Presentation is loading. Please wait.

Presentation is loading. Please wait.

Self-Organized Anonymous Authentication in Mobile Ad Hoc Networks Julien Freudiger, Maxim Raya and Jean-Pierre Hubaux SECURECOMM, 2009.

Published byEmiliano Tryon Modified over 9 years ago

Similar presentations

Presentation on theme: "Self-Organized Anonymous Authentication in Mobile Ad Hoc Networks Julien Freudiger, Maxim Raya and Jean-Pierre Hubaux SECURECOMM, 2009."— Presentation transcript:

1 Self-Organized Anonymous Authentication in Mobile Ad Hoc Networks Julien Freudiger, Maxim Raya and Jean-Pierre Hubaux SECURECOMM, 2009

2 Wireless Trends Phones – Always on (Bluetooth, WiFi) – Background apps New hardware going wireless – Cars, passports, keys, … 2

3 Peer-to-Peer Wireless Networks 3 1 1 Message Identifier 2 2 Share information with other users Authenticate message sender Certificate

4 Examples 4 Urban Sensing networks Delay tolerant networks Peer-to-peer file exchange MiFi Social networks

5 Anonymity Problem 5 Adversary can track activities of pseudonymous users Passive adversary monitors identifiers used in peer-to-peer communications Message Julien Freudiger Julien Freudiger Certificate Pseudonym

6 6 Reputation Privacy Anonymous Authentication

7 Previous Work (1) Multiple Pseudonyms 7 [1] A. Beresford and F. Stajano. Mix Zones: User Privacy in Location-aware Services. Pervasive Computing and Communications Workshop, 2004 Message Pseudonym 1 Certificate 1 + Simple for users - Costly for operator (pseudonym management) - Limited privacy - Sybil attacks Pseudonym 2 Pseudonym 3 Pseudonym 4 Certificate 2 Certificate 3 Certificate 4 Nodes change pseudonyms

8 Previous Work (2) Group Signatures + Good anonymity - Central management - Traceable 8 [2] D. Boneh, X. Boyen and H. Shacham. Short Group Signatures. Crypto, 2004 [3] D. Chaum and E. van Heyst. Group Signatures. EuroCrypt, 1991 Message Group Identifier Group Certificate Central Authority Central Authority

9 + No need for infrastructure + Exploit inherent redundancy of mobile networks - Privacy? New Approach Self-Organized Anonymity 9 Message Random Identifier Random Identifier Many Certificates Network-generated privacy

10 Outline 1.Ring Signatures 2.Anonymity Analysis 3.Evaluation 10

11 Cryptographic Primitive Ring Signatures Procedure 1.Select a set of pseudonyms (including yours) in a ring 2.Sign messages with ring Properties – Anonymity: Signer cannot be distinguished – Unlinkable: Signatures cannot be linked to same signer – Setup free: Knowledge of others’ pseudonym is sufficient Anonymous authentication: Member of ring signed the message 11 [4] R. L. Rivest, A. Shamir, Y. Tauman. How to Leak a Secret. Communications of the ACM, 2001

12 Ring Signatures Explained 12 v z = + EkEk + EkEk + EkEk + EkEk … … + y 1 =g( ) y 2 =g( ) x s =g -1 ( ) y r-1 =g( ) y 0 =g( ) x0x0 x1x1 x2x2 ysys x r-1 y s =g( ) xsxs k=H(m) v is the glue value x i are random values

13 Ring Construction in MANETs Nodes record pseudonyms in rings of neighbors – Store pseudonyms in history – Node i creates ring by selecting pseudonyms from with strategy Rings are dynamically and independently created 13

14 Illustration 14 1 1 3 3 4 4 2 2 6 6 5 5 t 1 : S 1 = [] R 1 = [P 1 ] t 2 : S 1 = [2, 3, 4] R 1 = [P 1, P 2, P 4 ] t 3 : S 1 = [2, 3, 4, 6] R 1 = [P 1, P 4, P 6 ]

15 Outline 1.Ring Signatures 2.Anonymity Analysis 3.Evaluation 15

16 Anonymity Adversary should not infer user i from R i 16 …Pj……Pj… …Pj……Pj… PiPi PiPi User i RiRi Attack: Given all rings, adversary can infer most probable ring owner

17 Anonymity Analysis Bipartite graph model is set of nodes is set of pseudonyms is set of edges 17 Captures relation between nodes and rings

18 Attacking Ring Anonymity (1) Example 18 Find a perfect matching: Assignment of nodes to pseudonyms

19 Attacking Ring Anonymity (2) Analysis Find most likely perfect matching – Weight edges – Max weight perfect matching Bayesian inference – A priori weights – A posteriori weights Entropy metric 19

