Chien-Ming Chen, Yue-Hsun Lin, Ya-Ching Lin, and Hung-Min Sun IEEE TRANSACTIONS ON PARALLEL AND...
-
Upload
herbert-wood -
Category
Documents
-
view
221 -
download
0
Transcript of Chien-Ming Chen, Yue-Hsun Lin, Ya-Ching Lin, and Hung-Min Sun IEEE TRANSACTIONS ON PARALLEL AND...
![Page 1: Chien-Ming Chen, Yue-Hsun Lin, Ya-Ching Lin, and Hung-Min Sun IEEE TRANSACTIONS ON PARALLEL AND DISTRIBUTED SYSTEMS, VOL. 23, NO. 4, APRIL 2012 Citation:42.](https://reader036.fdocuments.in/reader036/viewer/2022062309/5697bf791a28abf838c82675/html5/thumbnails/1.jpg)
RCDA: Recoverable Concealed DataAggregation for Data Integrity in
Wireless Sensor Networks
Chien-Ming Chen, Yue-Hsun Lin, Ya-Ching Lin, and Hung-Min SunIEEE TRANSACTIONS ON PARALLEL AND DISTRIBUTED SYSTEMS,
VOL. 23, NO. 4, APRIL 2012Citation:42
Presenter:張哲豪Date:2014/9/22
![Page 2: Chien-Ming Chen, Yue-Hsun Lin, Ya-Ching Lin, and Hung-Min Sun IEEE TRANSACTIONS ON PARALLEL AND DISTRIBUTED SYSTEMS, VOL. 23, NO. 4, APRIL 2012 Citation:42.](https://reader036.fdocuments.in/reader036/viewer/2022062309/5697bf791a28abf838c82675/html5/thumbnails/2.jpg)
2
Introduction Preliminaries RCDA-HOMO RCDA-HETE Analysis Implementation Comparisons Conclusions
Outline
![Page 3: Chien-Ming Chen, Yue-Hsun Lin, Ya-Ching Lin, and Hung-Min Sun IEEE TRANSACTIONS ON PARALLEL AND DISTRIBUTED SYSTEMS, VOL. 23, NO. 4, APRIL 2012 Citation:42.](https://reader036.fdocuments.in/reader036/viewer/2022062309/5697bf791a28abf838c82675/html5/thumbnails/3.jpg)
3
To reduce the communication cost in WSN, data aggregation is performed by cluster head.
Problem◦ Adversary has the ability to capture cluster heads.
Introduction
![Page 4: Chien-Ming Chen, Yue-Hsun Lin, Ya-Ching Lin, and Hung-Min Sun IEEE TRANSACTIONS ON PARALLEL AND DISTRIBUTED SYSTEMS, VOL. 23, NO. 4, APRIL 2012 Citation:42.](https://reader036.fdocuments.in/reader036/viewer/2022062309/5697bf791a28abf838c82675/html5/thumbnails/4.jpg)
4
Concealed Data Aggregation◦ data are encrypted during transmission◦ cluster heads directly aggregate encrypted data
without decryption(privacy homomorphism)
Problem◦ The usage aggregation functions is constrained◦ Base station can’t verify the integrity and
authenticity of each sensing data.
Introduction
![Page 5: Chien-Ming Chen, Yue-Hsun Lin, Ya-Ching Lin, and Hung-Min Sun IEEE TRANSACTIONS ON PARALLEL AND DISTRIBUTED SYSTEMS, VOL. 23, NO. 4, APRIL 2012 Citation:42.](https://reader036.fdocuments.in/reader036/viewer/2022062309/5697bf791a28abf838c82675/html5/thumbnails/5.jpg)
5
Recoverable Concealed Data Aggregation◦ The base station can verify the integrity and
authenticity of all sensing data.◦ The base station can perform any aggregation
functions on them.
