Ad Hoc Networks Curtis Bolser Miguel Turner Kiel Murray.

Ad Hoc NetworksAd Hoc Networks

Curtis BolserCurtis Bolser

Miguel TurnerMiguel Turner

Kiel MurrayKiel Murray

Towards Flexible Credential Verification in Towards Flexible Credential Verification in Mobile Ad-hoc Networks - GoalsMobile Ad-hoc Networks - Goals

““To propose a flexible verification mechanism to To propose a flexible verification mechanism to ascertain a user’s identity and credentials based on ascertain a user’s identity and credentials based on assertions from peers.”assertions from peers.”

Similar to PGP’s web-of-trust concept.Similar to PGP’s web-of-trust concept. Lessen the number of signature verifications needed.Lessen the number of signature verifications needed. Allow interoperability between different certificate Allow interoperability between different certificate

formats and paradigms (X.509, PGP, SPKI).formats and paradigms (X.509, PGP, SPKI).

Towards Flexible Credential Verification in Towards Flexible Credential Verification in Mobile Ad-hoc Networks – RequirementsMobile Ad-hoc Networks – Requirements

Due to generation and verification of credentials and Due to generation and verification of credentials and assertions, significant processing power may be assertions, significant processing power may be required.required.

For X.509 and SPKI verification, a connection to a wired For X.509 and SPKI verification, a connection to a wired or fixed network is required.or fixed network is required.

The devices must have enough space to store a public The devices must have enough space to store a public key ring and trustworthiness levels for each key.key ring and trustworthiness levels for each key.

Towards Flexible Credential Verification in Towards Flexible Credential Verification in Mobile Ad-hoc Networks – ArchitectureMobile Ad-hoc Networks – Architecture

The general architecture is shown in the following figure.The general architecture is shown in the following figure.

Verification Module

Key ManagementXML Credential Generator

Security Assertion Module

Key management: Public keys can be added provided Key management: Public keys can be added provided their validity has been checked beforehand.their validity has been checked beforehand.

Only assertions made from trusted keys in the ring are Only assertions made from trusted keys in the ring are considered , all other assertions are discarded.considered , all other assertions are discarded.

Four trust levels; Full, Partial, Untrustworthy, Unknown.Four trust levels; Full, Partial, Untrustworthy, Unknown.


XML Credential Generator: Used to create Credential XML Credential Generator: Used to create Credential Assertion Statements (CAS) by grouping the user’s Assertion Statements (CAS) by grouping the user’s credentials together.credentials together.

Information in X.509 certificates and SPKI are extracted Information in X.509 certificates and SPKI are extracted and then converted into XML form to produce the CAS.and then converted into XML form to produce the CAS.

The CAS itself need not be encrypted, but it is signed.The CAS itself need not be encrypted, but it is signed. Contains X.509 certificate data and attribute certificate Contains X.509 certificate data and attribute certificate

data through <X509Data> and <AttributeData> tags in data through <X509Data> and <AttributeData> tags in the XML document.the XML document.

The <X509Certificate> tag denotes where the certificate The <X509Certificate> tag denotes where the certificate is stored in its original form (ASN.1 DER encoded)is stored in its original form (ASN.1 DER encoded)


Security Assertion Model: Main functionality is to issue Security Assertion Model: Main functionality is to issue assertions to other peers after successfully verifying the assertions to other peers after successfully verifying the credentials listed in the CAS.credentials listed in the CAS.

This is done through Assertion Signature Statements This is done through Assertion Signature Statements (ASS) which are distributed to the Ad-hoc network.(ASS) which are distributed to the Ad-hoc network.

Peers must have explicitly declared trust of the issuer of Peers must have explicitly declared trust of the issuer of the ASS for it to be considered.the ASS for it to be considered.

More trusted nodes would lead to more ability to validate More trusted nodes would lead to more ability to validate credentials via peers in the Ad-hoc network instead of credentials via peers in the Ad-hoc network instead of through Credential Authorities via a wired network.through Credential Authorities via a wired network.


Verification Module: Used to determine if the CAS is Verification Module: Used to determine if the CAS is authentic and based on authentic credentials.authentic and based on authentic credentials.

Checks the signatures in the ASSs corresponding to the Checks the signatures in the ASSs corresponding to the CAS against the key ring to determine trust.CAS against the key ring to determine trust.

