Terminodes and sybil public key management in manet
Download
1 / 34

Terminodes and Sybil: Public-key management in MANET - PowerPoint PPT Presentation


  • 125 Views
  • Uploaded on
  • Presentation posted in: General

Terminodes and Sybil: Public-key management in MANET. Dave MacCallum (Brendon Stanton) Apr. 9, 2004. Outline. The problem Terminodes project: proposed solution to public-key management problem Sybil attacks Sybil vs. Terminodes Thwarting Sybil?. The problem.

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Terminodes and Sybil: Public-key management in MANET ' - skyler


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
Terminodes and sybil public key management in manet

Terminodes and Sybil:Public-key management in MANET

Dave MacCallum

(Brendon Stanton)

Apr. 9, 2004


Outline
Outline

  • The problem

  • Terminodes project: proposed solution to public-key management problem

  • Sybil attacks

  • Sybil vs. Terminodes

  • Thwarting Sybil?


The problem
The problem

  • Wireless ad hoc networks cannot depend on many of the resources available to traditional networks for security

  • Such networks do not have the fixed infrastructure that is required for classical implementations of centralized certification authorities

  • One option for solving this problem is to develop a self-organized system that completely sets aside the need for a trusted authority at any stage of implementation: Terminodes approach



Sybil attacks
Sybil attacks

  • A Sybil attack is the forging of multiple identities for malicious intent -- having a set of faulty entities represented through a larger set of identities.

  • The purpose of such an attack is to compromise a disproportionate share of a system.

  • Result is overthrowing of any assumption of designed reliability based on a limited proportion of faulty entities.


Sybil key idea
Sybil: key idea

  • Sybil Attack undermines assumed mapping between identity to entity and hence number of faulty entities


Model in douceur 2002
Model in Douceur(2002):

  • Set E of entities e; two disjoint subsets C (c is correct) and F (f is faulty).

  • Broadcast communication cloud, pipe connecting each entity to the cloud.

  • Entities communicate by broadcast messages, all messages received within bounded time, not necessarily in order.

  • Assume local entity l is correct.


Terminodes and sybil public key management in manet

remote entities

communication

cloud

local entity


Terminodes and sybil public key management in manet

  • Identity i is abstract representation of entity e which persists across multiple messages.

  • 3 sources of info for which a local entity can accept identity i of remote e :

    • Trusted agency

    • Itself

    • Other entities

  • Two ways to validate entities not received from trusted agency:

    • Direct validation

    • Indirect validation; accept identities vouched for by already accepted identities

  • Goal: accept all legitimate identities, but no counterfeits


Terminodes and sybil public key management in manet

  • Method: for direct and and indirect validation (not using trusted agency), utilize computational tasks to validate distinctness;

    • basically, validate distinctness of two entities by getting them to perform some task (computational puzzle) that a single entity could not.

    • cannot assume homogeneous resources, only minimum; faulty entity could have more than minimum

    • practical impossibility of having challenges issued simultaneously.

    • Result: for direct or indirect validation, a set of faulty entities can counterfeit an unbounded number of identities. (Douceur)


Terminodes and sybil public key management in manet

  • Validation which does not use a trust agency can’t provably meet the identity goal;

    • Identification based on local-only information not practical

    • PGP-style web of (certification) trust not adequate; is indirect-validation.

  • Douceur’s Conclusion: A centralized authority is required to realize a reliable distributed system.


Douceur s 4 lemmas
Douceur’s 4 Lemmas provably meet the identity goal;

  • If  is the ratio of the resources of a faulty entity ƒ to the resources of a minimally capable entity, then ƒ can present g =  distinct identities to local entity l.

  • If local entity l accepts entities that are not validated simultaneously, then a single faulty entity ƒ can present an arbitrarily large number of distinct identities to entity l.


Douceur s 4 lemmas cont
Douceur’s 4 Lemmas (cont) provably meet the identity goal;

  • If local entity l accepts any identity vouched for by q accepted identities, then a set F of faulty entities can present an arbitrarily large number of distinct identities to l if either |F|  q or the collective resources available to F at least equal those of q + |F| minimally capable entities.

  • If the correct entities in set C do not coordinate time intervals during which they accept identities, and if local entity l accepts any identity vouched for by q accepted identities, then even a minimally capable faulty entity f can present g = |C| / q distinct identities to l.


Sybil vs terminodes
Sybil vs. Terminodes provably meet the identity goal;

  • Despite their promises to the contrary, the Terminodes project is not immune to Sybil attacks

  • This can be seen by looking at their repository construction algorithms


Maximum degree algorithm
Maximum Degree Algorithm provably meet the identity goal;

  • Each user stores in her local repository several directed and mutually disjoint paths of certificates.

  • Each path begins at the user herself

  • The certificates are added to the path as follows: a new certificate is chosen among the certificates connected to the last user on the path, such that the new certificate leads to the user that has the highest number of certificates connected to her


Shortcut hunter algorithm
Shortcut Hunter Algorithm provably meet the identity goal;

  • Certificates are stored into the local repositories based on the number of the shortcut certificates connected to the users

  • A shortcut certificate is a certificate that, when removed from the graph makes the shortest path between two users previously connected by this certificate strictly larger than two


Thwarting sybil
Thwarting Sybil provably meet the identity goal;

  • Do we believe any of this?

    • Any flaws in the logic chain?

    • Is there another way to bind identities to entities?

    • Is there something about trust authorities that means they must (by nature) be centralized?

  • Is this really a problem?

    • Existing systems seem to be working fine.

    • What’s wrong with a distributed system using a centralized trust authority?

    • Is a CA part of the distributed system that uses it?

    • Are existing practices good enough in practice?


The sybil attack in sensor networks newsome et al
The Sybil Attack in Sensor Networks: Newsome, et al. provably meet the identity goal;

  • Malicious node and its Sybils:

    • Direct vs indirect communication

    • Fabricated vs stolen identities

    • Simultaneous vs non-simultaneous attacks


Sybil attacks1
Sybil attacks provably meet the identity goal;

  • Distributed storage

  • Routing

  • Data aggregation

  • Voting

  • Resource allocation

  • Misbehavior detection


Defenses
Defenses provably meet the identity goal;

  • Old:

    • Computation

    • Storage

    • Communication

  • New: direct attacks only

    • Radio resource testing

    • Random key predistribution

    • Registration

    • Position verification

    • Code attestation


ad
  • Login