Anonymity and Security in Delay Tolerant Networks

Document Sample
Anonymity and Security in Delay Tolerant Networks Powered By Docstoc
					        Anonymity and Security
                   in
        Delay Tolerant Networks

Aniket Kate, Greg Zaverucha and Urs Hengartner


       David R. Cheriton School of Computer Science




               September 20, 2007
Outline


      Delay Tolerant Networks
          Concept
          Motivation for Security and Anonymity

      Inapplicability of Existing Solutions

      Cryptographic Primitives

      Secure and Anonymous Communication

      System Issues

      Conclusion




2         Anonymity and Security in Delay Tolerant Networks   Aniket Kate
Delay Tolerant Networks
      Lack of end-to-end connectivity
      Opportunistic links




3         Anonymity and Security in Delay Tolerant Networks   Aniket Kate
Delay Tolerant Networks
         Lack of end-to-end connectivity
         Opportunistic links




    Rural Area DTNs: Seth et al. [MobiComm’06]
3              Anonymity and Security in Delay Tolerant Networks   Aniket Kate
Delay Tolerant Networks


    Examples
       Rural area networks for developing regions

       Vehicular ad-hoc networks (VANETs)

       Military communication

       Undersea communication

       Intra-space communication




4          Anonymity and Security in Delay Tolerant Networks   Aniket Kate
Motivation for Security and Anonymity


      In rural area DTNs, security and privacy are necessary to
      effectively implement concepts like
          e-governance,
          citizen journalism,
          distance education (e.g., aAqua.org) and
          telemedicine

      For use of DTNs in military purposes, security and
      anonymity are mandatory

      Anonymity (e.g., location privacy) for vehicle owners is
      imperative in VANETs




5         Anonymity and Security in Delay Tolerant Networks   Aniket Kate
Outline


      Delay Tolerant Networks
          Concept
          Motivation for Security and Anonymity

      Inapplicability of the Existing Solutions

      Cryptographic Primitives

      Secure and Anonymous Communication

      System Issues

      Conclusion




6         Anonymity and Security in Delay Tolerant Networks   Aniket Kate
Inapplicability of Existing Security Solutions



    The traditional PKI-based approach is not suitable for DTNs

    Without instant online access to
        an arbitrary receiver’s public key, sending an encrypted
        message on the fly is impossible

        certificate revocation lists, a receiver cannot authenticate a
        sender’s public key or certificate




7            Anonymity and Security in Delay Tolerant Networks   Aniket Kate
Using Identity-based Cryptography (IBC)


    Seth and Keshav’s Approach [NPSec’05]
       Uses IBC, where a public key of each entity is replaced by
       its identity and associated public formatting policy

       Exploits Gentry-Silverberg hierarchical identity-based
       encryption (HIBE) and corresponding (HIBS) signature
       scheme to achieve end-to-end security
       Lacks
           efficiency in mutual authentication in time-constrained
           DTNs
           provision for anonymity




8          Anonymity and Security in Delay Tolerant Networks    Aniket Kate
Inapplicability of Existing Anonymity Solutions


      Due to the take what you can get routing strategy, senders
      do not have enough freedom to choose traffic routes

      With opportunistic connections and variable delays, source
      routing is not always possible

      Number of possible routes that traffic can take from one
      region to another is very limited

      Therefore, onion routing and Mix-net based anonymity
      solutions are infeasible




9         Anonymity and Security in Delay Tolerant Networks   Aniket Kate
Contributions



      We present an IBC-based security infrastructure for DTNs
      that is more efficient than the existing one

      We build the first comprehensive system for anonymous
      and secure communication in DTNs

      Importantly, our anonymous communication protocol
      operates with minimal computation overhead and without
      any addition to the security infrastructure




10        Anonymity and Security in Delay Tolerant Networks   Aniket Kate
Outline


      Delay Tolerant Networks
          Concept
          Motivation for Security and Anonymity

      Inapplicability of the Existing Solutions

      Cryptographic Primitives

      Secure and Anonymous Communication

      System Issues

      Conclusion




11        Anonymity and Security in Delay Tolerant Networks   Aniket Kate
Boneh-Franklin Identity-Based Encryption (BF-IBE)
Setup