Trust relationships are not transitive except in the case Trust relationships are not transitive except in the case of partially verified information.of partially verified information.

Ex: Node A trusts Node B, Node B trusts Node C. Node Ex: Node A trusts Node B, Node B trusts Node C. Node C asserts that node L’s credential is valid.C asserts that node L’s credential is valid.

If Node A can partially validate L’s credential, it can trust If Node A can partially validate L’s credential, it can trust it due to trusting Node B which trusts Node C.it due to trusting Node B which trusts Node C.

Does NOT imply trust of further assertions from Node C.Does NOT imply trust of further assertions from Node C.

Ad Hoc Sensor NetworksAd Hoc Sensor Networks

AuthenticationAuthenticationTypically requires high levels of computational Typically requires high levels of computational

and communication capabilitiesand communication capabilitiesSensorsSensors

Low-powered, mobile devicesLow-powered, mobile devices

Many applications for sensors where strong Many applications for sensors where strong authentication is desirableauthentication is desirable

Three-tier HierarchyThree-tier Hierarchy

Tier 1: Access PointsTier 1: Access Points High-powerHigh-power Route radio packets to wired infrastructureRoute radio packets to wired infrastructure

Tier 2: Forwarding NodesTier 2: Forwarding Nodes Medium-power, mobileMedium-power, mobile Relay information to access pointsRelay information to access points

Tier 3: Sensor NodesTier 3: Sensor Nodes Low-power, mobileLow-power, mobile Collect data to send to applicationCollect data to send to application

AuthenticationAuthentication

TESLA CertificateTESLA CertificateShort lifetimeShort lifetimeSensors assigned certificates by access Sensors assigned certificates by access

pointspointsForwarding nodes only authenticate Forwarding nodes only authenticate

themselves in themselves in assuredassured mode mode

AuthenticationAuthentication

Weak modeWeak modeOnly the origin of the data is verifiedOnly the origin of the data is verifiedThe data can be routed through any series of The data can be routed through any series of

forwarding nodesforwarding nodesAssured modeAssured mode

Each forwarding node will append its Each forwarding node will append its signature to the datasignature to the data

This allows the route to be verifiedThis allows the route to be verified

Mobility Helps Security in Ad Hoc Mobility Helps Security in Ad Hoc Networks – IdeaNetworks – Idea

Mimic human behavior; to communicate securely get Mimic human behavior; to communicate securely get close to each other and establish mutual credentials.close to each other and establish mutual credentials.

Two separate models:Two separate models: 1 – Allows for security without any kind of central 1 – Allows for security without any kind of central

authority.authority. 2 – Allows for an offline authority authorizing nodes to 2 – Allows for an offline authority authorizing nodes to

join the network.join the network.

Mobility Helps Security in Ad Hoc Mobility Helps Security in Ad Hoc Networks – AssumptionsNetworks – Assumptions

The ability to establish a “secure side channel,” through The ability to establish a “secure side channel,” through an infrared link, physical connection, or some other an infrared link, physical connection, or some other secure, local method for model 1.secure, local method for model 1.

Nodes in a given Ad Hoc network move around.Nodes in a given Ad Hoc network move around. This mobility will actually assist in establishing security This mobility will actually assist in establishing security

associations between nodes on the network.associations between nodes on the network. Each node is able to generate cryptographic keys, check Each node is able to generate cryptographic keys, check

signatures, and accomplish any task required to secure signatures, and accomplish any task required to secure its communications (specifically; agree on cryptographic its communications (specifically; agree on cryptographic protocols with other nodes)protocols with other nodes)

Mobility Helps Security in Ad Hoc Mobility Helps Security in Ad Hoc Networks – Overview 1Networks – Overview 1

Network is fully self-organized (no infrastructure, no Network is fully self-organized (no infrastructure, no central authority, no centralized trusted third party).central authority, no centralized trusted third party).

Secure side channel is used to set up security Secure side channel is used to set up security associations between nodes by exchanging associations between nodes by exchanging cryptographic material.cryptographic material.

This exchange is made by both users consciously and This exchange is made by both users consciously and simultaneously (associate a “human face” with the simultaneously (associate a “human face” with the established security association).established security association).

Use of “Friends” to further distribute public keys.Use of “Friends” to further distribute public keys.

