Presentation on theme: "Wireless Information Networking Group (WING) Securing Wireless Ad Hoc Networks: An ID-Based Cryptographic Approach Yuguang “Michael” Fang, Professor JSPS."— Presentation transcript:
Wireless Information Networking Group (WING) Securing Wireless Ad Hoc Networks: An ID-Based Cryptographic Approach Yuguang “Michael” Fang, Professor JSPS Visiting Invitation Fellow University of Florida Research Foundation Professor Department of Electrical & Computer Engineering University of Florida Changjiang Scholar Chair Professor Xidian University, China In Collaboration with Xiaoyan Zhu and Yanchao Zhang http://winet.ece.ufl.edu/
Wireless Information Networking Group (WING) Outline Introduction –Resource-constrained wireless ad hoc networks –Security requirements Security issues to tackle Our ID-based public key approach Conclusion & future work
Future Cyberspace: Integrated Wired-Wireless Internet Mobile Ad-Hoc Networks Current Internet Wi-Fi Networks Cellular Networks WiMAX Networks Wireless Mesh Networks Wireless Sensor Networks NSF GENI Vision www.geni.net
Wireless Information Networking Group (WING) Wireless Movement There are many interesting applications –Cellular phones –PDAs or iPods –Bluetooth earphones –Wi-Fi (hot-spot technologies) –Tactical radios (missions for war or peace keeping)) –Smart phones (healthcare monitoring) –iPhone –Wireless sensors (tagging the environments) –Digital cameras or camcorder (wireless connections) You are being watched!!!
Wireless Information Networking Group (WING) Wireless Advantage There are many good things wireless can offer –Frees us from physical attachment – Provides freedom of movement while engaging in communications –Can be self-configured with rapid setup –Could be made high speed (broadband) –Could be made small and be embedded in everything (everything goes wireless)
Wireless Information Networking Group (WING) Wireless Disadvantage There are many design challenges –Poor channel conditions (e.g., fading) –Time-varying links –Failure due to mobility/power depletion –Susceptible to interference –Limited bandwidth –Limited power –Limited computing resources (memory and CPU) –Open access (subject to interception or eavesdropping) –Lack of trusted infrastructure (sometimes)!
Wireless Information Networking Group (WING) Design Challenges Resource constraints pose many secure design challenges –Security schemes for wired networks may NOT be feasible for wireless networks –Computationally intensive scheme will not work well –Power hungry operations should be avoided (due to either computation or communications) –Trust model should be re-evaluated –Non-conventional attacks should be investigated and appropriate strategy should be designed
Wireless Information Networking Group (WING) Design Challenges PKI or not PKI? This is the question! Public (asymmetric) key approach: PKI –Pros: scalable, easier key establishment, better authentication and embedded digital signature –Cons: computationally intensive, larger key size, demand trusted infrastructure (certificate management) and more overhead due to certificate management, and subject to DoS attacks Secret (symmetric) key approach: not PKI –Pros: low computational overhead, no certificate is necessary –Cons: not scalable, more communication overhead, no support of digital signature …dilemma indeed!!!
Wireless Information Networking Group (WING) ID-based Public Key Cryptography (PKC) ID-based Signature (Shamir 1984) ID-based PKC (Non-interactive PKC) –Joux (2000): pairing does some magic—three-party key agreement –Boneh and Franklin (2001): alternative PKI (encryption) –Any string (or ID) such as email, telephone number, or any string can be used as the public key –No certificate is necessary: does not need to maintain (ID,PublicKey) binding because the public key is directly derivable from the ID –Elliptic curve cryptography can be easily incorporated
Wireless Information Networking Group (WING) Why ID-based PKC Advantages –Non-interactive key establishment: shared secret without exchanging information—conserving energy! –No certificate: saving memory space! No need of trusted infrastructure! –The fact that any string can be a part of public key offers the flexibility of adding specialized property to a user: instead of Michael, we can use Michael @UF –Scalable: as long as private key is given from the same master secret, secure communication can be enabled
Wireless Information Networking Group (WING) Why ID-based PKC Disadvantages –The master secret holder (Trusted Authority or TA) knows everything: somebody is watching! –Computational complexity of pairing: more complex than exponentiation! Fitting Wireless Ad Hoc Networks (WANETs) –WANETs is designed for a single mission, hence collaborative in nature and TA is the network owner! –Pairing computational efficiency is progressing: Hardware implementation: Tate pairing needs 6ms to compute Platform implementation: sub-second implementation on sensor platform has been proposed lately (Wisec’2009)
Wireless Information Networking Group (WING) Notation
Wireless Information Networking Group (WING) Pairing Technique Similar to the exponentiation function in RSA Modified Weil pairing or Tate pairing can be used
Wireless Information Networking Group (WING) Key Generation and Establishment Key Generation: Given (ID, K), it is infeasible to derive s, as the Discrete Logarithm Problem is computationally hard in G 1. Key establishment: node A (ID A,K A ) and node B (ID B,K B ) A shared key is established without exchanging any information!!!
