Presentation is loading. Please wait.

Presentation is loading. Please wait.

30/04/2004Gene Tsudik, UCLA CSD Research Review1 Some Security Issues & Challenges in MANETs and Sensor Nets Gene Tsudik SCONCE: Secure Computing and Networking.

Published byBetty Brown Modified over 8 years ago

Similar presentations

Presentation on theme: "30/04/2004Gene Tsudik, UCLA CSD Research Review1 Some Security Issues & Challenges in MANETs and Sensor Nets Gene Tsudik SCONCE: Secure Computing and Networking."— Presentation transcript:

1 30/04/2004Gene Tsudik, UCLA CSD Research Review1 Some Security Issues & Challenges in MANETs and Sensor Nets Gene Tsudik SCONCE: Secure Computing and Networking Center UC Irvine http://sconce.ics.uci.edu/ 04/30/2004

2 30/04/2004Gene Tsudik, UCLA CSD Research Review2 Outline Background Some security issues –Secure Casual Multicast –Aided Cryptography –Secure Routing –Privacy Issues –Aggregation and minimization –Group Membership: Admission and Eviction –DoS resistance Some on-going work

3 30/04/2004Gene Tsudik, UCLA CSD Research Review3 Secure Casual Multicast An important service in MANETs and sensor networks is the need to communicate to dynamic subsets/clusters of nodes, e.g., –All routers with x available bw –All nodes close to some location –All nodes with >t% power remaining This kind of multicast can be one-time How to distribute a group key to such subsets? “Broadcast encryption” doesn’t help here

4 30/04/2004Gene Tsudik, UCLA CSD Research Review4 Secure Casual Multicast If the subset is large (around n) then “broadcast encryption” techniques could be used But what if subset size is much smaller than the total # of nodes, e.g., n/c for some constant c. Solutions today are: –encrypt the message as many times as there are receivers or, –use group key establishment protocols Both solutions are very expensive –Can we do better???

5 30/04/2004Gene Tsudik, UCLA CSD Research Review5 Aided Cryptographic Computations Assume nodes have limited computation and communication ability as well as limited energy… Computationally intensive tasks, e.g., full-blown PK crypto operations are costly Many setting involve a (small) number of more powerful devices (gw-s, servers, etc.) Can be used for off-loading crypto computations… –if power needed for computing is greater than that for communication –if time needed for computing would adversely impact sensor’s other tasks

6 30/04/2004Gene Tsudik, UCLA CSD Research Review6 Aided Cryptographic Computations “Server-aided” cryptography is applicable but state-of-the-art (2-party, mediated, server- aided, etc..) still too expensive –Designed to enforce various policies (fine-grained control, revocation,…) not to minimize computation… Can we design an architecture that off-loads heavy computation to more powerful devices?

7 30/04/2004Gene Tsudik, UCLA CSD Research Review7 Secure Routing/Key distribution Most MANET routing protocols are vulnerable to attacks that can paralyze the whole network Existing secure MANET routing protocols (such as Ariadne) authenticate each data and control packet Proposed authentication solutions are: –Signatures: too costly! –TESLA: needs buffering, synchronization, some complexity –Pair-wise keys: not flexible - all nodes must be updated when a new node joins the MANET. –Shared (common) group key: not secure – one corruption is enough to break the system! No general solution exists…

8 30/04/2004Gene Tsudik, UCLA CSD Research Review8 Secure Routing/Key distribution Similarly, state-of the art secure routing in sensor networks: –relies on time synchronization (is this realistic?) –remains secure only if less that “t” nodes are compromised Since wholesale re-keying/re-initializing is often impossible, these solutions might not be practical! Also, it is often difficult to identify compromised nodes in monitoring applications –Ideally we need solutions that work even if some nodes have been compromised … New key distribution and secure routing protocols are required for these types of networks!

9 30/04/2004Gene Tsudik, UCLA CSD Research Review9 Privacy-Aware Routing MANET routing is cooperative Traffic analysis is very easy! Some technical solutions exists : onion routing, mixes… very expensive! Can we build routing protocols that prevent intermediate nodes from performing traffic analysis? Privacy-aware routing is needed!

