Efficient Security and Privacy-Preserving

Protocols/Schemes for Multihop Wireless Networks

Dr. Mohamed M. E. A. Mahmoud

http://iweb.tntech.edu/mmahmoud/

Tuesday, December 3, 2013

Tennessee Tech University

About me:

2011: PhD - University of Waterloo, Ontario, Canada

2011 -2012: Postdoctoral Fellow - University of Waterloo

2012 -2013: Postdoctoral Fellow - Ryerson University, Toronto,Ontario, Canada

Publications:

- 8 IEEE transactions

- 15 IEEE Conference papers

- A book titled “Security for Multihop Wireless Networks", Springer Briefs in Computer Science

Awards:

Best paper award, IEEE ICC conference, Germany, 2009

NSERC, Postdoctoral Fellow award – Canadian National award

MITACS, Postdoctoral Fellow award – Canadian National award 1

Outline

Security Protocols for Ad Hoc Wireless Network

Privacy-Preserving Schemes for Hybrid Ad Hoc andWireless Sensor Networks

Securing Smart Grid Communication Networks

- The mobile nodes work as routers and should relay others’packets

- Many military applications

- Used in Iraq and Afghanistan wars

- Recent trend Civilian applications

Ad hoc wireless networks

Intermediate nodes

2

Hybrid ad hoc wireless networks

Intermediate nodes

Useful civilian applications:

- Users in a campus (or neighborhood) can establish a network tocommunicate, distribute files, share information, etc.

- Deployed quickly at low cost in developing areas.

- Extend the base station communication range.

3

- The ad hoc wireless network can suffer from the followingissues:-

2- Unfairness

1- Selfishness

4

4- Irrational attacks

- Black-Hole attack

3- Routing

Good intermediate nodes should be selected to minimize the packet-dropping probability

5 How to resolve these issues?

1- Payment system

The nodes that send packets should pay credits (micropayment) to the nodes that relay them.

Benefits:-(1) Stimulate the selfish nodes to relay packets.

(2) Enforce fairness.

2- Trust system

Evaluate the nodes’ effectiveness/reliability in relaying packets in terms of trust values.

3- Trust-based and energy-aware routing protocol

Establish routes through those highly-trusted nodes having sufficient energy to minimize the packet-dropping probability.

How to design efficient and secure trust/payment systems and routing protocols 6

Limited use of the public-key cryptographyM. Mahmoud and X. Shen, “ESIP: Secure incentive protocol with limited use of public-key cryptography for multi-hop wireless networks”, IEEE Transactions on Mobile Computing (IEEE TMC), vol. 10, no. 7, pp. 997-1010, July 2011.

7

Limited use of the public-key cryptography

- For a group of 13 packets, our protocol requires only 10% of the cryptographic delay/energy of public-key-cryptography-based protocols.

- Simulation results prove that there is a little impact on the throughput, delay, and packet delivery ratio low overhead

Hashing operations

The public-key cryptography

8

- Lightweight payment reports are submitted

- Evidences are submitted only in cheating cases

M. Mahmoud and X. Shen, "A secure payment scheme with lowcommunication and processing overhead for multihop wirelessnetworks", IEEE Transactions on Parallel and Distributed Systems(IEEE TPDS), published online: March 20, 2012.

9

2- Report-based payment system

Submit: Payment reports containing the alleged charges and rewards.

Fair reports: cleared with almost no processing overhead.

If the Evidence is occasionally processed, our scheme can significantly reduce the communication and processing overhead.

Store: undeniable security token called Evidence.

Cheating reports: The Evidence is requested to identify the cheaters.

Payment-report

10

Trust system

M. Mahmoud, X. Lin, and X. Shen, "Secure and reliable routing protocols for heterogeneous multihop wireless networks", IEEE Transactions on Parallel and Distributed Systems (IEEE TPDS).

Novel routing protocol

11

Outline

Security Protocols for Ad Hoc Wireless Network

Privacy-Preserving Schemes for Hybrid Ad Hoc andWireless Sensor Networks

Securing Smart Grid Communication Networks

- Due to the broadcast nature of radio transmission and multi-hoppacket relay, the users’ privacy can be seriously violated.

- Attackers can know the users’ locations and theircommunication activities in an undetectable way.

1- Lightweight privacy-preserving and secure communicationprotocol for hybrid ad hoc wireless network

M. Mahmoud, S. Taha, J. Misic, and X. Shen, “Lightweight privacy-preserving and securecommunication protocol for hybrid ad hoc wireless networks”, IEEE Transactions on Paralleland Distributed systems (IEEE TPDS).

