security in ad hoc wireless networks

21
Security in Ad Hoc Wireless Networks Joe Binder John King Kevin Mooney Bob Wilkinson

Upload: denzel

Post on 21-Jan-2016

39 views

Category:

Documents


0 download

DESCRIPTION

Security in Ad Hoc Wireless Networks. Agenda. Problem description Existing security tools/knowledge base Project goals Design overview Known problems. Problem Description. The following are known security concerns in wireless ad hoc networks: Node identity—who am I really talking to - PowerPoint PPT Presentation

TRANSCRIPT

Page 1: Security in Ad Hoc Wireless Networks

Security in Ad Hoc Wireless Networks

Joe Binder John King

Kevin Mooney Bob Wilkinson

Page 2: Security in Ad Hoc Wireless Networks

Agenda

• Problem description

• Existing security tools/knowledge base

• Project goals

• Design overview

• Known problems

Page 3: Security in Ad Hoc Wireless Networks

Problem Description

The following are known security concerns in wireless ad hoc networks:– Node identity—who am I really talking to– Packet insertion– Packet capture—the man in the middle

Page 4: Security in Ad Hoc Wireless Networks

Existing Security Information

• PGP (Pretty Good Privacy)

• Diffie-Hellman Key Exchange

• Larns-Arne Mattsson Thesis

Page 5: Security in Ad Hoc Wireless Networks

Project Goals

• Design a robust, flexible API for a secure, wireless, ad hoc network

• Develop a reference implementation to exemplify, validate, and debug the API

Page 6: Security in Ad Hoc Wireless Networks

Design Assumptions–1

• The level of security required of a network is application dependent

• The underlying protocol of a wireless, ad hoc network is application dependent

• Most nodes in a wireless, ad hoc network will be geographically close to each other

• Members of a secure network group trust each other

Page 7: Security in Ad Hoc Wireless Networks

Design Assumptions—2

• Nodes should be able to join the secure group at any time

• Network groups will frequently, but not always, be comprised of two or more members of a known group—a company, group of friends, etc.

Page 8: Security in Ad Hoc Wireless Networks

Design Overview

The design of our security paradigm is comprised of three elements:– Group Announcement– Member Authentication– Group Data Transmission

Page 9: Security in Ad Hoc Wireless Networks

Group Announcement

• Initiator of a group broadcasts the existence of a group to the network via a well-known address or handle

OR• Node asks the network which groups are

available via well-known address or handle• Each node replies with its identity and the

groups to which it belongs

Page 10: Security in Ad Hoc Wireless Networks

Announcement Example—1

Initiator

Node 1

Node 2

Node 3

Group Annc.Group IdUser Id

This is a really Important group….

MyGroup

Page 11: Security in Ad Hoc Wireless Networks

Node 5

Node 1

Node 2

Node 3

What groups are out there?

Gro

up A

Group BI’m Node 1 and I’m in Group B

I’m Node 2 and I’m in Group A

I’m Node 3 and I’m in Group A and Group B

Page 12: Security in Ad Hoc Wireless Networks

Member Authentication

• Group members are authenticated using a very robust algorithm—PGP (desired) or Diffie-Hellman

• Initiator of the group authenticates the first node that requests group membership

• Subsequent requestors are authenticated by any member of the group

Page 13: Security in Ad Hoc Wireless Networks

Node 5Node 1

Group B sounds nifty. May I join?

Group BMaybe. Who are you?

Authentication Example—1

Page 14: Security in Ad Hoc Wireless Networks

Node 5Node 1

I’m Node 5 Group B

I can’t take your word for it. Let’s shake to make sure.

Authentication Example—2

Page 15: Security in Ad Hoc Wireless Networks

Node 5Node 1

Group B

(A clipart rendering of Diffie-Hellman handshaking)

Authentication Example—3

Page 16: Security in Ad Hoc Wireless Networks

Node 5Node 1

Group B

Okay, now that our transmission is

encrypted, I’ll send you the session key

Session Key

(Secret)

Authentication Example—4

Page 17: Security in Ad Hoc Wireless Networks

Node 5Node 1

Node 2

Node 3Gro

up A

Group B

Authentication Example—5

Page 18: Security in Ad Hoc Wireless Networks

Data Transmission

• Data is encrypted using a group session key (less robust)

• New members are sent the session key via the secure connection created during authentication

• Reliability is handled exclusively by the underlying protocol

Page 19: Security in Ad Hoc Wireless Networks

API Specifics

• Abstracts protocol-specific details (handles, addresses, etc)

• Provides flexibility regarding the underlying protocol and level of security of the group

• Allows nodes to belong to multiple groups

Page 20: Security in Ad Hoc Wireless Networks

What aren’t we doing?

• Writing our own encryption scheme

• Data routing

• Caching data for late joiners

• Embedding security into a specific protocol

Page 21: Security in Ad Hoc Wireless Networks

21

Questions

Comments

Criticisms