main-content

Über dieses Buch

Ad hoc and sensor networks are making their way from research to real-world deployments. Body and personal-area networks, intelligent homes, environmental monitoring or inter-vehicle communications: there is almost nothing left that is not going to be smart and networked. While a great amount of research has been devoted to the pure networking aspects, ad hoc and sensor networks will not be successfully deployed if security, dependability, and privacy issues are not addressed adequately.

As the first book devoted to the topic, this volume constitutes the thoroughly refereed post-proceedings of the First European Workshop on Security in Ad-hoc and Sensor Networks, ESAS, 2004, held in Heidelberg, Germany in August 2004. The 17 revised full papers were carefully reviewed and selected from 55 submissions. Among the key topics addressed are key distribution and management, authentication, energy-aware cryptographic primitives, anonymity and pseudonymity, secure diffusion, secure peer-to-peer overlays, and RFIDs.

Inhaltsverzeichnis

New Research Challenges for the Security of Ad Hoc and Sensor Networks

Abstract
In this talk, we provide an overview of the current and upcoming research challenges for the security of ad hoc and sensor networks. We begin with the crucial problem of key establishment; we explain how mobility can be exploited to set up security associations between nodes, and we address the challenges of key setup in sensor networks. We also provide an overview of the security of routing protocols. We explain how two nodes getting in power range of each other can prove this event to a third party at a later stage.
We then address cooperation between wireless nodes, and show that this problem naturally leads to the prevention of greedy behavior in WiFi hot spots; we detail our solution to this problem, called DOMINO. We then address a very novel problem, namely the secure location of a node; we explain the potential of this feature, taking the examples of the secure location of smart vehicles in road traffic and the prevention of attacks against sensor networks positions. We show how this feature can be implemented by an appropriate combination of distance bounding and multilateration.
The slides of the talk are available at http://lcawww.epfl.ch/hubaux/
Jean-Pierre Hubaux

Public Key Cryptography in Sensor Networks—Revisited

Abstract
The common perception of public key cryptography is that it is complex, slow and power hungry, and as such not at all suitable for use in ultra-low power environments like wireless sensor networks. It is therefore common practice to emulate the asymmetry of traditional public key based cryptographic services through a set of protocols [1] using symmetric key based message authentication codes (MACs). Although the low computational complexity of MACs is advantageous, the protocol layer requires time synchronization between devices on the network and a significant amount of overhead for communication and temporary storage. The requirement for a general purpose CPU to implement these protocols as well as their complexity makes them prone to vulnerabilities and practically eliminates all the advantages of using symmetric key techniques in the first place. In this paper we challenge the basic assumptions about public key cryptography in sensor networks which are based on a traditional software based approach. We propose a custom hardware assisted approach for which we claim that it makes public key cryptography feasible in such environments, provided we use the right selection of algorithms and associated parameters, careful optimization, and low-power design techniques. In order to validate our claim we present proof of concept implementations of two different algorithms—Rabin’s Scheme and NtruEncrypt—and analyze their architecture and performance according to various established metrics like power consumption, area, delay, throughput, level of security and energy per bit. Our implementation of NtruEncrypt in ASIC standard cell logic uses no more than 3,000 gates with an average power consumption of less than 20 μW. We envision that our public key core would be embedded into a light-weight sensor node architecture.
Gunnar Gaubatz, Jens-Peter Kaps, Berk Sunar

Exploring Message Authentication in Sensor Networks

Abstract
This paper explores the design space for message authentication in sensor networks. Several types of authentication are put into relation: end-to-end, hop-to-hop, and physical and virtual multipath authentication. While end-to-end authentication provides the highest and most general security level, it may be too costly or impractical to implement. On the other end of the security scale, hop-to-hop authentication can be implemented with little effort but provides security only to a highly restricted attacker. Multipath authentication provides an intermediate security level that may be appropriate for many applications of sensor networks, trading energy for security guarantees. Virtual multipaths offer an improvement, reducing energy demands while retaining crucial security properties of physical multipaths.
Harald Vogt

