210 likes | 227 Views
Certification of Secure Encounter History Among Low Power Mobile Sensors. Takurou Sakai † , Akira Uchiyama † , Yoshitaka Nakamura ‡ and Teruo Higashino † † Osaka University ‡ Nara Institute of Science and Technology. Research Background.
E N D
Certification of Secure Encounter HistoryAmong Low Power Mobile Sensors Takurou Sakai†, Akira Uchiyama†, Yoshitaka Nakamura‡ and Teruo Higashino† †Osaka University ‡Nara Institute of Science and Technology
Research Background • As the progress of wireless network, it has been easy for users to acquire information about the location. • Many location-based services have been proposed. • Existing location-based services • Use only location information • “Alice arrived at the school.” • “Bob got through the entrance gate.” • Encounter information with friends might help to increase “emotional trust” in location-based services. • Examples • Encounter information “Alice is in the park now with her friend ‘Bob’.” eases her parents’ mind than just knowing that “Alice is in the park now.” • At the same time, we also need to consider user privacy. • Each user does not want to tell his/her name to unknown persons. • Each person’s encounter information should not be public. ICDF2008
Alice Carol Bob Landmark Recommended Route Dave Teacher Example Application :Children Security System House Park School ・In Japan, children go to their school along the recommended safe routes. ・A system to obtain encounter histories of children might ease their parents’ mind. ICDF2008
Alice Bob Landmark Recommended Route Example Application :Children Security System 8:00, House House 8:08, Park 8:05, Bob Park 8:25, Teacher 8:22, Dave School 8:30, School ・ Alice goes to school with Bob. They met Dave and their teacher, and then they arrive at school. Those information are much safer than just knowing “Alice arrives at school”. ICDF2008
Alice Landmark Recommended Route Alice’s Actual Route Example Application :Children Security System House Deserted Park School • If Alice goes to school alone and passes the deserted park, and if passing the park is prohibited for safety reason, Alice’s parents can recognize that Alice passes a wrong route. ICDF2008
8:05, Landmark Alice 8:05, Landmark Alice ***** ***** 8:08, Landmark Alice Bob Carol 8:05, Ellen Carol 8:00, Carol Teacher ***** ***** House House House 8:08, Landmark Alice Bob ***** ***** ***** ***** 8:05, Alice Bob 8:05, Alice Bob ***** ***** School School School 8:30, Landmark Alice Bob 8:30, Landmark Alice Bob ***** ***** 8:35, Dave Ellen 8:25, Alice Bob Teacher 8:25, Alice Bob Teacher ***** ***** ***** ***** ***** ***** ***** ***** 8:30, Dave Carol 8:22, Alice Bob Dave 8:22, Alice Bob Dave Problem : User Privacy Alice • Problem • Without user privacy, everyone can acquire the information of others. • To solve this problem, • No one can recognize who creates the information. • Each user can obtain the information involving him/her. Server ICDF2008
Research Goal • We propose a secure technique for gathering encounter information with friends. • GPS • It might not be used in some places such as underground city. • It also consumes much energy power. • Implement the technique on low power sensors • We rely sensors called “landmarks” for knowing accurate locations. • Landmarks are assumed to be deployed on walls of buildings/houses. • User privacy • Encounter information should have strong anonymity (Unlinkability) • No one can recognize whether senders of multiple encounter information are the same or not. • Encounter information with Alice can be decoded by Bob iff Alice has allowed its decoding to Bob in advance. ICDF2008
System Model Local Servers • Landmarks (fixed node) • Sparsely deployed over the service area. • Provide accurate location information and time. • Some of them are connected to the Internet. • Users (mobile node) • Hold low power sensors. • Each user manages his/her own Local Server • Accumulation of his/her encrypted encounter information • Certification Authority (CA) • Maintains • Landmark List : (id, private key) • User List : (id,private key,friend list) • Decodes the encrypted encounter information with landmarks and friends. [Landmark List] (id, private key) [User List] (id, private key, friend list) Data Internet ・ ・ ・ Certification Authority Landmarks Users ICDF2008
Overview Alice Bob CA • Gathering Process • Bob periodically broadcasts a beacon. • If Alice receives the beacon, she obtains encrypted encounter information by encounter information gathering protocol. • Decoding Process • Alice sends the encrypted encounter information to CA. • CA decodes the encrypted encounter information. • Searches the sender of the information using all members in Alice’s friend list. • CA sends Alice the encounter information with the searched friend (Bob). [Alice’s friend list] Fred Ellen Dave … Bob … Who? Gathering Process Who? No! Who? No! No! Who? Decoding Process Yes! Bob! ICDF2008