- Two challenges:

1- Identity contradiction: security one authenticated identity but privacy preservation multiple pseudonyms

2- The low overhead requirement contradicts with the large overhead usually needed for achieving security and privacy perseveration

12

- In some applications, the location of source nodes should behidden, e.g., to avoid killing soldiers or hunting endangeredanimals.

Back-tracing attack

13

2- Protecting source node location privacy in wireless sensornetwork

- The existing attack is simple and the adversary model is weak

- We introduce a more realistic adversary model

- The attacker can observe the network traffic in multiple areas rather than the whole network or only one area.

- We introduce a novel attack based on traffic analysis techniques to locate source nodes

- We propose a more effective source node location privacy-preserving scheme

M. Mahmoud and X. Shen, "Cloud-based scheme for protecting source location privacyagainst hotspot-locating attack in wireless sensor networks", IEEE Transactions on Paralleland Distributed Systems (IEEE TPDS), vol. 23, no. 10, pp. 1805-1818, October 2012. 14

Outline

Security Protocols for Ad Hoc Wireless Network

Privacy-Preserving Schemes for Hybrid Ad Hoc andWireless Sensor Networks

Securing Smart Grid Communication Networks

Security and Privacy-Preservation in Smart Grid

- Smart grid is the integration of information technology, digitalcommunications, sensing and control technologies into thepower system.

- Characterized by two-way flow of power and information.

Nuclear Power Plants

Natural Gas Generators

Distribution Substations

CustomersPlug-in Electric Vehicles

Rooftop Solar

Transmission Lines

Hydro power plants

15

Transmission Distribution CustomersGeneration

1) Make the production and delivery of electricity more efficient

reduce the amount of investment that will be needed toreplace aging facilities.

In US, $560 billion will be required by 2030 in replacement ornew generators.

2) To improve the grid reliabilityPromoting early detection and self correcting grid “self-healing”

Expected benefits

16

3) Reduce production of greenhouse gas emissions by permittinggreater use of renewable sources.

In US, about 40 percent of the human-caused emission of CO2is produced in the generation of electricity.

17

- The main challenge facing the smart grid deployment is securing the communication network from cyber attacks [1].

- Cyber attacks will target the network availability and proper operation

cause the instability of the whole power grid or even result in devastating widespread blackouts.

[1] Report to NIST on Smart Grid Interoperability Standards Roadmap EPRI, Jun. 17, 2009 [Online]. Available: http://www.nist.gov/smartgrid/InterimSmartGridRoadmapNISTRestructure.pdf

18

1- The network scalability: hundreds of millions of nodes

Manage the keys for a large number of devices and equipments.

2- Open architecture: the network is unattended

3- The lack of physical protection

attackers can physically access/tamper with the nodes

4- Limited resources: some nodes cannot run complex security algorithms

5- Complexity: System of systems

larger spectrum of potential errors 19

Why securing the grid communications is a challenge?

Internet

1- Authentication

- Ability to make sure of the identity of the parties sending data

- Preventing impersonation.

2- Access control

Unauthorized user should not access the system

20

Security and privacy preservation requirements

3- Availability (the most important requirement)

Attackers will try to bring down the communication network.

21

4- Data Integrity

- Ensure that data has not been modified.

- Injecting false data can destabilize the grid or cause blackout.

References:G. Arnold, Challenges and Opportunities in Smart Grid: A Position Article,

Proceedings of The IEEE, Vol. 99, No. 6, 2011. 22

Data about customers’ electricity consumption can reveal muchinformation about their activities

Smart meters provide near real-time data about electricity usage.

5- Privacy (Confidentiality)

23

http://www.cbc.ca/news/canada/british-columbia/story/2011/12/22/bc-smart-meters.html?cmp=rss

Smart meters debate in British Columbia

- BC Hydro has replaced analog meters with smart ones.

- More than 15,000 residents signed petitions to oppose the new devices. Why?

Privacy concerns: Smart meters invade their privacy by documenting hour-by-hour use of electricity

24

Two recent research works on smart grid

1- A scalable public key infrastructure for smart grid communications

2- Efficient public-key certificate revocation schemes for smart grid.

[1] M. Mahmoud, J. Misic, and X. Shen, “A scalable public key infrastructure for smart grid communications”, IEEE Global Communication Conference (IEEE GLOBECOM’13), Atlanta, GA, USA, December 9-13, 2013.

[2] M. Mahmoud, J. Misic, and X. Shen, “Efficient public-key certificate revocation schemes for smart grid”, IEEE Global Communication Conference (IEEE GLOBECOM’13), Atlanta, GA, USA, December 9-13, 2013.

- Propose public key infrastructure for smart grid.

25

Questions

Mohamed M. E. A. Mahmoud

What is Public Key Cryptography?

message (m) Signaturealgorithm

Verificationalgorithm

m, Sig (m)B

Bob’s publickey

K B+

Bob’s private key is needed

Bob’s publickey

K B+

Bob’s privatekey

K B-

Accept or deny the message

Bob’s public key is needed

26

K B- K

B+

Why Public Key Cryptography is essential for securing the smart grid messages?