Introduction
![Page 6: Chien-Ming Chen, Yue-Hsun Lin, Ya-Ching Lin, and Hung-Min Sun IEEE TRANSACTIONS ON PARALLEL AND DISTRIBUTED SYSTEMS, VOL. 23, NO. 4, APRIL 2012 Citation:42.](https://reader036.fdocuments.in/reader036/viewer/2022062309/5697bf791a28abf838c82675/html5/thumbnails/6.jpg)
6
Introduction Preliminaries RCDA-HOMO RCDA-HETE Analysis Implementation Comparisons Conclusions
Outline
![Page 7: Chien-Ming Chen, Yue-Hsun Lin, Ya-Ching Lin, and Hung-Min Sun IEEE TRANSACTIONS ON PARALLEL AND DISTRIBUTED SYSTEMS, VOL. 23, NO. 4, APRIL 2012 Citation:42.](https://reader036.fdocuments.in/reader036/viewer/2022062309/5697bf791a28abf838c82675/html5/thumbnails/7.jpg)
7
Homogeneous WSN◦ cluster heads act as normal SNs.
Heterogeneous WSN◦ cluster heads act as by powerful high-end
sensors (H-Sensors)◦ Different types of SNs
Network Model
![Page 8: Chien-Ming Chen, Yue-Hsun Lin, Ya-Ching Lin, and Hung-Min Sun IEEE TRANSACTIONS ON PARALLEL AND DISTRIBUTED SYSTEMS, VOL. 23, NO. 4, APRIL 2012 Citation:42.](https://reader036.fdocuments.in/reader036/viewer/2022062309/5697bf791a28abf838c82675/html5/thumbnails/8.jpg)
8
Without compromising any SN or CH◦ Forged messages with public information
Compromising SNs◦ Obtain sensing data or forge malicious data
Compromising CHs◦ Decrypt the ciphertext◦ Forged aggregation results
Attack Model
![Page 9: Chien-Ming Chen, Yue-Hsun Lin, Ya-Ching Lin, and Hung-Min Sun IEEE TRANSACTIONS ON PARALLEL AND DISTRIBUTED SYSTEMS, VOL. 23, NO. 4, APRIL 2012 Citation:42.](https://reader036.fdocuments.in/reader036/viewer/2022062309/5697bf791a28abf838c82675/html5/thumbnails/9.jpg)
9
: is security parameter◦ Construct an elliptic curve over a finite field ◦ Select private key ◦ Generate public key where ,
is a generator on , ◦ Return key pair
◦ Select where ◦ Compute , where ◦ Output cipher
Mykletun et al.’s Encryption Scheme
![Page 10: Chien-Ming Chen, Yue-Hsun Lin, Ya-Ching Lin, and Hung-Min Sun IEEE TRANSACTIONS ON PARALLEL AND DISTRIBUTED SYSTEMS, VOL. 23, NO. 4, APRIL 2012 Citation:42.](https://reader036.fdocuments.in/reader036/viewer/2022062309/5697bf791a28abf838c82675/html5/thumbnails/10.jpg)
10
◦ Compute
◦ Computer ◦ Reverse through ◦ Return the plaintext
Mykletun et al.’s Encryption Scheme
![Page 11: Chien-Ming Chen, Yue-Hsun Lin, Ya-Ching Lin, and Hung-Min Sun IEEE TRANSACTIONS ON PARALLEL AND DISTRIBUTED SYSTEMS, VOL. 23, NO. 4, APRIL 2012 Citation:42.](https://reader036.fdocuments.in/reader036/viewer/2022062309/5697bf791a28abf838c82675/html5/thumbnails/11.jpg)
11
, where ◦ Generate private key ◦ Generate public key where ◦ Output key pair for entity
◦ Compute where ◦ Generate signature and return
Boneh et al.’s Signature Scheme
