330 likes | 573 Views
Secure Ad-Hoc Network. Eunjin Jung ejung@cs.utexas.edu. What is Ad-Hoc Network?. Ad-Hoc Network Subset of peer-to-peer computing problem Sensor network Wireless and mobile Physically neighboring participants No infrastructure. Truth is…. Ad-Hoc Network relies on Base Station
E N D
Secure Ad-Hoc Network Eunjin Jung ejung@cs.utexas.edu
What is Ad-Hoc Network? • Ad-Hoc Network • Subset of peer-to-peer computing problem • Sensor network • Wireless and mobile • Physically neighboring participants • No infrastructure
Truth is… • Ad-Hoc Network relies on • Base Station • Offline configuration • Potential • Military operation use • Sensor network • Pervasive, ubiquitous computing
Challenges in Ad-Hoc Network • Mobility • Restricted computing resource • Restricted power resource • Unreliable communication • Ad-Hoc • Transient states • No trustworthy third party • Often security protocol integrated with others
Security in Ad-Hoc Network • Availability • Sleep Deprivation Torture • Power consumption is worse than computing or network resource consumption, because the device cannot recover as soon as the attack finishes • Jamming • Spectrum Spread, Frequency Hopping
Security in Ad-Hoc Network • Confidentiality • Easier to passively eavesdrop • Cannot rely on expensive cryptosystem • Symmetric key cryptography is used • Small key, frequent update vs. large key, intermittent update
Security in Ad-Hoc Network • Authorization • Network resource • Inherently vulnerable to bandwidth stealing • Should reject routing unauthorized packet • Transient states • Security associations between principals are transient • Static authorization policy is unfeasible
Security in Ad-Hoc Network • Authentication • Cannot rely on central server • Neither on public key cryptography • Should be adaptive to transient authorization policy • Should be swift to renew symmetric key • Pre-computed certificate • Threshold cryptography
Security in Ad-Hoc Network • Integrity • Similar to any communication • Use traditional solution based on symmetric key • Non-Repudiation • Based on public/private key cryptography • Hard to achieve with limited computing resource • Content with certificates
Security in Ad-Hoc Network • Tamper-Resistance • Security not only on communication, but also on its physical status • Intrusion Detection • Shares have to be revoked and renewed when compromised • Anonymity • Hide the identity of the senders and receivers
Security in mobile network • AAA properties • Authentication • Authorization • Accounting • Standard in CDMA2000 packet core network
Everything comes to… • Proper authentication scheme is the key to solve security problem in ad-hoc network • Hierarchical authentication scheme • Less mobility, higher in hierarchy • Multilevel authentication scheme • Link layer[BT01] • Routing layer[PSWCT01] • Application layer
Traditional ways do not work • Indirect Kerberos[FG96] • Assuming application-level proxy to delegate public key operations • Base station can do the job if there is one • Duplicated servers • Tradeoff between mobility and cost
Early works may not either… • Authentication protocols for PCS [LH95] • offer even non-repudiation • Assumption of static and high-capability HOME base station; works with mobile-IP • Assumption of reliable communication between home base station and current one • Frequent cryptographic operation including public key operation on the subscriber’s side
SPINS – authenticated routing • : streaming authentication protocol • Two-party key agreement protocol • SNEP(Secure Network Encryption Protocol) • data confidentiality, two-party data authentication, and data freshness • Key from , further operation on SNEP
SPINS – authenticated routing • Problem • Assumption on the functionality of base station • Lack of local operation
Decentralized solutions • Emulations of Certificate Authority • Key agreement based on prior context or offline agreement • Self-organized public key infrastructure
Shamir’s secret sharing scheme • Interpolating scheme (m>1)
What is threshold cryptography? • (m, n) – threshold scheme • m-out-of-n scheme, secret sharing scheme • 1 sender(dealer) distributes partial secret(shares, shadows) to n participants • Any m parts put together can retrieve the secret, but not less than m • Perfect for any group of at most m-1 participants
Threshold Scheme • Tradeoff between security and reliability according to the choice of m and n • Reliability measure • Target of denial of service attack : n-m+1 • Security measure • Target of compromising : m • Good for distributed authentication
Emulation of Certificate Authority • Each entity has a share of group key • More than m entities can act as a certificate authority – local operation • Each entity computes partial certificate out of partial secret • Proactively update shares, and actively revoke any compromised ones
Still problem remains… • Requires collaborative users – have to respond the partial certificate request anytime. • Who can be a dealer? • Shares are given to principals in bootstrap phase (still base station?)
Password based public key infrastructure • Prior context is assumed, so all participants share a weak secret. • Extending Diffie-Hellman method to agree on stronger symmetric key among multi-parties.
Password based public key infrastructure • O(n) steps c1^S4 m1 g^S1 P(c1=g^S1bs2S3) g^S1S2S3 m2 m4 g^S1S2S3 g^S1S2S3 g^S1S2 m3
Password based public key infrastructure • Need to communicate with all group members and select a leader • Static group assumption
Self-organized public-key infrastructure • Each user publishes its own certificate and some for others • Each user maintains certificate repository, some issued by itself, rest by others. • Trust graph : each user is a node, and an edge (u,v) denotes user u published certificate to v.
Self-organized public-key infrastructure • How many certificates should be stored in the repository to cover all pairs in the ad hoc network? covers 95% • Certificate neighbor may not be available at the trust graph construction time • Tested on PGP trust graphs – does that represent ad hoc network properly?
No scheme is perfect yet • Security issues in ad-hoc networks are converged into authentication problem without infrastructure, in peer-to-peer manner. • The burden of CA is reduced, but still we need co-ordination