Wireless Information Networking Group (WING) Wireless Sensor Networks A wireless sensor network (WSN) is composed of a large number of low-cost sensor nodes randomly deployed to sense/monitor the field of interest, collect and process information, and make intelligent decision (actuation) Sensor nodes –Limited in energy, computation, and storage –Sense/monitor their local environment –Perform limited data processing –Communicate over short distances –Actuate/control (decision making) E.g., sink model –Gather data from sensor nodes and connect the WSN to the outside world
Wireless Information Networking Group (WING) Wireless Sensor Networks sink
Wireless Information Networking Group (WING) Security Requirements sink An attacker at (20,18) ABU Message confidentiality An attacker at (20,18) Message authenticity & integrity Node mutual authentication More …
Wireless Information Networking Group (WING) Security Issues Authentication Key agreement Mitigating specific serious attacks Secure location discovery Broadcast authentication Secure data aggregation Secure clock synchronization Secure routing and MAC protocols Intrusion detection …
Wireless Information Networking Group (WING) #1 Pair-wise Authentication Two neighboring nodes verify that the other party is who it claims to be –Chan et al. (IEEE SP ’ 03) Otherwise, attackers can –Inject false data reports via good nodes –Distribute wrong routing information –Impersonate good nodes to misbehave AB “Show me you are B ” “Show me you are A ”
Wireless Information Networking Group (WING) #2 Key Agreement Two neighboring nodes establish a shared secret key known only to themselves –Eschenauer and Gligor (CCS ’ 03), Chan et al. (SP ’ 03), Liu and Ning (IEEE CCS ’ 03), … The shared key is a prerequisite for –Message encryption/decryption –Message authentication AB encrypt/ authenticate
Wireless Information Networking Group (WING) #3 Sybil Attack Sybil (1976) staring Sally Field: a girl with at least 13 personalities A malicious node claims multiple identities –Severely interrupt routing, fair resource allocation, distributed storage, misbehavior detection … –Douceur (IPTPS ’ 02), Newsome et al. (IPSN ’ 04) A E “I am F ” CB “I am V ” “I am W ” “I am U ” D F Correct path wrong path
Wireless Information Networking Group (WING) #4 Node Duplication Attack The attacker put clones of a captured node at random or strategic locations in the network –Parno et al. (IEEE SP ’ 05) sink A
Wireless Information Networking Group (WING) #5 Random Walk Attack The attacker uses secret information of a captured node to roam in the network sink A
Wireless Information Networking Group (WING) #6 Wormhole Attack Attackers tunnel packets received at one location to another distant network location –Hu et al. (INFOCOM ’ 03), Karlof et al. (SNPA ’ 03) Allowing the attacker to –Disrupt routing, selectively drop packets, … secret Wormhole link AB
Wireless Information Networking Group (WING) Previous Research Many separate solutions exist, but –Difficult to combine due to different or even conflicting underlying assumptions –Even if possible, far too complex a solution stack –Most prior solutions do not work when a small number of nodes are captured by attackers –Many schemes address one problem but create other problems –Most schemes apply the symmetric key approach. Many do reduce the computational cost; however, they tend to dramatically increase the communications cost (often ignored by many)
Wireless Information Networking Group (WING) Observation Almost all WSN applications are location- dependent and require a sensor node to know its own location –E.g., military sensing and tracking Most sensor nodes are stationary once deployed –Can be identified by their IDs plus locations Most sensor nodes have a limited comm. range –Can only directly communicate with others inside their communication range
Wireless Information Networking Group (WING) Location-based Security Solution Location-based authentication –Neighbor-to-neighbor authentication –Key agreement –Sybil attack –Node duplication attack –Random walk attack –Wormhole attack
Wireless Information Networking Group (WING) Location-based Keys Conventional way: ID-based keys –Name a node merely with its ID –Bind sensor nodes ’ keys only to their IDs –Vulnerable to many attacks, e.g., node duplication Our method: location-based keys (LBKs) –Name a node with both its ID and location Michael@UF is more specific than Michael! –Bind sensor nodes ’ keys to both IDs and locations
Wireless Information Networking Group (WING) Location-based Keys Assume a secure way to decide node locations –Zhang et al., IEEE JSAC ’ 06 Node A ’ s LBKs: –Given (ID A @L A, K A ), it is infeasible to derive s, as the Discrete Logarithm Problem is hard in G 1. Each node only knows its unique LBK pair, and has no knowledge of s –Use a key pre-distribution model
