1 / 22

Ad Hoc Networks

Ad Hoc Networks. Curtis Bolser Miguel Turner Kiel Murray. Towards Flexible Credential Verification in Mobile Ad-hoc Networks - Goals. “To propose a flexible verification mechanism to ascertain a user’s identity and credentials based on assertions from peers.”

kieve
Télécharger la présentation

Ad Hoc Networks

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Ad Hoc Networks Curtis Bolser Miguel Turner Kiel Murray

  2. Towards Flexible Credential Verification in Mobile Ad-hoc Networks - Goals • “To propose a flexible verification mechanism to ascertain a user’s identity and credentials based on assertions from peers.” • Similar to PGP’s web-of-trust concept. • Lessen the number of signature verifications needed. • Allow interoperability between different certificate formats and paradigms (X.509, PGP, SPKI).

  3. Towards Flexible Credential Verification in Mobile Ad-hoc Networks – Requirements • Due to generation and verification of credentials and assertions, significant processing power may be required. • For X.509 and SPKI verification, a connection to a wired or fixed network is required. • The devices must have enough space to store a public key ring and trustworthiness levels for each key.

  4. Towards Flexible Credential Verification in Mobile Ad-hoc Networks – Architecture • The general architecture is shown in the following figure. Verification Module Security Assertion Module XML Credential Generator Key Management • Key management: Public keys can be added provided their validity has been checked beforehand. • Only assertions made from trusted keys in the ring are considered , all other assertions are discarded. • Four trust levels; Full, Partial, Untrustworthy, Unknown.

  5. Towards Flexible Credential Verification in Mobile Ad-hoc Networks – Architecture • XML Credential Generator: Used to create Credential Assertion Statements (CAS) by grouping the user’s credentials together. • Information in X.509 certificates and SPKI are extracted and then converted into XML form to produce the CAS. • The CAS itself need not be encrypted, but it is signed. • Contains X.509 certificate data and attribute certificate data through <X509Data> and <AttributeData> tags in the XML document. • The <X509Certificate> tag denotes where the certificate is stored in its original form (ASN.1 DER encoded)

  6. Towards Flexible Credential Verification in Mobile Ad-hoc Networks – Architecture • Security Assertion Model: Main functionality is to issue assertions to other peers after successfully verifying the credentials listed in the CAS. • This is done through Assertion Signature Statements (ASS) which are distributed to the Ad-hoc network. • Peers must have explicitly declared trust of the issuer of the ASS for it to be considered. • More trusted nodes would lead to more ability to validate credentials via peers in the Ad-hoc network instead of through Credential Authorities via a wired network.

  7. Towards Flexible Credential Verification in Mobile Ad-hoc Networks – Architecture • Verification Module: Used to determine if the CAS is authentic and based on authentic credentials. • Checks the signatures in the ASSs corresponding to the CAS against the key ring to determine trust. • Trust relationships are not transitive except in the case of partially verified information. • Ex: Node A trusts Node B, Node B trusts Node C. Node C asserts that node L’s credential is valid. • If Node A can partially validate L’s credential, it can trust it due to trusting Node B which trusts Node C. • Does NOT imply trust of further assertions from Node C.

  8. Ad Hoc Sensor Networks • Authentication • Typically requires high levels of computational and communication capabilities • Sensors • Low-powered, mobile devices • Many applications for sensors where strong authentication is desirable

  9. Three-tier Hierarchy • Tier 1: Access Points • High-power • Route radio packets to wired infrastructure • Tier 2: Forwarding Nodes • Medium-power, mobile • Relay information to access points • Tier 3: Sensor Nodes • Low-power, mobile • Collect data to send to application

  10. Authentication • TESLA Certificate • Short lifetime • Sensors assigned certificates by access points • Forwarding nodes only authenticate themselves in assured mode

  11. Authentication • Weak mode • Only the origin of the data is verified • The data can be routed through any series of forwarding nodes • Assured mode • Each forwarding node will append its signature to the data • This allows the route to be verified

  12. Mobility Helps Security in Ad Hoc Networks – Idea • Mimic human behavior; to communicate securely get close to each other and establish mutual credentials. • Two separate models: • 1 – Allows for security without any kind of central authority. • 2 – Allows for an offline authority authorizing nodes to join the network.

  13. Mobility Helps Security in Ad Hoc Networks – Assumptions • The ability to establish a “secure side channel,” through an infrared link, physical connection, or some other secure, local method for model 1. • Nodes in a given Ad Hoc network move around. • This mobility will actually assist in establishing security associations between nodes on the network. • Each node is able to generate cryptographic keys, check signatures, and accomplish any task required to secure its communications (specifically; agree on cryptographic protocols with other nodes)

  14. Mobility Helps Security in Ad Hoc Networks – Overview 1 • Network is fully self-organized (no infrastructure, no central authority, no centralized trusted third party). • Secure side channel is used to set up security associations between nodes by exchanging cryptographic material. • This exchange is made by both users consciously and simultaneously (associate a “human face” with the established security association). • Use of “Friends” to further distribute public keys.

  15. Mobility Helps Security in Ad Hoc Networks – Overview 2 • Ad Hoc network with a central authority (off-line). • Central Authority controls network membership, deciding which nodes can join and how. • Each node has a unique identity, assigned to it by the authority, binding the node’s identity and public key. • Each node holds the public key of the central authority. • If a node A possesses a certificate signed by the central authority binding node B and its public key, then there is a one-way security association between node A and B. • If each node has a one-way security association of the other, they have a two-way security association.

  16. Mobility Helps Security in Ad Hoc Networks – Comparisons • Mobility-based approach allows insertion of new nodes and secure transfers without on-line key distribution. • Drawback: takes time to establish security associations. • Self-organized approach is useful in securing personal communications on the application level. • Offline authority approach useful in securing networking mechanisms such as routing. • In the self-organized approach, users must establish security associations consciously; In the authority-based approach, these associations are established automatically.

  17. Generic Implementation of Elliptic Curve Cryptography using Partial Reduction • Elliptic curve cryptography (ECC) is becoming an attractive alternative to traditional RSA and DH • Elliptic Curve Digital Signature Algorithm (ECDSA) • Government a big fan • Paper outlines hardware and software approach to implementing ECC

  18. ECC • Security per bit rivals other common cryptosystems • Involves modular addition, multiplication, and division • Coupled with partial reduction, selection of curves becomes more flexible

  19. Self-Organized Network-Layer Security in Mobile Ad Hoc Networks • Assumes no initial trust, no central trusting entity • Based on On-demand Distance Vector (AODV) routing protocol • Path discovery is on-demand • Uses Route request/response packets • Is susceptible to routing updates misbehavior and packet forwarding misbehavior

  20. Self-Organized Network-Layer Security in Mobile Ad Hoc Networks • Goals • No central trust authority or key distributor • Tolerant to the existence of compromised nodes • Isolate the attacker • Credit based system where nodes will incur less security overhead as time passes

  21. Self-Organized Network-Layer Security in Mobile Ad Hoc Networks • How it works • Each node has a token signed by the system key (SK) • This token will expire without renewing it in a timely manner • Bad tokens are known to all nodes via their Token Revocation Lists

  22. Self-Organized Network-Layer Security in Mobile Ad Hoc Networks • How it works • Nodes collaborate to monitor each other and issue new tokens • Only when the group decides a node is an attacker is it isolated from the network

More Related