1 secure ad-hoc network eunjin jung [email protected]
TRANSCRIPT
![Page 2: 1 Secure Ad-Hoc Network Eunjin Jung ejung@cs.utexas.edu](https://reader030.vdocuments.us/reader030/viewer/2022032605/56649e845503460f94b864a7/html5/thumbnails/2.jpg)
2
What is Ad-Hoc Network?
Ad-Hoc Network– Subset of peer-to-peer computing problem– Sensor network– Wireless and mobile– Physically neighboring participants– No infrastructure
![Page 3: 1 Secure Ad-Hoc Network Eunjin Jung ejung@cs.utexas.edu](https://reader030.vdocuments.us/reader030/viewer/2022032605/56649e845503460f94b864a7/html5/thumbnails/3.jpg)
3
Truth is…
Ad-Hoc Network relies on – Base Station– Offline configuration
Potential– Military operation use– Sensor network– Pervasive, ubiquitous computing
![Page 4: 1 Secure Ad-Hoc Network Eunjin Jung ejung@cs.utexas.edu](https://reader030.vdocuments.us/reader030/viewer/2022032605/56649e845503460f94b864a7/html5/thumbnails/4.jpg)
4
Challenges in Ad-Hoc Network
Mobility– Restricted computing resource– Restricted power resource– Unreliable communication
Ad-Hoc– Transient states– No trustworthy third party– Often security protocol integrated with others
![Page 5: 1 Secure Ad-Hoc Network Eunjin Jung ejung@cs.utexas.edu](https://reader030.vdocuments.us/reader030/viewer/2022032605/56649e845503460f94b864a7/html5/thumbnails/5.jpg)
5
Security in Ad-Hoc Network
Availability– Sleep Deprivation Torture
• Power consumption is worse than computing or network resource consumption, because the device cannot recover as soon as the attack finishes
– Jamming• Spectrum Spread, Frequency Hopping
![Page 6: 1 Secure Ad-Hoc Network Eunjin Jung ejung@cs.utexas.edu](https://reader030.vdocuments.us/reader030/viewer/2022032605/56649e845503460f94b864a7/html5/thumbnails/6.jpg)
6
Security in Ad-Hoc Network
Confidentiality– Easier to passively eavesdrop– Cannot rely on expensive cryptosystem– Symmetric key cryptography is used– Small key, frequent update vs. large key,
intermittent update
![Page 7: 1 Secure Ad-Hoc Network Eunjin Jung ejung@cs.utexas.edu](https://reader030.vdocuments.us/reader030/viewer/2022032605/56649e845503460f94b864a7/html5/thumbnails/7.jpg)
7
Security in Ad-Hoc Network
Authorization– Network resource
• Inherently vulnerable to bandwidth stealing
• Should reject routing unauthorized packet
– Transient states• Security associations between principals are
transient
• Static authorization policy is unfeasible
![Page 8: 1 Secure Ad-Hoc Network Eunjin Jung ejung@cs.utexas.edu](https://reader030.vdocuments.us/reader030/viewer/2022032605/56649e845503460f94b864a7/html5/thumbnails/8.jpg)
8
Security in Ad-Hoc Network
Authentication– Cannot rely on central server– Neither on public key cryptography– Should be adaptive to transient authorization
policy– Should be swift to renew symmetric key– Pre-computed certificate– Threshold cryptography
![Page 9: 1 Secure Ad-Hoc Network Eunjin Jung ejung@cs.utexas.edu](https://reader030.vdocuments.us/reader030/viewer/2022032605/56649e845503460f94b864a7/html5/thumbnails/9.jpg)
9
Security in Ad-Hoc Network
Integrity– Similar to any communication– Use traditional solution based on symmetric
key Non-Repudiation
– Based on public/private key cryptography– Hard to achieve with limited computing
resource– Content with certificates
![Page 10: 1 Secure Ad-Hoc Network Eunjin Jung ejung@cs.utexas.edu](https://reader030.vdocuments.us/reader030/viewer/2022032605/56649e845503460f94b864a7/html5/thumbnails/10.jpg)
10
Security in Ad-Hoc Network