![Page 12: Chien-Ming Chen, Yue-Hsun Lin, Ya-Ching Lin, and Hung-Min Sun IEEE TRANSACTIONS ON PARALLEL AND DISTRIBUTED SYSTEMS, VOL. 23, NO. 4, APRIL 2012 Citation:42.](https://reader036.fdocuments.in/reader036/viewer/2022062309/5697bf791a28abf838c82675/html5/thumbnails/12.jpg)
12
◦ Computer ◦ where
◦ , public key set ◦ Compute ,for
Boneh et al.’s Signature Scheme
![Page 13: Chien-Ming Chen, Yue-Hsun Lin, Ya-Ching Lin, and Hung-Min Sun IEEE TRANSACTIONS ON PARALLEL AND DISTRIBUTED SYSTEMS, VOL. 23, NO. 4, APRIL 2012 Citation:42.](https://reader036.fdocuments.in/reader036/viewer/2022062309/5697bf791a28abf838c82675/html5/thumbnails/13.jpg)
13
Introduction Preliminaries RCDA-HOMO RCDA-HETE Analysis Implementation Comparisons Conclusions
Outline
![Page 14: Chien-Ming Chen, Yue-Hsun Lin, Ya-Ching Lin, and Hung-Min Sun IEEE TRANSACTIONS ON PARALLEL AND DISTRIBUTED SYSTEMS, VOL. 23, NO. 4, APRIL 2012 Citation:42.](https://reader036.fdocuments.in/reader036/viewer/2022062309/5697bf791a28abf838c82675/html5/thumbnails/14.jpg)
14
Construction of RCDA-HOMO
![Page 15: Chien-Ming Chen, Yue-Hsun Lin, Ya-Ching Lin, and Hung-Min Sun IEEE TRANSACTIONS ON PARALLEL AND DISTRIBUTED SYSTEMS, VOL. 23, NO. 4, APRIL 2012 Citation:42.](https://reader036.fdocuments.in/reader036/viewer/2022062309/5697bf791a28abf838c82675/html5/thumbnails/15.jpg)
15
Construction of RCDA-HOMO (BS generate)
◦ for each sensor ,where ◦ where ◦ Encoding : , where ◦ Signature: ,where ◦ Ciphertext:◦ sends the pair to
![Page 16: Chien-Ming Chen, Yue-Hsun Lin, Ya-Ching Lin, and Hung-Min Sun IEEE TRANSACTIONS ON PARALLEL AND DISTRIBUTED SYSTEMS, VOL. 23, NO. 4, APRIL 2012 Citation:42.](https://reader036.fdocuments.in/reader036/viewer/2022062309/5697bf791a28abf838c82675/html5/thumbnails/16.jpg)
16
◦ Send to the BS
Construction of RCDA-HOMO
![Page 17: Chien-Ming Chen, Yue-Hsun Lin, Ya-Ching Lin, and Hung-Min Sun IEEE TRANSACTIONS ON PARALLEL AND DISTRIBUTED SYSTEMS, VOL. 23, NO. 4, APRIL 2012 Citation:42.](https://reader036.fdocuments.in/reader036/viewer/2022062309/5697bf791a28abf838c82675/html5/thumbnails/17.jpg)
17
Introduction Preliminaries RCDA-HOMO RCDA-HETE Analysis Implementation Comparisons Conclusions
Outline
![Page 18: Chien-Ming Chen, Yue-Hsun Lin, Ya-Ching Lin, and Hung-Min Sun IEEE TRANSACTIONS ON PARALLEL AND DISTRIBUTED SYSTEMS, VOL. 23, NO. 4, APRIL 2012 Citation:42.](https://reader036.fdocuments.in/reader036/viewer/2022062309/5697bf791a28abf838c82675/html5/thumbnails/18.jpg)
18
RCDA-HETE
K11
![Page 19: Chien-Ming Chen, Yue-Hsun Lin, Ya-Ching Lin, and Hung-Min Sun IEEE TRANSACTIONS ON PARALLEL AND DISTRIBUTED SYSTEMS, VOL. 23, NO. 4, APRIL 2012 Citation:42.](https://reader036.fdocuments.in/reader036/viewer/2022062309/5697bf791a28abf838c82675/html5/thumbnails/19.jpg)
19
◦ for each H-sensor ,where◦ where ◦ Each L-sensors share a pairwise key with its CH
◦ Secure channel between L-sensors and H-sensor (preferred aggregation)
