Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 Secure Ad-Hoc Network Eunjin Jung

Published byLuke Andrews Modified over 8 years ago

Similar presentations

Presentation on theme: "1 Secure Ad-Hoc Network Eunjin Jung"— Presentation transcript:

1 1 Secure Ad-Hoc Network Eunjin Jung ejung@cs.utexas.edu

2 2 What is Ad-Hoc Network?  Ad-Hoc Network –Subset of peer-to-peer computing problem –Sensor network –Wireless and mobile –Physically neighboring participants –No infrastructure

3 3 Truth is…  Ad-Hoc Network relies on –Base Station –Offline configuration  Potential –Military operation use –Sensor network –Pervasive, ubiquitous computing

4 4 Challenges in Ad-Hoc Network  Mobility –Restricted computing resource –Restricted power resource –Unreliable communication  Ad-Hoc –Transient states –No trustworthy third party –Often security protocol integrated with others

5 5 Security in Ad-Hoc Network  Availability –Sleep Deprivation Torture Power consumption is worse than computing or network resource consumption, because the device cannot recover as soon as the attack finishes –Jamming Spectrum Spread, Frequency Hopping

6 6 Security in Ad-Hoc Network  Confidentiality –Easier to passively eavesdrop –Cannot rely on expensive cryptosystem –Symmetric key cryptography is used –Small key, frequent update vs. large key, intermittent update

7 7 Security in Ad-Hoc Network  Authorization –Network resource Inherently vulnerable to bandwidth stealing Should reject routing unauthorized packet –Transient states Security associations between principals are transient Static authorization policy is unfeasible

8 8 Security in Ad-Hoc Network  Authentication –Cannot rely on central server –Neither on public key cryptography –Should be adaptive to transient authorization policy –Should be swift to renew symmetric key –Pre-computed certificate –Threshold cryptography

9 9 Security in Ad-Hoc Network  Integrity –Similar to any communication –Use traditional solution based on symmetric key  Non-Repudiation –Based on public/private key cryptography –Hard to achieve with limited computing resource –Content with certificates

10 10 Security in Ad-Hoc Network  Tamper-Resistance –Security not only on communication, but also on its physical status  Intrusion Detection –Shares have to be revoked and renewed when compromised  Anonymity –Hide the identity of the senders and receivers

11 11 Security in mobile network  AAA properties –Authentication –Authorization –Accounting  Standard in CDMA2000 packet core network

12 12  Proper authentication scheme is the key to solve security problem in ad-hoc network  Hierarchical authentication scheme –Less mobility, higher in hierarchy  Multilevel authentication scheme –Link layer[BT01] –Routing layer[PSWCT01] –Application layer Everything comes to…

13 13 Traditional ways do not work  Indirect Kerberos[FG96] –Assuming application-level proxy to delegate public key operations –Base station can do the job if there is one  Duplicated servers –Tradeoff between mobility and cost

14 14 Early works may not either…  Authentication protocols for PCS [LH95] –offer even non-repudiation –Assumption of static and high-capability HOME base station; works with mobile-IP –Assumption of reliable communication between home base station and current one –Frequent cryptographic operation including public key operation on the subscriber’s side

15 15 SPINS – authenticated routing  : streaming authentication protocol –Two-party key agreement protocol  SNEP(Secure Network Encryption Protocol) –data confidentiality, two-party data authentication, and data freshness  Key from, further operation on SNEP

16 16 SPINS – authenticated routing  Problem –Assumption on the functionality of base station –Lack of local operation

17 17 Decentralized solutions  Emulations of Certificate Authority  Key agreement based on prior context or offline agreement  Self-organized public key infrastructure

18 18 Shamir’s secret sharing scheme  Interpolating scheme (m>1)

19 19 What is threshold cryptography?  (m, n) – threshold scheme –m-out-of-n scheme, secret sharing scheme –1 sender(dealer) distributes partial secret(shares, shadows) to n participants –Any m parts put together can retrieve the secret, but not less than m –Perfect for any group of at most m-1 participants

20 20 Threshold Scheme  Tradeoff between security and reliability according to the choice of m and n –Reliability measure Target of denial of service attack : n-m+1 –Security measure Target of compromising : m  Good for distributed authentication

21 21 Emulation of Certificate Authority  Each entity has a share of group key  More than m entities can act as a certificate authority – local operation  Each entity computes partial certificate out of partial secret  Proactively update shares, and actively revoke any compromised ones

22 22 Still problem remains…  Requires collaborative users – have to respond the partial certificate request anytime.  Who can be a dealer? –Shares are given to principals in bootstrap phase (still base station?)

23 23 Password based public key infrastructure  Prior context is assumed, so all participants share a weak secret.  Extending Diffie-Hellman method to agree on stronger symmetric key among multi- parties.

24 24 Password based public key infrastructure  O(n) steps m1 m2 m3 m4 g^S1 g^S1S2 g^S1S2S3 P(c1=g^S1bs2S3) c1^S4

25 25 Password based public key infrastructure  Need to communicate with all group members and select a leader  Static group assumption

26 26 Self-organized public-key infrastructure  Each user publishes its own certificate and some for others  Each user maintains certificate repository, some issued by itself, rest by others.  Trust graph : each user is a node, and an edge (u,v) denotes user u published certificate to v.

27 27 Self-organized public-key infrastructure

28 28 Self-organized public-key infrastructure  How many certificates should be stored in the repository to cover all pairs in the ad hoc network? covers 95%  Certificate neighbor may not be available at the trust graph construction time  Tested on PGP trust graphs – does that represent ad hoc network properly?

