Upload
ian-willis
View
34
Download
0
Embed Size (px)
DESCRIPTION
SPRAHN : Secure & Protected Rewards in Ad Hoc Networks for ECE695 – Mobile Wireless Networking. Charles D. Fico April 27 th 2006. Introduction. Rewards have been shown to cause fair play via game theory Compensates intermediate nodes (INs) for loss of limited resources Battery power - PowerPoint PPT Presentation
Citation preview
SPRAHNSPRAHN: Secure & : Secure & Protected Rewards in Ad Protected Rewards in Ad
Hoc NetworksHoc Networks
forforECE695 – Mobile Wireless NetworkingECE695 – Mobile Wireless Networking
Charles D. FicoCharles D. Fico
April 27April 27thth 2006 2006
IntroductionIntroduction
Rewards have been shown to cause fair Rewards have been shown to cause fair play via game theoryplay via game theory
Compensates intermediate nodes (INs) for Compensates intermediate nodes (INs) for loss of limited resourcesloss of limited resourcesBattery powerBattery powerCPU TimeCPU TimeMemory ResourcesMemory Resources
IntroductionIntroduction
SPRAHN: Secure & Protected Rewards in SPRAHN: Secure & Protected Rewards in Ad Hoc NetworksAd Hoc Networks
Considers MANET as an internet linkConsiders MANET as an internet link
Previous work centers on local MANET Previous work centers on local MANET rewardreward
Background - CryptographyBackground - Cryptography
Three cryptographic means will be used Three cryptographic means will be used for the secure rewardsfor the secure rewards
AES-196 for Symmetric encryptionAES-196 for Symmetric encryption
RSA for public key or Asymmetric encryptionRSA for public key or Asymmetric encryption
ElGamal key agreement for key exchangeElGamal key agreement for key exchange
Background – Cryptography: AESBackground – Cryptography: AES Advanced Encryption Standard –RijndaelAdvanced Encryption Standard –Rijndael
Winner of NIST standardization searchWinner of NIST standardization search
AES is a block cipher & supportsAES is a block cipher & supports 128 bit blocks128 bit blocks 128, 196 or 256 bit keys. 128, 196 or 256 bit keys.
AES key levels >= 192 bits satisfies TOP AES key levels >= 192 bits satisfies TOP SECRET information security for decadesSECRET information security for decades
Background – Cryptography: RSABackground – Cryptography: RSA
RSA developed by Rives, Shamir and Adleman at RSA developed by Rives, Shamir and Adleman at MIT in 1977MIT in 1977
Based on building two exponents which are Based on building two exponents which are inverses modulo a composite prime N. inverses modulo a composite prime N.
Recent concerns of 1024 bit key securityRecent concerns of 1024 bit key security
While 2046 bit keys are currently safe, 4096 bit While 2046 bit keys are currently safe, 4096 bit provide a standard having longevity >= AES-192provide a standard having longevity >= AES-192
Background – Cryptography: Background – Cryptography: ElGamalElGamal
Based on Diffie-Hellman key agreementBased on Diffie-Hellman key agreement
Uses a Trusted Authority (TA) to provide Uses a Trusted Authority (TA) to provide public keypublic key
TA can be in the form of a signed/verified TA can be in the form of a signed/verified certificatecertificate
Background – Other Reward Background – Other Reward SystemsSystems
Deal with internal, local MANET, rewards Deal with internal, local MANET, rewards and peer reviewsand peer reviews
Many are unspecific about what the Many are unspecific about what the reward is; It is something good thoughreward is; It is something good though
Rewards for ferrying traffic external to the Rewards for ferrying traffic external to the network is not coverednetwork is not covered
SPRAHN OperationSPRAHN Operation
Reward Link InitializationReward Link Initialization
Reward Link RefreshReward Link Refresh
Reward OutlineReward Outline
Key acquisitionKey acquisition
Reward Link InitializationReward Link Initialization
Setup of the reward link establishes INs along Setup of the reward link establishes INs along the path from the local node to the MANET the path from the local node to the MANET boundary node boundary node
