Splash project inria eurecom uc irvine
Download
1 / 23

SPLASH Project INRIA-Eurecom-UC Irvine - PowerPoint PPT Presentation


  • 64 Views
  • Uploaded on

SPLASH Project INRIA-Eurecom-UC Irvine. November 2006. SPLASH project review. Security of Wireless Adhoc Networks From MANET security… To WSN (Wireless Sensor Network) Security! Many contributions in many different areas. Outline. MANET Security Membership Management

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about ' SPLASH Project INRIA-Eurecom-UC Irvine' - tahir


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
Splash project inria eurecom uc irvine

SPLASH ProjectINRIA-Eurecom-UC Irvine

November 2006


Splash project review
SPLASH project review

  • Security of Wireless Adhoc Networks

    • From MANET security…

    • To WSN (Wireless Sensor Network) Security!

  • Many contributions in many different areas...


Outline
Outline

  • MANET Security

    • Membership Management

    • Collaboration Enforcement

  • WSN Security

    • The security Challenges

    • Secure Aggregation

  • Conclusions


What is a manet

Distributed and scalable security services required

What is a MANET?

  • No centralized control

  • No hierarchy

  • Fault-tolerant

  • Dynamic membership

  • Set of nodes (5-50) that establish

  • A network

  • Wireless and multi-hop

  • Does not rely on any fixed infrastructure

  • Spontenuous (no prior association)

MANET


Manet two main security challenges
MANET two main Security Challenges

  • Membership Management

    • How does a new node become a member of the MANET without relying on a trusted membership controller?

  • Secure Routing/Collaboration Enforcement

    • How can we make sure that all node collaborate i.e. relays others’ packets?


Membership management the centralized approach
Membership Management: The Centralized Approach

E

D

F

Membership

manager

A

C

B



Our approach admission control

Vote2

Vote1

Mnew

Vote2

Vote2

Our approach:Admission Control

  • New member (Mnew) wants to join the group

  • A quorum of t current members need to issue Mnew a group membership certificate (GMC)

  • If no quorum found, membership is denied

  • Step 1: Join request

  • Step 2: Join commit (Vote)

Mnew

  • Step 3: GMC issuance &

    share acquisition


Contributions
Contributions

  • Solution based on secret sharing technique + polynomial interpolation.

    • Only One round (instead of t) is necessary to become a member of the group.

  • Once a node becomes a member it receives a token (private key) that can be used to:

    • Vote for new member

    • Establish a key with any other MANET member

    • Prove membership

  • More infos?:

    • Robust Self-Keying Mobile Ad Hoc Networks, Claude Castellucia, Nitesh Saxena, and Jeong H. Yi, Elsevier Computer Networks, April 2007.


Secure collaboration
Secure Collaboration

  • How to make sure that members are not selfish?

    • Some nodes might drop packets to save energy or to perform DoS attacks

  • We have developped:

    • a reputation based solution (CORE)

    • a Cryptographic solution


How to enforce collaborations
How to enforce collaborations?

  • Problem statement:

C

C

A

A

B


How to enforce collaborations1
How to enforce collaborations?

  • Problem statement:

C

A

B

C

A


Our solution
Our solution

  • Some packets addressed to B are routed via C

    • Boomerang routing ;-)

C

A

B

A

C

A

B

C

C

A

B

A

A

B

B

A


Our solution1
Our solution

  • If B drops packets…it may drop some of its packets …

  • It is forced to collaborate since he does not know the final destination…

  • Reference:Pocket bluff (INRIA Research Report)

C

A

B

A

C

A

B


Wireless sensor networks
Wireless Sensor Networks

  • Another type of adhoc networks

  • Network of sensors that usually monitor the environment

  • Sensors are very small and cheap devices

  • They usually send their monitored data to the sink (a more powerful device)


Application spectrum

Interactive VR

Game

Wearable

Disaster Recovery

Environmental Monitoring

Computing

Earth Science &

Exploration

Context-Aware

Computing

Wireless Sensor

Immerse

Environments

Networks

Biological

Monitoring

Hazard

Detection

Smart

Environment

Linear Structure

Military Surveillance

Protection

Urban Warfare

Application Spectrum


Manet vs wsn
MANET vs WSN

  • MANET and WSN look similar but they are quite different..