Our Approach • Gathering Process : Encounter Information Gathering Protocol • For the design on low power sensors, we use • Hashed Message Authentication Code (HMAC) – hash function • Advanced Encryption Standard (AES) – symmetric-key encryption • We design it so that the encounter information has Unlinkability. • Encounter information has the digital evidence of encounter on the following assumptions. • Assumptions : • Each user holds his/her own terminal. • Each node does not communicate with others via another node. • Estimation Process of Encounter Location and Time • We design it under the following conditions about low power sensors : • Without a GPS device • Without an accurate timer. ICDF2008
Unlinkability Encrypted Sending Data • To achieve unlinkability, • Other users only recognize the sending data as a random bit sequence. • In our technique, • Each node encrypts its sending data with a random value. • Encryption of a random value creates a random bit sequence. • The random value is created by a pseudo-random number generator. Private Key Data `P?{`>}+? Gwgqase 2571051 Random Value No one can recognize whether the senders of these data are the same or not. ICDF2008
Digital Evidence of Encounter Alice Bob Encrypted Data using HMAC • To achieve the digital evidence of encounter • Encounter information have to be created • only by encounter nodes. • only when they encounter. • In our technique • Each node encrypts its sending data with the received MAC value using HMAC. • HMAC achieves authentication and detection of falsification. • Each node sends and receives the data in the fixed time interval (Δt). • Encounter information are always created within 2*Δt since sending a beacon. Private Key MAC1 (beacon) Δt Data MAC (Alice) Δt Received MAC value MAC2 (Bob) Random Value ICDF2008
Vmax:maximum speed of pedestrians Encounter Region 120 *Vmax 150 * Vmax Estimation of Encounter Region P2 • If an user terminal does not have a GPS device: • The elapsed time from when the encounter information is obtained from the latest landmark is provided. • The encounter region can be estimated based on movable distance of users within the elapsed time. S1 P1 A B 7:00 P1 encountered a landmark at A 7:02 P1 moved with P2 from around B ICDF2008
Determination of Time Sequence of Encounter • hash-chain can be used to determine the time sequence of encounter. • The user needs to encounter with node k1 in order to calculate a hash value of encounter information Ek1 (H[Ek1]) since a hash function is an one-way operation. • The n-th encounter information Ekn includes (n-1)-th hash value (H[Ekn-1]), which denotes the hash value of the latest encountered node ((n-1)-th node). Ek1 Ek2 Ekn-1 Ekn k1 k2 kn-1 kn H[Ek1] H[Ek2] ・・・ H[Ekn-2] H[Ekn-1] H[Ek1] H[Ek2] H[Ekn-2] H[Ekn-1] ICDF2008
Another Application : Construction Inspection History System • Construction inspection is important for our safety life. • However, there are the problems that the inspectors might forget and/or not take enough time to check inspection points because they have to inspect many places in large buildings. Sensors are deployed at the places to be inspected. ( + Each person has a wireless tag.) ID=104 • Where did inspectors check? • How long did they stay there? ICDF2008
Evaluation • Landmark Deployment Cost • Evaluated • the number of landmarks for an example scenario. • It assumes a city around Tokyo. • Energy/Memory Consumption • Assume low power sensors ‘MOTE’ as user terminals. • Evaluated • The lifetime of the battery. • The time when encounter information can be accumulated. MICAz MOTE A Sensor with Wireless Module (ZigBee) ICDF2008
Evaluation : Landmark Deployment Cost • Service Model (left figure) • Children form a small group and go to their school together • We assume a typical district in a city around Tokyo. • If landmarks are deployed • At each of the two intersections, • We need 64 landmarks. • Only on the recommended school routes, • We need less landmarks. • Therefore, this service can be provided using a small number of landmarks. • School district • Size : 2.07km2 • 1.44 km * 1.44 km • Road length : 91 m • # of Intersection : 256 landmark ICDF2008
Evaluation : Energy/Memory Consumption Energy Consumption of Various Algorithms Energy Consumption on MOTE • We have evaluated typical SHA-1 hash algorithm. • The energy consumption of SHA-1 is similar to that of AES. • The energy consumption of SHA-1 (192 bytes input) is 1/270 times as much as that of RSA. • When a user terminal receives one encounter information per 10 seconds, • The lifetime of the battery is 12 days without charging. • Encounter information can be accumulated for 6 hours on only its memory. • Therefore, the energy/memory consumption of our technique are small. ICDF2008
Conclusion • Summary • We have proposed a secure technique for gathering encounter information with friends. • Unlinkability. • the digital evidence of encounter. • We have evaluated our technique from two aspects : • Cost for landmark deployment. • Energy and Memory Consumption. • Future Work • We are planning to improve reliability of Certification Authority. • To improve digital evidence of encounter information. • To use encounter information for alibi. ICDF2008
Thank You ICDF2008