1 / 23

SPLASH Project INRIA-Eurecom-UC Irvine

SPLASH Project INRIA-Eurecom-UC Irvine. November 2006. SPLASH project review. Security of Wireless Adhoc Networks From MANET security… To WSN (Wireless Sensor Network) Security! Many contributions in many different areas. Outline. MANET Security Membership Management

tahir
Download Presentation

SPLASH Project INRIA-Eurecom-UC Irvine

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. SPLASH ProjectINRIA-Eurecom-UC Irvine November 2006

  2. SPLASH project review • Security of Wireless Adhoc Networks • From MANET security… • To WSN (Wireless Sensor Network) Security! • Many contributions in many different areas...

  3. Outline • MANET Security • Membership Management • Collaboration Enforcement • WSN Security • The security Challenges • Secure Aggregation • Conclusions

  4. Distributed and scalable security services required What is a MANET? • No centralized control • No hierarchy • Fault-tolerant • Dynamic membership • Set of nodes (5-50) that establish • A network • Wireless and multi-hop • Does not rely on any fixed infrastructure • Spontenuous (no prior association) MANET

  5. MANET two main Security Challenges • Membership Management • How does a new node become a member of the MANET without relying on a trusted membership controller? • Secure Routing/Collaboration Enforcement • How can we make sure that all node collaborate i.e. relays others’ packets?

  6. Membership Management: The Centralized Approach E D F Membership manager A C B

  7. Our Approach:Distributed Membership Management E F A C B

  8. Vote2 Vote1 Mnew Vote2 Vote2 Our approach:Admission Control • New member (Mnew) wants to join the group • A quorum of t current members need to issue Mnew a group membership certificate (GMC) • If no quorum found, membership is denied • Step 1: Join request • Step 2: Join commit (Vote) Mnew • Step 3: GMC issuance & share acquisition

  9. Contributions • Solution based on secret sharing technique + polynomial interpolation. • Only One round (instead of t) is necessary to become a member of the group. • Once a node becomes a member it receives a token (private key) that can be used to: • Vote for new member • Establish a key with any other MANET member • Prove membership • More infos?: • Robust Self-Keying Mobile Ad Hoc Networks, Claude Castellucia, Nitesh Saxena, and Jeong H. Yi, Elsevier Computer Networks, April 2007.

  10. Secure Collaboration • How to make sure that members are not selfish? • Some nodes might drop packets to save energy or to perform DoS attacks • We have developped: • a reputation based solution (CORE) • a Cryptographic solution

  11. How to enforce collaborations? • Problem statement: C C A A B

  12. How to enforce collaborations? • Problem statement: C A B C A

  13. Our solution • Some packets addressed to B are routed via C • Boomerang routing ;-) C A B A C A B C C A B A A B B A

  14. Our solution • If B drops packets…it may drop some of its packets … • It is forced to collaborate since he does not know the final destination… • Reference:Pocket bluff (INRIA Research Report) C A B A C A B

  15. Wireless Sensor Networks • Another type of adhoc networks • Network of sensors that usually monitor the environment • Sensors are very small and cheap devices • They usually send their monitored data to the sink (a more powerful device)

  16. Interactive VR Game Wearable Disaster Recovery Environmental Monitoring Computing Earth Science & Exploration Context-Aware Computing Wireless Sensor Immerse Environments Networks Biological Monitoring Hazard Detection Smart Environment Linear Structure Military Surveillance Protection Urban Warfare Application Spectrum

  17. MANET vs WSN • MANET and WSN look similar but they are quite different.. MANET WSN Nodes are Fixed Nodes are Mobile 1000/10000 Nodes 10-50 Nodes Nodes belong to same entity Nodes belong to different entities Nodes sends to BS Nodes have very Limited CPU/memory/energy P2P communication Nodes can easily be physically corrupted

  18. Manet Security Challenges • MANET WSN Scalability Access/Membership control Collaboration enforcement/ Secure routing Energy/CPU efficient security protocols Sensor revocation

  19. Some Contributions • Key establishment/pairing • Shake them Up! (presented last year) • Secure Aggregation • Aggregation is a useful technique to save energy • User is often more interested in the aggregate (i.e. average in a give area) than each individual value • Instead of sending each value to the sink, the values are added by intermediate nodes… • Less packets are transmitted, i.e. energy is saved…

  20. Secure Aggregation • Aggregation is simple without security • Intermediate nodes process data of their children • But what happens if the data sent by each sensor is encrypted using a key that it shares with the sink? • Data processing is no more possible…or is it? • We’ve developed a new additively homomorphic cipher • Enc(k1, msg1) + Enc(k2, msg2) = Enc(k1+k2, msg1+msg2) • Intermediate nodes can add the ciphers they receive from children …and the sink can still recover the sum of the plaintexts. • But intermediate nodes do not have access to the plaintext values, i.e. privacy is provided… • More info?: • Efficient Aggregation of Encrypted Data in Wireless Sensor Networks, Conference Presentation Mobiquiotous 2005, July 2005

  21. Conclusions • The SPLASH project was a very productive and successful project • Pars Mutaf (INRIA) visited Eurecom for 1 year. • Claude Castelluccia (INRIA) visited UCI for 2 years. • The scientific contributions were numerous and many papers were published • We participated in many conf. PC and launched ESAS (Europeen Workshop on Security in Adhoc and Sensor Network) • We have deployed 2 testbeds • MANET (Eurecom) to evaluate CORE • WSN (INRIA)

  22. Some Papers • Key distribution/Membership Management in MANET • Robust Self-Keying Mobile Ad Hoc Networks, Elsevier Computer Networks, April 2007. • Ad hoc network security, book chapter in Mobile Adhoc networking, 2004 and in Handbook of Information Security (2006). • Secure and Private MANET routing protocol • Packet coding for strong anonymity in ad hoc networks, IEEE Securecomm 2006, • Securing Route Discovery in DSR, IEEE Mobiquitous'05 • Collaboration Enforcement in MANET • CORE: a collaborative reputation mechanism to enforce node cooperation in MANET (Michiardi phd thesis, 2004 + 6-7 publications) • Pocket Bluff, INRIA Tech. Report, 2005. • WSN Security • Shake Them Up! Mobisys 2005. • Efficient Aggregation of Encrypted Data in Wireless Sensor Networks IEEE Mobiquitous'05 • Authenticated Interleaved Encryption, eprint, 2006. • More to come soon ;-)

  23. Visibility • European Workshop on Security in Ad-Hoc and Sensor Networks (2004) • Refik Molva and Gene Tsudik (UCI) were chairing ESAS2005 • C.Castelluccia is in the steering com. • ESAS and IEEE WISE will merge to create an new IEEE conference: IEEE WISEC (Wireless Security)! • We have chaired/were in the PC on numerous conf./workshop: Securecom, Mobiquitous, ESAS, Globecom, UbiSec,…

More Related