Secure Initialization in Single-Hop Radio Networks

Abstract
We consider single-hop radio networks, where collisions in the shared channel cannot be detected (no-CD model). A radio channel can be accessed by an adversary trying to degrade functionality of the network, so we are interested in algorithms that work in the presence of an adversary, who knows the algorithm executed and may try make it faulty by injecting own messages. We also focus on algorithms that are time and energy efficient.
We propose a randomized initialization algorithm for a single-hop no-CD radio network. The algorithm has time complexity O(N) and energy cost $$O(\sqrt{log{N}})$$. This is not much worse than the best fragile algorithms constructed so far (O( N) in time complexity and O(log log N) energy cost). Our algorithm succeeds with probability $$\rm 1 - 2^{-\Omega(\sqrt{log{N}})}$$ in presence of an adversary, who has energy cost Θ(log N).
Mirosław Kutyłowski, Wojciech Rutkowski

Some Methods for Privacy in RFID Communication

Abstract
For RFID tags to gain general acceptance, they will have to offer powerful and flexible privacy mechanisms. After reviewing existing and upcoming privacy mechanisms for RFID privacy, we propose that a key aspect of RFID communication with passive tags, namely its required energy transference from an external antenna, may offer promise when developing privacy mechanisms. We present two proposals for such mechanisms. In the first mechanism, analysis of the received signal by the tags can be used to estimate reader distance (and hence trust). We show that a simple metric analogous to signal to noise ratio correlates well with rough distance. In the second, antenna energy is used to power a tiered authentication scheme, in which tags reveal more information about themselves to more trusted and/or “energetic” readers.
Kenneth P. Fishkin, Sumit Roy, Bing Jiang

Ring Signature Schemes for General Ad-Hoc Access Structures

Abstract
In a ring signature scheme for ad-hoc access structures, members of a set can freely choose a family of sets including their own set. Then they use their secret keys and the public keys of the other users to compute a signature which enjoys two properties: the external verifier is convinced that all members of some set in the access structure have cooperated to compute the signature; but he has no information about which is the set whose members have actually signed the message.
In this work we propose such a scheme, based on the ideas of a ring signature scheme for discrete logarithm scenarios. The scheme allows the choice of any general access structure, not only threshold ones, as it happened with previous constructions. We prove that the resulting scheme is anonymous and existentially unforgeable under chosen message attacks, assuming that the Discrete Logarithm problem is hard to solve.
Javier Herranz, Germán Sáez

Linking Ad Hoc Charging Schemes to AAAC Architectures

Abstract
The current state of today’s networks allows us to take one step further in merging the research community’s work with every day’s life. Wireless ad hoc networks are already well developed for specific scenarios. This work shows how to build the link between the wired network and a wireless ad hoc infrastructure, in particular routing and AAAC aspects. Such integration might lead, for example, to a better spacial and resource distributed hotspot solution.
We provide the basis for inter-operation of AAAC protocols known for the fixed network, with the accounting protocol that performs the accounting and charging functions in the ad hoc network.
This paper further describes the implementation of the Secured Charging Protocol as an instantiation of a charging protocol for ad hoc networks and the features which were added to improve the interface to an external accounting system. It covers the interaction with the MANET routing protocol and how to deal with routes to or from outside the ad hoc cloud.
Joao Girao, Bernd Lamparter, Dirk Westhoff, Rui L. Aguiar, Joao P. Barraca

Blind Spontaneous Anonymous Group Signatures for Ad Hoc Groups

Abstract
Spontaneous anonymous group (SAG) cryptography is a fundamental alternative to achieve thresholding without group secret or setup. It has gained wide interests in applications to ad hoc groups. We present a general construction of blind SAG 1-out-of-n and t-out-of-n signature schemes from essentially any major blind signature. In the case when our scheme is built from blind Schnorr (resp. Okamoto-Schnorr) signature, the parallel one-more unforgeability is reduced to Schnorr’s ROS Problem in the random oracle model plus the generic group model. In the process of our derivations, we obtain a generalization of Schnorr’s result [17] from single public key to multiple public keys.
Tony K. Chan, Karyin Fung, Joseph K. Liu, Victor K. Wei

Security for Interactions in Pervasive Networks: Applicability of Recommendation Systems