    MANET WSN

Nodes are Fixed

Nodes are Mobile

1000/10000 Nodes

10-50 Nodes

Nodes belong to same entity

Nodes belong to different entities

Nodes sends to BS

Nodes have very

Limited CPU/memory/energy

P2P communication

Nodes can easily be physically

corrupted


Manet security challenges
Manet Security Challenges

  • MANET WSN

Scalability

Access/Membership control

Collaboration enforcement/

Secure routing

Energy/CPU efficient security protocols

Sensor revocation


Some contributions
Some Contributions

  • Key establishment/pairing

    • Shake them Up! (presented last year)

  • Secure Aggregation

    • Aggregation is a useful technique to save energy

    • User is often more interested in the aggregate (i.e. average in a give area) than each individual value

    • Instead of sending each value to the sink, the values are added by intermediate nodes…

    • Less packets are transmitted, i.e. energy is saved…


Secure aggregation
Secure Aggregation

  • Aggregation is simple without security

    • Intermediate nodes process data of their children

  • But what happens if the data sent by each sensor is encrypted using a key that it shares with the sink?

    • Data processing is no more possible…or is it?

    • We’ve developed a new additively homomorphic cipher

      • Enc(k1, msg1) + Enc(k2, msg2) = Enc(k1+k2, msg1+msg2)

      • Intermediate nodes can add the ciphers they receive from children …and the sink can still recover the sum of the plaintexts.

      • But intermediate nodes do not have access to the plaintext values, i.e. privacy is provided…

  • More info?:

    • Efficient Aggregation of Encrypted Data in Wireless Sensor Networks, Conference Presentation Mobiquiotous 2005, July 2005


Conclusions
Conclusions

  • The SPLASH project was a very productive and successful project

    • Pars Mutaf (INRIA) visited Eurecom for 1 year.

    • Claude Castelluccia (INRIA) visited UCI for 2 years.

  • The scientific contributions were numerous and many papers were published

  • We participated in many conf. PC and launched ESAS (Europeen Workshop on Security in Adhoc and Sensor Network)

  • We have deployed 2 testbeds

    • MANET (Eurecom) to evaluate CORE

    • WSN (INRIA)


Some papers
Some Papers

  • Key distribution/Membership Management in MANET

    • Robust Self-Keying Mobile Ad Hoc Networks, Elsevier Computer Networks, April 2007.

    • Ad hoc network security, book chapter in Mobile Adhoc networking, 2004 and in Handbook of Information Security (2006).

  • Secure and Private MANET routing protocol

    • Packet coding for strong anonymity in ad hoc networks, IEEE Securecomm 2006,

    • Securing Route Discovery in DSR, IEEE Mobiquitous'05

  • Collaboration Enforcement in MANET

    • CORE: a collaborative reputation mechanism to enforce node cooperation in MANET (Michiardi phd thesis, 2004 + 6-7 publications)

    • Pocket Bluff, INRIA Tech. Report, 2005.

  • WSN Security

    • Shake Them Up! Mobisys 2005.

    • Efficient Aggregation of Encrypted Data in Wireless Sensor Networks IEEE Mobiquitous'05

    • Authenticated Interleaved Encryption, eprint, 2006.

    • More to come soon ;-)


Visibility
Visibility

  • European Workshop on Security in Ad-Hoc and Sensor Networks (2004)

    • Refik Molva and Gene Tsudik (UCI) were chairing ESAS2005

    • C.Castelluccia is in the steering com.

    • ESAS and IEEE WISE will merge to create an new IEEE conference: IEEE WISEC (Wireless Security)!

  • We have chaired/were in the PC on numerous conf./workshop: Securecom, Mobiquitous, ESAS, Globecom, UbiSec,…


ad