Presentation is loading. Please wait.

Presentation is loading. Please wait.

A Lightweight Hop-by-Hop Authentication Protocol For Ad- Hoc Networks Speaker: Hsien-Pang Tsai Teacher: Kai-Wei Ke Date:2005/01/20.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "A Lightweight Hop-by-Hop Authentication Protocol For Ad- Hoc Networks Speaker: Hsien-Pang Tsai Teacher: Kai-Wei Ke Date:2005/01/20."— Presentation transcript:

1 A Lightweight Hop-by-Hop Authentication Protocol For Ad- Hoc Networks Speaker: Hsien-Pang Tsai Teacher: Kai-Wei Ke Date:2005/01/20

2 2005/1/202 Outline Introduction LHAP Security Analysis Performance Analysis Conclusion

3 2005/1/203 Securing Ad hoc Networks Most ad hoc networks do not have any provisions for restricting or regulating the traffic. Recently researchers have proposed security extensions for authenticating routing control packets. A simple solution is to use a network-wide key shared by all nodes.

4 2005/1/204 Public Key Algorithm Two problems with shared-key :  Key management  Digital signatures (Authentication) Key feature of public key cryptosystem  Two keys: Public Key & Private Key  Computational infeasible to determine decryption key.

5 2005/1/205 Public Key Algorithm (cont.) Public Key Encryption

6 2005/1/206 Public Key Algorithm (cont.) Public Key authentication

7 2005/1/207 Outline Introduction LHAP Security Analysis Performance Analysis Conclusion

8 2005/1/208 LHAP Lightweight hop-by-hop authentication. A node joining an ad hoc network only needs to perform some inexpensive authentication with its neighbors. Residing in between the data link layer and the network layer.

9 2005/1/209 Notation

10 2005/1/2010 Trust Management Trust Bootstrapping

11 2005/1/2011 Trust Management (1) Trust Maintenance  Each node broadcasts an KEYUPDATE message (with TTL=1) to its neighbors.  The KEYUPDATE message is authenticated with the next TESLA key in its key chain.  Preventing malicious nodes from forging traffic using the TRAFFIC keys node A has already released.

12 2005/1/2012 Trust Management (2) Trust Termination  When a compromised node is detected, all the node will terminate their trust relationship with that node permanently.  When a node doesn’t receive a valid KEYUPDATE message from a neighbor within a TESLA interval, it will terminate it trust of this neighbor temporarily.

13 2005/1/2013 Lightweight Traffic Authentication Each node generates a one-way key chain used for traffic authentication. Node A want to broadcast a packet M: Benefit:  Enable instant verification of traffic packets.  It is not necessary to disclose TRAFFIC keys periodically.

14 2005/1/2014 Outline Introduction LHAP Security Analysis Performance Analysis Conclusion

15 2005/1/2015 Security Analysis Outside attacks  Single outside attack  Collaborative outside attack  Hidden terminal attack Inside attacks  Single inside attack  Insider clone attack

16 2005/1/2016 Outside Attacks Single outside attack

17 2005/1/2017 Outside Attacks (1) Collaborative outside attack  Attacker P1 and P2 have a private channel.  P1 forwards every message it eavesdropped from node A, including KEYUPDATE messages and traffic packets.  Solution: Allow a receiving node to determine if they should be able to hear each other.

18 2005/1/2018 Outside Attacks (2) Hidden terminal attack  IEEE 802.11 solves the problem using CSMA/CA with ACKs and optional RTS/CTS control packet.

19 2005/1/2019 Insider Attacks Single insider attack  A compromised node might attempt to flood the network with many traffic packets. Insider clone attack  When a compromised nod shares its private key with its outside conspirators. Solution  Instruction Detection System (IDS).

20 2005/1/2020 Outline Introduction LHAP Security Analysis Performance Analysis Conclusion

21 2005/1/2021 Performance Analysis Computational Overhead  RSA digital signature verifications.  Hash computation Latency  A node verifies a traffic packet it receives by computing one or more hashes. Traffic Byte Overhead  A node adds a traffic key to every traffic packet it sends,…

22 2005/1/2022 Performance Analysis (cont.)  JOIN message, a public key certificate and the size of a digital signature.  A node sends an ACK packet to every new neighbor…  KEYUPDATE message.

23 2005/1/2023 Outline Introduction LHAP Security Analysis Performance Analysis Conclusion

24 2005/1/2024 Conclusion Presented a lightweight hop-by-hop authentication protocol for network access control in ad hoc networks. Transparent to and independent of the routing protocol.

