “Global relabeling” heuristic

16 16/24 Reference Implementation (3/3)  TCA module Includes receipt repository module TCP server waiting for RCPT & QUER messages Team database Team key pair generation module Mandatory support for both RSA, ECC  Team Server module Includes receipt repository module TCP server waiting for RCPT, QUER, UPDT messages Mandatory support for both RSA, ECC

17 17/24 Performance Evaluation  Testbed Linksys WRT54GS wireless router AMD AthlonXP 2800 laptop  Cryptographic operations performance tests Signature, verification tests ECC vs RSA, AthlonXP vs Linksys WRT54GS  Maximum flow algorithm performance tests Peer population: 100, 500, 1000 teams Receipt repository size: 100 to 10000 receipts Running time and memory consumption tests  Effects of signature verifications on AP operation Tests run on Linksys WRT54GS FTP transfer of a ~220Mb file 160bit ECDSA verifications

18 18/24 Testbed Platform Specifications Athlon XP2800Linksys WRT54GS System typeAMD AthlonXP 2800Broadcom MIPS CPU speed2.08GHz200MHz RAM512 Mb32Mb Permanent storage60 Gb hard disk8 Mb flash (read only), 32 Kb NVRAM Operating systemRedHat Linux 8, 2.4 kernelEmbedded Linux (by Broadcom) - 2.4 kernel OpenSSL version0.9.8, beta 5 Compilergcc v3.2 GCC optimizations-O3-O3 –mcpu=r4600 –mips2

19 19/24 Cryptographic Operations Performance Security Level Key Size ratio (RSA/ECC) Athlon XPLinksys WRT54GS RSAECCRSAECC Digital Signing 1024/1606.4 : 19.01.3300.620.3 1536/1928 : 125.91.2655.618.5 2048/2249.14 : 147.31.41529.023.4 3072/25612:1149.11.73939.073.1 Signature Verification 1024/1606.4 : 10.46.512.3114.7 1536/1928 : 10.86.021.499.9 2048/2249.14 : 11.37.137.9135.7 3072/25612:12.88.675.3453.0 Time measured in milliseconds

20 20/24 Maximum Flow Algorithm Running Time on Athlon XP

21 21/24 Maximum Flow Algorithm Running Time on Linksys WRT54GS

22 22/24 Effect of CPU Intensive Tasks on Throughput  Verification wall clock time: 0.12sec  223.33Mbyte FTP transfer over Linksys WRT54GS (wired): 3956.62 Kbytes/sec Verifications/secDelay (of #verifications) Throughput (Kbytes/sec) Transfer time (seconds) --3956.62 (pure transfer) 56.58 0.7293858.0558.00 1.2843600.8562.00 2.5613145.6771.00 3.7602783.7980.50 8.5 (pure verification time) 0--

23 23/24 Extensions  Denial-of-Service attacks DoS attacks to APs/Receipt Repositories Exploit of probabilistic nature of decision algorithms  Implementation issues Maxflow algorithm heuristics Receipt Repository as a distributed database Study and improve ECC efficiency  Deployment issues Porting client software to more platforms (esp. PDAs) Downloadable Linksys WRT54GS firmware distribution  Evaluation issues Maxflow testing on various graph types (based on user mobility models)

24 24/24 Summary  Specified, implemented and evaluated a protocol for the provision of unified WLAN roaming services  Aiming at fueling ubiquitous Internet access  Scheme built around the ideas of agent autonomy and service reciprocity  Maximum flow-based decision algorithms  Designed with embedded/constrained devices in mind  Efficient data structures for data storage/retrieval and graph operations  Tested applicability of Elliptic Curve Cryptography

Download ppt "Διπλωματική Εργασία The Peer-to-Peer Wireless Network Confederation Protocol: Design Specification and Performance Analysis Παρουσίαση: Παντελής Φραγκούδης."

Similar presentations

MicroCast: Cooperative Video Streaming on Smartphones Lorenzo Keller, Anh Le, Blerim Cic, Hulya Seferoglu LIDS, Christina Fragouli, Athina Markopoulou.

MicroCast: Cooperative Video Streaming on Smartphones Lorenzo Keller, Anh Le, Blerim Cic, Hulya Seferoglu LIDS, Christina Fragouli, Athina Markopoulou.
Spring 2012: CS419 Computer Security Vinod Ganapathy SSL, etc.

Spring 2012: CS419 Computer Security Vinod Ganapathy SSL, etc.
1 GridTorrent Framework: A High-performance Data Transfer and Data Sharing Framework for Scientific Computing.