20 Optimal Construction Maximize anonymity 20 Theorem: Anonymity is maximum iif Graph is regular All subgraphs are isomorphic to each other

21 Outline 1.Ring Signatures 2.Anonymity Analysis 3.Evaluation 21

22 Validation of Theoretical Results LEDA C++ library for graph manipulation 10 nodes K=4 (ring size) 22 u1u1 u1u1 Random graphs P1P1 P1P1 P2P2 P2P2 P 10 u2u2 u2u2 u 10 …… u1u1 u1u1 K-out graphs P1P1 P1P1 P2P2 P2P2 P 10 u2u2 u2u2 u 10 …… u1u1 u1u1 Regular graphs P1P1 P1P1 P2P2 P2P2 P 10 u2u2 u2u2 u 10 ……

23 Entropy Distribution of Random Graphs with edge density p 23

24 Minimum & Mean Entropy Distribution for Random and Regular Graphs 24

25 Entropy distribution of random, K-out and regular graphs 25

26 Fraction of matched nodes for various graph constructions 26

27 Evaluation in Mobile Ad Hoc Network 100 nodes K=4 (ring size) Static – Learn pseudonyms as far as graph connectivity allows – Select pseudonyms randomly Mobile: Restricted Random Waypoint – Least popular: Select leas popular pseudonyms – Most popular: Select most popular pseudonyms – Random: Randomly select pseudonyms 27

28 Average Anonymity Set size over time 28 Least Random Static Mobile

29 Conclusion Self-organized anonymous authentication – Network generated anonymity – Analysis with graph theory Results – Regular constructions near optimal – K-out constructions perform well – Mobility helps anonymity – Knowledge of popularity of pseudonyms helps 29

30 Future Work Stronger adversary model – Active adversary Self-Organized Location Privacy – Linkability Breaks Anonymity 30

31 BACKUP SLIDES 31

32 Compute Weights A priori weight Probability of an assignment Probability of an assignment given all assignments A posteriori weight of an edge between u i and p j 32

33 Revocation Keys can be black listed using traditional CRLs Misbehaving nodes can be excluded by revoking all keys in a ring – Nodes can reclaim their key to CA – Nodes misbehaving several times would be detected Accountability of group of users 33

34 Cost Computation overhead Transmission overhead – Group of prime order q – q = 283 (128-bit security), M = log2(q) 34

35 CDF of the average anonymity set size 35

Download ppt "Self-Organized Anonymous Authentication in Mobile Ad Hoc Networks Julien Freudiger, Maxim Raya and Jean-Pierre Hubaux SECURECOMM, 2009."

Similar presentations

Supporting Cooperative Caching in Disruption Tolerant Networks

Supporting Cooperative Caching in Disruption Tolerant Networks
On the Optimal Placement of Mix Zones Julien Freudiger, Reza Shokri and Jean-Pierre Hubaux PETS, 2009.

On the Optimal Placement of Mix Zones Julien Freudiger, Reza Shokri and Jean-Pierre Hubaux PETS, 2009.
Rennes, 24/10/2014 Cristina Onete CIDRE/ INRIA Privacy in signatures. Hiding in rings, hiding in groups.

Rennes, 24/10/2014 Cristina Onete CIDRE/ INRIA Privacy in signatures. Hiding in rings, hiding in groups.
1 Efficient Self-Healing Group Key Distribution with Revocation Capability by Donggang Liu, Peng Ning, Kun Sun Presented by Haihui Huang

1 Efficient Self-Healing Group Key Distribution with Revocation Capability by Donggang Liu, Peng Ning, Kun Sun Presented by Haihui Huang
 Introduction  Benefits of VANET  Different types of attacks and threats  Requirements and challenges  Security Architecture  Vehicular PKI.

 Introduction  Benefits of VANET  Different types of attacks and threats  Requirements and challenges  Security Architecture  Vehicular PKI.
Securing Vehicular Communications Author : Maxim Raya, Panos Papadimitratos, and Jean-Pierre Hubaux From : IEEE Wireless Communications Magazine, Special.

Securing Vehicular Communications Author : Maxim Raya, Panos Papadimitratos, and Jean-Pierre Hubaux From : IEEE Wireless Communications Magazine, Special.
Tight Bounds for Unconditional Authentication Protocols in the Moni Naor Gil Segev Adam Smith Weizmann Institute of Science Israel Modeland Shared KeyManual.