Abstract
Recent growth in the sales of Bluetooth-enabled handsets allows short-lived automated interactions between personal devices to become popular outside the research laboratories. In these new kinds of networks, automated data transfer between devices can now be achieved and there are many use cases, but a missing element is a consistent approach to the problem of risk management in automatic interactions. Access to centralized servers is not feasible, so security management will lie in the hands of end-users. We investigate the features present in these networks that could be used to mitigate risk and present existing research in the areas of ad hoc network security and distributed recommendation systems, discussing their potential for solving these problems.
Seamus Moloney, Philip Ginzboorg

Pseudonym Generation Scheme for Ad-Hoc Group Communication Based on IDH

Abstract
In this paper we describe the advantages of using iterative Diffie-Hellman (IDH) key trees for mobile ad-hoc group communication. We focus on the Tree-based Group Diffie-Hellman (TGDH) protocol suite, that consists of group key agreement protocols based on IDH key trees. Furthermore, we consider the anonymity of members during group communication over a public broadcast channel that provides untraceability of messages. The main goal of the proposed pseudonym generation scheme is to allow group members to generate their own pseudonyms that can be linked to their real identities only by a democratic decision of some interacting group members. The real identities are bound to public keys used in the group key agreement. The communication and computation costs as well as the security of the scheme can be optimized with respect to the characteristics of involved mobile devices.
Mark Manulis, Jörg Schwenk

Secure Overlay for Service Centric Wireless Sensor Networks

Abstract
Sensor networks consist of a potentially huge number of very small and resource limited self-organizing devices. Those devices offer different services and use services provided by other sensor nodes. To give sensor nodes the possibility to offer services and to network-wide search for available services, some kind of lookup facility is needed. Several possibilities exist to realize service lookup in traditional networks and ad-hoc networks [ALM03, GOL99, GUT99, PRE02, SAL99, ZHU03]. In this paper we present Secure Content Addressable Networks Version 2 (SCANv2), a secure overlay focusing especially on wireless sensor networks. The paper describes how this secure overlay can be used among other things to offer lookup functionality in sensor networks. The design of the overlay focuses on secure service lookups. The overlay is part of the Karlsruhe Sensor Network Platform K-SNeP, a modular and flexible architecture for service centric sensor networks. Key areas of application of the architecture are gradually extendable service centric sensor networks where sensors and actuators jointly perform various user defined tasks, e.g. in the field of an office environment or health care.
Hans-Joachim Hof, Erik-Oliver Blaß, Martina Zitterbart

IKE in Ad-Hoc IP Networking

Abstract
As the Internet Protocol (IP) is becoming the ubiquitous networking protocol, the benefits of using IP-based security technology in different networking environments become clear. IPsec is already widely exploited in different networks and terminals. It is therefore expected that also IKEv2 will be required to adapt itself to a wide range of requirements posed by different key management environments. The problem studied in this paper is, how IKEv2 could be adapted for use in IP-based ad hoc networking. As a standard authentication and key agreement method IKEv2 would be available over different radio technologies, support secure IP networking and offer solid basis for multiple applications. We conclude that the problem can be solved and demonstrate it by presenting two different protocols, which integrate ad hoc authentication methods to standard IKEv2 exchanges.
Kaisa Nyberg

Advanced Detection of Selfish or Malicious Nodes in Ad Hoc Networks

Abstract
The fact that security is a critical problem when implementing mobile ad hoc networks (MANETs) is widely acknowledged. One of the different kinds of misbehavior a node may exhibit is selfishness. A selfish node wants to preserve own resources while using the services of others and consuming their resources. One way of preventing selfishness in a MANET is a detection and exclusion mechanism. In this paper, we focus on the detection phase and present different kinds of sensors that can be used to find selfish nodes. First we present simulation results that show the negative effects which selfish nodes cause in MANET. In the related work section we will analyze some of the detection mechanisms proposed in literature so far. Our new detection mechanisms described next are called activity-based overhearing, iterative probing, and unambiguous probing. Simulation-based analysis of these mechanisms show that they are highly effective and can reliably detect a multitude of selfish behaviors.
Frank Kargl, Andreas Klenk, Stefan Schlott, Michael Weber

