Sheng Xiao, Weibo Gong and Don Towsley,2010 Infocom.

Slides:

Advertisements

Similar presentations

Uniform algorithms for deterministic construction of efficient dictionaries Milan Ružić IT University of Copenhagen Faculty of Mathematics University of.

Advertisements

Foundations of Cryptography Lecture 10 Lecturer: Moni Naor.

ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.

An Introduction to Stream Ciphers Zahra Ahmadian Electrical Engineering Department Sahrif University of Technology

Intro to Quantum Cryptography Algorithms Andrew Hamel EECS 598 Quantum Computing FALL 2001.

Distribution and Revocation of Cryptographic Keys in Sensor Networks Amrinder Singh Dept. of Computer Science Virginia Tech.

Foundations of Cryptography Lecture 5 Lecturer: Moni Naor.

Enhancing Secrecy With Channel Knowledge

Physical Layer Security Made Fast and Channel-Independent Shyamnath Gollakota Dina Katabi.

Computability and Complexity 20-1 Computability and Complexity Andrei Bulatov Random Sources.

 Secure Authentication Using Biometric Data Karen Cui.

Cashmere: Resilient Anonymous Routing CS290F March 7, 2005.

1 Algorithms for Large Data Sets Ziv Bar-Yossef Lecture 12 June 18, 2006

CNS2010handout 10 :: digital signatures1 computer and network security matt barrie.

Network Coding and Reliable Communications Group A Multi-hop Multi-source Algebraic Watchdog Muriel Médard † Joint work with MinJi Kim †, João Barros ‡

1 How to securely outsource cryptographic computations Susan Hohenberger and Anna Lysyanskaya TCC2005.

On The Cryptographic Applications of Random Functions Oded Goldreich Shafi Goldwasser Silvio Micali Advances in Cryptology-CRYPTO ‘ 84 報告人 : 陳昱升.

1 Analysis of the Linux Random Number Generator Zvi Gutterman, Benny Pinkas, and Tzachy Reinman.

Chapter Resynchsonous Stabilizer Chapter 5.1 Resynchsonous Stabilizer Self-Stabilization Shlomi Dolev MIT Press, 2000 Draft of Jan 2004, Shlomi.

EECS 598 Fall ’01 Quantum Cryptography Presentation By George Mathew.

Redundancy Ratio: An Invariant Property of the Consonant Inventories of the World’s Languages Animesh Mukherjee, Monojit Choudhury, Anupam Basu and Niloy.

Computer Science CSC 774 Adv. Net. SecurityDr. Peng Ning1 CSC 774 Advanced Network Security Topic 4. Broadcast Authentication.

Wireless scheduling analysis (With ns3) By Pradeep Prathik Saisundatr.

Cryptography and Network Security Chapter 11 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.

David Froot.  How do we transmit information and data, especially over the internet, in a way that is secure and unreadable by anyone but the sender.

Tonga Institute of Higher Education Design and Analysis of Algorithms IT 254 Lecture 9: Cryptography.

Repairable Fountain Codes Megasthenis Asteris, Alexandros G. Dimakis IEEE JOURNAL ON SELECTED AREAS IN COMMUNICATIONS, VOL. 32, NO. 5, MAY /5/221.

“Security Weakness in Bluetooth” M.Jakobsson, S.Wetzel LNCS 2020, 2001 The introduction of new technology and functionality can provides its users with.

A Few Simple Applications to Cryptography Louis Salvail BRICS, Aarhus University.

CHAPTER 6 PASS-BAND DATA TRANSMISSION

POWER CONTROL IN COGNITIVE RADIO SYSTEMS BASED ON SPECTRUM SENSING SIDE INFORMATION Karama Hamdi, Wei Zhang, and Khaled Ben Letaief The Hong Kong University.

Network Security. Security Threats 8Intercept 8Interrupt 8Modification 8Fabrication.

Security in Computing Chapter 12, Cryptography Explained Part 7 Summary created by Kirk Scott 1.

One-Time Pad Or Vernam Cipher Sayed Mahdi Mohammad Hasanzadeh Spring 2004.

Cryptography, Authentication and Digital Signatures

Information Coding in noisy channel error protection:-- improve tolerance of errors error detection: --- indicate occurrence of errors. Source.