Uses current routing algorithm active in the Uses current routing algorithm active in the MANETMANET
Major change required is memorization and Major change required is memorization and propagation of boundary nodes addresses & propagation of boundary nodes addresses & publicpublic
Reward Link InitializationReward Link Initialization
Routes too & from the boundary node may Routes too & from the boundary node may changechange
Boundary nodes should remain the same, Boundary nodes should remain the same, since they are less-mobile or non-mobile since they are less-mobile or non-mobile backbone attachments to external backbone attachments to external networks for the local MANET networks for the local MANET
Reward Link InitializationReward Link Initialization
Reward links are established internal node Reward links are established internal node of the local MANET sending/receiving of the local MANET sending/receiving packets external to the local MANET packets external to the local MANET
Initiated on local node preparing to send Initiated on local node preparing to send external packet or boundary node notifying external packet or boundary node notifying of incoming external packetof incoming external packet
Reward Link InitializationReward Link Initialization In the unlikely event that a boundary node In the unlikely event that a boundary node
receives a packet bound for an external receives a packet bound for an external connection for which there is no reward link from connection for which there is no reward link from the senderthe sender
Boundary node can issue a reward link request Boundary node can issue a reward link request from the sender of the packet while suspending from the sender of the packet while suspending propagation of the packet. propagation of the packet.
Protects the network from nodes accidentally or Protects the network from nodes accidentally or maliciously not setting up Reward Links for maliciously not setting up Reward Links for packets to be sent outbound packets to be sent outbound
Reward Link InitializationReward Link Initialization
Boundary nodes may reuse valid reward links Boundary nodes may reuse valid reward links with local MANET node same for different with local MANET node same for different external nodes. external nodes.
Allows for decrease in network overhead Allows for decrease in network overhead
Via public key encryption between internal and Via public key encryption between internal and boundary nodes, an AES-192 encryption key is boundary nodes, an AES-192 encryption key is agreed upon for subsequent exchange of data agreed upon for subsequent exchange of data packets for the reward link packets for the reward link
Reward Link Refresh - RewardsReward Link Refresh - Rewards
Local node in MANET connected with Local node in MANET connected with reward link is responsible partyreward link is responsible party
Keep alive messages contain number of Keep alive messages contain number of inbound & outbound messages sent, time inbound & outbound messages sent, time stamp and sequence number.stamp and sequence number.
Keep alive messages are AES-192 Keep alive messages are AES-192 encryptedencrypted
Reward Link Refresh - RouteReward Link Refresh - Route
Based on active mobility (rate of route Based on active mobility (rate of route breaks) dictate local nodes boundary node breaks) dictate local nodes boundary node route refreshesroute refreshes
Just as in reward link initialization but Just as in reward link initialization but noted as an reward link updatenoted as an reward link update
Reward OutlineReward Outline
Nodes entering network receive boundary node Nodes entering network receive boundary node listlist
Node that entered network notifies/registers with Node that entered network notifies/registers with a boundary node via a time stamped login a boundary node via a time stamped login message encrypted with the boundary nodes message encrypted with the boundary nodes public keypublic key
Node is ready to start collecting unused rewards Node is ready to start collecting unused rewards and gain new rewardsand gain new rewards