◦ Encoding : , where ◦ Signature: ,where ◦ Ciphertext:◦ sends the pair to
RCDA-HETE
![Page 20: Chien-Ming Chen, Yue-Hsun Lin, Ya-Ching Lin, and Hung-Min Sun IEEE TRANSACTIONS ON PARALLEL AND DISTRIBUTED SYSTEMS, VOL. 23, NO. 4, APRIL 2012 Citation:42.](https://reader036.fdocuments.in/reader036/viewer/2022062309/5697bf791a28abf838c82675/html5/thumbnails/20.jpg)
20
RCDA-HETE
![Page 21: Chien-Ming Chen, Yue-Hsun Lin, Ya-Ching Lin, and Hung-Min Sun IEEE TRANSACTIONS ON PARALLEL AND DISTRIBUTED SYSTEMS, VOL. 23, NO. 4, APRIL 2012 Citation:42.](https://reader036.fdocuments.in/reader036/viewer/2022062309/5697bf791a28abf838c82675/html5/thumbnails/21.jpg)
21
allows to send and MAC(message authentication code) of to
Every H-Sensor is loaded several necessary aggregation functions before deployment
Recovery property
![Page 22: Chien-Ming Chen, Yue-Hsun Lin, Ya-Ching Lin, and Hung-Min Sun IEEE TRANSACTIONS ON PARALLEL AND DISTRIBUTED SYSTEMS, VOL. 23, NO. 4, APRIL 2012 Citation:42.](https://reader036.fdocuments.in/reader036/viewer/2022062309/5697bf791a28abf838c82675/html5/thumbnails/22.jpg)
22
Introduction Preliminaries RCDA-HOMO RCDA-HETE Analysis Performance Comparisons Conclusions
Outline
![Page 23: Chien-Ming Chen, Yue-Hsun Lin, Ya-Ching Lin, and Hung-Min Sun IEEE TRANSACTIONS ON PARALLEL AND DISTRIBUTED SYSTEMS, VOL. 23, NO. 4, APRIL 2012 Citation:42.](https://reader036.fdocuments.in/reader036/viewer/2022062309/5697bf791a28abf838c82675/html5/thumbnails/23.jpg)
23
Without compromising any SN or CH◦ Adversary can’t sign forged messages without
private keys Compromising SNs
◦ Signature required for each generated message Compromising CHs
◦ No decryption private key is stored in a cluster◦ Selective forwarding attack was defended
Analysis
![Page 24: Chien-Ming Chen, Yue-Hsun Lin, Ya-Ching Lin, and Hung-Min Sun IEEE TRANSACTIONS ON PARALLEL AND DISTRIBUTED SYSTEMS, VOL. 23, NO. 4, APRIL 2012 Citation:42.](https://reader036.fdocuments.in/reader036/viewer/2022062309/5697bf791a28abf838c82675/html5/thumbnails/24.jpg)
24
Performance
![Page 25: Chien-Ming Chen, Yue-Hsun Lin, Ya-Ching Lin, and Hung-Min Sun IEEE TRANSACTIONS ON PARALLEL AND DISTRIBUTED SYSTEMS, VOL. 23, NO. 4, APRIL 2012 Citation:42.](https://reader036.fdocuments.in/reader036/viewer/2022062309/5697bf791a28abf838c82675/html5/thumbnails/25.jpg)
25
Comparisons
![Page 26: Chien-Ming Chen, Yue-Hsun Lin, Ya-Ching Lin, and Hung-Min Sun IEEE TRANSACTIONS ON PARALLEL AND DISTRIBUTED SYSTEMS, VOL. 23, NO. 4, APRIL 2012 Citation:42.](https://reader036.fdocuments.in/reader036/viewer/2022062309/5697bf791a28abf838c82675/html5/thumbnails/26.jpg)
26
The base station can securely recover all sensing data rather than aggregated results, but the transmission overhead is still acceptable.
The aggregate signature scheme to ensure data authenticity and integrity
Conclusions