     A trusted authority called Private Key Generator (PKG)
         chooses two groups G and GT , and an admissible pairing e
         such that e : G × G → GT
         Here, for all P, Q ∈ G, e(aP, bQ) = e(P, Q)ab
         chooses a full-domain cryptographic hash function
         H : {0, 1}∗ → G
         selects a master secret s ∈ Z∗ and
                                      n

         generates private keys di = sH(IDi ) ∈ G for users using
         their well-known identities (IDi )




12            Anonymity and Security in Delay Tolerant Networks   Aniket Kate
Key Agreements

           Alice(IDA )                      Bob(IDB )
     QA = H(IDA ), dA = sQA           QB = H(IDB ), dB = sQB

     Sakai-Ohgishi-Kasahara
                     KAB = e(QA , QB )s

     Our One-way Anonymous
     PA = rA QA , sPA = rA dA                  QB , dB
                                 PA
                             =⇒
                      KAB = e(QA , QB )rA s

        Membership confirmation without revealing the identities
        Non-interactive key agreement
        Default pseudonyms

13          Anonymity and Security in Delay Tolerant Networks   Aniket Kate
Key Agreements

           Alice(IDA )                      Bob(IDB )
     QA = H(IDA ), dA = sQA           QB = H(IDB ), dB = sQB

     Sakai-Ohgishi-Kasahara
                     KAB = e(QA , QB )s

     Our One-way Anonymous
     PA = rA QA , sPA = rA dA                  QB , dB
                                 PA
                             =⇒
                      KAB = e(QA , QB )rA s

        Membership confirmation without revealing the identities
        Non-interactive key agreement
        Default pseudonyms

13          Anonymity and Security in Delay Tolerant Networks   Aniket Kate
Hierarchical Identity-based Cryptography (HIBC)



      Non-hierarchical schemes lack scalability

      In hierarchical case, key agreements similar to that of SOK
      are not known
      Authentication is expensive and it is not possible with
      anonymity

      We need to combine non-hierarchical key agreements and
      HIBC to achieve efficiency and scalability simultaneously




14        Anonymity and Security in Delay Tolerant Networks   Aniket Kate
Outline


      Delay Tolerant Networks
          Concept
          Motivation for Security and Anonymity

      Inapplicability of the Existing Solutions

      Cryptographic Primitives

      Secure and Anonymous Communication

      System Issues

      Conclusion




15        Anonymity and Security in Delay Tolerant Networks   Aniket Kate
DTN under Consideration
     Block Diagram




16          Anonymity and Security in Delay Tolerant Networks   Aniket Kate
DTN under Consideration (Cont.)


     Threat Model and Assumptions
        Active and passive adversaries

        Private-key Generators (PKGs) and DTN gateways are
        fully trusted

        In case of users without their own computers, kiosks are
        fully trusted

        For anonymity, DTN routers must not be able to learn the
        identities of communicating users




17          Anonymity and Security in Delay Tolerant Networks   Aniket Kate
System Setup and User Registration

     Local and Long Distance Setup: Similar to a telephone network




     User Registration: Similar to a cellphone registration


18            Anonymity and Security in Delay Tolerant Networks   Aniket Kate
System Setup and User Registration

     Local and Long Distance Setup: Similar to a telephone network




     User Registration: Similar to a cellphone registration


18            Anonymity and Security in Delay Tolerant Networks   Aniket Kate
System Setup and User Registration

     Local and Long Distance Setup: Similar to a telephone network




     User Registration: Similar to a cellphone registration


18            Anonymity and Security in Delay Tolerant Networks   Aniket Kate
Secure Anonymous Communication




     1   Anonymous Message Sending

     2   Anonymous Message Receiving

     3   Anonymous Message Fetching




19          Anonymity and Security in Delay Tolerant Networks   Aniket Kate
Secure Anonymous Communication
     Anonymous Message Sending




20         Anonymity and Security in Delay Tolerant Networks   Aniket Kate
Secure Anonymous Communication
     Anonymous Message Sending




