IHP Im Technologiepark 25 15236 Frankfurt (Oder) Germany IHP Im Technologiepark 25 15236 Frankfurt (Oder) Germany www.ihp-microelectronics.com © 2007 -

Slides:

Advertisements

Similar presentations

International Graduate School Cottbus / IHP microelectronics Im Technologiepark Frankfurt (Oder) Germany IHP Im Technologiepark Frankfurt.

Advertisements

Public Key Based Cryptoschemes for Data Concealment in Wireless Sensor Networks Einar Mykletun, Joao Girao, Dirk Westhoff IEEE ICC 2006, /06.

CMSC 414 Computer and Network Security Lecture 4 Jonathan Katz.

RCDA: Recoverable Concealed Data Aggregation for Data Integrity in Wireless Sensor Networks Chien-Ming Chen, Yue-Hsun Lin, Ya-Ching Lin, Hung-Ming Sun.

IHP Im Technologiepark Frankfurt (Oder) Germany IHP Im Technologiepark Frankfurt (Oder) Germany ©

Efficient Public Key Infrastructure Implementation in Wireless Sensor Networks Wireless Communication and Sensor Computing, ICWCSC International.

1 Network Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Defending Against Traffic Analysis Attacks in Wireless Sensor Networks Security Team

Efficient aggregation of encrypted data in Wireless Sensor Network Author: Einar Mykletun, Gene Tsudik Presented by Yi Cheng Lin Date: March 13, 2007.

CMSC 414 Computer (and Network) Security Lecture 5 Jonathan Katz.

IHP Im Technologiepark Frankfurt (Oder) Germany IHP Im Technologiepark Frankfurt (Oder) Germany ©

Security Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Describe the reasons for having system.

Security In Wireless Sensor Networks by Adrian Perrig, John Stankovic, and David Wagner.

Security Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Describe the reasons for having system.

Security in Wireless Sensor Networks Perrig, Stankovic, Wagner Jason Buckingham CSCI 7143: Secure Sensor Networks August 31, 2004.

TinySec: Link Layer Security Chris Karlof, Naveen Sastry, David Wagner University of California, Berkeley Presenter: Todd Fielder.

Spring 2003CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Secure Group Communications in Wireless Sensor Networks December 8, 2003 CS 526 Advance Internet and Web Systems Patrick D. Cook.

CMSC 414 Computer and Network Security Lecture 7 Jonathan Katz.

Dr Alejandra Flores-Mosri Security Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Describe the.

Wireless Sensor Network Security Anuj Nagar CS 590.

IHP Im Technologiepark Frankfurt (Oder) Germany IHP Im Technologiepark Frankfurt (Oder) Germany ©

A Lightweight Hop-by-Hop Authentication Protocol For Ad- Hoc Networks Speaker: Hsien-Pang Tsai Teacher: Kai-Wei Ke Date:2005/01/20.

Security Solutions for Wireless Sensor Networks 姓名 : 曹倫誠學號 : Date:2010/06/07.

Efficient aggregation of encrypted data in Wireless Sensor Network Author: Einar Mykletun, Gene Tsudik Presented by Yi Cheng Lin.

CMSC 414 Computer and Network Security Lecture 3 Jonathan Katz.

IHP Im Technologiepark Frankfurt (Oder) Germany IHP Im Technologiepark Frankfurt (Oder) Germany ©

Security in MobileIP Fahd Ahmad Saeed. Wireless Domain Problem Wireless domain insecure Data gets broadcasted to everyone, and anyone hearing this can.

Security in Wireless Sensor Networks. Wireless Sensor Networks  Wireless networks consisting of a large number motes  self-organizing  highly integrated.

CS2510 Fault Tolerance and Privacy in Wireless Sensor Networks partially based on presentation by Sameh Gobriel.

1 Secure Cooperative MIMO Communications Under Active Compromised Nodes Liang Hong, McKenzie McNeal III, Wei Chen College of Engineering, Technology, and.

Secure Data Aggregation in Wireless Sensor Networks: A Survey Yingpeng Sang, Hong Shen Yasushi Inoguchi, Yasuo Tan, Naixue Xiong Proceedings of the Seventh.

KAIS T A lightweight secure protocol for wireless sensor networks 윤주범 ELSEVIER Mar

IHP Im Technologiepark Frankfurt (Oder) Germany IHP Im Technologiepark Frankfurt (Oder) Germany ©

1 TinySec: A Link Layer Security Architecture for Wireless Sensor Networks Hai Yan Computer Science & Engineering University of Connecticut.

Symmetric versus Asymmetric Cryptography. Why is it worth presenting cryptography? Top concern in security Fundamental knowledge in computer security.

