Upload
bryan-mckenzie
View
213
Download
0
Embed Size (px)
Citation preview
Establishing authenticated channels and secure identifiers
in ad-hoc networks
Authors: B. Sieka and A. D. Kshemkalyani
(University of Illinois at Chicago)
Source: IJNS review paper
Reporter: Chun-Ta Li (李俊達 )
2
Outline Introduction Problem statement Solution Analysis and Discussion Comments
3
Introduction Motivation
Establishing a secure communication channels between nodes in a wireless ad-hoc network No trusted third party No requirement to share a prior context No out-of-band authentication channels
Proposing the use of secure identifiers use the hash of the public key for the identifier of a node
4
Problem statement Given a set of nodes To establish an authenticated network (AN) For any given node j in the AN would satisfy the
following property
Node i possesses the corresponding private key Network layer functions are not available yet
radio broadcast in a wireless network
// All nodes in the AN know the authentic public keys of all other nodes in the AN //
5
Solution
Notations Identity model
idi = hash(PKi) Message
MSG(contents) Type of message
JOIN, ACCEPT, UPDATE Public and private key
PKi and SKi
Digital signature SSK(M)
Radio broadcast
Sequence number copied from the last JOIN message from i (an integer) seqi
Local time when the most recent message from node idi was seen timei
Two columns of node j’s key table: the PK and seq column KeyTablej
The set of (PK,seq) entries from j’s key table KeyTableDeltaj
6
Solution Outline of protocol to establish authenticated channels
7
Solution 1. Send JOIN
A node i outside of an AN wants to join AN If it is a member of another AN
sub-networks merges
8
Solution 2. Receive JOIN
First verify the validity of the digital signature computes idi = hash(PKi) and check if there exists an
entry with idi for node i in j’s key table (a) idi entry does not exist new entry should be added to
key table broadcast ACCEPT and UPDATE message (b) idi entry does exist (idi = idk)
i. PKi ≠ PKk and seqi < seqk discard JOIN message
ii. PKi = PKk and seqi < seqk discard JOIN message
iii. PKi = PKk and seqi > seqk seqk should be updated to seqi
9
Solution 3. Send ACCEPT
A node i that is not a member of AN without an identifier conflict Node j broadcast the ACCEPT message
4. Receive ACCEPT (ANjoin+accept) check the signature of the message add entries from the KeyTable field of the ACCEPT mess
age to its key table broadcast an UPDATE message
10
Solution 5. Send UPDATE
A node that is a member of the ANjoin or ANaccept
New entries are added to the key table in the following cases
The KeyTableDelta field of the message should contain all the (PK,seq) pairs
11
Solution 6. Receive UPDATE
A node that is a member of ANjoin or ANaccept
check the signature of the message add entries from the KeyTableDelta field to its key table execute step 5
7. Key Timeout Every node should maintain a timestamp associated with every
entry in its key table An entry should be deleted from the key table if the timestamp
is order than a specified threshold value
12
Analysis and Discussion Security analysis
Against impersonation attacks Digital signature and a node’s identity is bound to its
public key
Against replay attacks Use of sequence number
Sybil attack threat (an entity from generating multiple
public, private key-pairs and multiple identities) Reputation management approaches
13
Analysis and Discussion Complexity analysis
// N be the number of entries in the sender’s key table
// M be the number of fresh entries in the sender’s key table
• Overall Bootstrapping Cost – Broadcasts
O(n2) // n be |AN| after JOIN operations
• Overall Bootstrapping Cost – Message Space
O(|AN|2)
14
Comments The solution for establishing authenticated
channels in ad-hoc network is simple There are no notable problems found in this
paper Descriptions of Table 2 4 typos
Evaluation of Paper: Confirmatory
Recommendation: Accept after minor revision