Skip to main content

2005 | Buch

Security and Privacy in Ad-hoc and Sensor Networks

Second European Workshop, ESAS 2005, Visegrad, Hungary, July 13-14, 2005. Revised Selected Papers

herausgegeben von: Refik Molva, Gene Tsudik, Dirk Westhoff

Verlag: Springer Berlin Heidelberg

Buchreihe : Lecture Notes in Computer Science

insite
SUCHEN

Über dieses Buch

It was a pleasure to take part in the 2005 European Workshop on Security and Privacy in Ad Hoc and Sensor Networks (ESAS 2005), held on July 13–14 in Visegrad (Hungary) in conjunction with the First International Conference on Wireless Internet (WICON) . As Program Co-chairs, we are very happy with the outcome of this year’s ESAS workshop. It clearly demonstrates the continued importance, popularity andtimeliness oftheworkshop’stopic: securityandprivacy inadhocandsensor networks.Atotalof51fullpapersweresubmitted.Eachsubmissionwasreviewed by at least three expert referees. After a short period of intense discussions and deliberations, the Program Committee selected 17 papers for presentation and subsequent publication in the workshop proceedings. This corresponds to an acceptance rate of 33% — a respectable rate by any measure. First and foremost, we thank the authors of ALL submitted papers. Your con?dence in this venue is much appreciated. We hope that you will continue patronizing ESAS as authors and attendees. We are also very grateful to our colleagues in the research community who served on the ESAS Program C- mittee. Your sel?ess dedication is what makes the workshop a success. Finally, we are very grateful to the ESAS Steering Group: Levente Buttyan, Claude Castelluccia, Dirk Westho? and Susanne Wetzel. They had the vision and the drive to create this workshopin the ?rst place; they also provided many insightsandlotsofhelpwiththisyear’sevent.Weespeciallyacknowledgeand- preciate the work of Levente Buttyan whose dedication (as Steering Committee member, PC member and Local Arrangements Chair) played a very important role in the success of the workshop.

