1/18 Talking to Strangers: Authentication in Ad-Hoc Wireless Networks Dirk Balfanz 외 2 명 in Xerox Palo Alto Research Center Presentation: Lee Youn-ho.

Slides:

Advertisements

Similar presentations

The Diffie-Hellman Algorithm

Advertisements

Internet Protocol Security (IP Sec)

CIS 725 Key Exchange Protocols. Alice ( PB Bob (M, PR Alice (hash(M))) PB Alice Confidentiality, Integrity and Authenication PR Bob M, hash(M) M, PR Alice.

1 Security in Wireless Protocols Bluetooth, , ZigBee.

Group Protocols for Secure Wireless Ad hoc Networks Srikanth Nannapaneni Sreechandu Kamisetty Swethana pagadala Aparna kasturi.

Unifying the conceptual levels of network security through use of patterns Ph.D Dissertation Proposal Candidate: Ajoy Kumar, Advisor: Dr Eduardo B. Fernandez.

Efficient Public Key Infrastructure Implementation in Wireless Sensor Networks Wireless Communication and Sensor Computing, ICWCSC International.

Computer and Network Security Mini Lecture by Milica Barjaktarovic.

Digital Signatures and Hash Functions. Digital Signatures.

Cynthia Kuo, Mark Luk, Rohit Negi, Adrian Perrig Carnegie Mellon University Message-In-a-Bottle: User-Friendly and Secure Cryptographic Key Deployment.

Mar 12, 2002Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities SSL/TLS.

Public-key based. Public-key Techniques based Protocols –may use either weak or strong passwords –high computation complexity (Slow) –high deployment.

Feb 25, 2003Mårten Trolin1 Previous lecture More on hash functions Digital signatures Message Authentication Codes Padding.

1 Authenticated key agreement without using one-way hash functions Harn, L.; Lin, H.-Y. Electronics Letters, Volume: 37 Issue: 10, 10 May 2001 Presented.

Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:

Sec final project A Preposition Secret Sharing Scheme for Message Authentication in Broadcast Networks 王怡君.

Multiprotocol Attacks and the Public Key Infrastructure* Jim Alves-Foss Center for Secure and Dependable Software University of Idaho

Cyber Security and Key Management Models Smart Grid Networks The Network System Key Management and Utilization Why Hardware Security Christopher Gorog,

Cryptography1 CPSC 3730 Cryptography Chapter 10 Key Management.

Apr 22, 2003Mårten Trolin1 Agenda Course high-lights – Symmetric and asymmetric cryptography – Digital signatures and MACs – Certificates – Protocols Interactive.

Mar 4, 2003Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities.

Key Management public-key encryption helps address key distribution problems have two aspects of this: –distribution of public keys –use of public-key.

8-1 What is network security? Confidentiality: only sender, intended receiver should “understand” message contents m sender encrypts message m receiver.

An Initial Security Analysis of the IEEE 802.1x Standard Tsai Hsien Pang 2004/11/4.

Mar 5, 2002Mårten Trolin1 Previous lecture More on hash functions Digital signatures Message Authentication Codes Padding.

Presented by Xiaoping Yu Cryptography and PKI Cosc 513 Operating System Presentation Presented to Dr. Mort Anvari.

Friendly Authentication and Communication Experience (Face) for Ubiquitous Authentication on Mobile Devices Author: Benjamin Halpert Presented by: 魏聲尊.

Cryptography and Network Security Chapter 10. Chapter 10 – Key Management; Other Public Key Cryptosystems No Singhalese, whether man or woman, would venture.

Security Management.

1 Message Authentication and Hash Functions Authentication Requirements Authentication Functions Message Authentication Codes Hash Functions Security of.

Alexander Potapov.  Authentication definition  Protocol architectures  Cryptographic properties  Freshness  Types of attack on protocols  Two-way.

Seeing-Is-Believing: Using Camera Phones for Human- Verifiable Authentication Jonathan M. McCune Adrian Perrig Michael K. Reiter Carnegie Mellon University.

Security Considerations for Wireless Sensor Networks Prabal Dutta (614) Security Considerations for Wireless Sensor Networks.

Information Security Principles Assistant Professor Dr. Sana’a Wafa Al-Sayegh 1 st Semester ITGD 2202 University of Palestine.

MOBILE AD-HOC NETWORK(MANET) SECURITY VAMSI KRISHNA KANURI NAGA SWETHA DASARI RESHMA ARAVAPALLI.

