Presentation is loading. Please wait.

Presentation is loading. Please wait.

SPLASH Project INRIA-Eurecom-UC Irvine November 2006.

Similar presentations


Presentation on theme: "SPLASH Project INRIA-Eurecom-UC Irvine November 2006."— Presentation transcript:

1 SPLASH Project INRIA-Eurecom-UC Irvine November 2006

2 SPLASH project review Security of Wireless Adhoc Networks –From MANET security… –To WSN (Wireless Sensor Network) Security! Many contributions in many different areas...

3 Outline MANET Security –Membership Management –Collaboration Enforcement WSN Security –The security Challenges –Secure Aggregation Conclusions

4 What is a MANET? No centralized control No hierarchy Fault-tolerant Dynamic membership MANET Distributed and scalable security services required Set of nodes (5-50) that establish A network Wireless and multi-hop Does not rely on any fixed infrastructure Spontenuous (no prior association)

5 MANET two main Security Challenges Membership Management –How does a new node become a member of the MANET without relying on a trusted membership controller? Secure Routing/Collaboration Enforcement –How can we make sure that all node collaborate i.e. relays others’ packets?

6 Membership Management: The Centralized Approach A B C D E F Membership manager

7 Our Approach:Distributed Membership Management A B C E F

8 Our approach:Admission Control Step 1: Join request Step 2: Join commit (Vote) Step 3: GMC issuance & share acquisition M new New member (M new ) wants to join the group A quorum of t current members need to issue M new a group membership certificate (GMC) If no quorum found, membership is denied Vote 1 Vote 2

9 Contributions Solution based on secret sharing technique + polynomial interpolation. –Only One round (instead of t) is necessary to become a member of the group. Once a node becomes a member it receives a token (private key) that can be used to: –Vote for new member –Establish a key with any other MANET member –Prove membership More infos?: –Robust Self-Keying Mobile Ad Hoc Networks, Claude Castellucia, Nitesh Saxena, and Jeong H. Yi, Elsevier Computer Networks, April Elsevier Computer Networks

10 Secure Collaboration How to make sure that members are not selfish? –Some nodes might drop packets to save energy or to perform DoS attacks We have developped: – a reputation based solution (CORE) –a Cryptographic solution

11 How to enforce collaborations? Problem statement: A B C CA

12 How to enforce collaborations? Problem statement: A B C CA

13 Our solution Some packets addressed to B are routed via C –Boomerang routing ;-) A C B CABA A C B CABA BA

14 Our solution If B drops packets…it may drop some of its packets  … It is forced to collaborate since he does not know the final destination… Reference: Pocket bluff (INRIA Research Report) Pocket bluff A C B CABA

15 Wireless Sensor Networks Another type of adhoc networks Network of sensors that usually monitor the environment Sensors are very small and cheap devices They usually send their monitored data to the sink (a more powerful device)

16 Application Spectrum Hazard Detection Biological Monitoring Linear Structure Protection Smart Environment Wearable Computing Immerse Environments Earth Science & Exploration Context-Aware Computing Interactive VR Game Wireless Sensor Networks Urban Warfare Military Surveillance Disaster Recovery Environmental Monitoring

17 MANET vs WSN MANET and WSN look similar but they are quite different.. MANETWSN Nodes are Mobile Nodes are Fixed Nodes 1000/10000 Nodes Nodes belong to same entity Nodes belong to different entitiesNodes sends to BS P2P communication Nodes can easily be physically corrupted Nodes have very Limited CPU/memory/energy

18 Manet Security Challenges MANET WSN Access/Membership control Scalability Collaboration enforcement/ Secure routing Energy/CPU efficient security protocols Sensor revocation

19 Some Contributions Key establishment/pairing –Shake them Up! (presented last year) Secure Aggregation –Aggregation is a useful technique to save energy –User is often more interested in the aggregate (i.e. average in a give area) than each individual value –Instead of sending each value to the sink, the values are added by intermediate nodes… –Less packets are transmitted, i.e. energy is saved…

20 Secure Aggregation Aggregation is simple without security –Intermediate nodes process data of their children But what happens if the data sent by each sensor is encrypted using a key that it shares with the sink? –Data processing is no more possible…or is it? –We’ve developed a new additively homomorphic cipher Enc(k1, msg1) + Enc(k2, msg2) = Enc(k1+k2, msg1+msg2) Intermediate nodes can add the ciphers they receive from children …and the sink can still recover the sum of the plaintexts. But intermediate nodes do not have access to the plaintext values, i.e. privacy is provided… More info?: –Efficient Aggregation of Encrypted Data in Wireless Sensor Networks, Conference Presentation Mobiquiotous 2005, July 2005Mobiquiotous 2005

21 Conclusions The SPLASH project was a very productive and successful project –Pars Mutaf (INRIA) visited Eurecom for 1 year. –Claude Castelluccia (INRIA) visited UCI for 2 years. The scientific contributions were numerous and many papers were published We participated in many conf. PC and launched ESAS (Europeen Workshop on Security in Adhoc and Sensor Network) We have deployed 2 testbeds –MANET (Eurecom) to evaluate CORE –WSN (INRIA)

22 Some Papers Key distribution/Membership Management in MANET –Robust Self-Keying Mobile Ad Hoc Networks, Elsevier Computer Networks, April 2007.Elsevier Computer Networks –Ad hoc network security, book chapter in Mobile Adhoc networking, 2004 and in Handbook of Information Security (2006). Secure and Private MANET routing protocol –Packet coding for strong anonymity in ad hoc networks, IEEE Securecomm 2006, –Securing Route Discovery in DSR, IEEE Mobiquitous'05 Collaboration Enforcement in MANET –CORE: a collaborative reputation mechanism to enforce node cooperation in MANET (Michiardi phd thesis, publications) –Pocket Bluff, INRIA Tech. Report, WSN Security –Shake Them Up! Mobisys –Efficient Aggregation of Encrypted Data in Wireless Sensor Networks IEEE Mobiquitous'05 –Authenticated Interleaved Encryption, eprint, –More to come soon ;-)

23 Visibility European Workshop on Security in Ad-Hoc and Sensor Networks (2004) –Refik Molva and Gene Tsudik (UCI) were chairing ESAS2005 –C.Castelluccia is in the steering com. –ESAS and IEEE WISE will merge to create an new IEEE conference: IEEE WISEC (Wireless Security)! We have chaired/were in the PC on numerous conf./workshop: Securecom, Mobiquitous, ESAS, Globecom, UbiSec,…


Download ppt "SPLASH Project INRIA-Eurecom-UC Irvine November 2006."

Similar presentations


Ads by Google