Inhaltsverzeichnis

Frontmatter
Efficient Verifiable Ring Encryption for Ad Hoc Groups
Abstract
We propose an efficient Verifiable Ring Encryption (VRE) for ad hoc groups. VRE is a kind of verifiable encryption [16,1,4,2,8] in which it can be publicly verified that there exists at least one user, out of a designated group of n users, who can decrypt the encrypted message, while the semantic security of the message and the anonymity of the actual decryptor can be maintained. This concept was first proposed in [10] in the name of Custodian-Hiding Verifiable Encryption. However, their construction requires the inefficient cut-and-choose methodology which is impractical when implemented. We are the first to propose an efficient VRE scheme that does not require the cut-and-choose methodology.
In addition, while [10] requires interaction with the encryptor when a verifier verifies a ciphertext, our scheme is non-interactive in the following sense: (1) an encryptor does not need to communicate with the users in order to generate a ciphertext together with its validity proof; and (2) anyone (who has the public keys of all users) can verify the ciphertext, without the help of the encryptor or any users. This non-interactiveness makes our scheme particularly suitable for ad hoc networks in which nodes come and go frequently as ciphertexts can be still generated and/or verified even if other parties are not online in the course. Our scheme is also proven secure in the random oracle model.
Joseph K. Liu, Patrick P. Tsang, Duncan S. Wong
SKiMPy: A Simple Key Management Protocol for MANETs in Emergency and Rescue Operations
Abstract
Mobile ad-hoc networks (MANETs) can provide the technical platform for efficient information sharing in emergency and rescue operations. It is important in such operations to prevent eavesdropping, because some the data present on the scene is highly confidential, and to prevent induction of false information. The latter is one of the main threats to a network and could easily lead to network disruption and wrong management decisions. This paper presents a simple and efficient key management protocol, called SKiMPy. SKiMPy allows devices carried by the rescue personnel to agree on a symmetric shared key, used primarily to establish a protected network infrastructure. The key can be used to ensure confidentiality of the data as well. The protocol is designed and optimized for the high dynamicity and density of nodes present in such a scenario. The use of preinstalled certificates mirrors the organized structure of entities involved, and provides an efficient basis for authentication. We have implemented SKiMPy as a plugin for the Optimized Link State Routing Protocol (OLSR). Our evaluation results show that SKiMPy scales linearly with the number of nodes in worst case scenarios.
Matija Pužar, Jon Andersson, Thomas Plagemann, Yves Roudier
Remote Software-Based Attestation for Wireless Sensors
Abstract
Wireless sensor networks are envisioned to be deployed in mission-critical applications. Detecting a compromised sensor, whose memory contents have been tampered, is crucial in these settings, as the attacker can reprogram the sensor to act on his behalf. In the case of sensors, the task of verifying the integrity of memory contents is difficult as physical access to the sensors is often infeasible. In this paper, we propose a software-based approach to verify the integrity of the memory contents of the sensors over the network without requiring physical contact with the sensor. We describe the building blocks that can be used to build a program for attestation purposes, and build our attestation program based on these primitives. The success of our approach is not dependent on accurate measurements of the execution time of the attestation program. Further, we do not require any additional hardware support for performing remote attestation. Our attestation procedure is designed to detect even small memory changes and is designed to be resistant against modifications by the attacker.
Mark Shaneck, Karthikeyan Mahadevan, Vishal Kher, Yongdae Kim
Spontaneous Cooperation in Multi-domain Sensor Networks
Abstract
Sensor networks are large scale networks consisting of several nodes and some base stations. The nodes are monitoring the environment and send their measurement data towards the base stations possibly via multiple hops. Since the nodes are often battery powered, an important design criterion for sensor networks is the maximization of their lifetime. In this paper, we consider multi-domain sensor networks, by which we mean a set of sensor networks that co-exist at the same physical location but run by different authorities. In this setting, the lifetime of all networks can be increased if the nodes cooperate and also forward packets originating from foreign domains. There is a risk, however, that a selfish network takes advantage of the cooperativeness of the other networks and exploits them. We study this problem in a game theoretic setting, and show that, in most cases, there is a Nash equilibrium in the system, in which at least one of the strategies is cooperative, even without introducing any external incentives (e.g., payments).
Levente Buttyán, Tamás Holczer, Péter Schaffer
Authenticated Queries in Sensor Networks
Abstract
This work-in-progress report investigates the problem of authenticated querying in sensor networks. Roughly, this means that whenever the sensor nodes process a query, they should be able to verify that the query was originated by a legitimate entity. I precisely define authenticated querying, analyze the design space for realizing it and propose solutions to this problem in presence of node capture attacks.
Zinaida Benenson
Improving Sensor Network Security with Information Quality
Abstract