Secure Socket Layer (SSL)

May 2002Patroklos Argyroudis1 A crash course in cryptography and network security Patroklos Argyroudis CITY Liberal Studies.

Guomin Yang et al. IEEE Transactions on Wireless Communication Vol. 6 No. 9 September

SSL / TLS in ITDS Arun Vishwanathan 23 rd Dec 2003.

KAIS T Decentralized key generation scheme for cellular-based heterogeneous wireless ad hoc networks 임 형 인 Ananya Gupta, Anindo Mukherjee, Bin.

Introduction to Secure Sockets Layer (SSL) Protocol Based on:

10. Key Management. Contents Key Management  Public-key distribution  Secret-key distribution via public-key cryptography.

4 th lecture.  Message to be encrypted: HELLO  Key: XMCKL H E L L O message 7 (H) 4 (E) 11 (L) 11 (L) 14 (O) message + 23 (X) 12 (M) 2 (C) 10 (K) 11.

Introduction1-1 Data Communications and Computer Networks Chapter 6 CS 3830 Lecture 31 Omar Meqdadi Department of Computer Science and Software Engineering.

Basic Cryptography 1. What is cryptography? Cryptography is a mathematical method of protecting information –Cryptography is part of, but not equal to,

23-1 Last time □ P2P □ Security ♦ Intro ♦ Principles of cryptography.

IPSEC : KEY MANAGEMENT PRESENTATION BY: SNEHA A MITTAL(121427)

Chapter 3 (B) – Key Management; Other Public Key Cryptosystems.

Chapter 4 Using Encryption in Cryptographic Protocols & Practices.

Digital Signatures, Message Digest and Authentication Week-9.

Authentication. Goal: Bob wants Alice to “prove” her identity to him Protocol ap1.0: Alice says “I am Alice” Failure scenario?? “I am Alice”

ECE509 Cyber Security : Concept, Theory, and Practice Key Management Spring 2014.

Secure Communication between Set-top Box and Smart Card in DTV Broadcasting Authors: T. Jiang, Y. Hou and S. Zheng Source: IEEE Transactions on Consumer.

1 Chapter 10: Key Management in Public key cryptosystems Fourth Edition by William Stallings Lecture slides by Lawrie Brown (Modified by Prof. M. Singhal,

Network Security Continued. Digital Signature You want to sign a document. Three conditions. – 1. The receiver can verify the identity of the sender.

Establishing authenticated channels and secure identifiers in ad-hoc networks Authors: B. Sieka and A. D. Kshemkalyani (University of Illinois at Chicago)

Computer and Network Security - Message Digests, Kerberos, PKI –

Protocol Analysis. CSCE Farkas 2 Cryptographic Protocols Two or more parties Communication over insecure network Cryptography used to achieve goal.

Key Management Network Systems Security Mort Anvari.

Lecture 11 Overview. Digital Signature Properties CS 450/650 Lecture 11: Digital Signatures 2 Unforgeable: Only the signer can produce his/her signature.

SPEAKER: HONG-JI WEI DATE: Efficient and Secure Anonymous Authentication Scheme with Roaming Used in Mobile Networks.

Lecture 9 Overview. Digital Signature Properties CS 450/650 Lecture 9: Digital Signatures 2 Unforgeable: Only the signer can produce his/her signature.

Cryptography and Network Security Chapter 10 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.

Fall 2006CS 395: Computer Security1 Key Management.

1 Chapter 3-3 Key Distribution. 2 Key Management public-key encryption helps address key distribution problems have two aspects of this: –distribution.

9.2 SECURE CHANNELS JEJI RAMCHAND VEDULLAPALLI. Content Introduction Authentication Message Integrity and Confidentiality Secure Group Communications.

Lesson Introduction ●Authentication protocols ●Key exchange protocols ●Kerberos Security Protocols.

@Yuan Xue CS 285 Network Security Key Distribution and Management Yuan Xue Fall 2012.

 Attacks and threats  Security challenge & Solution  Communication Infrastructure  The CA hierarchy  Vehicular Public Key  Certificates.

- Richard Bhuleskar “At the end of the day, the goals are simple: safety and security” – Jodi Rell.