10 30/04/2004Gene Tsudik, UCLA CSD Research Review10 Privacy of Associations MANETs and sensor nets can operate in multi-cultural environment Need to tell kin from strangers (friend-or-foe) Need to do so in private manner – no observability! Secret Handshakes can help –Balfanz, et al. –Castelluccia, et al. –Still need to solve one-time credential issue –Group handshakes? Sensors operating in hostile settings need to produce signatures that are anonymous/untraceable –Group signatures? Too expensive…

11 30/04/2004Gene Tsudik, UCLA CSD Research Review11 Group Key Management Group Key Distribution (GKD): requires a center, large groups, multicast, wireline Group Key Agreement (GKA): distributed (group-based), expensive, small groups, wireline Current solutions unsuitable for MANETs GKD: no center, long messages, broadcasts GKA: multi-round, many messages, broadcasts GKA: need underlying reliable group comm. GKA: tries to minimize computation GKD: tries to minimize bw Sometimes need to switch priorities GKA: protocols need to complete even if membership changes in the interim GKA: center availability (partitions/failures/compromise) No practical protocol tolerates malicious insiders

12 30/04/2004Gene Tsudik, UCLA CSD Research Review12 Aggregation / Minimization MACs, signatures are examples of crypto tags If information is collected from each node (sensor, router, etc), much bw and storage is “wasted” on tags Need to minimize tag size; aggregate signatures, MACs, etc. If multiple nodes report the same data, can aggregate it Why not aggregate tags too? Example techniques: Mykletun [NDSS’04], Boneh [EuroCrypt’03], Mazieres [IPTPS’04] Much more work needed…

13 30/04/2004Gene Tsudik, UCLA CSD Research Review13 DoS Resistance DoS attacks are here to stay Worst (best) attacks target servers: Web, Time, Name, Authentication, etc. So-called “Client Puzzles” are touted as an effective solution –Waste of computation –Punishes anemic clients –Powerful adversary can afford fast hw Other solutions?

14 30/04/2004Gene Tsudik, UCLA CSD Research Review14 Group Membership Control –Goal: secure admission of members to a groupwhile tolerating adversaries both outside and inside –Standard Model: A “CA” is distributed among n nodes (all or only some) A new node must gets a partial signature from each of at least k (out of n) nodes It then computes its membership certificate and becomes a bona fide member –Can prove membership by presenting his certificate –Can compute pair-wise keys –Can authenticate to insiders and outsiders –TS-RSA, TS-DSA, ID-based –All areTOO expensive! –New crypto algorithms/protocols needed –Distributed Eviction is harder (need to maintain MRLs)

15 30/04/2004Gene Tsudik, UCLA CSD Research Review15 Membership Control [KMT03] Y. Kim, D. Mazzocchi and G. Tsudik, Admission Control in Collaborative Groups, I IEEE Symposium on Network Computing and Applications (NCA-03) [NTY03] M. Narasimha, G. Tsudik and J. Yi, On the Utility of Distributed Cryptography in P2P and MANETs, IEEE International Conference on Network Protocols (ICNP'03) [STY03] N. Saxena, G. Tsudik and J. Yi, Admission Control in P2P: Design and Performance Evaluation, ACM Workshop on Security of Ad Hoc and Sensor Networks (SASN '03)

16 30/04/2004Gene Tsudik, UCLA CSD Research Review16 Key (pre-)distribution Combine key pre-distribution (Blom scheme) with secret sharing to achieve (pairwise) key distribution in MANETs Model: –Each node (a priori) gets a share of its “secrets” from k “servers” –Uses shares to compute a secret –This secret can be used to compute a pair-wise key with any other node Sometimes more appropriate than the “distributed- CA” model –Members get keys not certificates! –efficient…few modular multiplications per key computation Extending this to INEXPENSIVE group keying

17 30/04/2004Gene Tsudik, UCLA CSD Research Review17 Aggregation of crypto-tags “Efficient” Secure Routing Using DH for securing Route Discovery (as in DSR) Constant-size tags Few (2) exponentiations to verify route integrity Few (2) exponentiations per route hop Also, using ID-based cryptography

Download ppt "30/04/2004Gene Tsudik, UCLA CSD Research Review1 Some Security Issues & Challenges in MANETs and Sensor Nets Gene Tsudik SCONCE: Secure Computing and Networking."