29 29 No scheme is perfect yet  Security issues in ad-hoc networks are converged into authentication problem without infrastructure, in peer-to-peer manner.  The burden of CA is reduced, but still we need co-ordination

Download ppt "1 Secure Ad-Hoc Network Eunjin Jung"

Similar presentations

Chris Karlof and David Wagner

Chris Karlof and David Wagner
Presented By: Hathal ALwageed 1.  R. Anderson, H. Chan and A. Perrig. Key Infection: Smart Trust for Smart Dust. In IEEE International Conference on.

Presented By: Hathal ALwageed 1.  R. Anderson, H. Chan and A. Perrig. Key Infection: Smart Trust for Smart Dust. In IEEE International Conference on.
Efficient Public Key Infrastructure Implementation in Wireless Sensor Networks Wireless Communication and Sensor Computing, 2010. ICWCSC 2010. International.

Efficient Public Key Infrastructure Implementation in Wireless Sensor Networks Wireless Communication and Sensor Computing, ICWCSC International.
Presenter : Stuart Stent Lecturer : Robert Dale Supervisor: Rajan Shankaran.

Presenter : Stuart Stent Lecturer : Robert Dale Supervisor: Rajan Shankaran.
URSA: Providing Ubiquitous and Robust Security Support for MANET

URSA: Providing Ubiquitous and Robust Security Support for MANET
PROVIDING ROBUST AND UBIQUITOUS SECURITY SUPPORT FOR MOBILE AD- HOC NETWORKS Georgios Georgiadis 6/5/2008.

PROVIDING ROBUST AND UBIQUITOUS SECURITY SUPPORT FOR MOBILE AD- HOC NETWORKS Georgios Georgiadis 6/5/2008.
1 Intrusion Tolerance for NEST Bruno Dutertre, Steven Cheung SRI International NEST 2 Kickoff Meeting November 4, 2002.

1 Intrusion Tolerance for NEST Bruno Dutertre, Steven Cheung SRI International NEST 2 Kickoff Meeting November 4, 2002.
Www.mobilevce.com © 2004 Mobile VCE June 2004 Security – Requirements and approaches to securing future mobile services Malcolm K Payne BT.

© 2004 Mobile VCE June 2004 Security – Requirements and approaches to securing future mobile services Malcolm K Payne BT.
Progress Report Wireless Routing By Edward Mulimba.

Progress Report Wireless Routing By Edward Mulimba.
L. Zhou, Z.J. Haas: Securing Ad Hoc Networks, 1999 1 (26) L. Zhou and Z. J. Haas, Cornell University: Securing Ad Hoc Networks presented by Johanna Vartiainen.

L. Zhou, Z.J. Haas: Securing Ad Hoc Networks, (26) L. Zhou and Z. J. Haas, Cornell University: Securing Ad Hoc Networks presented by Johanna Vartiainen.
1 Key Management in Mobile Ad Hoc Networks Presented by Edith Ngai Spring 2003.

1 Key Management in Mobile Ad Hoc Networks Presented by Edith Ngai Spring 2003.
Security Issues In Sensor Networks By Priya Palanivelu.

Security Issues In Sensor Networks By Priya Palanivelu.
Wireless Security In wireless networks. Security and Assurance - Goals Integrity Modified only in acceptable ways Modified only by authorized people Modified.

Wireless Security In wireless networks. Security and Assurance - Goals Integrity Modified only in acceptable ways Modified only by authorized people Modified.
Dept. of Computer Science & Engineering, CUHK1 Trust- and Clustering-Based Authentication Services in Mobile Ad Hoc Networks Edith Ngai and Michael R.

Dept. of Computer Science & Engineering, CUHK1 Trust- and Clustering-Based Authentication Services in Mobile Ad Hoc Networks Edith Ngai and Michael R.
Random Key Predistribution Schemes for Sensor Networks Authors: Haowen Chan, Adrian Perrig, Dawn Song Carnegie Mellon University Presented by: Johnny Flowers.

Random Key Predistribution Schemes for Sensor Networks Authors: Haowen Chan, Adrian Perrig, Dawn Song Carnegie Mellon University Presented by: Johnny Flowers.
CMSC 414 Computer and Network Security Lecture 16 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 16 Jonathan Katz.
CMSC 414 Computer and Network Security Lecture 14 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 14 Jonathan Katz.
Trust-Level Based Authentication Services in Mobile Ad Hoc Networks MPhil Term 2 Presentation (Spring 2003) by Edith Ngai Advisor: Prof. Michael R. Lyu.

Trust-Level Based Authentication Services in Mobile Ad Hoc Networks MPhil Term 2 Presentation (Spring 2003) by Edith Ngai Advisor: Prof. Michael R. Lyu.
Kemal AkkayaWireless & Network Security 1 Department of Computer Science Southern Illinois University Carbondale CS 591 – Wireless & Network Security Lecture.

Kemal AkkayaWireless & Network Security 1 Department of Computer Science Southern Illinois University Carbondale CS 591 – Wireless & Network Security Lecture.
1 Pertemuan 04 Pengamanan Akses Sistem Matakuliah: H0242 / Keamanan Jaringan Tahun: 2006 Versi: 1.

1 Pertemuan 04 Pengamanan Akses Sistem Matakuliah: H0242 / Keamanan Jaringan Tahun: 2006 Versi: 1.

Similar presentations

Ads by Google