Public Key Encryption and the RSA Public Key Algorithm CSCI 5857: Encoding and Encryption.

Anonymous Path Routing Protocol in Wireless Sensor Networks Jang-Ping Sheu* §, Jehn-Ruey Jiang* and Ching Tu* National Central University* and National.

DES Attacks and Triple DES

Network Security David Lazăr.

TinySec: A Link Layer Security Architecture for Wireless Sensor Networks Chris Karlof :: Naveen Sastry :: David Wagner Presented by Roh, Yohan October.

Wireless Network Security. How Does Wireless Differ? Wireless networks are inherently insecure because data is transmitted over a very insecure medium,

TinySec : Link Layer Security Architecture for Wireless Sensor Networks Chris Karlof :: Naveen Sastry :: David Wagner Presented by Anil Karamchandani 10/01/2007.

無線網路安全 WEP. Requirements of Network Security Information Security Confidentiality Integrity Availability Non-repudiation Attack defense Passive Attack.

Lecture 2: Introduction to Cryptography

On Detecting Pollution Attacks in Inter-Session Network Coding Anh Le, Athina Markopoulou University of California, Irvine.

Secure In-Network Aggregation for Wireless Sensor Networks

Chien-Ming Chen, Yue-Hsun Lin, Ya-Ching Lin, and Hung-Min Sun IEEE TRANSACTIONS ON PARALLEL AND DISTRIBUTED SYSTEMS, VOL. 23, NO. 4, APRIL 2012 Citation:42.

IHP Im Technologiepark Frankfurt (Oder) Germany IHP Im Technologiepark Frankfurt (Oder) Germany ©

Security in Wireless Sensor Networks by Toni Farley.

A secure and scalable rekeying mechanism for hierarchical wireless sensor networks Authors: Song Guo, A-Ni Shen, and Minyi Guo Source: IEICE Transactions.

IHP Im Technologiepark Frankfurt (Oder) Germany IHP Im Technologiepark Frankfurt (Oder) Germany ©

802.11b Security CSEP 590 TU Osama Mazahir. Introduction Packets are sent out into the air for anyone to receive Eavesdropping is a much larger concern.

1 An Interleaved Hop-by-Hop Authentication Scheme for Filtering of Injected False Data in Sensor Networks Sencun Zhu, Sanjeev Setia, Sushil Jajodia, Peng.

June All Hands Meeting Security in Sensor Networks Tanya Roosta Chris Karlof Professor S. Sastry.

IHP Im Technologiepark Frankfurt (Oder) Germany IHP Im Technologiepark Frankfurt (Oder) Germany ©

Network Security Celia Li Computer Science and Engineering York University.

WLAN Security1 Security of WLAN Máté Szalay

Introduction to Elliptic Curve Cryptography CSCI 5857: Encoding and Encryption.

Energy Efficient Data Management in Sensor Networks Sanjay K Madria Web and Wireless Computing Lab (W2C) Department of Computer Science, Missouri University.

IHP Im Technologiepark Frankfurt (Oder) Germany IHP Im Technologiepark Frankfurt (Oder) Germany ©

Cryptography services Lecturer: Dr. Peter Soreanu Students: Raed Awad Ahmad Abdalhalim

Wireless Networks Projects Roberto Riggio, PhD CREATE-NET Via Alla Cascata 56/c 38123, Povo (TN)

Attacks on Public Key Encryption Algorithms

Cryptography and Security Fall 2009 Steve Lai

Security Of Wireless Sensor Networks

Security of Wireless Sensor Networks

Cryptography Lecture 11.

An Overview of Security Issues in Sensor Network

Cryptography Lecture 11.

Presentation transcript:

IHP Im Technologiepark Frankfurt (Oder) Germany IHP Im Technologiepark Frankfurt (Oder) Germany © All rights reserved On Concealed Data Aggregation for Wireless Sensor Networks Steffen Peter Peter Langendörfer, Krzysztof Piotrowski

IHP Im Technologiepark Frankfurt (Oder) Germany © All rights reserved Outline Concealed Data Aggregation? What does it mean? What is it for? Privacy homomorphism Example for an efficient CDA scheme CaMyTs-Algorithm Discussion of security properties Awareness to passive and active attacks Solution to overcome security problems Cascaded privacy homomorphism Conclusions

IHP Im Technologiepark Frankfurt (Oder) Germany © All rights reserved Scenario: WSN as movement/intruder detection Q: Sensed something since last request?

