View
23
Download
0
Category
Tags:
Preview:
DESCRIPTION
SPLASH Project INRIA-Eurecom-UC Irvine. November 2006. SPLASH project review. Security of Wireless Adhoc Networks From MANET security… To WSN (Wireless Sensor Network) Security! Many contributions in many different areas. Outline. MANET Security Membership Management - PowerPoint PPT Presentation
Citation preview
SPLASH ProjectINRIA-Eurecom-UC Irvine
November 2006
SPLASH project review
• Security of Wireless Adhoc Networks– From MANET security…– To WSN (Wireless Sensor Network) Security!
• Many contributions in many different areas...
Outline
• MANET Security– Membership Management– Collaboration Enforcement
• WSN Security– The security Challenges– Secure Aggregation
• Conclusions
What is a MANET?
• No centralized control• No hierarchy• Fault-tolerant• Dynamic membership
MANET
Distributed and scalable security services required
•Set of nodes (5-50) that establishA network•Wireless and multi-hop•Does not rely on any fixed infrastructure•Spontenuous (no prior association)
MANET two main Security Challenges
• Membership Management– How does a new node become a member of
the MANET without relying on a trusted membership controller?
• Secure Routing/Collaboration Enforcement– How can we make sure that all node
collaborate i.e. relays others’ packets?
Membership Management: The Centralized Approach
AB
C
D
E
F
Membershipmanager
Our Approach:Distributed Membership Management
AB
C
E
F
Our approach:Admission Control
• Step 1: Join request
• Step 2: Join commit (Vote)
• Step 3: GMC issuance & share acquisition
MnewMnew
• New member (Mnew) wants to join the group• A quorum of t current members need to issue Mnew
a group membership certificate (GMC)• If no quorum found, membership is denied
Vote1Vote2
Vote2Vote2
Contributions• Solution based on secret sharing technique +
polynomial interpolation.– Only One round (instead of t) is necessary to
become a member of the group.• Once a node becomes a member it receives a
token (private key) that can be used to:– Vote for new member – Establish a key with any other MANET member– Prove membership
• More infos?:– Robust Self-Keying Mobile Ad Hoc Networks,
Claude Castellucia, Nitesh Saxena, and Jeong H. Yi, Elsevier Computer Networks, April 2007.
Secure Collaboration
• How to make sure that members are not selfish?– Some nodes might drop packets to save
energy or to perform DoS attacks
• We have developped:– a reputation based solution (CORE)– a Cryptographic solution
How to enforce collaborations?
• Problem statement:
A
B
CC A
How to enforce collaborations?
• Problem statement:
A
B
C
C A
Our solution• Some packets addressed to B are routed via C
– Boomerang routing ;-)
AC
B
C A B A
A
C
B
C A B A
B A
Our solution• If B drops packets…it may drop some of its packets …• It is forced to collaborate since he does not know the final
destination…
• Reference: Pocket bluff (INRIA Research Report)
A
C
B
C A B A
Wireless Sensor Networks
• Another type of adhoc networks• Network of sensors that usually monitor the environment• Sensors are very small and cheap devices• They usually send their monitored data to the sink (a
more powerful device)
Application Spectrum
HazardDetection
BiologicalMonitoring
Linear StructureProtection
SmartEnvironment
WearableComputing
ImmerseEnvironments
Earth Science &Exploration
Context-AwareComputing
Interactive VRGame
Wireless SensorNetworks
Urban WarfareMilitary Surveillance
Disaster RecoveryEnvironmental Monitoring
MANET vs WSN• MANET and WSN look similar but they are quite
different..
MANET WSN
Nodes are MobileNodes are Fixed
10-50 Nodes
1000/10000 Nodes
Nodes belong to same entity
Nodes belong to different entities Nodes sends to BS
P2P communication
Nodes can easily be physically corrupted
Nodes have very Limited CPU/memory/energy
Manet Security Challenges
• MANET WSN
Access/Membership control Scalability
Collaboration enforcement/Secure routing
Energy/CPU efficient security protocols
Sensor revocation
Some Contributions
• Key establishment/pairing– Shake them Up! (presented last year)
• Secure Aggregation– Aggregation is a useful technique to save energy– User is often more interested in the aggregate (i.e.
average in a give area) than each individual value– Instead of sending each value to the sink, the values
are added by intermediate nodes…– Less packets are transmitted, i.e. energy is saved…
Secure Aggregation• Aggregation is simple without security
– Intermediate nodes process data of their children• But what happens if the data sent by each sensor is encrypted using
a key that it shares with the sink?– Data processing is no more possible…or is it?– We’ve developed a new additively homomorphic cipher
• Enc(k1, msg1) + Enc(k2, msg2) = Enc(k1+k2, msg1+msg2)• Intermediate nodes can add the ciphers they receive from children …and the
sink can still recover the sum of the plaintexts.• But intermediate nodes do not have access to the plaintext values, i.e.
privacy is provided…
• More info?: – Efficient Aggregation of Encrypted Data in Wireless Sensor
Networks, Conference Presentation Mobiquiotous 2005, July 2005
Conclusions• The SPLASH project was a very productive and
successful project– Pars Mutaf (INRIA) visited Eurecom for 1 year.– Claude Castelluccia (INRIA) visited UCI for 2 years.
• The scientific contributions were numerous and many papers were published
• We participated in many conf. PC and launched ESAS (Europeen Workshop on Security in Adhoc and Sensor Network)
• We have deployed 2 testbeds– MANET (Eurecom) to evaluate CORE– WSN (INRIA)
Some Papers• Key distribution/Membership Management in MANET
– Robust Self-Keying Mobile Ad Hoc Networks, Elsevier Computer Networks, April 2007.
– Ad hoc network security, book chapter in Mobile Adhoc networking, 2004 and in Handbook of Information Security (2006).
• Secure and Private MANET routing protocol– Packet coding for strong anonymity in ad hoc networks, IEEE Securecomm
2006, – Securing Route Discovery in DSR, IEEE Mobiquitous'05
• Collaboration Enforcement in MANET– CORE: a collaborative reputation mechanism to enforce node cooperation in
MANET (Michiardi phd thesis, 2004 + 6-7 publications)– Pocket Bluff, INRIA Tech. Report, 2005.
• WSN Security– Shake Them Up! Mobisys 2005.– Efficient Aggregation of Encrypted Data in Wireless Sensor Networks
IEEE Mobiquitous'05 – Authenticated Interleaved Encryption, eprint, 2006.– More to come soon ;-)
Visibility
• European Workshop on Security in Ad-Hoc and Sensor Networks (2004)– Refik Molva and Gene Tsudik (UCI) were chairing
ESAS2005– C.Castelluccia is in the steering com.– ESAS and IEEE WISE will merge to create an new
IEEE conference: IEEE WISEC (Wireless Security)!
• We have chaired/were in the PC on numerous conf./workshop: Securecom, Mobiquitous, ESAS, Globecom, UbiSec,…
Recommended