Chih-Ming Chen, Student Member, IEEE, Ying-ping Chen, Member, IEEE, Tzu-Ching Shen, and John K. Zao, Senior Member, IEEE Evolutionary Computation (CEC),

Channel Capacity.

Dynamic Source Routing in ad hoc wireless networks Alexander Stojanovic IST Lisabon 1.

Device-independent security in quantum key distribution Lluis Masanes ICFO-The Institute of Photonic Sciences arXiv:

Rei Safavi-Naini University of Calgary Joint work with: Hadi Ahmadi iCORE Information Security.

Cryptography Lecture 2 Arpita Patra. Summary of Last Class  Introduction  Secure Communication in Symmetric Key setting >> SKE is the required primitive.

Doc.: IEEE /495r1 Submission July 2001 Jon Edney, NokiaSlide 1 Ad-Hoc Group Requirements Report Group met twice - total 5 hours Group size ranged.

Chapter 7 – Confidentiality Using Symmetric Encryption.

Chapter 7 Confidentiality Using Symmetric Encryption.

On the Cost of Reconstructing a Secret, or VSS with Optimal Reconstruction Phase Ronald Cramer, Ivan Damgard, Serge Fehr.

Communication System A communication system can be represented as in Figure. A message W, drawn from the index set {1, 2,..., M}, results in the signal.

Attacks on PRNGs - By Nupura Neurgaonkar CS-265 (Prof. Mark Stamp)

Alternative Wide Block Encryption For Discussion Only.

Game-based composition for key exchange Cristina Brzuska, Marc Fischlin (University of Darmstadt) Nigel Smart, Bogdan Warinschi, Steve Williams (University.

Knock Yourself Out Secure Authentication with Short Re-Usable Passwords by Benjamin Guldenring, Volker Roth and Lars Ries PRESENTED BY EUNYOUNG CHO COLLEGE.

Identity based signature schemes by using pairings Parshuram Budhathoki Department of Mathematical Science FAU 02/21/2013 Cyber Security Seminar, FAU.

Machine Design Under Uncertainty. Outline Uncertainty in mechanical components Why consider uncertainty Basics of uncertainty Uncertainty analysis for.

Authenticated Key Exchange I. Definitions I. MAP I. matching conversations II. oracles II. (I)KA II. AKEP2 III. AKEP2 Security I. Session Keys II. Perfect.

Fall 2006CS 395: Computer Security1 Confidentiality Using Symmetric Encryption.

1 Lecture 7 System Models Attributes of a man-made system. Concerns in the design of a distributed system Communication channels Entropy and mutual information.

1 1 Slide Simulation Professor Ahmadi. 2 2 Slide Simulation Chapter Outline n Computer Simulation n Simulation Modeling n Random Variables and Pseudo-Random.

CS555Spring 2012/Topic 31 Cryptography CS 555 Topic 3: One-time Pad and Perfect Secrecy.

Lattice-based Fault Attacks on DSA – Another Possible Strategy Tomáš Rosa,

Hashes Lesson Introduction ●The birthday paradox and length of hash ●Secure hash function ●HMAC.

2012 1/6 NSDI’08 Harnessing Exposed Terminals in Wireless Networks Mythili Vutukuru, Kyle Jamieson, and Hari Balakrishnan MIT Computer Science and Artificial.

Channel Coding Theorem (The most famous in IT) Channel Capacity; Problem: finding the maximum number of distinguishable signals for n uses of a communication.

Secret keys and random numbers from quantum non locality Serge Massar.

Cryptographic Insecurity of the Test&Repeat Paradigm Tomáš Rosa, eBanka, a.s., Charles University, Prague, Czech Technical University in.

網路環境中通訊安全技術之研究 Secure Communication Schemes in Network Environments

Dynamic Security in Wireless Communications

When are Fuzzy Extractors Possible?

When are Fuzzy Extractors Possible?

Information-Theoretic Security

Cryptography Lecture 5.