1 GridTorrent Framework: A High-performance Data Transfer and Data Sharing Framework for Scientific Computing.
Efficient Public Key Infrastructure Implementation in Wireless Sensor Networks Wireless Communication and Sensor Computing, 2010. ICWCSC 2010. International.

Efficient Public Key Infrastructure Implementation in Wireless Sensor Networks Wireless Communication and Sensor Computing, ICWCSC International.
Customized Network Security Protocols Cristina Nita-Rotaru and Jeffrey Seibert SPONSORED BY DOUBLE-TAKE SOFTWARE (Jan. 2009 - July 2009) Department of.

Customized Network Security Protocols Cristina Nita-Rotaru and Jeffrey Seibert SPONSORED BY DOUBLE-TAKE SOFTWARE (Jan July 2009) Department of.
 Alexandra Constantin  James Cook  Anindya De Computer Science, UC Berkeley.

 Alexandra Constantin  James Cook  Anindya De Computer Science, UC Berkeley.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
Peer-to-Peer Wireless Network Confederation (P2PWNC) George C. Polyzos Mobile Multimedia Laboratory Department of Computer Science Athens.

Peer-to-Peer Wireless Network Confederation (P2PWNC) George C. Polyzos Mobile Multimedia Laboratory Department of Computer Science Athens.
March 2009IETF 74 - NSIS1 Implementation of Permission-Based Sending (PBS) NSLP: Network Traffic Authorization draft-hong-nsis-pbs-nslp-02 Se Gi Hong*,

March 2009IETF 74 - NSIS1 Implementation of Permission-Based Sending (PBS) NSLP: Network Traffic Authorization draft-hong-nsis-pbs-nslp-02 Se Gi Hong*,
Extensible Networking Platform 1 1 - IWAN 2005 Extensible Network Configuration and Communication Framework Todd Sproull and John Lockwood

Extensible Networking Platform IWAN 2005 Extensible Network Configuration and Communication Framework Todd Sproull and John Lockwood
WAP Public Key Infrastructure CSCI 5939.02 – Independent Study Fall 2002 Jaleel Syed Presentation No 5.

WAP Public Key Infrastructure CSCI – Independent Study Fall 2002 Jaleel Syed Presentation No 5.
Real-Time Authentication Using Digital Signature Schema Marissa Hollingsworth BOISECRYPT ‘09.

Real-Time Authentication Using Digital Signature Schema Marissa Hollingsworth BOISECRYPT ‘09.
CSCE 715 Ankur Jain 11/16/2010. Introduction Design Goals Framework SDT Protocol Achievements of Goals Overhead of SDT Conclusion.

CSCE 715 Ankur Jain 11/16/2010. Introduction Design Goals Framework SDT Protocol Achievements of Goals Overhead of SDT Conclusion.
FIT3105 Smart card based authentication and identity management Lecture 4.

FIT3105 Smart card based authentication and identity management Lecture 4.
Designing a Peer-to-Peer Wireless Network Confederation Elias C. Efstathiou and George C. Polyzos Department of Computer Science Athens University of Economics.

Designing a Peer-to-Peer Wireless Network Confederation Elias C. Efstathiou and George C. Polyzos Department of Computer Science Athens University of Economics.
P2PWNC Wireless Community Network CMSC 711: Computer Networks Yee Lin Tan Adam Phillippy.

P2PWNC Wireless Community Network CMSC 711: Computer Networks Yee Lin Tan Adam Phillippy.
Socket Programming.

Socket Programming.
1 Côte d’Azur / France - 21, 22, 23, 24 May 2006 HP OpenView University Association, 13th Workshop Building Secure Media Applications over Wireless Community.

1 Côte d’Azur / France - 21, 22, 23, 24 May 2006 HP OpenView University Association, 13th Workshop Building Secure Media Applications over Wireless Community.
A Trust Based Assess Control Framework for P2P File-Sharing System Speaker : Jia-Hui Huang Adviser : Kai-Wei Ke Date : 2004 / 3 / 15.

A Trust Based Assess Control Framework for P2P File-Sharing System Speaker : Jia-Hui Huang Adviser : Kai-Wei Ke Date : 2004 / 3 / 15.
بسم الله الرحمن الرحيم NETWORK SECURITY Done By: Saad Al-Shahrani Saeed Al-Smazarkah May 2006.

بسم الله الرحمن الرحيم NETWORK SECURITY Done By: Saad Al-Shahrani Saeed Al-Smazarkah May 2006.

Similar presentations

Ads by Google