1 / 22

A Public Key Cryptographic Method for Denial of Service Mitigation in Wireless Sensor Networks

A Public Key Cryptographic Method for Denial of Service Mitigation in Wireless Sensor Networks. 20082065 Myunghan Yoo August 2, 2008. O. Arazi , H. Qi , D. Rose IEEE SECON 2007 proceedings. Progress. Problem & background Solution Discussion. Public Key Cryptography.

janina
Download Presentation

A Public Key Cryptographic Method for Denial of Service Mitigation in Wireless Sensor Networks

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. A Public Key Cryptographic Method for Denial of Service Mitigation in Wireless Sensor Networks 20082065 MyunghanYoo August 2, 2008 O. Arazi, H. Qi, D. Rose IEEE SECON 2007 proceedings

  2. Progress • Problem & background • Solution • Discussion

  3. Public Key Cryptography • Use private and public keys • Given public key, easy to compute -> anyone can lock • Only those who has private key compute its inverse-> only those who has it can unlock, vice versa. Attacker C=E(P, Ke) P=D(C, Kd ) P P P C D E() D() Insecure channel Kd Ke Key Key

  4. Usage of PKC (I) • For Privacy - Encrypt M with Bob’s public key : C = eK(Bp,M) - Decrypt C with Bob’s private key : D = dK(Bs,C) * Anybody can generate C, but only Bobcan recover C to M. C dk( , ) ek( , ) M M Public directory Alice : Ap Bob : Bp Chaum : Cp . . BS BP

  5. Usage of PKC (II) • For authentication (Digital Signature) - Encrypt M with Alice’s private key : C = dK(As,M) - Decrypt C with Alice’s public key : D = eK(Ap,C) * Only Alice can generate C, but anybody can verify C. C M ek( , ) dk( , ) M Public directory Alice : Ap Bob : Bp Chaum : Cp . . As Ap

  6. Motivation & Objective • Public Key Cryptography (PKC) • Denial-of-Service Attack in PKC • With repeated & meaningless requests to normal nodes to establish a session key, the adversary causes attacked normal nodes to waste energyresources

  7. Objective & Key Idea • Objective • Mitigating Denial-of-Service (DoS) attacks • Key Idea • Loading heavy computational burden on the instigator

  8. Progress • Problem & background • Solution • Discussion

  9. Overview of Proposed Scheme Stage A: Alice proving her validity to Bob A relatively energy draining procedure on Alice’s part If successful Stage B: Bob proving her validity to Alice A relatively low energy draining procedure on Bob’s part If successful: both users hold an ephemeral shared secret key

  10. The Instigator Proving Its Validity Alice Bob nA IDA CRA H(nA, IDA) = nAIDA CRA = [H(nA, IDA)]dca mod nCA (CRA)e mod nCA = H(nA, IDA) If so, generates a message, m, such that: t= me mod nA t tdA mod nA = m 512 bits or 1024 bits x: LSB of message m compares nA: Alice’s public key, IDA: Alice’s public key ID, CRA: Alice’s certificate signed by CA with its private key, e, nCA : CA’s public key

  11. Message m z 212bits y 200bits x 100bits • x: Significant bits to identify the instigator • y and z: Factors of an ephemeral key Example of message m where the length of m is 512 bits.

  12. Overview of Proposed Scheme Stage A: Alice proving her validity to Bob A relatively energy draining procedure on Alice’s part If successful Stage B: Bob proving her validity to Alice A relatively low energy draining procedure on Bob’s part If successful: both users hold an ephemeral shared secret key

  13. The Approached Node Proving Its Validity • Key Transport • Elliptic Curve Digital Signature Algorithm (ECDSA) • Self-Certified DH Fixed Key-Generation

  14. Key Transport Alice Bob Stage A If successful nB, CRB, IDB, SB Validation of the values: (CRB)e mod nCA = H(nB, IDB), (SB)e mod nB = y SB = ydB mod nB Stage B: If successful KAB-final = z

  15. ECDSA Alice Bob Stage A V = u · G C is scalar of V L = u-1(y + dB · C) mod ordG If successful (C, L) Calculatesh = L-1,q1 = y · h mod ordG, q2 = C · h mod ordG, P = q1 · G + q2 · V, and C’ is scalar of P If C’ = C Stage B: KAB-final = z

  16. Self-Certified DH Fixed Key-Generation Alice Bob Stage A If successful nB, CRB, IDB Self-Certified DH Fixed Key-Generation KAB-temp = KAB (generated by Alice) = nA x [H(IDB, nB) x nB + nCA] = KBA (generated by Bob) = nB x [H(IDA, NA) x nA + nCA] Stage B: KAB-final = H(KAB-temp, m’)

  17. Implementation Results Using 1024-Bit RSA and 160-bit ECC on the Intel MOTE 2 Platform from 312 MHz core clock

  18. Progress • Problem & background • Solution • Discussion

  19. Contribution • This paper may be the first try of DoS attack mitigation for PKC

  20. Discussion • Unclear environment of implementation • communication distance between Alice and Bob • Yet, unsuitable PKC in the WSN • Incoherent logic • Applying to only a suspicious node is needed • DoS attack with incomplete stage A

  21. DoS attack with incomplete stage A Alice Bob nA IDA CRA H(nA, IDA) = nAIDA CRA = [H(nA, IDA)]dca mod nCA (CRA)e mod nCA = H(nA, IDA) If so, generates a message, m, such that: t= me mod nA Completed part t tdA mod nA = m Incompleted part 512 bits or 1024 bits x: LSB of message m compares nA: Alice’s public key, IDA: Alice’s public key ID, CRA: Alice’s certificate signed by CA with its private key, e, nCA : CA’s public key

  22. Thank YouQ&A

More Related