Mobility Helps Security in Ad Hoc Mobility Helps Security in Ad Hoc Networks – Overview 2Networks – Overview 2

Ad Hoc network with a central authority (off-line).Ad Hoc network with a central authority (off-line). Central Authority controls network membership, deciding Central Authority controls network membership, deciding

which nodes can join and how.which nodes can join and how. Each node has a unique identity, assigned to it by the Each node has a unique identity, assigned to it by the

authority, binding the node’s identity and public key.authority, binding the node’s identity and public key. Each node holds the public key of the central authority.Each node holds the public key of the central authority. If a node A possesses a certificate signed by the central If a node A possesses a certificate signed by the central

authority binding node B and its public key, then there is authority binding node B and its public key, then there is a one-way security association between node A and B.a one-way security association between node A and B.

If each node has a one-way security association of the If each node has a one-way security association of the other, they have a two-way security association.other, they have a two-way security association.

Mobility Helps Security in Ad Hoc Mobility Helps Security in Ad Hoc Networks – ComparisonsNetworks – Comparisons

Mobility-based approach allows insertion of new nodes Mobility-based approach allows insertion of new nodes and secure transfers without on-line key distribution.and secure transfers without on-line key distribution.

Drawback: takes time to establish security associations.Drawback: takes time to establish security associations. Self-organized approach is useful in securing personal Self-organized approach is useful in securing personal

communications on the application level.communications on the application level. Offline authority approach useful in securing networking Offline authority approach useful in securing networking

mechanisms such as routing.mechanisms such as routing. In the self-organized approach, users must establish In the self-organized approach, users must establish

security associations consciously; In the authority-based security associations consciously; In the authority-based approach, these associations are established approach, these associations are established automatically.automatically.

Generic Implementation of Elliptic Generic Implementation of Elliptic Curve Cryptography using Partial Curve Cryptography using Partial

ReductionReduction

Elliptic curve cryptography (ECC) is Elliptic curve cryptography (ECC) is becoming an attractive alternative to becoming an attractive alternative to traditional RSA and DHtraditional RSA and DH

Elliptic Curve Digital Signature Algorithm Elliptic Curve Digital Signature Algorithm (ECDSA)(ECDSA)Government a big fanGovernment a big fan

Paper outlines hardware and software Paper outlines hardware and software approach to implementing ECCapproach to implementing ECC

ECCECC

Security per bit rivals other common Security per bit rivals other common cryptosystemscryptosystems

Involves modular addition, multiplication, Involves modular addition, multiplication, and divisionand division

Coupled with partial reduction, selection of Coupled with partial reduction, selection of curves becomes more flexiblecurves becomes more flexible

Self-Organized Network-Layer Self-Organized Network-Layer Security in Mobile Ad Hoc Security in Mobile Ad Hoc

NetworksNetworks

Assumes no initial trust, no central trusting Assumes no initial trust, no central trusting entityentity

Based on On-demand Distance Vector Based on On-demand Distance Vector (AODV) routing protocol(AODV) routing protocolPath discovery is on-demandPath discovery is on-demandUses Route request/response packetsUses Route request/response packets Is susceptible to routing updates misbehavior Is susceptible to routing updates misbehavior

and packet forwarding misbehaviorand packet forwarding misbehavior


NetworksNetworks

GoalsGoalsNo central trust authority or key distributorNo central trust authority or key distributorTolerant to the existence of compromised Tolerant to the existence of compromised

nodesnodes Isolate the attackerIsolate the attackerCredit based system where nodes will incur Credit based system where nodes will incur

less security overhead as time passesless security overhead as time passes


NetworksNetworksHow it worksHow it works

Each node has a token signed by the system Each node has a token signed by the system key (SK)key (SK)

This token will expire without renewing it in a This token will expire without renewing it in a timely mannertimely manner

Bad tokens are known to all nodes via their Bad tokens are known to all nodes via their Token Revocation ListsToken Revocation Lists


NetworksNetworksHow it worksHow it works

Nodes collaborate to monitor each other and Nodes collaborate to monitor each other and issue new tokensissue new tokens

Only when the group decides a node is an Only when the group decides a node is an attacker is it isolated from the networkattacker is it isolated from the network

Ad Hoc Networks Curtis Bolser Miguel Turner Kiel Murray.

Documents

Transcript of Ad Hoc Networks Curtis Bolser Miguel Turner Kiel Murray.