With extremely limited resources, it is hard to protect sensor networks well with conventional security mechanisms. We study a class of passive fingerprinting techniques and propose an innovative information quality based approach to improve the security of sensor network. For each sensor, we create a quality profile QP of profiling its normal/standard sensing behaviour. After deployment, new sensor readings are verified using this QP. If significant deviation is found, we either regard the readings as an abnormal behaviour or declare the sensor to be a fake sensor. The methods can be used as an assistant sensor authentication mechanism, but with a potential drawback. Furthermore, we also demonstrate a secure data fusion protocol, applying the proposed methods together with conventional security mechanisms. Through security analysis, we point out several countermeasures that can explicitly or implicitly defend against these attacks.
Qiang Qiu, Tieyan Li, Jit Biswas
One-Time Sensors: A Novel Concept to Mitigate Node-Capture Attacks
Abstract
Dealing with captured nodes is generally accepted as the most difficult challenge to wireless sensor network security. By utilizing the low-cost property of sensor nodes, we introduce the novel concept of one-time sensors to mitigate node-capture attacks. The basic idea is to load each sensor with only one cryptographic token so that the captured node can inject only a single malicious message into the network. In addition, sybil attacks are avoided and explicit revocation is not necessary using one-time sensors. By using public key techniques, one-way hash functions and Merkle’s hash tree, we also show efficient implementations and interesting tradeoffs for one-time sensors.
Kemal Bicakci, Chandana Gamage, Bruno Crispo, Andrew S. Tanenbaum
Randomized Grid Based Scheme for Wireless Sensor Network
Abstract
Wireless Sensor Network (WSN) has a wide variety of civil and military applications need enforcement of security. Traditional public key cryptography such as RSA is infeasible due to resource constraints in WSN. Key predistribution is one of the feasible solutions to cope with these constraints. This paper proposes a novel key predistribution scheme named Randomized Grid Based (RGB) scheme which employs the basic probabilistic scheme on the basis of the grid based scheme. Our scheme is not only able to extend resiliency than the existing key predistribution schemes but also ensure a high probability to establish pairwise key and efficiency in path key establishment between sensor nodes. Security analysis shows substantial improvement in term of resiliency and key establishment with little additional overheads in memory, communication.
Mohammed Golam Sadi, Jong Sou Park, Dong Seong Kim
Influence of Falsified Position Data on Geographic Ad-Hoc Routing
Abstract
There has been a lot of effort in the research on routing in mobile ad hoc networks in the last years. Promising applications of MANETs, e.g. in the automotive domain, are the drive for the design of inter-vehicle networks. So far, several projects in this field have chosen geographic routing approaches because of their outstanding performance and the possibility to support location-based applications like traffic warning functions. Having reached a reasonable functional level, a next step will be a deeper study of safety and security issues.
With this paper, we dive into that area by assuming defective or malicious nodes that disseminate wrong position data. First, we have a look at the local problems that may arise from falsified position data, then we show the global effects on the routing performance by simulating malicious nodes. Simulation results show that the overall ratio of successfully delivered messages decreases, depending on the number of maliciously acting nodes, even up to approximately 30%. We conclude from this result that future work should take these threats into account in order to design more robust routing protocols.
Tim Leinmüller, Elmar Schoch, Frank Kargl, Christian Maihöfer
Provable Security of On-Demand Distance Vector Routing in Wireless Ad Hoc Networks
Abstract
In this paper, we propose a framework for the security analysis of on-demand, distance vector routing protocols for ad hoc networks, such as AODV, SAODV, and ARAN. The proposed approach is an adaptation of the simulation paradigm that is used extensively for the analysis of cryptographic algorithms and protocols, and it provides a rigorous method for proving that a given routing protocol is secure. We demonstrate the approach by representing known and new attacks on SAODV in our framework, and by proving that ARAN is secure in our model.
Gergely Ács, Levente Buttyán, István Vajda
Statistical Wormhole Detection in Sensor Networks
Abstract
In this paper, we propose two mechanisms for wormhole detection in wireless sensor networks. The proposed mechanisms are based on hypothesis testing and they provide probabilistic results. The first mechanism, called the Neighbor Number Test (NNT), detects the increase in the number of the neighbors of the sensors, which is due to the new links created by the wormhole in the network. The second mechanism, called the All Distances Test (ADT), detects the decrease of the lengths of the shortest paths between all pairs of sensors, which is due to the shortcut links created by the wormhole in the network. Both mechanisms assume that the sensors send their neighbor list to the base station, and it is the base station that runs the algorithms on the network graph that is reconstructed from the received neighborhood information. We describe these mechanisms and investigate their performance by means of simulation.
Levente Buttyán, László Dóra, István Vajda
RFID System with Fairness Within the Framework of Security and Privacy
Abstract
