1 / 22

Overview of Security Research in Ad Hoc Networks

Overview of Security Research in Ad Hoc Networks. Melanie Agnew John Folkerts Cory Virok. Agenda. Towards Flexible Credential Verification in Mobile Ad-hoc Networks by Keoh and Lupu Simple and Fault-Tolerant Key Agreement for Dynamic Collaborative Groups by Kim, Perring, and Tsudik

joannw
Download Presentation

Overview of Security Research in Ad Hoc Networks

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Overview of Security Research in Ad Hoc Networks Melanie Agnew John Folkerts Cory Virok

  2. Agenda • Towards Flexible Credential Verification in Mobile Ad-hoc Networks by Keoh and Lupu • Simple and Fault-Tolerant Key Agreement for Dynamic Collaborative Groups by Kim, Perring, and Tsudik • Fast Authenticated Key Establishment Protocolsfor Self-Organizing Sensor Networks by Huang, Cukier, Kobayashi, Liu and Zhang

  3. Towards Flexible Credential Verification in Mobile Ad-hoc Networks by Sye Loong Keoh and Emil Lupu Published in ACM Principles of Mobile Computing 2002

  4. Goal and Assumptions • Goal • Enable credential verification in an ad hoc environment given some natural limitations • Assumptions • Ad hoc networks are built around entities with a priori relationships • E.g. wireless collaboration between colleagues in the same physical location • Trust communications can occur “out of band” • Trusts must be established ahead of time • E.g. trust of a certificate authority or individual making assertions • Ad hoc networks will generally not have connections to verification services (e.g. on-line CA) • Off-line verification is done using PGP-like “web of trust” model • Verifiers are more likely to have access to on-line resources like CA’s and CRL’s. • Limited computational and storage resources • Not enough storage to keep track of all possible public keys

  5. Security Assertions • The Idea: • Use credential assertions instead of certificates, attributes, and repeated individual verification of credentials • Each device has: • A key ring which contains trusted keys (including root certificates as needed) • A public/private key pair • User policy for determining trustworthiness

  6. Example • Alice verifies Bob’s • signature and credentials on the CAS • Alice generates ASS and sends it to Bob 2 1 Bob generates CAS Credential Assertion Statement Signed: Bob Alice Bob Assertion Signature Statement Signed: Alice 3 Bob presents CAS andASS’s to service foraccess 4 Service performs verification on the signature using its trusted key ring and individual policies Service

  7. Benefits / Shortfalls • Benefits • User may have multiple CAS’s depending on usage • Identity is self-asserted; only the authorization assertion is independently certified • Trust is not transitive (unless you design a trust this way) • Shortfalls • In a complex environment would create lots of CAS’s; potentially one for each role • Revocation can not be done (no place for the verifier to check). This could limit the duration for any ASS to remain valid. • Concept of trust is simplistic; does not extend to larger environments

  8. Simple and Fault-Tolerant Key Agreement for Dynamic Collaborative Groups by Yongdae Kim, Adrian Perring, Gene Tsudik Published in ACM Conference on Computer and Communications Security 2000

  9. Goals • Question: • How can we generate and maintain a common encryption key for a frequently changing group? • Goals • The key generation should not be centralized (to ensure fault tolerance) • Ensure certain security properties for our key • Minimize the amount of network traffic associated with key changes

  10. Cryptographic Properties • Group Key Secrecy – it is computationally infeasible for a passive adversary to discover any group key • Forward Secrecy – a passive adversary who knows a contiguous subset of old group keys cannot discover subsequent group keys • Backward Secrecy – a passive adversary who knows a contiguous subset of group keys cannot discover preceding group keys • Key Independence – a passive adversary who knows any proper subset of group keys cannot discover any other group key.

  11. <0,0> <1,1> <1,0> <2,2> <2,3> <2,0> <2,1> M4 M3 <3,6> <3,7> <3.0> <3,1> M5 M6 M1 M2 A Key Tree

  12. Membership Events • Join: a new member is added to the group • Leave: a member is removed from the group • Merge: a subgroup is added to the group • Partition: a subgroup is split from the group • Key refresh: the group key is updated

  13. <0,0> <1,0> <1,1> M3 <2,0> <2,1> M1 M2 Join <0,0> <1,1> <1,0> <2,2> <2,3> <2,0> <2,1> M3 M4 M1 M2

  14. Leave <0,0> <1,1> <1,0> <2,2> <2,3> <0,0> <2,0> <2,1> M3 <1,1> <1,0> <3,6> <3,7> M1 M2 <2,2> <2,3> M4 M5 <2,0> <2,1> M4 M5 M1 M2

  15. Conclusion

  16. Fast Authenticated Key Establishment Protocolsfor Self-Organizing Sensor Networks by Qiang Huang, Johnas Cukier, Hisashi Kobayashi, Bede Liu and Jinyun Zhang Published in ACM Wireless Sensor Networks and Applications 2003

  17. The problem • Establishing keys securely across a sensor network • Sensor nodes have very little hardware resources. • Two types of encryption used • Symmetric Key Encryption – Inexpensive • Elliptic Curve Encryption – Expensive • Offloading the burden onto more powerful machines • Reducing Expense of Encryption Operations • Public key encryption is expensive • Yet it needs to be done quickly • Private key encryption is inexpensive • Yet using one group key is insecure • How can we balance the two while still retaining speed and security?

  18. The Solution:Hybrid Authentication Approach • Security Managers • More processing power than Sensor nodes • Need to communicate with secure Certificate authority • Does not fit with the “Ad Hoc” paradigm - Server based • Give the bulk of the work to the Security Manager • Allows sensors to join/leave the network quicker • Puts a major strain on the Security Manager • Sensors will substitute elliptic encryption for symmetric key encryption • Degrades security • Security Managers become more valuable targets • Tradeoff

  19. Conclusion • Tradeoff between speed and security • Sensors will require less power, resources • Smaller, cheaper, faster • Network authentication speed increased • Faster overall network performance

  20. Questions?

  21. Backup Slides

  22. What is an Ad Hoc Network? • Definition: A network which is created on demand, without fixed resources (servers, routers), such as used by wireless devices using short range communications • Characteristics of Ad Hoc Networks • No common resources (such as servers) – all resources must be contributed by the peers involved in the network • Membership in the network may change often • Devices may have limited storage and computational power • Network is less reliable and bandwidth limited compared to fixed networks

More Related