1 / 13

SPLASH Sécurisation des ProtocoLes dans les réseAux mobileS ad Hoc

SPLASH Sécurisation des ProtocoLes dans les réseAux mobileS ad Hoc. http://www.inrialpes.fr/planete/splash.html 12 Décembre 2003. Refik Molva Institut EURECOM molva@eurecom.fr. Wireless & Mobile Limited Energy Lack of physical security Ad Hoc Lack of(or limited) infrastructure

mora
Télécharger la présentation

SPLASH Sécurisation des ProtocoLes dans les réseAux mobileS ad Hoc

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. SPLASHSécurisation des ProtocoLes dans les réseAux mobileS ad Hoc http://www.inrialpes.fr/planete/splash.html 12 Décembre 2003 Refik Molva Institut EURECOM molva@eurecom.fr

  2. Wireless & Mobile Limited Energy Lack of physical security Ad Hoc Lack of(or limited) infrastructure Lack of a priori trust Cooperation Enforcement • Key management MANET Security Requirements • Secure Routing [Recent security solutions for mobile ad hoc networks In “Ad Hoc Networks” IEEE Press - Wiley Ed]

  3. Key Management Objectives • Bootstrapping from scratch • Fully distributed • Minimum dependency

  4.   Key Management Approaches • Symmetric crypto [Basagni et al.] • (ID, PK) binding • Certificate = (ID,PK)CA • Self-organized Authorities [Zhou, Haas] [Kong, et al.] [Yi, Kravets] [Lehane, et al.] • Web of trust(PGP) [Hubaux, Buttyan, Capkun] • Certificate-less • Crypto-based IDs: ID = h(PK) [Montenegro, Castellucia] [O’Shea, Roe] [Bobba, et al] • ID-based Crypto: PK = f(ID) [Halili, Katz, Arbaugh] • Context-dependent authentication • location-limited channels [Balfanz, et al.] • Shared passwords [Asokan, Ginzborg]

  5. Self-organized Admission Control Performance Comparison • Centralized (simple signatures) • member gets t signatures from other members • Server grants GMC when t or more signatures are shown. • Distributed (threshold signatures) • member gets “partial” certificates (mSKi) from other members. • member combines t certificates to get a GMC GMC = mSK1 mSK2 mSK3.. mSKt = mSK Threshold signaturesare NOT suitable in MANET and sensor networks. • Currently investigating Bilinear mappings [Admission Control in Peer-to-Peer: Design and Performance Evaluation, ACM SASN Workshop, October 2003.] [On the Utility of Distributed Cryptography in P2P and MANETs, ICNP 2003.]

  6. (ID, PK) binding without a PKICrypto-Generated Addresses (CGA) • Statistically Unique Cryptographically Verifiable IDs [Montenegro, Castellucia] [O’Shea, Roe] IPv6 @ = prefix | h( prefix | PK ) • Secure Routing using CGA: AODV [Castellucia, Montenegro] DSR[Bobba, et al] PROs: no certificates, no PKI CONs: generation of bogus IDs • New: CGA based on the small primes variation of the Feige-Fiat-Shamir (MFFS) [Statistically Unique and Cryptographically Verifiable Addresses: concepts and applications. ACM TISSEC, Feb. 2004] [Protecting AODV against impersonation attacks, ACM MC2R, October 2002]

  7. Cooperation enforcement mechanisms Threshold cryptography Token-based [Yang,Meng,Lu] Nuglets [Buttyan,Hubaux] SPRITE [Zhong, Chen, Yang] CONFIDANT[Buchegger,Le Boudec] CORE [Michiardi,Molva] Beta-Reputation [Josang,Ismail] Micro-payment Reputation-based

  8. Cooperation Enforcement Evaluation with Game Theory • Cooperative GT • Study the size (k) of a coalition of cooperating nodes • Nash Equilibrium  lower bound on k • Non-cooperative GT • Utility function with pricing • Pricing used to guide the operating point (i.e. maximum of utility function) to a fair position • ri : dynamic reputation of node ni evaluated by her neighbors [Michiardi,Molva,CMS’02, WiOpt’03] [Srinivasan,et al.,INFOCOM’03]

  9. Simulations: CORE – uniform traffic

  10. Simulations: TFT – uniform traffic

  11. Summary • Specific requirements • Self organized bootstrapping of security associations • Cooperation enforcement • Prospects • New tools from crypto bag of tricks (Id-based crypto, . . .) • Integrated mechanisms: reputation + key management • Participation in MOBILEMAN project on Ad Hoc Networks • ESAS 2004 1st European Workshop on Security in Ad-Hoc and Sensor Networks. (5.-6. August, 2004) 

  12. ESORICS 2004 – RAID 2004September 13-17Institut EURECOMSophia Antipolis - FRANCE

  13. THANK YOU

More Related