A Security Architecture for Mobile Wireless Sensor Networks

Abstract
Wireless sensor networks increasingly become viable solutions to many challenging problems and will successively be deployed in many areas in the future. However, deploying new technology without security in mind has often proved to be unreasonably dangerous. We propose a security architecture for self-organizing mobile wireless sensor networks that prevents many attacks these networks are exposed to. Furthermore, it limits the security impact of some attacks that cannot be prevented. We analyse our security architecure and show that it provides the desired security aspects while still being a lightweight solution and thus being applicable for self-organizing mobile wireless sensor networks.
Stefan Schmidt, Holger Krahn, Stefan Fischer, Dietmar Wätjen

Securely Propagating Authentication in an Ensemble of Personal Devices Using Single Sign-on

Abstract
More and more, people will continuously be using ubiquitously available networked computational devices as they go about their lives: small personal devices that they carry, appliances that they find in their surroundings, and servers in remote data centers. Some of the data exchanged by these devices will be private and should be protected. Normally to protect data, users would need to authenticate themselves with a device by signing on to it. However it will be physically impossible to sign onto devices that have limited or no user interface and even if they all had a sufficient user interface it will be an intolerable burden to have to sign on to each of many devices, particularly as the membership of the ensemble of devices continuously changes with the user’s movements. Making authentication in this environment more difficult is the fact that these devices are usually connected in a personal area network that is neither secure nor reliable and uses a broadcast medium for communication. In this paper, we present a simple easy-to-use scheme that allows users to sign on to a single device and enable the rest of the devices connected in the personal area network automatically without requiring a central server or synchronized clocks. As well as being simple for the user, our solution is designed not only to prevent commonly used attacks like replay and man-in-the-middle but also to protect the user’s data even if the devices are lost or stolen.
Prakash Reddy, Eamonn O’Brien-Strain, Jim Rowson

Key Management in Wireless Sensor Networks

Abstract
Wireless sensor networks hold the promise of facilitating large-scale, real-time data processing in complex environments. As sensor networks edge closer towards widespread deployment, security issues become a central concern. Key management in wireless sensor networks is a challenging problem. Computationally complex asymmetric crypto techniques are unsuitable for use in resource-constrained sensor nodes and use of symmetric cryptography makes the entire network vulnerable in the event of node compromise. This paper presents a key management scheme that satisfies both operational and security requirements of distributed wireless sensor networks. The proposed scheme accommodates other techniques like data aggregation for energy efficiency and watchdog mechanism for intrusion monitoring. Also, the proposed scheme is generic enough so that it can be applied to variety of sensor network protocols.
Yann-Hang Lee, Vikram Phadke, Amit Deshmukh, Jin Wook Lee

SDD: Secure Directed Diffusion Protocol for Sensor Networks

Abstract
A sensor network is a collection of tiny sensor nodes, which consists of sensing, data processing and communicating components. Directed Diffusion is an important data-centric routing protocol of sensor networks. In this paper we present the design of a new secure Directed Diffusion protocol (SDD), which provides a secure extension for the Directed Diffusion protocol. We mainly focus on secure routing and give a simple scheme to securely diffuse data. We have not considered with the in-network aggregation as a goal. In order to support the use of SDD for sensor nodes with extremely limited CPU processing capability, we use an efficient one-way chain and do not use asymmetric cryptographic operations in this protocol. Our security analyses show that SDD is robust against any active attackers or compromised nodes in the network.
Xiaoyun Wang, Lizhen Yang, Kefei Chen

Secure AES Hardware Module for Resource Constrained Devices

Abstract
Low power consumption, low gate count, and high throughput are standard design criteria for cryptographic coprocessors designated for resource constrained devices such as smart cards. With the advent of side channel attacks, devices’ resistance to such attacks became another major requirement. This paper describes a cryptographic hardware module for an AES algorithm that provides complete protection against first order differential power analysis by embedding a data masking countermeasure at a hardware level. We concentrate on inversion in GF(28) since this is the only non-linear operation that requires complex transformations on masked data and on bits of the masks. The simulation and synthesis results confirm that the proposed solution is suitable for applications in GSM and ad-hoc networks in terms of performance, gate count and power consumption. To our knowledge, this is the first implementation of a side channel-resistant AES hardware module suitable for smart- and SIM-cards.
Elena Trichina, Tymur Korkishko

Backmatter

Weitere Informationen