Presentation is loading. Please wait.

Presentation is loading. Please wait.

IHP Im Technologiepark 25 15236 Frankfurt (Oder) Germany IHP Im Technologiepark 25 15236 Frankfurt (Oder) Germany www.ihp-microelectronics.com © 2007 -

Published byBertram Jones Modified over 8 years ago

Similar presentations

Presentation on theme: "IHP Im Technologiepark 25 15236 Frankfurt (Oder) Germany IHP Im Technologiepark 25 15236 Frankfurt (Oder) Germany www.ihp-microelectronics.com © 2007 -"— Presentation transcript:

1 IHP Im Technologiepark 25 15236 Frankfurt (Oder) Germany IHP Im Technologiepark 25 15236 Frankfurt (Oder) Germany www.ihp-microelectronics.com © 2007 - All rights reserved On Concealed Data Aggregation for Wireless Sensor Networks Steffen Peter Peter Langendörfer, Krzysztof Piotrowski

2 IHP Im Technologiepark 25 15236 Frankfurt (Oder) Germany www.ihp-microelectronics.com © 2007 - All rights reserved Outline Concealed Data Aggregation? What does it mean? What is it for? Privacy homomorphism Example for an efficient CDA scheme CaMyTs-Algorithm Discussion of security properties Awareness to passive and active attacks Solution to overcome security problems Cascaded privacy homomorphism Conclusions

3 IHP Im Technologiepark 25 15236 Frankfurt (Oder) Germany www.ihp-microelectronics.com © 2007 - All rights reserved Scenario: WSN as movement/intruder detection Q: Sensed something since last request?

4 IHP Im Technologiepark 25 15236 Frankfurt (Oder) Germany www.ihp-microelectronics.com © 2007 - All rights reserved In-Network-Aggregation (INA) 1 0 0 0 1 0 0 1 1,0 0,0 1,0 1,0,1,0 1,0,0,0 1,0,0,0,1,0,1,0  3 Without INA: 1 1 0 1 2 1 1,2  3 With INA:  Reduced packet traffic

5 IHP Im Technologiepark 25 15236 Frankfurt (Oder) Germany www.ihp-microelectronics.com © 2007 - All rights reserved Security Issues of in-network aggregation Without cryptography No security Classic End-to-End security (DES, AES, ECC) Encryption on sensor – decryption on sink + Very secure - No possibility of in-network aggregation Hop-by-Hop encryption Packets are encrypted and decrypted on every routing node + In-network aggregation possible - No End-to-End security every routing node knows and can change every plaintext

6 IHP Im Technologiepark 25 15236 Frankfurt (Oder) Germany www.ihp-microelectronics.com © 2007 - All rights reserved Concealed (In-netwok) Data Aggregation We need: End-to-End security that allows aggregation on routing nodes = Routing nodes do not know what they aggregate = Ability to compute with encrypted values Only sink node can decrypt the aggregated value Solution: Privacy Homomorphism Encryption Value1 Encryption Value2 Encryption Value1 + Value2

7 IHP Im Technologiepark 25 15236 Frankfurt (Oder) Germany www.ihp-microelectronics.com © 2007 - All rights reserved CaMyTs (Castelluccia, Mykletun, Tsudik) Random Stream: 15 22 6 Random Stream: 30 9 11 Random Stream: 27 2 29 Value: 1 Value: 0 Value: 1 Encryption: 1+15=16 (mod 32) Aggregation: 16+30+28 =74 =10 (mod 32) 10 Decryption: 10 - 15 – 30 - 27 = -62 =2 (mod 32) = 1 + 0 + 1 16 30 28 Random Stream 1: 15 22 6 Random Stream 2: 30 9 11 Random Stream 3: 27 2 29 0+30=30 (mod 32) 1+27=28 (mod 32) Decryption: 16 – 15 = 1

8 IHP Im Technologiepark 25 15236 Frankfurt (Oder) Germany www.ihp-microelectronics.com © 2007 - All rights reserved Attack Scenarios Passive Attacks Eavesdropping Ciphertext analysis Chosen/known plaintext attacks Active Attacks Unauthorized aggregation Forged packets Replay attacks Malleability

