Transcript Document
Security in Self-organizing Systems Refik Molva Institut EURECOM [email protected] http://www.eurecom.fr/ce/researchce/nsteam.en.htm Self-organizing Systems • System or Network consists of a Collection of Ordinary Components • No fixed infrastructure • No (or limited) organization • • • • Ad Hoc Networks Sensor Networks P2P Applications Ubiquitous computing Security Challenges Self-organizing • No(or limited) infrastructure • Lack of organization Wireless & Mobile • • • • Scarcity of Resources Limited Energy Lack of physical security Lack of connectivity • Comm. Security • Key management • Trust Management • Cooperation • Privacy Context-awareness Communication Security Secure Routing ARAN, SRP, ARIADNE, SEAD,TIK New Challenges Network coding and security [Gkantsidis, Rodriguez] Data aggregation [Girao, Schneider, Westhoff] [Castellucia, Tsudik] Key Management Challenges • Lack of (or limited) – Security infrastructure • Key servers (KDC, CA, RA) – Organization (a priori trust) • p2p • Authentication is not sufficient to build trust Bootstrapping security associations from scratch Fully distributed Minimum dependency Key Management • Symmetric : – Key pre-distribution – Key agreement • Asymmetric Keys – PK Certificate = (ID,PK)CA • Self-organized CA • Web of trust(PGP) – Certificate-less • Crypto-based IDs: ID = h(PK) • ID-based Crypto: PK = f(ID) • Context-awareness – Distance Bounding Protocols – Seeing-is-believing Key pre-distribution • Sensor Networks – TTP-based [Eschenauer, Gligor ACM CCS’02, H. Chan, A. Perrig et al, Oakland’03] [Wenliang Du et al, INFOCOM’04] • Ad Hoc version – no TTP [A. Chan, INFOCOM’04] Distributed key setup by randomly choosing key rings from a public key space • Cover-Free Family Algorithm • Neighbors determine intersection of their key rings using homomorphic encryption (ID, PK) binding Self-organized CA [Zhou, Haas] [Kong, et al.] [Yi, Kravets] [Lehane, et al.] [Bechler et al, INFOCOM’04] • Based on threshold cryptography [cert(PKi)]SK1 PKi CERT(PKi)SK [cert(PKi)]SK1 [cert(PKi)]SK2 … [cert(PKi)]SK2 [cert(PKi)]Ski … [cert(PKi)]SKi Verification of CERT(PKi)SK by any node using well known PK • PROs: distributed, self-organized • CONs: share distribution during bootstrap phase, network density, Sybil attack (ID, PK) binding Web of Trust (PGP) [Hubaux, Buttyan, Capkun] • No CA • Alice Bob and Bob Eve Alice Eve • Merging of certificate repositories • PROs: no centralized TTP • CONs: initialization, storage, transitivity of trust (ID, PK) binding Crypto-based ID • SPKI [Rivest] • Statistically Unique Cryptographically Verifiable IDs [O’Shea, Roe] [Montenegro, Castellucia] IPv6 @ = NW Prefix | h(PK) • DSR using SUCV-based IP addresses [Bobba, et al] PROs: no certificates, no CA CONs: generation of bogus IDs (ID, PK) binding ID-based Crypto [Halili, Katz, Arbaugh] Based on [Boneh, Franklin, CRYPTO 2001] • ID-based – PK = h(ID) – SK computed by TTP • Threshold Crypto to distribute TTP PROs: no certificates, no centralized server CONs: distribution of initial shares Trust • Managed environment – A-priori trust – Authentication trustworthiness – But: • requirement for infrastructure • scarcity of computing resources (sensors) • lack of connectivity (sensors, ad hoc nw) • Open environment – No a-priori trust – authentication does not guarantee correct operation → New paradigms – Trust establishment protocols (history, e-cash, …) [Bussard, Molva, Roudier, PerCom’04, PerSec’04, iTrust’04] – Reputation Cooperation enforcement Token-based [Yang,Meng,Lu] Nuglets [Buttyan,Hubaux] SPRITE [Zhong, Chen, Yang] Threshold cryptography Micro-payment CONFIDANT[Buchegger,Le Boudec] CORE [Michiardi,Molva] Beta-Reputation [Josang,Ismail] Reputation-based Bittorrent (P2P) Built-in with Application Summary • Main research focus – Bootstrapping from scratch – New trust paradigms – Optimization (computation, bandwidth) • Solutions yet to come . . . • Interesting applications of cryptography • Some untruths and non-sense Room for creativity New Challenges • Opportunistic Communications – No end-to-end connectivity – Collapsed system (Application=network) – Data eventually reaches destination Trust management Forwarding of encrypted data Network coding and cryptography Data aggregation Selected Publications • "Analysis of Coalition Formation and Cooperation Strategies in Mobile Ad hoc Networks“ in Ad Hoc Networks Journal – Volume 3, Issue 2 , March 2005, • “Pocket Bluff- A Cooperation enforcing scheduled pocket switching protocol“ submitted to Sigcomm Hotnets IV, July 2005 • “Non cooperative forwarding in ad hoc networks” Networking 2005, 4th IFIP International Conference on Networking, May 2 - 6, 2005, Waterloo, Canada Springer LNCS Vol 3462, 2005 , pp 486-498 • “Policy-based Cryptography“ Financial Cryptography 2005, Dominica, February 2005. • “Ad Hoc Network Security” Chapter 12 in Mobile Ad Hoc Networking, S. Basagni, M. Conti, S. Giordano, I. Stojmenovic (Editors) ISBN: 0-471-37313-3 • “IDHC: ID-based Hash-Chains for broadcast authentication in wireless networks”, EURECOM Technical Report RR-04-111 • “History-based Trust Establishment Protocols“ in PerCom’04 and iTrust’04, March 2004. • “CORE: a collaborative reputation mechanism to enforce node cooperation in mobile ad hoc networks” CMS'2002, Communication and Multimedia Security 2002 Conference, September 26-27, 2002, Portoroz, Slovenia / Also published in the book : Advanced Communications and Multimedia Security /Borka Jerman-Blazic & Tomaz Klobucar, editors, Kluwer Academic Publishers, ISBN 1-4020-7206-6, August 2002 , 320 pp • "Ad Hoc Network Security" Chapter to appear in Handbook of Information Security, H. Bidgoli (Editor), Wiley & Sons • Other papers on http://www.eurecom.fr/ce/researchce/nsteam.fr.htm Pages 193-219 June 2004, Wiley-IEEE Press Related Events IEEE Workshop on Trust Security and Privacy in Ubiquitous Computing, Sicily June 2005, Niagara Falls, June 2006 2nd European Workshop on Security and Privacy in Ad Hoc and Sensor Networks, Budapest, July 2005, Hamburg September 2006. IEEE ICC Network Security and Information Assurance Symposium, Istanbul, June 2006 ESORICS / RAID, Sophia Antipolis September 2004