1 / 19

Toward Mitigating Denial of Service Attacks in Power-Constrained Sensor Networks

Toward Mitigating Denial of Service Attacks in Power-Constrained Sensor Networks. Ortal Arazi, Hairong Qi College of Engineering Dept. of Electrical & Computer Engineering The University of Tennessee Cyberspace Sciences & Information Intelligence Research Group (CSIIR)

devaki
Download Presentation

Toward Mitigating Denial of Service Attacks in Power-Constrained Sensor Networks

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Toward Mitigating Denial of Service Attacks inPower-Constrained Sensor Networks Ortal Arazi, Hairong Qi College of Engineering Dept. of Electrical & Computer Engineering The University of Tennessee Cyberspace Sciences & Information Intelligence Research Group (CSIIR) Oak Ridge National Laboratory, Oak Ridge

  2. Instigating Communication Alice Bob Lets “talk” Insecure channel Alice and Bob: legitimate users They would like to start communicating key? “talk”?

  3. Denial of Service Mitigation Trudy Bob Insecure channel Trudy wants to: 1) Drain Bob’s energy 2) Impede him from talking to other legitimate users How can we prevent that?

  4. Denial of Service Mitigation Procedure Alice Bob Part A: Alice proving to Bob her validity A relatively energy draining procedure on Trudy’s side If Proved Part B: Bob proving to Alice his validity A relatively non energy draining procedure on Bob’s side If the authentication is successful, as a result Alice and Bob will also have a shared key

  5. The Denial of Service Mitigation Part A (nA, e)→ Alice’s public key (nA, dA)→ Alice’s private key CRA → Alice’s certificate IDA → Alice’s identification CR- A certificate The CA’s signature on the association between nA and IDA

  6. The Denial of Service Mitigation Part A (cont)

  7. Timing and energy considerations (Part A) ~ 160 mJ ~250 msec (for a 512 bit key) All other energy and time consumptions (from the other procedures) are negligible

  8. Calculating the keys ( nA,e)→ Alice’s public key (nA,dA)→ Alice’s private key Pi- Pseudo random prime number Euler’s Totient Function returns the number of Integers less thannA

  9. Checking the Certificate nCA and dCA are calculated using the exact procedure indicated above

  10. The Denial of Service Mitigation Procedure

  11. The Denial of Service Mitigation Part B I am Bob! ?? • How can Bob prove his validity? • Several solutions: • Using the self-certified fixed key method • Using RSA • Using ECDSA

  12. The Denial of Service Mitigation Part B (1) Using the self-certified fixed key method t When calculating the self-certified fixed key, Bob is authenticated! Both have the message m Bob sent in part A Y LSB of m xA[H(IDB , UB)* UB + R] , xB[H(IDA , UA)* UA + R] The final ephemeral key: f( fixed key, m/without the Y LSB sent on the open channel)

  13. Self certified DH key generation: Fixed key Each node is given by the CA (Certifying authority) a set of public and private keys: (Uv, Xv) Node i Node j IDj , Uj IDi , Ui Node i calculates: xi[H(IDj , Uj),* Uj + R] = xj[H(IDi , Ui),* Ui + R] :Node j calculates IDv: identification of node v - scalar Uv: node v’s public key, generated by the CA - a point on the curve Xv : node v’s private key, generated by the CA - scalar

  14. Self certified DH key generation: Fixed key mathematical assertions … As given by the CA: Ui= hi * G Uj= hj * G xi= [H(IDi, Ui),* hi+d] mod org G xj= [H(IDj, Uj),* hj +d] mod org G Node i calculates: xi[H(IDj , Uj),*Uj +R] =xi[H(IDj , Uj),*hj * G +d*G] =xi[H(IDj , Uj),* hj+d] *G = xi*xj *G Node j calculates: xj[H(IDi, Ui),*Ui +R] =xi[H(IDi, Ui),*hi * G +d*G] =xi[H(IDi , Ui),* hi+d] *G = xj*xi *G R : the CA’s public key = d*G - a point on the curve d : the CA’s private key - scalar G : a generating group-point, used by all relevant nodes - a point on the curve hv : a random 160 bit number generated by the CA - scalar

  15. The Denial of Service Mitigation Part B (2) Using RSA CRB IDB nB SB • Bob calculates: • Bob send Alice: • Alice calculates: If so, the final ephemeral key: Z

  16. The Denial of Service Mitigation Part B (3) Using ECDSA • Bob: • Generates a random number: u. Calculate . C- the scalar representation of point V. • Calculates . The signature is the pair (C,L) • Sends Alice (C,L) • Alice: • Computes: • Obtains the curve point: C’- the scalar representation of point P • If C=C’, then the signature is valid, it is Bob! If so, the final ephemeral key: Z

  17. The Denial of Service Mitigation, Part B Comparing the three methods The time is measured in: ECC point by scalar multiplications Approximately: 40 msec

  18. Conclusions • PKC implementation in WSN is feasible • ECC shows promise as crypto technology • DoS is a primary threat • Introduced a hybrid RSA/ECC framework for mitigating DoS attacks • Using the fixed key approach or the ECDSA approach proved to be highly beneficial

  19. Thank You Questions ?

More Related