1 / 21

Security in Ad Hoc Wireless Networks

Security in Ad Hoc Wireless Networks. Agenda. Problem description Existing security tools/knowledge base Project goals Design overview Known problems. Problem Description. The following are known security concerns in wireless ad hoc networks: Node identity—who am I really talking to

denzel
Télécharger la présentation

Security in Ad Hoc Wireless Networks

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Security in Ad Hoc Wireless Networks

  2. Agenda • Problem description • Existing security tools/knowledge base • Project goals • Design overview • Known problems

  3. Problem Description The following are known security concerns in wireless ad hoc networks: • Node identity—who am I really talking to • Packet insertion • Packet capture—the man in the middle

  4. Existing Security Information • PGP (Pretty Good Privacy) • Diffie-Hellman Key Exchange • Larns-Arne Mattsson Thesis

  5. Project Goals • Design a robust, flexible API for a secure, wireless, ad hoc network • Develop a reference implementation to exemplify, validate, and debug the API

  6. Design Assumptions–1 • The level of security required of a network is application dependent • The underlying protocol of a wireless, ad hoc network is application dependent • Most nodes in a wireless, ad hoc network will be geographically close to each other • Members of a secure network group trust each other

  7. Design Assumptions—2 • Nodes should be able to join the secure group at any time • Network groups will frequently, but not always, be comprised of two or more members of a known group—a company, group of friends, etc.

  8. Design Overview The design of our security paradigm is comprised of three elements: • Group Announcement • Member Authentication • Group Data Transmission

  9. Initiator of a group broadcasts the existence of a group to the network via a well-known address or handle OR Node asks the network which groups are available via well-known address or handle Each node replies with its identity and the groups to which it belongs Group Announcement

  10. Initiator Announcement Example—1 Node 2 Group Annc. Group Id User Id Node 3 This is a really Important group …. MyGroup Node 1

  11. Node 5 I’m Node 3 and I’m in Group A and Group B I’m Node 2 and I’m in Group A Node 2 Group A What groups are out there? Node 3 I’m Node 1 and I’m in Group B Group B Node 1

  12. Member Authentication • Group members are authenticated using a very robust algorithm—PGP (desired) or Diffie-Hellman • Initiator of the group authenticates the first node that requests group membership • Subsequent requestors are authenticated by any member of the group

  13. Node 5 Authentication Example—1 Group B sounds nifty. May I join? Maybe. Who are you? Group B Node 1

  14. Authentication Example—2 Node 5 I can’t take your word for it. Let’s shake to make sure. I’m Node 5 Group B Node 1

  15. Node 5 Authentication Example—3 Group B Node 1 (A clipart rendering of Diffie-Hellman handshaking)

  16. Node 5 Authentication Example—4 Okay, now that our transmission is encrypted, I’ll send you the session key Group B Session Key (Secret) Node 1

  17. Node 5 Authentication Example—5 Node 2 Group A Node 3 Group B Node 1

  18. Data Transmission • Data is encrypted using a group session key (less robust) • New members are sent the session key via the secure connection created during authentication • Reliability is handled exclusively by the underlying protocol

  19. API Specifics • Abstracts protocol-specific details (handles, addresses, etc) • Provides flexibility regarding the underlying protocol and level of security of the group • Allows nodes to belong to multiple groups

  20. What aren’t we doing? • Writing our own encryption scheme • Data routing • Caching data for late joiners • Embedding security into a specific protocol

  21. Questions Comments Criticisms

More Related