20         Anonymity and Security in Delay Tolerant Networks   Aniket Kate
Secure Anonymous Communication
     Anonymous Message Sending




20         Anonymity and Security in Delay Tolerant Networks   Aniket Kate
Secure Anonymous Communication
     Anonymous Message Sending




20         Anonymity and Security in Delay Tolerant Networks   Aniket Kate
Secure Anonymous Communication (Cont.)
     Anonymous Message Receiving




21          Anonymity and Security in Delay Tolerant Networks   Aniket Kate
Secure Anonymous Communication (Cont.)
     Anonymous Message Receiving




21          Anonymity and Security in Delay Tolerant Networks   Aniket Kate
Secure Anonymous Communication (Cont.)
     Anonymous Message Receiving




21          Anonymity and Security in Delay Tolerant Networks   Aniket Kate
Secure Anonymous Communication (Cont.)
     Anonymous Message Fetching




22          Anonymity and Security in Delay Tolerant Networks   Aniket Kate
Secure Anonymous Communication (Cont.)
     Anonymous Message Fetching




22          Anonymity and Security in Delay Tolerant Networks   Aniket Kate
Secure Anonymous Communication (Cont.)
     Anonymous Message Fetching




22          Anonymity and Security in Delay Tolerant Networks   Aniket Kate
Secure Anonymous Communication (Cont.)
     Anonymous Message Fetching




22          Anonymity and Security in Delay Tolerant Networks   Aniket Kate
Outline


      Delay Tolerant Networks
          Concept
          Motivation for Security and Anonymity

      Inapplicability of the Existing Solutions

      Cryptographic Primitives

      Secure and Anonymous Communication

      System Issues

      Conclusion




23        Anonymity and Security in Delay Tolerant Networks   Aniket Kate
System Issues


     Performance Comparison
          Operation           Time                Mutual authentication
                              (ms)   Seth & Keshav             This paper
                                                     Non-anonymous      Anonymous
           Pairing            2.9        h+1               1               1
      Exponentiation in G     1.5         2                0               0
            Total time (ms)           2.9h + 5.9          2.9             2.9
     Experiment Environment: 3.0 GHz Pentium DualCore Desktop with
     PBC Library

     Negligible overhead for anonymity
     Billing, traffic analysis and routing in DTNs




24        Anonymity and Security in Delay Tolerant Networks            Aniket Kate
System Issues


     Performance Comparison
          Operation           Time                Mutual authentication
                              (ms)   Seth & Keshav             This paper
                                                     Non-anonymous      Anonymous
           Pairing            2.9        h+1               1               1
      Exponentiation in G     1.5         2                0               0
            Total time (ms)           2.9h + 5.9          2.9             2.9
     Experiment Environment: 3.0 GHz Pentium DualCore Desktop with
     PBC Library

     Negligible overhead for anonymity
     Billing, traffic analysis and routing in DTNs




24        Anonymity and Security in Delay Tolerant Networks            Aniket Kate
Conclusion

     Security and anonymity are mandatory to realize the actual
     potential of DTNs

     We presented an efficient and scalable anonymous and
     secure communication architecture for DTNs using IBC

     We also addressed system issues like performance, billing,
     traffic analysis and routing

     In the future, we anticipate more efficient and simpler
     security and anonymity solutions for DTNs with continual
     progress in HIBC




25       Anonymity and Security in Delay Tolerant Networks   Aniket Kate
Conclusion

     Security and anonymity are mandatory to realize the actual
     potential of DTNs

     We presented an efficient and scalable anonymous and
     secure communication architecture for DTNs using IBC

     We also addressed system issues like performance, billing,
     traffic analysis and routing

     In the future, we anticipate more efficient and simpler
     security and anonymity solutions for DTNs with continual
     progress in HIBC

                          Questions ?


25       Anonymity and Security in Delay Tolerant Networks   Aniket Kate

				
DOCUMENT INFO
Shared By:
Categories:
Tags:
Stats:
views:19
posted:2/18/2011
language:English
pages:39