SPLASH Project INRIA-Eurecom-UC Irvine - PowerPoint PPT Presentation

Splash project inria eurecom uc irvine
Download
1 / 23

  • 58 Views
  • Uploaded on
  • Presentation posted in: General

SPLASH Project INRIA-Eurecom-UC Irvine. November 2006. SPLASH project review. Security of Wireless Adhoc Networks From MANET security… To WSN (Wireless Sensor Network) Security! Many contributions in many different areas. Outline. MANET Security Membership Management

I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.

Download Presentation

SPLASH Project INRIA-Eurecom-UC Irvine

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


Splash project inria eurecom uc irvine

SPLASH ProjectINRIA-Eurecom-UC Irvine

November 2006


Splash project review

SPLASH project review

  • Security of Wireless Adhoc Networks

    • From MANET security…

    • To WSN (Wireless Sensor Network) Security!

  • Many contributions in many different areas...


Outline

Outline

  • MANET Security

    • Membership Management

    • Collaboration Enforcement

  • WSN Security

    • The security Challenges

    • Secure Aggregation

  • Conclusions


What is a manet

Distributed and scalable security services required

What is a MANET?

  • No centralized control

  • No hierarchy

  • Fault-tolerant

  • Dynamic membership

  • Set of nodes (5-50) that establish

  • A network

  • Wireless and multi-hop

  • Does not rely on any fixed infrastructure

  • Spontenuous (no prior association)

MANET


Manet two main security challenges

MANET two main Security Challenges

  • Membership Management

    • How does a new node become a member of the MANET without relying on a trusted membership controller?

  • Secure Routing/Collaboration Enforcement

    • How can we make sure that all node collaborate i.e. relays others’ packets?


Membership management the centralized approach

Membership Management: The Centralized Approach

E

D

F

Membership

manager

A

C

B


Our approach distributed membership management

Our Approach:Distributed Membership Management

E

F

A

C

B


Our approach admission control

Vote2

Vote1

Mnew

Vote2

Vote2

Our approach:Admission Control

  • New member (Mnew) wants to join the group

  • A quorum of t current members need to issue Mnew a group membership certificate (GMC)

  • If no quorum found, membership is denied

  • Step 1: Join request

  • Step 2: Join commit (Vote)

Mnew

  • Step 3: GMC issuance &

    share acquisition


Contributions

Contributions

  • Solution based on secret sharing technique + polynomial interpolation.

    • Only One round (instead of t) is necessary to become a member of the group.

  • Once a node becomes a member it receives a token (private key) that can be used to:

    • Vote for new member

    • Establish a key with any other MANET member

    • Prove membership

  • More infos?:

    • Robust Self-Keying Mobile Ad Hoc Networks, Claude Castellucia, Nitesh Saxena, and Jeong H. Yi, Elsevier Computer Networks, April 2007.


Secure collaboration

Secure Collaboration

  • How to make sure that members are not selfish?

    • Some nodes might drop packets to save energy or to perform DoS attacks

  • We have developped:

    • a reputation based solution (CORE)

    • a Cryptographic solution


How to enforce collaborations

How to enforce collaborations?

  • Problem statement:

C

C

A

A

B


How to enforce collaborations1

How to enforce collaborations?

  • Problem statement:

C

A

B

C

A


Our solution

Our solution

  • Some packets addressed to B are routed via C

    • Boomerang routing ;-)

C

A

B

A

C

A

B

C

C

A

B

A

A

B

B

A


Our solution1

Our solution

  • If B drops packets…it may drop some of its packets …

  • It is forced to collaborate since he does not know the final destination…

  • Reference:Pocket bluff (INRIA Research Report)

C

A

B

A

C

A

B


Wireless sensor networks

Wireless Sensor Networks

  • Another type of adhoc networks

  • Network of sensors that usually monitor the environment

  • Sensors are very small and cheap devices

  • They usually send their monitored data to the sink (a more powerful device)


Application spectrum

Interactive VR

Game

Wearable

Disaster Recovery

Environmental Monitoring

Computing

Earth Science &

Exploration

Context-Aware

Computing

Wireless Sensor

Immerse

Environments

Networks

Biological

Monitoring

Hazard

Detection

Smart

Environment

Linear Structure

Military Surveillance

Protection

Urban Warfare

Application Spectrum


Manet vs wsn

MANET vs WSN

  • MANET and WSN look similar but they are quite different..