Tamper-Resistance– Security not only on communication, but also
on its physical status
Intrusion Detection– Shares have to be revoked and renewed when
compromised
Anonymity– Hide the identity of the senders and receivers
![Page 11: 1 Secure Ad-Hoc Network Eunjin Jung ejung@cs.utexas.edu](https://reader030.vdocuments.us/reader030/viewer/2022032605/56649e845503460f94b864a7/html5/thumbnails/11.jpg)
11
Security in mobile network
AAA properties– Authentication– Authorization– Accounting
Standard in CDMA2000 packet core network
![Page 12: 1 Secure Ad-Hoc Network Eunjin Jung ejung@cs.utexas.edu](https://reader030.vdocuments.us/reader030/viewer/2022032605/56649e845503460f94b864a7/html5/thumbnails/12.jpg)
12
Proper authentication scheme is the key to solve security problem in ad-hoc network
Hierarchical authentication scheme– Less mobility, higher in hierarchy
Multilevel authentication scheme– Link layer[BT01]– Routing layer[PSWCT01]– Application layer
Everything comes to…
![Page 13: 1 Secure Ad-Hoc Network Eunjin Jung ejung@cs.utexas.edu](https://reader030.vdocuments.us/reader030/viewer/2022032605/56649e845503460f94b864a7/html5/thumbnails/13.jpg)
13
Traditional ways do not work
Indirect Kerberos[FG96]– Assuming application-level proxy to delegate
public key operations– Base station can do the job if there is one
Duplicated servers– Tradeoff between mobility and cost
![Page 14: 1 Secure Ad-Hoc Network Eunjin Jung ejung@cs.utexas.edu](https://reader030.vdocuments.us/reader030/viewer/2022032605/56649e845503460f94b864a7/html5/thumbnails/14.jpg)
14
Early works may not either…
Authentication protocols for PCS [LH95] – offer even non-repudiation– Assumption of static and high-capability
HOME base station; works with mobile-IP– Assumption of reliable communication between
home base station and current one– Frequent cryptographic operation including
public key operation on the subscriber’s side
![Page 15: 1 Secure Ad-Hoc Network Eunjin Jung ejung@cs.utexas.edu](https://reader030.vdocuments.us/reader030/viewer/2022032605/56649e845503460f94b864a7/html5/thumbnails/15.jpg)
15
SPINS – authenticated routing
: streaming authentication protocol– Two-party key agreement protocol
SNEP(Secure Network Encryption Protocol)– data confidentiality, two-party data
authentication, and data freshness
Key from , further operation on SNEP
TESLA
TESLA
![Page 16: 1 Secure Ad-Hoc Network Eunjin Jung ejung@cs.utexas.edu](https://reader030.vdocuments.us/reader030/viewer/2022032605/56649e845503460f94b864a7/html5/thumbnails/16.jpg)
16
SPINS – authenticated routing
Problem– Assumption on the functionality of base station– Lack of local operation
![Page 17: 1 Secure Ad-Hoc Network Eunjin Jung ejung@cs.utexas.edu](https://reader030.vdocuments.us/reader030/viewer/2022032605/56649e845503460f94b864a7/html5/thumbnails/17.jpg)
17
Decentralized solutions
Emulations of Certificate Authority Key agreement based on prior context or
offline agreement Self-organized public key infrastructure
![Page 18: 1 Secure Ad-Hoc Network Eunjin Jung ejung@cs.utexas.edu](https://reader030.vdocuments.us/reader030/viewer/2022032605/56649e845503460f94b864a7/html5/thumbnails/18.jpg)
18
Shamir’s secret sharing scheme
Interpolating scheme (m>1)
1110)(
mm xaxaaxF
1110)(
mm xaxaaxf
![Page 19: 1 Secure Ad-Hoc Network Eunjin Jung ejung@cs.utexas.edu](https://reader030.vdocuments.us/reader030/viewer/2022032605/56649e845503460f94b864a7/html5/thumbnails/19.jpg)
19
What is threshold cryptography?
