Providing Robust and Ubiquitous Security Support for Mobile Ad-Hoc Networks
description
Transcript of Providing Robust and Ubiquitous Security Support for Mobile Ad-Hoc Networks
![Page 1: Providing Robust and Ubiquitous Security Support for Mobile Ad-Hoc Networks](https://reader035.fdocuments.in/reader035/viewer/2022062810/56815dfd550346895dcc3bee/html5/thumbnails/1.jpg)
PROVIDING ROBUST AND UBIQUITOUS SECURITY SUPPORT FOR MOBILE AD-HOC NETWORKSGeorgios Georgiadis6/5/2008
![Page 2: Providing Robust and Ubiquitous Security Support for Mobile Ad-Hoc Networks](https://reader035.fdocuments.in/reader035/viewer/2022062810/56815dfd550346895dcc3bee/html5/thumbnails/2.jpg)
Introduction Mobile Adhoc Networks (MANETs): widely
spread networking solutions, expected to grow more in the future
Security of transmission mediums, Air vs Wire: 0-1
Absolute security not feasible, nodes become corrupted eventually
But users demand security anywhere, anytime
Who do you trust?
![Page 3: Providing Robust and Ubiquitous Security Support for Mobile Ad-Hoc Networks](https://reader035.fdocuments.in/reader035/viewer/2022062810/56815dfd550346895dcc3bee/html5/thumbnails/3.jpg)
Overview Motivation Proposed solution Design Architecture (What to do) Protocol (How to do it) Evaluation Q&A (mine) Q&A, round 2 (your turn)
![Page 4: Providing Robust and Ubiquitous Security Support for Mobile Ad-Hoc Networks](https://reader035.fdocuments.in/reader035/viewer/2022062810/56815dfd550346895dcc3bee/html5/thumbnails/4.jpg)
Motivation We need security services to be:
Intrusion-tolerant Available anywhere, anytime Scalable
We have security services that are: Centralized: fails on all three accounts Hierarchical: succeeds on scalability,
concerns about the other two
![Page 5: Providing Robust and Ubiquitous Security Support for Mobile Ad-Hoc Networks](https://reader035.fdocuments.in/reader035/viewer/2022062810/56815dfd550346895dcc3bee/html5/thumbnails/5.jpg)
Proposed solution Two branch solution:
Threshold secret sharing
Secret share updates
Intrusion-tolerant: works with < K-1 adversarial nodes in the neighborhood
Availability: experiments show high availability, even with high mobility
Scalable: all nodes provide security services
![Page 6: Providing Robust and Ubiquitous Security Support for Mobile Ad-Hoc Networks](https://reader035.fdocuments.in/reader035/viewer/2022062810/56815dfd550346895dcc3bee/html5/thumbnails/6.jpg)
Design Challenges Users of MANETs demand security
anywhere, anytime.
Volatile nature of MANETs: mobility of agents, frequent joins/leaves, node failures, channel errors.
Attractive to attackers (air as transmission medium).
![Page 7: Providing Robust and Ubiquitous Security Support for Mobile Ad-Hoc Networks](https://reader035.fdocuments.in/reader035/viewer/2022062810/56815dfd550346895dcc3bee/html5/thumbnails/7.jpg)
Intrusion model Case #1:
The intruder cannot get the secret key of an entity in time less than the secret key update.
All other information freely accessible. Case #2:
The intruder can get the secret key… …but cannot forge the entity ID (intrusion
detection mechanisms exist). We discuss only case #1!
![Page 8: Providing Robust and Ubiquitous Security Support for Mobile Ad-Hoc Networks](https://reader035.fdocuments.in/reader035/viewer/2022062810/56815dfd550346895dcc3bee/html5/thumbnails/8.jpg)
Architecture - Preliminaries System key pair: RSA(PK,SK) Each entity maintains:
Unique ID ui Key pair RSA(pki,ski) Certificate certi={ui,pki,Tsign,Texpire} Secret share (of SK) Pui Certificate revocation list CRL
![Page 9: Providing Robust and Ubiquitous Security Support for Mobile Ad-Hoc Networks](https://reader035.fdocuments.in/reader035/viewer/2022062810/56815dfd550346895dcc3bee/html5/thumbnails/9.jpg)
Architecture - Services Certification service requests
service responses with SKi
An entity requests certification services from its neighbors.
Each neighbor computes SKi from Pui and sends it back.
Once the entity has >K SKs, signs its certificate with system key.
1
2
3 1
2
3
![Page 10: Providing Robust and Ubiquitous Security Support for Mobile Ad-Hoc Networks](https://reader035.fdocuments.in/reader035/viewer/2022062810/56815dfd550346895dcc3bee/html5/thumbnails/10.jpg)
Architecture - Services Secret share dealing
Initially, secret shares are distributed by a trusted central authority.
Once K secret shares are out there, new shares can be produced without a central authority.
Secret share updates It’s a secret!
Explicit certificate revocation If a cert is considered compromised, a
counter-cert is flooded over the network.