    MANETWSN

Nodes are Fixed

Nodes are Mobile

1000/10000 Nodes

10-50 Nodes

Nodes belong to same entity

Nodes belong to different entities

Nodes sends to BS

Nodes have very

Limited CPU/memory/energy

P2P communication

Nodes can easily be physically

corrupted


Manet security challenges

Manet Security Challenges

  • MANET WSN

Scalability

Access/Membership control

Collaboration enforcement/

Secure routing

Energy/CPU efficient security protocols

Sensor revocation


Some contributions

Some Contributions

  • Key establishment/pairing

    • Shake them Up! (presented last year)

  • Secure Aggregation

    • Aggregation is a useful technique to save energy

    • User is often more interested in the aggregate (i.e. average in a give area) than each individual value

    • Instead of sending each value to the sink, the values are added by intermediate nodes…

    • Less packets are transmitted, i.e. energy is saved…


Secure aggregation

Secure Aggregation

  • Aggregation is simple without security

    • Intermediate nodes process data of their children

  • But what happens if the data sent by each sensor is encrypted using a key that it shares with the sink?

    • Data processing is no more possible…or is it?

    • We’ve developed a new additively homomorphic cipher

      • Enc(k1, msg1) + Enc(k2, msg2) = Enc(k1+k2, msg1+msg2)

      • Intermediate nodes can add the ciphers they receive from children …and the sink can still recover the sum of the plaintexts.

      • But intermediate nodes do not have access to the plaintext values, i.e. privacy is provided…

  • More info?:

    • Efficient Aggregation of Encrypted Data in Wireless Sensor Networks, Conference Presentation Mobiquiotous 2005, July 2005


Conclusions

Conclusions

  • The SPLASH project was a very productive and successful project

    • Pars Mutaf (INRIA) visited Eurecom for 1 year.

    • Claude Castelluccia (INRIA) visited UCI for 2 years.

  • The scientific contributions were numerous and many papers were published

  • We participated in many conf. PC and launched ESAS (Europeen Workshop on Security in Adhoc and Sensor Network)

  • We have deployed 2 testbeds

    • MANET (Eurecom) to evaluate CORE

    • WSN (INRIA)


Some papers

Some Papers

  • Key distribution/Membership Management in MANET

    • Robust Self-Keying Mobile Ad Hoc Networks, Elsevier Computer Networks, April 2007.

    • Ad hoc network security, book chapter in Mobile Adhoc networking, 2004 and in Handbook of Information Security (2006).

  • Secure and Private MANET routing protocol

    • Packet coding for strong anonymity in ad hoc networks, IEEE Securecomm 2006,

    • Securing Route Discovery in DSR, IEEE Mobiquitous'05

  • Collaboration Enforcement in MANET

    • CORE: a collaborative reputation mechanism to enforce node cooperation in MANET (Michiardi phd thesis, 2004 + 6-7 publications)

    • Pocket Bluff, INRIA Tech. Report, 2005.

  • WSN Security

    • Shake Them Up! Mobisys 2005.

    • Efficient Aggregation of Encrypted Data in Wireless Sensor Networks IEEE Mobiquitous'05

    • Authenticated Interleaved Encryption, eprint, 2006.

    • More to come soon ;-)


Visibility

Visibility

  • European Workshop on Security in Ad-Hoc and Sensor Networks (2004)

    • Refik Molva and Gene Tsudik (UCI) were chairing ESAS2005

    • C.Castelluccia is in the steering com.

    • ESAS and IEEE WISE will merge to create an new IEEE conference: IEEE WISEC (Wireless Security)!

  • We have chaired/were in the PC on numerous conf./workshop: Securecom, Mobiquitous, ESAS, Globecom, UbiSec,…


  • Login