Secure Communication

klapdorothypondΚινητά – Ασύρματες Τεχνολογίες

23 Νοε 2013 (πριν από 3 χρόνια και 8 μήνες)

78 εμφανίσεις

Secure Communication

A View From The Transport Layer

MANET and WSN




1

Overview


Transport Layer and Security Issues


Anonymity


E
-
mail


WSN and MANET


Traffic Analysis


DOS Attacks


flooding


de
-
synchronization


Summary


References

2

Transport Layer and Security Issues

3

Transport Layer Basics


4

Transport Layer
-

Security


Securing end
-
to
-
end communication


Keys distribution and use for secure
communication


Anonymous communication


Preventing traffic analysis


Preventing DOS attacks

5

Mobile Sensor Networks
-

Basics


Security Constraints


Low Power


Limited processing power


Limited memory


Limited bandwidth

6

Keys


Base Station assigns keys



Symmetric Key Algorithms


Saves computation resources


Establishes trust with sensor nodes


Saves computation and power


Computing and exchanging keys


Base station transmits the keys directly to the
node


Saves power

7

Anonymity E
-
mail

8

E
-
mail Anonymity





Untraceable E
-
mail



Untraceable Return Addresses



Digital Pseudonyms


9

E
-
Mail Anonymity
-

Untraceable


Using Public Key encryption



Uses


Elections


Part of an organization, but want identity kept
secret (CIA)


10

E
-
Mail Anonymity
-

Untraceable


Additional computer called the “Mix”


Bob wants to send Alice an untraceable message.


Bob sends the message encrypted with Alice’s
public key, encrypted again with the Mix’s public
key:


Km(R1, Ka(R0, M), A)


Ka(R0,M),A


Mix decrypts, eliminates R1, and forwards the
message to Alice.


11

E
-
Mail Anonymity
-

Untraceable


Mix hides the correspondences between items in
its input and output.


Outputs in uniformly sized items in
lexicographically ordered batches.


Ensures no duplicate output (would show a
pattern to an eavesdropper)


make R a timestamp


change Mix’s keys



12

E
-
Mail Anonymity
-

Untraceable


Multiple Mix’s


Cascade encryptions


First Mix’s (M2) input:

Km2(R2,Km1(R1,Ka(R0, M),A),Am1)



First Mix’s output:

Km1(R1,Ka(R0, M),A))



Final Result:

Ka(R0, M),A)


13

E
-
Mail Anonymity


Return Address


What if Alice wants to respond to Bob? He is
anonymous!



Bob can sends his address, encrypted so that
only the Mix can read, and deliver it.


Km(R1,Ab), Kb(R0,M)


Ab
, R1(Kb(R0, M))



14

E
-
Mail Anonymity


Return Address


Mix can verify recipient received the message


Certified Mail Service


Last Mix sends back to Bob:


Alice’s address


Message itself


Each Mix may sign the receipt



15

E
-
Mail Anonymity


Preventing Traffic Analysis


Send same number of messages per each batch


Pro
-

Hides number of messages sent from Bob


Con
-

Uses resources (power, bandwidth)


Send same number of messages to subsets of
participants


Pro
-

Hides number of messages Bob sends to Alice,
and minimizes dummy messages


Con
-

Still uses resources for dummy messages





16

E
-
Mail Anonymity
-

Pseudonyms


Digital Pseudonym:


A public key used to verify signatures made by the
anonymous holder of the corresponding private
key.


Roster:


List of pseudonyms kept by a trusted authority


Uses:


Elections


Roster of eligible voters


17

E
-
mail Anonymity


Pros & Cons


Pros:


Ability to be anonymous


Verified message delivery



Cons:


Additional hardware (mix)


What if you want to know the addressee (threat)


Trusted Authority


who and what determines this


Lots of additional encryption (time and resources)


18

Anonymity

MANET and WNS

19

Anonymity


Why


If an attacker can ID a node, and eavesdrop on
traffic, they may be able to identify actual
network traffic patterns.


Track a moving node


Identify what network a node belongs in

20

Anonymity


Cont.

Wired connections with dedicated links Wireless connections with shared media



Wireless communication broadcast property makes it hard to see where
where

a node is, but makes it easier to eavesdrop. [picture
-

11]


21

Anonymity


How


We will analyze how to achieve anonymity in
both:


MANET


Mix
-
net


WNS


Anonymity done through preventing traffic analysis
attacks


22

Anonymity
-

MANET


Similar to e
-
mail, uses Mix’s


23

A Mix
-
Net example in MANET [2]


Anonymity
-

MANET


Encryption and decryption of messages is the
same as used with Mix’s in e
-
mail:


Multiple Mix’s


Cascade encryptions


First Mix’s (M2) input:

Km2(R2,Km1(R1,Ka(R0, M),A),Am1)



First Mix’s output:

Km1(R1,Ka(R0, M),A))



Final Result:

Ka(R0, M),A)


24

Anonymity
-

MANET


Mix Advertisement


Sends message “I’m here”


Non
-
Mix node hears this and determine a
dominant Mix
-
node


If it doesn’t hear an advertisement message from it’s
Mix in some interval of time, it finds another Mix.