Wireless Information Networking Group (WING) Neighbor-to-Neighbor Authentication Purpose –Discover and perform mutual authentication with neighboring sensor nodes Idea –Check if the candidate is within the comm. range and has the correct location-based private key
Wireless Information Networking Group (WING) Resilience to Sybil Attack The captured node does not have the correct location-based private keys of the nodes it claims to be Comparison to Newsome et al. (IPSN ’ 04) –Our solution has much higher network scalability ( Random key pre- distribution with limited network size ) A B “I am ID W @L W ” “I am ID V @L V ” “I am ID U @L U ” “I am ID F @L F ” C E D
Wireless Information Networking Group (WING) Resilience to Node Duplication Attack A duplicate will be detected if talking to good nodes outside the communication range of node A The impact range of a captured node is reduced from the whole network to a small circle of radius < R Comparison to Parno et al. (IEEE SP ’ 05) –Our solution is much more efficient in both communication and computation (periodic report on location and witness nodes help) A R B
Wireless Information Networking Group (WING) Resilience to Random Walk Attack The impact range of a capture node is reduced from the whole network to a small circle of radius < R sink A R
Wireless Information Networking Group (WING) Resilience to Wormhole Attack The wormhole attack is completely defeated Comparison to Hu et al. (INFOCOM ’ 03) –Our solution has no stringent requirement on sensor hardware and time synchronization ( restrict the maximum transmission distance of any packet ) A R B R Wormhole link
Wireless Information Networking Group (WING) Comparison to Prior Solutions Our scheme Eschenauer ’ 02, Chan ’ 03, Du ’ 03, Liu ’ 03 … Key agreementDeterministicProbabilistic Neighborhood authentication YesNo or very limited Support for digital signatures YesNo Storage costLowHigh Network scalabilityHighPoor Attack resilienceHighPoor Communication overhead LowHigh Computation overhead HighLow Comm.+Computation overhead LowHigh
Wireless Information Networking Group (WING) ID-based Certificateless Key Management Propose a novel construction method of ID-based public/private keys, in which each public or private key consists of a node-specific element and a network-wide common element Design an efficient protocol to update public & private keys of all non-compromised nodes with one broadcast message & threshold cryptography Y. Zhang, W. Liu, W. Lou and Yuguang Fang, “Securing mobile ad hoc networks with certificateless public keys,” IEEE Transactions on Dependable and Secure Computing, 3(4): 386-399, 2006.
Wireless Information Networking Group (WING) Anonymity in MANETs ID-based approach can be used to generate multiple pseudonyms, which then generate dynamic link identifiers to hide real IDs –Anonymous MAC Use pseudonyms instead of MAC addresses –Anonymous routing Dynamic pseudo link ID management (dynamic link identifiers) to hide both source and destination Y. Zhang, W. Liu, W. Lou and Yuguang Fang, “MASK: anonymous on- demand routing in mobile ad hoc networks,” IEEE Transactions on Wireless Communications, 5(9): 2376-2385, 2006
Wireless Information Networking Group (WING) Security & Billing in Wireless Mesh Networks ID-based authentication schemes among mesh routers and mobile clients –Authentication for mesh router-mesh router, mesh router-mesh client, and client-client –Countermeasure against DoS attacks Micro-payment schemes Y. Zhang and Y. Fang, “A secure authentication and billing architecture for wireless mesh networks,'' Accepted for publication in ACM Wireless Networks Y. Zhang and Y. Fang, “ARSA: an attack-resilient security architecture for multi- hop wireless mesh networks,” IEEE Journal on Selected Areas in Communications, 24(10): 1916-1928, 2006.
Wireless Information Networking Group (WING) Conclusions Discuss challenges for information insurance Demonstrate the innovative applications of ID- based cryptography –Minimize communication overhead (no certificate, establishing session keys without exchanging keying materials) Exemplary application: a location-based unified solution for wireless sensor networks to address –Neighbor-to-neighbor authentication, key agreement, Sybil attack, node duplication attack, random walk attack, wormhole attack, data injection attack
Wireless Information Networking Group (WING) Future Research Directions There are many research challenges ahead –How to reduce the pairing computational complexity (hardware?) –How to deal with heterogeneous ad hoc networks (more powerful nodes can be better used to our advantage) –How to take advantage of mobile nodes –Mission-dependent, light-weight and adaptive security schemes –How to harness the cooperative nature, if any. –How to proactively detect intrusion –How to secure distributed storage –How to secure routing protocol in the light-weight fashion –How to carry out secure target tracking –How to integrate the security schemes over resource-constrained networks with those over fixed infrastructure –…