IHP Im Technologiepark Frankfurt (Oder) Germany © All rights reserved In-Network-Aggregation (INA) ,0 0,0 1,0 1,0,1,0 1,0,0,0 1,0,0,0,1,0,1,0  3 Without INA: ,2  3 With INA:  Reduced packet traffic

IHP Im Technologiepark Frankfurt (Oder) Germany © All rights reserved Security Issues of in-network aggregation Without cryptography No security Classic End-to-End security (DES, AES, ECC) Encryption on sensor – decryption on sink + Very secure - No possibility of in-network aggregation Hop-by-Hop encryption Packets are encrypted and decrypted on every routing node + In-network aggregation possible - No End-to-End security every routing node knows and can change every plaintext

IHP Im Technologiepark Frankfurt (Oder) Germany © All rights reserved Concealed (In-netwok) Data Aggregation We need: End-to-End security that allows aggregation on routing nodes = Routing nodes do not know what they aggregate = Ability to compute with encrypted values Only sink node can decrypt the aggregated value Solution: Privacy Homomorphism Encryption Value1 Encryption Value2 Encryption Value1 + Value2

IHP Im Technologiepark Frankfurt (Oder) Germany © All rights reserved CaMyTs (Castelluccia, Mykletun, Tsudik) Random Stream: Random Stream: Random Stream: Value: 1 Value: 0 Value: 1 Encryption: 1+15=16 (mod 32) Aggregation: =74 =10 (mod 32) 10 Decryption: – = -62 =2 (mod 32) = Random Stream 1: Random Stream 2: Random Stream 3: =30 (mod 32) 1+27=28 (mod 32) Decryption: 16 – 15 = 1

IHP Im Technologiepark Frankfurt (Oder) Germany © All rights reserved Attack Scenarios Passive Attacks Eavesdropping Ciphertext analysis Chosen/known plaintext attacks Active Attacks Unauthorized aggregation Forged packets Replay attacks Malleability

IHP Im Technologiepark Frankfurt (Oder) Germany © All rights reserved 23 Active Attack - Replay Value: 1 Value: 0 Key: 9 Value: 0 Key: 2 (Previous: 0+15=15) 1+22= =9 0+2=2 Key Stream: Decr: 3-34  1 Attack 1:  24  no plausible value Attack 2:  18  no plausible value

IHP Im Technologiepark Frankfurt (Oder) Germany © All rights reserved Active Attack - Malleability Value: 1 Key: 15 Value: 0 Key: 30 Value: 0 Key: 27 Encryption: 1+15=16 Aggregation: =73 =9 (mod 32) 9 Decryption: – = -62 = 1 (mod 32) = Alert Key1: 15 Key2: 30 Key3: 27 Encryption: 0+30=30 Encryption: 0+27= NO ALERT 0 -63

IHP Im Technologiepark Frankfurt (Oder) Germany © All rights reserved Evaluation Domingo-Ferrer (DF) CaMyTsElliptic Curve ElGamal (ECEG) Ciphertext size-+o Encryptiono+- Decryptiono-- Aggregationo+- Security/Resistance Ciphertext only attack+++ Chosen plaintext attack-++ Replay attack-+- Malleability+-- Malicious aggregation-+- Forged packets++- Captured Sensors-++

IHP Im Technologiepark Frankfurt (Oder) Germany © All rights reserved Increase Security – Combination of two PHs Encryption 2 Encryption 1 Value1 Encryption 2 Encryption 1 Value2 Encryption 2 Encryption 1 Value1 + Value2 Domingo-Ferrer CaMyTs Value1 Domingo-Ferrer CaMyTs Value2 Domingo-Ferrer CaMyTs Value1 + Value2

IHP Im Technologiepark Frankfurt (Oder) Germany © All rights reserved CMT/DF combination - o - o - o - o CaMyTs + DF combination Domingo-Ferrer (DF) CaMyTs Ciphertext size-+ Encryptiono+ Decryptiono- Aggregationo+ Security/Resistance Ciphertext only attack++ Chosen plaintext attack-+ Replay attack-+ Malleability+- Malicious aggregation-+ Forged packets++ Captured Sensors-+

IHP Im Technologiepark Frankfurt (Oder) Germany © All rights reserved Conclusions Concealed Data Aggregation in WSNs is required Reduced network traffic End-to-End security Concealed Data Aggregation in WSNs is possible Computation overhead is reasonable (e.g. with CaMyTs, DF) There is not one perfect CDA scheme There are still some security issues (e.g. integrity) Trade-off security/computation effort Evaluation helps selecting application-fitted scheme Combined (cascaded) privacy homomorphism increases security with very low additional costs (e.g. CaMyTs/DF)