Mix Route Discovery and Update


Sender node (S) sends RREQ message to
destination node (D)

25

Anonymity
-

MANET


Mix Route Discovery and Update


RREQ Phase: Sender node (S) sends RREQ
message to destination node (D)


DREG Phase: D knows it is part of end
-
to
-
end
communication, registers with it’s closest
Dominator Mix


RUPD Phase: Mix broadcasts RUPD messages to
nodes with a list of nodes registered to the Mix

26

Anonymity
-

MANET

27

Broadcasted RUPD Messages [2]

Anonymity
-

MANET


Potential security problem:


An attacker could hear S send a RREQ message,
then hear D send a DREG message shortly after.


Solution:


S can send dummy RREQ messages to itself, to hide
the real RREQ message to D



28

Anonymity
-

MANET


Pros:


Compromised node in the middle of the route
does not reveal source or destination nodes


Dominant Mix could hide identity of S


Mix can also aide in preventing traffic analysis


Cons:


Additional hardware: Mix’s


Additional encryption


29

Anonymity


MANET
-

PPCS


PPCS


Privacy Preserving Communication


Three mechanisms:


Dynamic Flow Identification


Random Node Identification


Resilient Packet Forwarding


30

Anonymity


MANET
-

PPCS


Dynamic Flow Identification


Two flow pseudonyms,
Pdi
, Psi are defined for the
forward and backward flows


Replaces the source and destination addresses


Source broadcasts RREQ packet containing these
pseudonyms <RREQ, Psi,
Pdi
,
Ksd
(m)>


Intermediate nodes receive and try to decrypt
Psd


“Trap door check”




31

Anonymity


MANET
-

PPCS


Random Node Identification


Dissociates a real node identifier from location
information


RNI


random node identifiers

32

Anonymity


MANET
-

PPCS


Resilient Packet Forwarding


Multi
-
path random forwarding (MPRF)


Provides protection against traffic analysis


Helps avoid traffic congestion


Intermediate nodes randomly selects the next hop by
it’s local list of possible next hop nodes.


33

Anonymity


MANET
-

PPCS


Potential problems:


Message could be followed from end
-
to
-
end


Solution: Encrypt again between intermediate nodes


Pros:



Node anonymity established


Cons:


More difficult to implement


Each intermediate node must look at the
Psd

of a
RREQ message



34

Anonymity
-

WSN


Base Station ID hidden


Could take out entire network


How:


Hide which node is the base station by limiting
traffic analysis


35

Anonymity
-

Summary


Some situations may require node anonymity


Ex: Election, CIA


E
-
mail anonymity


Mix


MANET and WSN anonymity


Mix and routing


Traffic Analysis


36

Preventing Traffic Analysis

37

Preventing Traffic Analysis


Why


High traffic and/or traffic patterns could
indicate a base node/station


Base Node/Station


Entire network depends on it


Ex: Military


Determine critical nodes , chain of command


Forthcoming action


State change or network alertness

38

Traffic Analysis


Example

Data traffic patterns using shortest path routing [7]

39

Traffic Analysis


Two Classes


Two classes of traffic analysis


1.) Rate Monitoring Attack


monitor packet sending
rate


2.) Time Correlation Attack


deduce path by
listening to nodes forward packets

40

Preventing Traffic Analysis


How


Multiple parent routing


Rate monitoring attacks


Controlled random walk


Rate monitoring attacks


Random fake paths


Time correlation attacks


Multiple, random areas of high communication
activity


Rate Monitoring Attacks

41

Multi
-
Parent Routing


Reduces effectiveness of rate
-
monitoring attacks


Each node has multiple parents


Randomly select one parent each time it
forwards a packet


Any level higher is a parent or


Record beacons as parents


Problems:


Does not eliminate rate
-
monitoring attacks


Still subject to time
-
correlation attacks

42

Multi
-
Parent Routing

Multi
-
parent routing for node “u”

43

Random Walk


Reduces rate monitoring attack effectiveness


Forwarding packets:


To parent with probability of
p


To neighbor with probability of (1
-
p
)


Problems:


Still vulnerable to time correlation attack


Longer route consumes more energy (more hops
to base station)

44

Random Fake Paths


AKA Fractal Propagation


Makes time
-
correlation attacks less effective


Fake packets are created and propagated
through the network


Fake packets have a TTL parameter,
K


45

Random Fake Paths Cont.