Radio Frequency Identification (RFID) systems are expected to be widely deployed in automated identification and supply-chain applications. Although RFID systems have several advantages, the technology may also create new threats to user privacy. In this paper, we propose the Fair RFID system. This involves improving the security and privacy of existing RFID systems while keeping in line with procedures already accepted by the industrial world. The proposed system enables the protection of users’ privacy from unwanted scanning, and, when necessary, is conditionally traceable to the tag by authorized administrators.
Jin Kwak, Keunwoo Rhee, Soohyun oh, Seungjoo Kim, Dongho Won
Scalable and Flexible Privacy Protection Scheme for RFID Systems
Abstract
Radio Frequency Identification (RFID) system has been studied so much and it may be applicable to various fields. RFID system, however, still has consumer privacy problems under the limitation of low-cost tag implementation. We propose an efficient privacy protection scheme using two hash functions in the tag. We show that our scheme satisfies not only privacy and location history protection of consumers, but also scalability and flexibility of back-end servers. Additionally, we present a practical example to compare performance of several schemes.
Sang-Soo Yeo, Sung Kwon Kim
RFID Authentication Protocol with Strong Resistance Against Traceability and Denial of Service Attacks
Abstract
Even if there are many authentication protocols for RFID system, only a few protocols support location privacy. Because of tag’s hardware limitation, these protocols suffer from many security threats, especially from the DoS (Denial of Service) attacks. In this paper, we discuss location privacy problem and show vulnerabilities of RFID authentication protocols. And then, we will suggest a strong authentication protocol against location tracing, spoofing attack, and DoS attack.
Jeonil Kang, DaeHun Nyang
Location Privacy in Bluetooth
Abstract
We discuss ways to enhance the location privacy of Bluetooth. The principal weakness of Bluetooth with respect to location privacy lies in its disclosure of a device’s permanent identifier, which makes location tracking easy. Bluetooth’s permanent identifier is often disclosed and it is also tightly integrated into lower layers of the Bluetooth stack, and hence susceptible to leakage. We survey known location privacy attacks against Bluetooth, generalize a lesser-known attack, and describe and quantify a more novel attack. The second of these attacks, which recovers a 28-bit identifier via the device’s frequency hop pattern, requires just a few packets and is practicable. Based on a realistic usage scenario, we develop an enhanced privacy framework with stronger unlinkability, using protected stateful pseudonyms and simple primitives.
Ford-Long Wong, Frank Stajano
An Advanced Method for Joint Scalar Multiplications on Memory Constraint Devices
Abstract
One of the most frequent operations in modern cryptosystems is a multi-scalar multiplication with two scalars. Common methods to compute it are the Shamir method and the Interleave method whereas their speed mainly depends on the (joint) Hamming weight of the scalars. To increase the speed, the scalars are usually deployed using some general representation which provides a lower (joint) Hamming weight than the binary representation. However, by using such general representations the precomputation and storing of some points becomes necessary and therefore more memory is required. Probably the most famous method to speed up the Shamir method is the joint sparse form (JSF). The resulting representation has an average joint Hamming weight of 1/2 and it uses the digits 0,± 1. To compute a multi-scalar multiplication with the JSF, the precomputation of two points is required. While for two precomputed points both the Shamir and the Interleave method provide the same efficiency, until now the Interleave method is faster in any case where more points are precomputed. This paper extends the used digits of the JSF in a natural way, namely we use the digits 0, ±1, ±3 which results in the necessity to precompute ten points. We will prove that using the proposed scheme, the average joint Hamming density is reduced to 239/661 ≈ 0.3615. Hence, a multi-scalar multiplication can be computed more than 10% faster, compared to the JSF. Further, our scheme is superior to all known methods using ten precomputed points and is therefore the first method to improve the Shamir method such that it is faster than the Interleave method. Another advantage of the new representation is, that it is generated starting at the most significant bit. More specific, we need to store only up to 5 joint bits of the new representation at a time. Compared to representations which are generated starting at the least significant bit, where we have to store the whole representation, this yields a significant saving of memory.
Erik Dahmen, Katsuyuki Okeya, Tsuyoshi Takagi
Side Channel Attacks on Message Authentication Codes
Abstract
Side channel attacks are a serious menace to embedded devices with cryptographic applications which are utilized in sensor and ad hoc networks. In this paper we show that side channel attacks can be applied to message authentication codes, even if the countermeasure is applied to the underlying block cipher. In particular, we show that EMAC, OMAC, and PMAC are vulnerable to our attack. Based on simple power analysis, we show that several key bits can be extracted, and based on differential power analysis, we present selective forgery against these MACs. Our results suggest that protecting block ciphers against side channel attacks is not sufficient, and countermeasures are needed for MACs as well.
Katsuyuki Okeya, Tetsu Iwata
Backmatter
Metadaten
Titel
Security and Privacy in Ad-hoc and Sensor Networks
herausgegeben von
Refik Molva
Gene Tsudik
Dirk Westhoff
Copyright-Jahr
2005
Verlag
Springer Berlin Heidelberg
Electronic ISBN
978-3-540-31615-2
Print ISBN
978-3-540-30912-3
DOI
https://doi.org/10.1007/11601494