Presentation transcript:

1/18 Talking to Strangers: Authentication in Ad-Hoc Wireless Networks Dirk Balfanz 외 2 명 in Xerox Palo Alto Research Center Presentation: Lee Youn-ho

2/18 Contents  Introduction  Preliminary  Two-Party Protocols  Group Key Exchange Protocol  Conclusion

3/18 Introduction(1/4)  A situation A man want to print a sensitive document in his wireless device Printer is near and only wireless medium is in use No other printer/users can learn his document  What to do Let device know the specified printer Guarantee device actually talking to the intended printer device and printer communicate securely

4/18 Introduction(2/4)  Public Key Infrastructure Solution Certificate of printer issuing trusted authority exists  Key exchange procedure between printer and device is possible Problems  Constructing universal naming space needed Every printer must have unique name Every printer must have certificate issued by trusted authority

5/18 Introduction(3/4)  Propose a cheaper and secure and user- friendly solution Using localness of networks  Location-limited channels can be established  Simple identification is possible (Demonstrative identification)  Exchanging small amount of cryptographic information is possible (Pre-authentication)

6/18 Introduction(4/4)  Examples 1. Location limited channels and demonstrative identification and pre-authentication 2. Authentication and communication in main medium

7/18 Preliminaries Printer Device1 Wireless Medium Location Limited Channel Eavesdropper can see it but active attack is detected Demonstrative identification possible Exchanging the commitment of public key information (Preauthentication) Doing Common Authentication Procedure (SSL, IKEKE)

8/18 Two-Party Protocols(1/5) * Basic Protocol Device(A) Printer(B) Address of A Hashed result of Public key of A (using SHA-1, etc.) Wireless Medium Location Limited Channel Address of B Hashed result of Public key of B (using SHA-1, etc.) TLS_CLIENT Hello Message (After common SSL/TLS procedure)

9/18 Two-Party Protocols(2/5) * Single Public Key Protocol - Only one device has strong computational power Device(A) Printer(B) Wireless Medium Address of B Hashed result of Public key of B Address of A and Hashed result of secret information A Public key of B Encryption of secret information A using public key of B

10/18 Two-Party Protocols(3/5)  Interactive Guy Fawkes Protocol In case  Both devices have poor computational power  Location limited channels do not permit exchanging secret data Provides only authentication and integrity protection of data

11/18 Two-Party Protocols(4/5) a1 = h(A1,h(X2),X1), h(X1) b1 = h(B1,h(Y2),Y1), h(Y1) h(b1,X1) h(a1,Y1) AB Round 0 (Pre-authentication) (Location limited channel) A1, h(X2),X1,a2=h(A2,h(X2),X1), B1, h(Y2),Y1,b2=h(B2,h(Y3),Y2) h(b2,X2) h(a2,Y2) Round 1 (After using wireless channel) h(a1,..): one-way hash result of concatenating a1,… Xi,Yi : randomly generated data Ai,Bi : meaningless data Ai,Bi : meaningful data

12/18 Two-Party Protocols(5/5) A2, h(X3),X2,a3=h(A3,h(X4),X3) h(b3,X3) h(a3,Y3) AB Round 2 A3, h(X4),X3,a4=h(A4,h(X5),X4), B3, h(Y4),Y3,b2=h(B4,h(Y5),Y4) h(b4,X4) h(a4,Y4) Round 3 h(a1,..): one-way hash result of concatenating a1,… Xi,Yi : randomly generated data Ai,Bi : meaningless data Ai,Bi : meaningful data B2, h(Y3),Y2,b3=h(B3,h(Y4),Y3)

13/18 Group Key Exchange Protocol(1/5)  Some applications need broadcast capability Audio/Video service, etc. Network games Conferencing software  Authentication and secure key exchange protocols for group communication  Using location-limited channel  Using pre-authentication scheme  Group manager existing/non-existing case

14/18 Group Key Exchange Protocol(2/5) Broadcast pre- authentication information Group member’s response After authentication and key-exchange, Broadcast encrypted data * Centrally Managed Group Case

15/18 Group Key Exchange Protocol(3/5)  Unmanaged group case Problems of centrally managed group case  Group manager can be the single point of attack  Group manager is trusted generating and distributing group key using distinguished trusted party Not compatible with many applications  Leaving group manager is not easy

16/18 Group Key Exchange Protocol(4/5)  Unmanaged group case (cont’d) Procedure  Using two-party Diffie-Hellman  Key Exchange with someone in the group  Get the group key to the someone

17/18 Group Key Exchange Protocol(5/5) Group A Location limited channel Wireless Medium Broadcast Address of A and Hashed result of public key A Broadcast public key and ID of A B Send PROTOCOL_MSG_1 A,B

18/18 Conclusion  In this paper Propose new schemes for peer to peer authentication in ad-hoc wireless networks  Use of novel location-limited channels  Concrete pre-authentication protocol  Group communication provides  With no-reliance on PKI