9 IHP Im Technologiepark 25 15236 Frankfurt (Oder) Germany www.ihp-microelectronics.com © 2007 - All rights reserved 23 Active Attack - Replay Value: 1 Value: 0 Key: 9 Value: 0 Key: 2 (Previous: 0+15=15) 1+22=23 3 15 9 2 0+9=9 0+2=2 Key Stream: 15 22 6 Decr: 3-34  1 Attack 1: 26-34  24  no plausible value Attack 2: 20-34  18  no plausible value 9 2620

10 IHP Im Technologiepark 25 15236 Frankfurt (Oder) Germany www.ihp-microelectronics.com © 2007 - All rights reserved Active Attack - Malleability Value: 1 Key: 15 Value: 0 Key: 30 Value: 0 Key: 27 Encryption: 1+15=16 Aggregation: 16+30+27 =73 =9 (mod 32) 9 Decryption: 9 -15 – 30 - 27 = -62 = 1 (mod 32) = Alert 16 30 27 Key1: 15 Key2: 30 Key3: 27 Encryption: 0+30=30 Encryption: 0+27=27 8 8 NO ALERT 0 -63

11 IHP Im Technologiepark 25 15236 Frankfurt (Oder) Germany www.ihp-microelectronics.com © 2007 - All rights reserved Evaluation Domingo-Ferrer (DF) CaMyTsElliptic Curve ElGamal (ECEG) Ciphertext size-+o Encryptiono+- Decryptiono-- Aggregationo+- Security/Resistance Ciphertext only attack+++ Chosen plaintext attack-++ Replay attack-+- Malleability+-- Malicious aggregation-+- Forged packets++- Captured Sensors-++

12 IHP Im Technologiepark 25 15236 Frankfurt (Oder) Germany www.ihp-microelectronics.com © 2007 - All rights reserved Increase Security – Combination of two PHs Encryption 2 Encryption 1 Value1 Encryption 2 Encryption 1 Value2 Encryption 2 Encryption 1 Value1 + Value2 Domingo-Ferrer CaMyTs Value1 Domingo-Ferrer CaMyTs Value2 Domingo-Ferrer CaMyTs Value1 + Value2

13 IHP Im Technologiepark 25 15236 Frankfurt (Oder) Germany www.ihp-microelectronics.com © 2007 - All rights reserved CMT/DF combination - o - o - o - o + + + + + + + CaMyTs + DF combination Domingo-Ferrer (DF) CaMyTs Ciphertext size-+ Encryptiono+ Decryptiono- Aggregationo+ Security/Resistance Ciphertext only attack++ Chosen plaintext attack-+ Replay attack-+ Malleability+- Malicious aggregation-+ Forged packets++ Captured Sensors-+

14 IHP Im Technologiepark 25 15236 Frankfurt (Oder) Germany www.ihp-microelectronics.com © 2007 - All rights reserved Conclusions Concealed Data Aggregation in WSNs is required Reduced network traffic End-to-End security Concealed Data Aggregation in WSNs is possible Computation overhead is reasonable (e.g. with CaMyTs, DF) There is not one perfect CDA scheme There are still some security issues (e.g. integrity) Trade-off security/computation effort Evaluation helps selecting application-fitted scheme Combined (cascaded) privacy homomorphism increases security with very low additional costs (e.g. CaMyTs/DF)

Download ppt "IHP Im Technologiepark 25 15236 Frankfurt (Oder) Germany IHP Im Technologiepark 25 15236 Frankfurt (Oder) Germany www.ihp-microelectronics.com © 2007 -"

Similar presentations

International Graduate School Cottbus / IHP microelectronics Im Technologiepark 25 15236 Frankfurt (Oder) Germany IHP Im Technologiepark 25 15236 Frankfurt.

International Graduate School Cottbus / IHP microelectronics Im Technologiepark Frankfurt (Oder) Germany IHP Im Technologiepark Frankfurt.
Public Key Based Cryptoschemes for Data Concealment in Wireless Sensor Networks Einar Mykletun, Joao Girao, Dirk Westhoff IEEE ICC 2006, 1-4244-0355-3/06.