(m, n) – threshold scheme– m-out-of-n scheme, secret sharing scheme– 1 sender(dealer) distributes partial
secret(shares, shadows) to n participants– Any m parts put together can retrieve the secret,
but not less than m– Perfect for any group of at most m-1
participants
![Page 20: 1 Secure Ad-Hoc Network Eunjin Jung ejung@cs.utexas.edu](https://reader030.vdocuments.us/reader030/viewer/2022032605/56649e845503460f94b864a7/html5/thumbnails/20.jpg)
20
Threshold Scheme
Tradeoff between security and reliability according to the choice of m and n– Reliability measure
• Target of denial of service attack : n-m+1
– Security measure• Target of compromising : m
Good for distributed authentication
![Page 21: 1 Secure Ad-Hoc Network Eunjin Jung ejung@cs.utexas.edu](https://reader030.vdocuments.us/reader030/viewer/2022032605/56649e845503460f94b864a7/html5/thumbnails/21.jpg)
21
Emulation of Certificate Authority Each entity has a share of group key More than m entities can act as a certificate
authority – local operation Each entity computes partial certificate out
of partial secret Proactively update shares, and actively
revoke any compromised ones
![Page 22: 1 Secure Ad-Hoc Network Eunjin Jung ejung@cs.utexas.edu](https://reader030.vdocuments.us/reader030/viewer/2022032605/56649e845503460f94b864a7/html5/thumbnails/22.jpg)
22
Still problem remains…
Requires collaborative users – have to respond the partial certificate request anytime.
Who can be a dealer?– Shares are given to principals in bootstrap
phase (still base station?)
![Page 23: 1 Secure Ad-Hoc Network Eunjin Jung ejung@cs.utexas.edu](https://reader030.vdocuments.us/reader030/viewer/2022032605/56649e845503460f94b864a7/html5/thumbnails/23.jpg)
23
Password based public key infrastructure Prior context is assumed, so all participants
share a weak secret. Extending Diffie-Hellman method to agree
on stronger symmetric key among multi-parties.
![Page 24: 1 Secure Ad-Hoc Network Eunjin Jung ejung@cs.utexas.edu](https://reader030.vdocuments.us/reader030/viewer/2022032605/56649e845503460f94b864a7/html5/thumbnails/24.jpg)
24
Password based public key infrastructure O(n) steps
m1
m2
m3
m4
g^S1
g^S1S2
g^S1S2S3
g^S1S2S3
g^S1S2S3P(c1=g^S1bs2S3)
c1^S4
![Page 25: 1 Secure Ad-Hoc Network Eunjin Jung ejung@cs.utexas.edu](https://reader030.vdocuments.us/reader030/viewer/2022032605/56649e845503460f94b864a7/html5/thumbnails/25.jpg)
25
Password based public key infrastructure Need to communicate with all group
members and select a leader Static group assumption
![Page 26: 1 Secure Ad-Hoc Network Eunjin Jung ejung@cs.utexas.edu](https://reader030.vdocuments.us/reader030/viewer/2022032605/56649e845503460f94b864a7/html5/thumbnails/26.jpg)
26
Self-organized public-key infrastructure Each user publishes its own certificate and
some for others Each user maintains certificate repository,
some issued by itself, rest by others. Trust graph : each user is a node, and an
edge (u,v) denotes user u published certificate to v.
![Page 27: 1 Secure Ad-Hoc Network Eunjin Jung ejung@cs.utexas.edu](https://reader030.vdocuments.us/reader030/viewer/2022032605/56649e845503460f94b864a7/html5/thumbnails/27.jpg)
27
Self-organized public-key infrastructure
![Page 28: 1 Secure Ad-Hoc Network Eunjin Jung ejung@cs.utexas.edu](https://reader030.vdocuments.us/reader030/viewer/2022032605/56649e845503460f94b864a7/html5/thumbnails/28.jpg)
28
Self-organized public-key infrastructure How many certificates should be stored in
the repository to cover all pairs in the ad hoc network? covers 95%
Certificate neighbor may not be available at the trust graph construction time
Tested on PGP trust graphs – does that represent ad hoc network properly?
n2
![Page 29: 1 Secure Ad-Hoc Network Eunjin Jung ejung@cs.utexas.edu](https://reader030.vdocuments.us/reader030/viewer/2022032605/56649e845503460f94b864a7/html5/thumbnails/29.jpg)
29
No scheme is perfect yet
Security issues in ad-hoc networks are converged into authentication problem without infrastructure, in peer-to-peer manner.
The burden of CA is reduced, but still we need co-ordination