When a node receives a fake packet, it


decrements TTL (if zero, it drops the packet)


forwards the packet to a neighbor node


If a node hears it’s neighbor transmitting a fake
packet with a TTL of
k
:


generates and forwards another fake packet


TTL =
k
-
1


probability


46

Random Fake Paths Cont.


Problems:


Already limited power is used on fake
transmissions


Does not completely eliminate time correlation
attacks


Generates a large amount of traffic by base station


If transmitting real packets more frequently, reduce
the probability of sending a fake packet



47

Multiple, random areas of high
communication activity



AKA Hot Spots


Makes rate monitoring more difficult


Node keeps track of which neighbors it sends
fake messages to.


All neighbors start with the same probability of
receiving a fake message from me


If I send a fake message to neighbor A, I increase
the probability I send another fake message to it

48

Multiple, random areas of high
communication activity


Cont.



Ability to create and destroy hotspots



Problems:


Does not eliminate rate monitoring, but does
make an attacker waist time with a hotspot



49

Traffic Analysis
-

Summary

50

Traffic Analysis


Summary Cont.


Pros:


Only a limited time delay of real packets


Applicable to large scale WSN’s



Cons:


Does not eliminate traffic analysis


Uses already limited power

51

DOS Attacks

52

DOS Attack
-

Flooding


Attacker repeatedly makes new connection
requests


Uses nodes resources


Proposed Solution:


puzzle


limit connections to a node (or connection
requests)

53

DOS Attack


De
-
Synchronization


Attacker repeatedly forges messages to one (or
both) end points, asking for packet
retransmission.


Uses nodes resources


Proposed solution:


Authenticate packet headers

54

Conclusion


E
-
mail anonymity is desired for some
people/organization


Can be achieved using


Mix


Trusted Authority


MANET and WSN


Limited resources make security difficult


Let the Base Station do the work

55

Conclusion Cont.


Preventing Traffic Analysis



Hide which node is base station


DOS


Flooding


De
-
synchronization Attack


Future work

56

Questions

57

References


[1] D.
Chaum
, “Untraceable Electronic Mail, Return Addresses, and Digital Pseudonyms”,


Communications of the ACM, 1981.


[2] S. Jiang, N. H.
Vaidya

and W. Zhao, A Mix Route Algorithm for Mix
-
Net in Wireless Ad


Hoc Networks, IEEE International Conference on Mobile Ad
-
hoc and Sensor Systems
(MASS),


October 2004.


[3] B. R.
Venkatraman

and N. E. Newman
-
Wolfe, Transmission schedules to prevent traffic


analysis, Ninth Annual Computer Security and Applications Conferences, 1993.


[4] B.
Radosavljevic
, B.
Hajek
, Hiding traffic flow in communication networks, MILCOM
1992.


[5] S. Jiang, N. H.
Vaidya
, W. Zhao, Preventing traffic analysis in packet radio networks,


DISCEX 2001.


[6] SPINS: Security Protocols for Sensor Networks (
Perrig
)


[7] J. Deng, R Han, S.
Mishra
; Countermeasures Against Traffic Analysis Attacks in
Wireless Sensor Networks; University of CO; 2005

58

References


[8] Sk. Md.
Mizanur

Rahman
,
Nidal

Nasser,
Atsue

Inomata,
Takeski

Okamoto, M
Mambo, E Okamoto; Anonymous authentication and secure communication protocol
for wireless mobile ad hoc networks; Wiley
InterScience
; 2008; p. 179
-
189


[9] S.
Tilak
, N. Abu
-
Ghazaleh
, W.
Heinzelman
; A Taxonomy of Wireless Micro
-
Sensor Network Models; Mobile
COmuting

and Communications Review, Vol. 6, No.
2; 2004


[10] Y. Zhang, W. Liu, W. Lou, Y. Fang; MASK: Anonymous On
-
Demand Routing in Mobile
Ad Hoc Networks; IEEE Transactions on Wireless Communications, Vol. 5, No. 9, 2006


[11]
Dijiang

Huang; On An Information Theoretic Approach to Model Anonymous MANET
Communications; ISIT 2009, Seoul, Korea; June 28
-
July 3, 2009


[12] H.
Choi
, P. McDaniel, T. F. La
Porta
; Privacy Preserving Communications in MANETs;
The Pennsylvania State University; 2007


[13]

S.
Kaplantzis

and N. Mani, ”Classification Techniques for Network Intrusion
Detection”, in NCS’06
-

Proceedings of the IASTED International Conference on
Networks and Communications Systems, March 2006


[14] T.
Kevitha
, D.
Sridharan
; Security Vulnerabilities In Wireless Sensor Networks:
A survey; Journal of Information Assurance and Security 5, 031
-
044; 2010


59