1 / 17

Team Challenger

Team Challenger. Brian Padalino Sammy Lin Arnold Perez Helen Chen. Group Communication. Authentication Huang, Q. et al “Fast Authenticated Key Establishment Protocols for Self-Organizing Sensor Networks” (2003) International Conference on Sensor Wireless Networks and Applications pp.141.

eytan
Télécharger la présentation

Team Challenger

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Team Challenger Brian Padalino Sammy Lin Arnold Perez Helen Chen

  2. Group Communication • Authentication • Huang, Q. et al “Fast Authenticated Key Establishment Protocols for Self-Organizing Sensor Networks” (2003) International Conference on Sensor Wireless Networks and Applications pp.141

  3. Sensor Networks • Background: • Supports dynamic scenarios, large scale, real-time data processing • Does not require any centralized administration or fixed infrastructure Authentication between sensor nodes and security managers

  4. Sensor Networks • Problems • Sensors have limited power supply and computational resources • Should only send out packets when necessary to help save power • Accurately authenticate with a security manager without using an online centralized database

  5. Sensor Networks • Authentication solutions • A hybrid authentication key establishment protocol • symmetric key cryptographic operations • elliptic curve implicit certificates

  6. Sensor Networks • Implementation • Elliptic Curve Cryptography • Symmetric-Key Operations • Certificates • Certificate contains public key, device ID and certification expiration date, digitally signed • Certificates are acquired before a sensors can join the network

  7. Trust Groups • Keoh, S.L. et al “Towards flexible Credential Verification in Mobile Ad-hoc Networks” (2002) Annual International Workshop on Principles of Mobile Computing, Toulouse, France pp. 58

  8. System Implementation

  9. Key Management • Every device maintains a key ring that contains a list of trusted public keys and their associated trustworthiness level. • Ensures that only trusted public keys are considered when checking assertions. • XML Credential Generator • Used to group the user’s credentials together in order to create a readable credential assertion statement (CAS).

  10. Security Assertion Module • Main functionality is to issue assertions to other users after verifying credentials listed in the CAS successfully. • Verification and Validation Module • Used to determine whether a CAS is authentic and based on authentic credentials. When a user presents his/her CAS together with the corresponding ASSs, the V&V checks the signatures against the key ring to determine whether the assertions can be trusted.

  11. Group Communication • Security • Contributory key agreement • 1) Group Diffie-Hellman key exchange • 2) Key trees

  12. Diffie-Hellman Key exchange Alice picks BK=x Bob Picks BK=y 1 p, , K=x mod p 2 K= y mod p Bob computes K BK = (x mod p)y = xy mod p Alice computes K BK = (y mod p)x = xy mod p The shared secret key

  13. K p =( BK (L) ) K (R) mod p =( BK (R) ) K (L)mod p =  K (L) K (R) mod p = f (K (L)K (R)) Key trees <0,0> <1,0> <1,1> <2,0> <2,1> <2,2> <2,3> <3,0> <3,0> <3,6> <3,7>

  14. Problems and Solutions • Join, Leave, Partition and Merge by Updating Current Tree <0,0> <1,0> <1,1> <2,0> <2,1> <2,2> <2,3> <3,0> <3,0> <3,6> <3,7>

  15. Project Idea • Will be implementing system outlined by “Towards Flexible Credential Verification in Mobile Ad-hoc Networks” • Will be adding certificate/assertion revocations and some sort of black listing policy for untrustworthy nodes to increase security of the proposed system.

  16. Project Idea (cont.) • Will be building a game on top of our system to demo what it can do. • Social engineering game geared towards building and losing trust. • Player must try and obtain as much ASS as possible. Then use that ASS to get more ASS.

  17. Papers to be used… • “Towards a human trust model for mobile ad-hoc networks,” Licia Capra • “A certificate revocation scheme for wireless ad-hoc networks,” Claude Crepeau and Carlton Davis • “Trust and establishment of ad-hoc communities,” Sye Long Keoh and Emil Lupu

More Related