Public Key Based Cryptoschemes for Data Concealment in Wireless Sensor Networks Einar Mykletun, Joao Girao, Dirk Westhoff IEEE ICC 2006, /06.
CMSC 414 Computer and Network Security Lecture 4 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 4 Jonathan Katz.
RCDA: Recoverable Concealed Data Aggregation for Data Integrity in Wireless Sensor Networks Chien-Ming Chen, Yue-Hsun Lin, Ya-Ching Lin, Hung-Ming Sun.

RCDA: Recoverable Concealed Data Aggregation for Data Integrity in Wireless Sensor Networks Chien-Ming Chen, Yue-Hsun Lin, Ya-Ching Lin, Hung-Ming Sun.
IHP Im Technologiepark 25 15236 Frankfurt (Oder) Germany IHP Im Technologiepark 25 15236 Frankfurt (Oder) Germany www.ihp-microelectronics.com © 2007 -

IHP Im Technologiepark Frankfurt (Oder) Germany IHP Im Technologiepark Frankfurt (Oder) Germany ©
Efficient Public Key Infrastructure Implementation in Wireless Sensor Networks Wireless Communication and Sensor Computing, 2010. ICWCSC 2010. International.

Efficient Public Key Infrastructure Implementation in Wireless Sensor Networks Wireless Communication and Sensor Computing, ICWCSC International.
1 Network Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

1 Network Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Defending Against Traffic Analysis Attacks in Wireless Sensor Networks Security Team 2009.07.20.

Defending Against Traffic Analysis Attacks in Wireless Sensor Networks Security Team
Efficient aggregation of encrypted data in Wireless Sensor Network Author: Einar Mykletun, Gene Tsudik Presented by Yi Cheng Lin Date: March 13, 2007.

Efficient aggregation of encrypted data in Wireless Sensor Network Author: Einar Mykletun, Gene Tsudik Presented by Yi Cheng Lin Date: March 13, 2007.
CMSC 414 Computer (and Network) Security Lecture 5 Jonathan Katz.

CMSC 414 Computer (and Network) Security Lecture 5 Jonathan Katz.
IHP Im Technologiepark 25 15236 Frankfurt (Oder) Germany IHP Im Technologiepark 25 15236 Frankfurt (Oder) Germany www.ihp-microelectronics.com © 2004 -

IHP Im Technologiepark Frankfurt (Oder) Germany IHP Im Technologiepark Frankfurt (Oder) Germany ©
Security Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Describe the reasons for having system.

Security Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Describe the reasons for having system.
Security In Wireless Sensor Networks by Adrian Perrig, John Stankovic, and David Wagner.

Security In Wireless Sensor Networks by Adrian Perrig, John Stankovic, and David Wagner.
Security Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Describe the reasons for having system.

Security Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Describe the reasons for having system.
Security in Wireless Sensor Networks Perrig, Stankovic, Wagner Jason Buckingham CSCI 7143: Secure Sensor Networks August 31, 2004.

Security in Wireless Sensor Networks Perrig, Stankovic, Wagner Jason Buckingham CSCI 7143: Secure Sensor Networks August 31, 2004.
TinySec: Link Layer Security Chris Karlof, Naveen Sastry, David Wagner University of California, Berkeley Presenter: Todd Fielder.

TinySec: Link Layer Security Chris Karlof, Naveen Sastry, David Wagner University of California, Berkeley Presenter: Todd Fielder.
Spring 2003CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Spring 2003CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Secure Group Communications in Wireless Sensor Networks December 8, 2003 CS 526 Advance Internet and Web Systems Patrick D. Cook.

Secure Group Communications in Wireless Sensor Networks December 8, 2003 CS 526 Advance Internet and Web Systems Patrick D. Cook.
CMSC 414 Computer and Network Security Lecture 7 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 7 Jonathan Katz.
Dr Alejandra Flores-Mosri Security Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Describe the.

Dr Alejandra Flores-Mosri Security Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Describe the.

Similar presentations

Ads by Google