Similar presentations

Secure Routing Panel FIND PI Meeting (June 27, 2007) Morley Mao, Jen Rexford, Xiaowei Yang.

Secure Routing Panel FIND PI Meeting (June 27, 2007) Morley Mao, Jen Rexford, Xiaowei Yang.
Chris Karlof and David Wagner

Chris Karlof and David Wagner
Security in Mobile Ad Hoc Networks

Security in Mobile Ad Hoc Networks
SPLASH Project INRIA-Eurecom-UC Irvine November 2006.

SPLASH Project INRIA-Eurecom-UC Irvine November 2006.
Message Integrity in Wireless Senor Networks CSCI 5235 Instructor: Dr. T. Andrew Yang Presented by: Steven Turner Abstract.

Message Integrity in Wireless Senor Networks CSCI 5235 Instructor: Dr. T. Andrew Yang Presented by: Steven Turner Abstract.
Group Protocols for Secure Wireless Ad hoc Networks Srikanth Nannapaneni Sreechandu Kamisetty Swethana pagadala Aparna kasturi.

Group Protocols for Secure Wireless Ad hoc Networks Srikanth Nannapaneni Sreechandu Kamisetty Swethana pagadala Aparna kasturi.
Computer Science Dr. Peng NingCSC 774 Adv. Net. Security1 CSC 774 Advanced Network Security Topic 7.3 Secure and Resilient Location Discovery in Wireless.

Computer Science Dr. Peng NingCSC 774 Adv. Net. Security1 CSC 774 Advanced Network Security Topic 7.3 Secure and Resilient Location Discovery in Wireless.
Efficient Public Key Infrastructure Implementation in Wireless Sensor Networks Wireless Communication and Sensor Computing, 2010. ICWCSC 2010. International.

Efficient Public Key Infrastructure Implementation in Wireless Sensor Networks Wireless Communication and Sensor Computing, ICWCSC International.
1 Network Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

1 Network Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
 Introduction  Benefits of VANET  Different types of attacks and threats  Requirements and challenges  Security Architecture  Vehicular PKI.

 Introduction  Benefits of VANET  Different types of attacks and threats  Requirements and challenges  Security Architecture  Vehicular PKI.
URSA: Providing Ubiquitous and Robust Security Support for MANET

URSA: Providing Ubiquitous and Robust Security Support for MANET
Computer Science Dr. Peng NingCSC 774 Adv. Net. Security1 CSC 774 Advanced Network Security Topic 7. Wireless Sensor Network Security.

Computer Science Dr. Peng NingCSC 774 Adv. Net. Security1 CSC 774 Advanced Network Security Topic 7. Wireless Sensor Network Security.
Authentication in Mobile Ad-hoc Network (MANET) Student Ståle Jonny Berget Superviser Chik How Tan.

Authentication in Mobile Ad-hoc Network (MANET) Student Ståle Jonny Berget Superviser Chik How Tan.
1 Security in Wireless Sensor Networks Group Meeting Fall 2004 Presented by Edith Ngai.

1 Security in Wireless Sensor Networks Group Meeting Fall 2004 Presented by Edith Ngai.
1 A few challenges in security & privacy in the context of ubiquitous computing Gene Tsudik SCONCE: Secure Computing and Networking Center UC Irvine

1 A few challenges in security & privacy in the context of ubiquitous computing Gene Tsudik SCONCE: Secure Computing and Networking Center UC Irvine
1 Key Management in Mobile Ad Hoc Networks Presented by Edith Ngai Spring 2003.

1 Key Management in Mobile Ad Hoc Networks Presented by Edith Ngai Spring 2003.
An Authentication Service Based on Trust and Clustering in Wireless Ad Hoc Networks: Description and Security Evaluation Edith C.H. Ngai and Michael R.

An Authentication Service Based on Trust and Clustering in Wireless Ad Hoc Networks: Description and Security Evaluation Edith C.H. Ngai and Michael R.
ITIS 6010/8010 Wireless Network Security Dr. Weichao Wang.

ITIS 6010/8010 Wireless Network Security Dr. Weichao Wang.
Security Issues In Sensor Networks By Priya Palanivelu.

Security Issues In Sensor Networks By Priya Palanivelu.
Spring 2002CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Spring 2002CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Similar presentations

Ads by Google