![Page 11: Providing Robust and Ubiquitous Security Support for Mobile Ad-Hoc Networks](https://reader035.fdocuments.in/reader035/viewer/2022062810/56815dfd550346895dcc3bee/html5/thumbnails/11.jpg)
Protocol – Background Secret polynomial SK={d,n}, polynomial of degree K-1:
Secret shares
≥K entities can produce d (Langrage interpolation):
But in this way, the secret d can be revealed!
f x
11 1
KKf x d f x f x
modiv iP f v n
1 1
0 mod modj j
K K
v v jj j
d P l n SK n
1 1 1
1 1 1j
j j Kv
j j j j j j K
x v x v x v x vl x
v v v v v v v v
(Langrage coefficients)
![Page 12: Providing Robust and Ubiquitous Security Support for Mobile Ad-Hoc Networks](https://reader035.fdocuments.in/reader035/viewer/2022062810/56815dfd550346895dcc3bee/html5/thumbnails/12.jpg)
Protocol – Certification Multi-signature protocol:
The entity sends certificate M to be signed. Its neighbors sign it with SKi and send back the
partially signed certificate .
The entity constructs , which is . Using K-bounded coalition offsetting, acquires
which is the signed certificate.
Note: the secret d has not been revealed!
1 2 1 2K KSK SK SK SK SK SKX X X X
modiSKM n
1 mod
K
jj
SK
M n
modt n dM n
moddM n
![Page 13: Providing Robust and Ubiquitous Security Support for Mobile Ad-Hoc Networks](https://reader035.fdocuments.in/reader035/viewer/2022062810/56815dfd550346895dcc3bee/html5/thumbnails/13.jpg)
Protocol – Secret share dealing Systemwide SK={d,n} Secret d, secret share of entity ui:
Self-initialization If already K shares exist in the
neighborhood of …
Complete shuffling scheme (using nonces)
modiv iP f v n
, , ,
1 1
modx x j x j
K K
v x v v x x jj j
P f v P l v SS n
xv
![Page 14: Providing Robust and Ubiquitous Security Support for Mobile Ad-Hoc Networks](https://reader035.fdocuments.in/reader035/viewer/2022062810/56815dfd550346895dcc3bee/html5/thumbnails/14.jpg)
Protocol – Secret share update Initially: version 1, ID 0 At each update: version++ Self-initialization protocol for new
version propagation In case of version conflicts, lowest ID
wins
![Page 15: Providing Robust and Ubiquitous Security Support for Mobile Ad-Hoc Networks](https://reader035.fdocuments.in/reader035/viewer/2022062810/56815dfd550346895dcc3bee/html5/thumbnails/15.jpg)
Evaluation Real world evaluation: UNIXRSA, cert vs key size (K=5) Cert vs K
(key=1024bits)SPEC 20.5
SPEC 12.1
SPEC 1.37
![Page 16: Providing Robust and Ubiquitous Security Support for Mobile Ad-Hoc Networks](https://reader035.fdocuments.in/reader035/viewer/2022062810/56815dfd550346895dcc3bee/html5/thumbnails/16.jpg)
Evaluation Simulations: NS2
![Page 17: Providing Robust and Ubiquitous Security Support for Mobile Ad-Hoc Networks](https://reader035.fdocuments.in/reader035/viewer/2022062810/56815dfd550346895dcc3bee/html5/thumbnails/17.jpg)
Evaluation Simulations: NS2
![Page 18: Providing Robust and Ubiquitous Security Support for Mobile Ad-Hoc Networks](https://reader035.fdocuments.in/reader035/viewer/2022062810/56815dfd550346895dcc3bee/html5/thumbnails/18.jpg)
Evaluation Simulations: NS2
![Page 19: Providing Robust and Ubiquitous Security Support for Mobile Ad-Hoc Networks](https://reader035.fdocuments.in/reader035/viewer/2022062810/56815dfd550346895dcc3bee/html5/thumbnails/19.jpg)
Q&A, round 1
Why certificates? Standard solution, only anywhere, anytime
needs solving Why threshold secret sharing?
Fits well with MANETs: “1 out of N”, “N out of N”
Why secret share updates? The MANET will be compromised, SK not easy
to change
![Page 20: Providing Robust and Ubiquitous Security Support for Mobile Ad-Hoc Networks](https://reader035.fdocuments.in/reader035/viewer/2022062810/56815dfd550346895dcc3bee/html5/thumbnails/20.jpg)
Q&A, round 1 What about DoS?
Compromised nodes offer false partial certificates
The answer: Verifiable Secret Sharing What about <K neighbors?
Retry somewhere, sometime! What about bookkeeping? (Cert Revoc Lists)
Implicit revocation helps keep short lists In any case: 128-256kb/counter-cert and
N<1000 but Pr{compromise}<<1
![Page 21: Providing Robust and Ubiquitous Security Support for Mobile Ad-Hoc Networks](https://reader035.fdocuments.in/reader035/viewer/2022062810/56815dfd550346895dcc3bee/html5/thumbnails/21.jpg)
Q&A, round 2 Hit me!