220 likes | 228 Views
Overview of Security Research in Ad Hoc Networks. Melanie Agnew John Folkerts Cory Virok. Agenda. Towards Flexible Credential Verification in Mobile Ad-hoc Networks by Keoh and Lupu Simple and Fault-Tolerant Key Agreement for Dynamic Collaborative Groups by Kim, Perring, and Tsudik
E N D
Overview of Security Research in Ad Hoc Networks Melanie Agnew John Folkerts Cory Virok
Agenda • Towards Flexible Credential Verification in Mobile Ad-hoc Networks by Keoh and Lupu • Simple and Fault-Tolerant Key Agreement for Dynamic Collaborative Groups by Kim, Perring, and Tsudik • Fast Authenticated Key Establishment Protocolsfor Self-Organizing Sensor Networks by Huang, Cukier, Kobayashi, Liu and Zhang
Towards Flexible Credential Verification in Mobile Ad-hoc Networks by Sye Loong Keoh and Emil Lupu Published in ACM Principles of Mobile Computing 2002
Goal and Assumptions • Goal • Enable credential verification in an ad hoc environment given some natural limitations • Assumptions • Ad hoc networks are built around entities with a priori relationships • E.g. wireless collaboration between colleagues in the same physical location • Trust communications can occur “out of band” • Trusts must be established ahead of time • E.g. trust of a certificate authority or individual making assertions • Ad hoc networks will generally not have connections to verification services (e.g. on-line CA) • Off-line verification is done using PGP-like “web of trust” model • Verifiers are more likely to have access to on-line resources like CA’s and CRL’s. • Limited computational and storage resources • Not enough storage to keep track of all possible public keys
Security Assertions • The Idea: • Use credential assertions instead of certificates, attributes, and repeated individual verification of credentials • Each device has: • A key ring which contains trusted keys (including root certificates as needed) • A public/private key pair • User policy for determining trustworthiness
Example • Alice verifies Bob’s • signature and credentials on the CAS • Alice generates ASS and sends it to Bob 2 1 Bob generates CAS Credential Assertion Statement Signed: Bob Alice Bob Assertion Signature Statement Signed: Alice 3 Bob presents CAS andASS’s to service foraccess 4 Service performs verification on the signature using its trusted key ring and individual policies Service
Benefits / Shortfalls • Benefits • User may have multiple CAS’s depending on usage • Identity is self-asserted; only the authorization assertion is independently certified • Trust is not transitive (unless you design a trust this way) • Shortfalls • In a complex environment would create lots of CAS’s; potentially one for each role • Revocation can not be done (no place for the verifier to check). This could limit the duration for any ASS to remain valid. • Concept of trust is simplistic; does not extend to larger environments
Simple and Fault-Tolerant Key Agreement for Dynamic Collaborative Groups by Yongdae Kim, Adrian Perring, Gene Tsudik Published in ACM Conference on Computer and Communications Security 2000
Goals • Question: • How can we generate and maintain a common encryption key for a frequently changing group? • Goals • The key generation should not be centralized (to ensure fault tolerance) • Ensure certain security properties for our key • Minimize the amount of network traffic associated with key changes
Cryptographic Properties • Group Key Secrecy – it is computationally infeasible for a passive adversary to discover any group key • Forward Secrecy – a passive adversary who knows a contiguous subset of old group keys cannot discover subsequent group keys • Backward Secrecy – a passive adversary who knows a contiguous subset of group keys cannot discover preceding group keys • Key Independence – a passive adversary who knows any proper subset of group keys cannot discover any other group key.
<0,0> <1,1> <1,0> <2,2> <2,3> <2,0> <2,1> M4 M3 <3,6> <3,7> <3.0> <3,1> M5 M6 M1 M2 A Key Tree
Membership Events • Join: a new member is added to the group • Leave: a member is removed from the group • Merge: a subgroup is added to the group • Partition: a subgroup is split from the group • Key refresh: the group key is updated
<0,0> <1,0> <1,1> M3 <2,0> <2,1> M1 M2 Join <0,0> <1,1> <1,0> <2,2> <2,3> <2,0> <2,1> M3 M4 M1 M2
Leave <0,0> <1,1> <1,0> <2,2> <2,3> <0,0> <2,0> <2,1> M3 <1,1> <1,0> <3,6> <3,7> M1 M2 <2,2> <2,3> M4 M5 <2,0> <2,1> M4 M5 M1 M2
Fast Authenticated Key Establishment Protocolsfor Self-Organizing Sensor Networks by Qiang Huang, Johnas Cukier, Hisashi Kobayashi, Bede Liu and Jinyun Zhang Published in ACM Wireless Sensor Networks and Applications 2003
The problem • Establishing keys securely across a sensor network • Sensor nodes have very little hardware resources. • Two types of encryption used • Symmetric Key Encryption – Inexpensive • Elliptic Curve Encryption – Expensive • Offloading the burden onto more powerful machines • Reducing Expense of Encryption Operations • Public key encryption is expensive • Yet it needs to be done quickly • Private key encryption is inexpensive • Yet using one group key is insecure • How can we balance the two while still retaining speed and security?
The Solution:Hybrid Authentication Approach • Security Managers • More processing power than Sensor nodes • Need to communicate with secure Certificate authority • Does not fit with the “Ad Hoc” paradigm - Server based • Give the bulk of the work to the Security Manager • Allows sensors to join/leave the network quicker • Puts a major strain on the Security Manager • Sensors will substitute elliptic encryption for symmetric key encryption • Degrades security • Security Managers become more valuable targets • Tradeoff
Conclusion • Tradeoff between speed and security • Sensors will require less power, resources • Smaller, cheaper, faster • Network authentication speed increased • Faster overall network performance
What is an Ad Hoc Network? • Definition: A network which is created on demand, without fixed resources (servers, routers), such as used by wireless devices using short range communications • Characteristics of Ad Hoc Networks • No common resources (such as servers) – all resources must be contributed by the peers involved in the network • Membership in the network may change often • Devices may have limited storage and computational power • Network is less reliable and bandwidth limited compared to fixed networks