25 2005/1/2025 Reference 1. Sencun Zhu, and Shouhuai Xu, “LHAP:A lightweight Hop-by-Hop Authentication Protocol For Ad-Hoc Networks”, ICDCSW’03, IEEE 2003. 2. Adrian Perrig, and Ran Canetti, “Efficient Authentication and Signing of Multicast Streams over Lossy Channels”, IEEE 2000.

Download ppt "A Lightweight Hop-by-Hop Authentication Protocol For Ad- Hoc Networks Speaker: Hsien-Pang Tsai Teacher: Kai-Wei Ke Date:2005/01/20."

Similar presentations

Chris Karlof and David Wagner

Chris Karlof and David Wagner
Computer Science Dr. Peng NingCSC 774 Adv. Net. Security1 CSC 774 Advanced Network Security Topic 6. Security in Mobile Ad-Hoc Networks.

Computer Science Dr. Peng NingCSC 774 Adv. Net. Security1 CSC 774 Advanced Network Security Topic 6. Security in Mobile Ad-Hoc Networks.
By Md Emran Mazumder Ottawa University Student no: 6282845.

By Md Emran Mazumder Ottawa University Student no:
Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Efficient Public Key Infrastructure Implementation in Wireless Sensor Networks Wireless Communication and Sensor Computing, 2010. ICWCSC 2010. International.

Efficient Public Key Infrastructure Implementation in Wireless Sensor Networks Wireless Communication and Sensor Computing, ICWCSC International.
1 Network Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

1 Network Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
TAODV: A Trusted AODV Routing Protocol for MANET Li Xiaoqi, GiGi March 22, 2004.

TAODV: A Trusted AODV Routing Protocol for MANET Li Xiaoqi, GiGi March 22, 2004.
A Survey of Secure Wireless Ad Hoc Routing

A Survey of Secure Wireless Ad Hoc Routing
Packet Leashes: Defense Against Wormhole Attacks Authors: Yih-Chun Hu (CMU), Adrian Perrig (CMU), David Johnson (Rice)

Packet Leashes: Defense Against Wormhole Attacks Authors: Yih-Chun Hu (CMU), Adrian Perrig (CMU), David Johnson (Rice)
Network Access Control for Mobile Ad Hoc Network Pan Wang North Carolina State University.

Network Access Control for Mobile Ad Hoc Network Pan Wang North Carolina State University.
Secure and Efficient Key Management in Mobile Ad Hoc Networks Bing Wu, Jie Wu, Eduardo B. Fernandez, Mohammad Ilyas, Spyros Magliveras Department of Computer.

Secure and Efficient Key Management in Mobile Ad Hoc Networks Bing Wu, Jie Wu, Eduardo B. Fernandez, Mohammad Ilyas, Spyros Magliveras Department of Computer.
Nov.6, 2002 Secure Routing Protocol for Ad Hoc Networks Li Xiaoqi.

Nov.6, 2002 Secure Routing Protocol for Ad Hoc Networks Li Xiaoqi.
研 究 生:蔡憲邦 指導教授:柯開維 博士 Design of Efficient and Secure Multiple Wireless Mesh Network 具安全性及自我組織能力的 無線網狀網路.

研 究 生:蔡憲邦 指導教授:柯開維 博士 Design of Efficient and Secure Multiple Wireless Mesh Network 具安全性及自我組織能力的 無線網狀網路.
An Authentication Service Based on Trust and Clustering in Wireless Ad Hoc Networks: Description and Security Evaluation Edith C.H. Ngai and Michael R.

An Authentication Service Based on Trust and Clustering in Wireless Ad Hoc Networks: Description and Security Evaluation Edith C.H. Ngai and Michael R.
Security Issues In Sensor Networks By Priya Palanivelu.

Security Issues In Sensor Networks By Priya Palanivelu.
Spring 2002CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Spring 2002CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Packet Leashes: A Defense against Wormhole Attacks in Wireless Networks Yih-Chun Hu (Carnegie Mellon University) Adrian Perrig (Carnegie Mellon University)

Packet Leashes: A Defense against Wormhole Attacks in Wireless Networks Yih-Chun Hu (Carnegie Mellon University) Adrian Perrig (Carnegie Mellon University)
Centre for Wireless Communications University of Oulu, Finland

Centre for Wireless Communications University of Oulu, Finland
Design of Efficient and Secure Multiple Wireless Mesh Network Speaker: Hsien-Pang Tsai Teacher: Kai-Wei Ke Date: 2005/06/28.

Design of Efficient and Secure Multiple Wireless Mesh Network Speaker: Hsien-Pang Tsai Teacher: Kai-Wei Ke Date: 2005/06/28.
Sencun Zhu Sanjeev Setia Sushil Jajodia Presented by: Harel Carmit

Sencun Zhu Sanjeev Setia Sushil Jajodia Presented by: Harel Carmit

Similar presentations

Ads by Google