Tight Bounds for Unconditional Authentication Protocols in the Moni Naor Gil Segev Adam Smith Weizmann Institute of Science Israel Modeland Shared KeyManual.
On Data-Centric Trust Establishment in Ephemeral Ad Hoc Networks Maxim Raya, Panos Papadimitratos, Virgil D. Gligor, Jean-Pierre Hubaux INFOCOM 2008.

On Data-Centric Trust Establishment in Ephemeral Ad Hoc Networks Maxim Raya, Panos Papadimitratos, Virgil D. Gligor, Jean-Pierre Hubaux INFOCOM 2008.
NGMAST- WMS workshop17/09/2008, Cardiff, Wales, UK A Simulation Analysis of Routing Misbehaviour in Mobile Ad hoc Networks 2 nd International Conference.

NGMAST- WMS workshop17/09/2008, Cardiff, Wales, UK A Simulation Analysis of Routing Misbehaviour in Mobile Ad hoc Networks 2 nd International Conference.
Mini-Project 2007 On Location Privacy in Vehicular Mix-Networks Julien Freudiger IC-29 Self-Organised Wireless and Sensor Networks Tutors: Maxim Raya Márk.

Mini-Project 2007 On Location Privacy in Vehicular Mix-Networks Julien Freudiger IC-29 Self-Organised Wireless and Sensor Networks Tutors: Maxim Raya Márk.
1 A Distortion-based Metric for Location Privacy Workshop on Privacy in the Electronic Society (WPES), Chicago, IL, USA - November 9, 2009 Reza Shokri.

1 A Distortion-based Metric for Location Privacy Workshop on Privacy in the Electronic Society (WPES), Chicago, IL, USA - November 9, 2009 Reza Shokri.
CSCE 715 Ankur Jain 11/16/2010. Introduction Design Goals Framework SDT Protocol Achievements of Goals Overhead of SDT Conclusion.

CSCE 715 Ankur Jain 11/16/2010. Introduction Design Goals Framework SDT Protocol Achievements of Goals Overhead of SDT Conclusion.
Securing Vehicular Commuinications – Assumptions, Requirements, and Principles P. Papadimitratos, EPFL, Lausanne, Switzerland V. Gligor, University of.

Securing Vehicular Commuinications – Assumptions, Requirements, and Principles P. Papadimitratos, EPFL, Lausanne, Switzerland V. Gligor, University of.
An Authentication Service Based on Trust and Clustering in Wireless Ad Hoc Networks: Description and Security Evaluation Edith C.H. Ngai and Michael R.

An Authentication Service Based on Trust and Clustering in Wireless Ad Hoc Networks: Description and Security Evaluation Edith C.H. Ngai and Michael R.
Dept. of Computer Science & Engineering, CUHK1 Trust- and Clustering-Based Authentication Services in Mobile Ad Hoc Networks Edith Ngai and Michael R.

Dept. of Computer Science & Engineering, CUHK1 Trust- and Clustering-Based Authentication Services in Mobile Ad Hoc Networks Edith Ngai and Michael R.
Random Key Predistribution Schemes for Sensor Networks Authors: Haowen Chan, Adrian Perrig, Dawn Song Carnegie Mellon University Presented by: Johnny Flowers.

Random Key Predistribution Schemes for Sensor Networks Authors: Haowen Chan, Adrian Perrig, Dawn Song Carnegie Mellon University Presented by: Johnny Flowers.
An Efficient and Spontaneous Privacy-Preserving Protocol for Secure Vehicular Communications Hu Xiong, Konstantin Beznosov, Zhiguang Qin, Matei Ripeanu.

An Efficient and Spontaneous Privacy-Preserving Protocol for Secure Vehicular Communications Hu Xiong, Konstantin Beznosov, Zhiguang Qin, Matei Ripeanu.
1 Digital Signatures CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute April 12, 2004.

1 Digital Signatures CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute April 12, 2004.
An Authentication Service Against Dishonest Users in Mobile Ad Hoc Networks Edith Ngai, Michael R. Lyu, and Roland T. Chin IEEE Aerospace Conference, Big.

An Authentication Service Against Dishonest Users in Mobile Ad Hoc Networks Edith Ngai, Michael R. Lyu, and Roland T. Chin IEEE Aerospace Conference, Big.
Kemal AkkayaWireless & Network Security 1 Department of Computer Science Southern Illinois University Carbondale CS 591 – Wireless & Network Security Lecture.

Kemal AkkayaWireless & Network Security 1 Department of Computer Science Southern Illinois University Carbondale CS 591 – Wireless & Network Security Lecture.

Similar presentations

Ads by Google