1- Identity and message authentication:

- No one can compute the signature except the owner of the private key

- Enforce access control and prevent impersonation attacks

2- Message integrity

- Ensure that the message has not been modified during transmission

3- Non-repudiation

- A message’s sender cannot deny sending the message or its content, which is essential to enforce accountability.

- Commands may have critical consequences that necessitate investigation later to know the message source.

27

What is Public-Key Certificate?

- How can we ensure that the public key is for Bob?

If I can fool Alice that my public key is for Bob, I can impersonate Bob and the whole cryptographic scheme can be broken.

Solution: Public key certificates

Certificates are statements signed by a trusted party called certificate authority (CA) whose public key is known.

The certificates binds the certificate holder’s identity with its public key.

For better security, certificates are not permanent. Users need to periodically contact CA to renew them

28

Should we change the standard format to be tailored with smart grid?

Geographic area field:- Restricting a certificate’s usability to a geographic area can improve the system’s robustness.

The privileges field: - Whether the certificate can be used for power generation system,

transmission system, distribution system, SCADA, etc.

- Whether the subject is allowed to issue certificates or grant the right of issuing certificates to others.

- Type of messages the subject can issue, e.g., some certificates can allow issuing open/close commands to switches.

Challenges/issues of using public key infrastructure in smart grid

1- Certificate format?

29

Due to scalability one unit cannot manage hundreds of thousand of certificates.

Hierarchical PKI for the smart grid

2- Certificate authority architecture?

30

- Due to scalability, certificate renewal overhead is large.

- Efficient certificate renewing scheme to reduce the overhead of renewing certificates and sending them

3- Certificate renewal overhead

31

- The act of invalidating the certificate before expiration.

- Verifying the expiration of a certificate is necessary but not sufficient.

- A check is required to determine a certificate revocation status.

- All the messages authenticated by the revoked certificates’ keys should be ignored.

- Malicious nodes can be excluded from the communication network by revoking their certificates.

4- Certificate revocation

1- Private Key compromise

2- Loss of security token

3- Change of affiliation or privilege

4- End of certificate’s purpose

5- Malicious behavior

6- Defective devices

Why certificate revocation is necessary in smart grid?

Why new certificate revocation schemes are required?

32

- To consider the grid’s unique characteristics.

- Complexity, scalability, the nodes’ immobility, and the large geographical spread of the communication network.

1- Low overhead

- The overhead of revoking a certificate and checking a certificate status should be minimal.

2- Scalability

- How the revocation scheme scales up in large networks.

3- Robustness

- Communications may fail if the nodes cannot verify the certificates’ revocation information

4- Revocation latency

- Should particularly be minimized in case of revoking high-privilege certificates

they have enough privileges to cause substantial damage.

Important requirements for smart grid

33

Certificate Revocation Schemes

1- Short-lived-certificate based scheme

- Makes use of the fact that a certificate is automatically revoked when it expires.

2- Tamper-proof-device based scheme

- Certificates can be revoked by deleting the associated private keys.

3- Online certificate status server based scheme

- An online and interactive certificate status server is used.

4- Certificate-revocation-list based scheme

- Certificate revocation list (CRL) is used to distribute certification revocation information.

- Two improvement techniques can be used called incremental CRL (I-CRL) and partitioned CRL (P-CRL).

34

1. I-CRL- Incremental information about the certificates whose status

have changed since the last update

2. P-CRL

- In mobile networks, any two nodes can communicate because of the nodes’ mobility.

- In smart grid, the nodes will only communicate with a limited number of other nodes due to the static nature of the network.

- The nodes do not need the revocation information of all the certificates, but only the certificates’ of interest.

- P-CRL technique can much reduce the overhead by distributing the revoked certificate of interest instead of all the revoked ones.

Smart grid is a system of systems. The revocations schemes have different characteristics and can be used for different systems.

35

Questions

Mohamed M. E. A. Mahmoud

- A public-key certificate is a data structure that is signed by a trusted certification authority to bind the certificate holder’s identity with its public key.

(1) Propose public key infrastructure specifically tailored for smart grid.

(2) Propose a novel certificate format for smart grid.

(3) Propose novel and efficient certificate renewing scheme.

(4) Study certificate revocation in smart grid.

(5) Design efficient and scalable certificate revocation schemes for smart grid

Main contributions

28

Benefits of integrating payment/trust systems with the routing protocol

(1) To foster trust among the nodes by making knowledge about the nodes’ past behaviors available.

(2) To deliver messages through reliable routes and allow source nodes to prescribe their required level of trust.