Presentation transcript:

Sheng Xiao, Weibo Gong and Don Towsley,2010 Infocom

Outline  Problem statement  Overview  Dynamic secrets Extraction Collection Amplification  System secret protection  Bootstrapping security and implementation  Summary and conclusion

Problem statement  Data security in wireless communication  Security mechanism desirable in the case of secret leakage  Solution: use dynamic secrets, based on the link layer communications between wireless devices

Related Work  Prior work uses the wireless physical channel properties for secret sharing  However, they usually demand special hardware upgrades or at least specific interfaces to provide channel measurement information.

Related Work  Instead of working with the physical layer channel model to calculate the secret capacity, we shift attention to the link layer and emphasize the dynamics of secrets.  In wireless communication, it is practically impossible to eavesdrop link layer communication for a long period without errors  The single-point of failure occurs at the attackers

Outline  Problem statement  Overview  Dynamic secrets Extraction Collection Amplification  System secret protection  Bootstrapping security and implementation  Summary and conclusion

Series of Dynamic Secrets  Let H k indicates how many bits the adversary needs to guess about the key. When H k = 0, the adversary knows the key explicitly and the communication is not secure.  Solution: Use a series of dynamic secrets, i.e., updates between t 0 and t 1  Rationale: Secrecy replenished as the attacker cannot constantly overhear perfectly

Secret Safety Model No dynamic secrets Dynamic secrets, i.e.,

Advantage of Dynamic Secret  Information loss is not recoverable by any computational effort  Information loss can be accumulated

Outline  Problem statement  Overview  Dynamic secrets Extraction Collection Amplification  System secret protection  Bootstrapping security and implementation  Summary and conclusion

Extracting Dynamic Secrets  Key ideas Monitor retransmissions Sender and receiver agree on set of frames Hash such frames into dynamic secrets  One Time Frame (OTF) is refers to a frame that is only aired once and correctly received.

AET Algorithms

Example: Stop-n-Wait

Collecting Dynamic Secrets  Maintain a set of frames ψ  Initially ψ s = ψ r = Ø  Remarks ψ s and ψ r differ of at most 1 frame The reception of a new frame ensures ψ s = ψ r

Collecting Dynamic Secrets  Maintain a set of frames ψ  Initially ψ s = ψ r = Ø  Remarks ψ s and ψ r differ of at most 1 frame The reception of a new frame ensures ψ s = ψ r ψ

Amplifying Attacker’s Entropy  Goal: Increase attacker’s uncertainty  Input: ψ set  Output: A secret S with high entropy  Denoted as S = F(ψ)

Amplifying Attacker’s Entropy  Random hashing theory uniform-randomly choosing a function from a universal-2 hashing class universal-2 hashing  The expected hash output distribution will be close to the uniform distribution when the output is sufficiently short [1] - J.L. Carter and M. N. Wegman. Universal classes of hash functions. Journal of Computer and System Sciences, 18: , 1979

Amplifying Attacker’s Entropy  Entropy amplification  If  Attacker has < 1 bit info about S  If  Uncertainty bounded by - 1 [2] – Alfred Rényi. On measures of information and entropy. In Proceedings of the 4° Berkeley Symposium on Mathematics, Statistics and Probability, 1960

Dynamic Secret Generation  The above discussion justifies the use of the following method Collect OTFs until | ψ | > n ts Agree on a randomly chosen universal-2 hash function F Generate S(t) = F(ψ) Reset ψ = Ø

Outline  Problem statement  Overview  Dynamic secrets Extraction Collection Amplification  System secret protection  Bootstrapping security and implementation  Summary and conclusion

System Secret Protection  At secret generation Divide s(t) = u(t) || v(t) To protect the private public key pair and secret symmetric key respectively  Remark: information loss will accumulate  Entropy is non decreasing

System Secret Protection

Outline  Problem statement  Overview  Dynamic secrets Extraction Collection Amplification  System secret protection  Bootstrapping security and implementation  Summary and conclusion

Bootstrapping Security  Scenario: Use time to invest in security  Solution: the sender transmits random data at first to build up security

Prototype Implementation  g Hash Extracting dynamic secrets at sender Extracting dynamic secrets at receiver

Outline  Problem statement  Overview  Dynamic secrets Extraction Collection Amplification  System secret protection  Bootstrapping security and implementation  Summary and conclusion

Summary and conclusion  Our work strengthens security in the case of secrecy leakages by using dynamic secrets  For future work, use prototype for experimental evaluation