Reward OutlineReward Outline
Based on weighted number of packetsBased on weighted number of packets
Packet weight is determined by sizePacket weight is determined by size
Downstream & Upstream packets are Downstream & Upstream packets are countedcounted
Reward OutlineReward Outline
Maximum bandwidth for bonus is double Maximum bandwidth for bonus is double normal bandwidthnormal bandwidth
Nodes are priority rated on size of unused Nodes are priority rated on size of unused rewardreward
Reward collectable based on % of network Reward collectable based on % of network loadload
Key AcquisitionKey Acquisition
New Node – one which has never New Node – one which has never acquired reward specifications on this acquired reward specifications on this network before; node requiring clean startnetwork before; node requiring clean start
New node should be able to participate New node should be able to participate ASAPASAP
Needs public key for itselfNeeds public key for itself
Key AcquisitionKey Acquisition
Upon entering MANET boundary node Upon entering MANET boundary node information/address will be suppliedinformation/address will be supplied
New node connects with a boundary node New node connects with a boundary node to subscribe for reward membership and to subscribe for reward membership and receives boundary nodes certificatereceives boundary nodes certificate
Use ElGamal based key acquisition with Use ElGamal based key acquisition with public key from boundary certificatepublic key from boundary certificate
Key AcquisitionKey Acquisition
Boundary node propagates information to Boundary node propagates information to other boundary nodes via a common AES-other boundary nodes via a common AES-192 key which was exchanged via 192 key which was exchanged via boundary node public keysboundary node public keys
ConclusionConclusion
SPRAHN: Secure & Protected Rewards in SPRAHN: Secure & Protected Rewards in Ad Hoc NetworksAd Hoc Networks
Rewards are based on traffic too and from Rewards are based on traffic too and from external sourcesexternal sources
Rewards are bandwidth specificRewards are bandwidth specific
ReferencesReferences1)1) C. D. Fico, “SPRAHN: Secure & Protected Rewards in Ad Hoc C. D. Fico, “SPRAHN: Secure & Protected Rewards in Ad Hoc
Networks”, IUPUI, IN, April, 2006Networks”, IUPUI, IN, April, 2006
2)2) Y. Zhang, W. Lou, and Y. Fang, “SIP: A Secure Incentive Protocol Y. Zhang, W. Lou, and Y. Fang, “SIP: A Secure Incentive Protocol against Selfishness in Mobile Ad Hoc Networks”, IEEE Communications against Selfishness in Mobile Ad Hoc Networks”, IEEE Communications Society, WCNC, 2004.Society, WCNC, 2004.
3)3) P. Engelstad, D. V. Thanh, and G. Egeland, “Name Resolution in On-P. Engelstad, D. V. Thanh, and G. Egeland, “Name Resolution in On-Demand MANETs and over External IP Networks”, Univ. of Oslo, United Demand MANETs and over External IP Networks”, Univ. of Oslo, United Kingdom.Kingdom.
4)4) Qi He, D. Wu, and P. Khosla, “SORI: A Secure and Objective Reputation-Qi He, D. Wu, and P. Khosla, “SORI: A Secure and Objective Reputation-based Incentive Scheme for Ad-hoc Networks”, Carnegie Mellon Univ., based Incentive Scheme for Ad-hoc Networks”, Carnegie Mellon Univ., Dept. of Electrical & Computer Engineering, Gainesville, FL 32611.Dept. of Electrical & Computer Engineering, Gainesville, FL 32611.
5)5) J. Pieprzyk, T. Hardjono, and J. Seberry, “Fundamentals of Computer J. Pieprzyk, T. Hardjono, and J. Seberry, “Fundamentals of Computer Security”, Springer-Verlag Berlin Heidelberg, 2003.Security”, Springer-Verlag Berlin Heidelberg, 2003.
6)6) Wikipedia – Advanced Encryption Standard, Wikipedia – Advanced Encryption Standard, http://http://en.wikipedia.org/wiki/Advanced_Encryption_Standarden.wikipedia.org/wiki/Advanced_Encryption_Standard..
7)7) Wikipedia – RSA, Wikipedia – RSA, http://http://en.wikipedia.org/wiki/RSAen.wikipedia.org/wiki/RSA..8)8) Wikipedia – ElGamal encryption, Wikipedia – ElGamal encryption, http://http://en.wikipedia.org/wiki/ElGamalen.wikipedia.org/wiki/ElGamal
More Questions??More Questions??