(3) To punish the nodes that break routes, i.e., encourage the nodes to maintain route stability.

(4) To punish the nodes that report incorrect energy capability.

(5) to stimulate the nodes to cooperate in relaying others’ packets to earn credits, and also stimulate the wealthy nodes to continue cooperating to maintain good trust values

25

11

Efficient Pseudonym generation technique

Trapdoor: used to anonymously inform the destination nodeabout the source node’s call request.

Efficient trapdoor technique: does not require symmetric-keyoperations, but only lightweight hashing operations.

Trapdoors may be processed by a large number of nodes.

- Sensor networks can be deployed to monitor the activities ofsoldiers or endangered animals, e.g., pandas.

- Once a source node detects a panda, it reports its activities tothe Sink.

- The open nature of the network makes it easy for attackers toeavesdrop on the network traffic to locate the source nodes,e.g., to hunt pandas. 1

M. Mahmoud and X. Shen, "Cloud-based scheme for protecting source location privacyagainst hotspot-locating attack in wireless sensor networks", IEEE Transactions on Paralleland Distributed Systems (IEEE TPDS), vol. 23, no. 10, pp. 1805-1818, October 2012.

1- Protecting Source Node Location Privacy in WirelessSensor Network

How can attackers locate pandas?

One way: Backtracing

Countermeasure: Routing-based schemes - vary the routes

This attack is very simple and the adversary model is weak 2

Hot-spot phenomenon

Small areas where pandas have high densities or spend longer time, e.g., due to the availability of food, water, shadow, or shelter.

The nodes of a hotspot send a significantly greater volume of packets than nodes further away

No hot spots The traffic distribution is not uniform

3

A novel adversary model – Hotspot-Locating attack

- The attacker can observe the network traffic in multiple areas rather than the whole network or only one area.

- The attacker collects data about the traffic in the monitored areas and use traffic analysis techniques to locate pandas.

4

5

Privacy-preserving scheme- Hides the source node’s location within a group of nodes of an

irregular shape called “cloud”

- The real source node sends the data anonymously to a fakesource node to send to the Sink.

- The other nodes in thecloud send fake packets.

6

- Fake packets are used to counteract the inconsistency in the traffic pattern caused by a hotspot

- Cryptosystems are used to prevent packet correlation by changing the packets’ appearance at each hop

- An attacker cannot locate the source node in a cloud because he cannot distinguish between fake and real traffic

- Routing-based schemes cannot thwart Hotpot-Locating attack because they are designed to vary routes, but they leak traffic analysis information, such as packet correlation and packet sending rates

7

To reduce the overhead:-

1- Clouds are active only during data transmission.

2- We use efficient cryptosystems.

3- Merging clouds technique: reduce the number of fake packets and boost privacy preservation.

Scheme m 4 8ξ 1 2 4 1 2 4

Shortest path 0.21 0.17 0.09 0.13 0.08 0

Phantomhw = 4 0.25 0.16 0.1 0.11 0.06 0.02hw = 8 0.31 0.22 0.17 0.2 0.1 0.05

Our scheme 1 0.97 0.92 0.96 0.91 0.89

Scheme m 4 8ξ 1 2 4 1 2 4

Shortest path 0.7 0.79 0.91 0.83 0.92 1

Phantomhw = 4 0.4 0.46 0.6 0.49 0.72 0.8hw = 8 0.31 0.42 0.58 0.44 0.69 0.79

Our scheme 0 0.043 0.1 0.05 0.13 0.21

The detection probability = The number of times the attacker could locate a hotspot to the total number of simulation runs.

The false positive probability = The number of times the attacker falsely identified a hotspot to the total number of identifying hotspots.

8

Simulation results

1- Multi-dimensional trust system

Each node has multiple trust values, e.g.:

- The probability of relaying a message successfully- The probability of not breaking a route

2- Trust-based and energy-aware routing protocol

Select the routes based on the nodes’ trust values and battery energy status.

1- Shortest Reliable Route (SRR)

- Establishes the shortest route that can satisfy the sourcenode’s trust/energy requirements.

2- Best Available Route (BAR)

- Each intermediate node reports its trust value and energycapability.

- The destination node chooses the best route. 12

Who are the potential attackers?

1- Individual persons unlikely – lack of motivation or technical capability

2- Groups or organization possible

3- Enemy country’s intelligence very likely

- Cyber warfare has already started, ex., Stuxnet virus caused substantial damage in Iranian nuclear power plant

- Similar attack can target smart grid

- Many experts fear that the world will face 9/11-like cyber attacks if not prepared

21

- Resource-Depletion attack

How to regulate message transmission?

How to resolve these issues?

7

- Resource-Depletion attack

How to regulate message transmission?

7