authenticated resource management in delay tolerant
play

Authenticated Resource Management in Delay-Tolerant Networks using - PowerPoint PPT Presentation

Feb 20, 2023 •424 likes •681 views

Authenticated Resource Management in Delay-Tolerant Networks using Proxy Signatures Dominik Sch urmann, J org Ott, Lars Wolf March 18, 2013 Motivation Buffer Management Our Approach Evaluation Conclusion Mobile Communication in Rural

  1. Authenticated Resource Management in Delay-Tolerant Networks using Proxy Signatures Dominik Sch¨ urmann, J¨ org Ott, Lars Wolf March 18, 2013

  2. Motivation Buffer Management Our Approach Evaluation Conclusion Mobile Communication in Rural Areas of Africa Unreliable cell infrastructure (power outages) Relative high monthly costs: Nigerians living on $ 2 a day or less ⇒ Delay-Tolerant Networks (DTN) (RFC 5050) Mit Mobile Money gegen ”finanzielle Apartheid” . 2009. url : http://www.zeit.de/digital/mobil/2009-11/m-money-africa ; Nigeria . 2012. url : http://topics.nytimes.com/top/news/international/countriesandterritories/nigeria/index.html Dominik Sch¨ urmann | Resource Management in DTNs using Proxy Signatures | 1

  3. Motivation Buffer Management Our Approach Evaluation Conclusion Hop-by-hop Communication in DTNs Alice Bob Victor Eve Charlie Trudy Unknown meeting times Limited buffer space Dominik Sch¨ urmann | Resource Management in DTNs using Proxy Signatures | 2

  4. Motivation Buffer Management Our Approach Evaluation Conclusion Example Attacks on Storage Buffers Denial-of-Service Flooding with big messages, differing in content, and forge source IDs. Set lifetime of bundle very high. Multicast Amplification Address bundle to multicast EID, set Report-to-EID to multicast EID More DTN-Specific Attacks. . . “Amplification by Fragmentation”, “Amplification by Custody Transfers”,. . . Victor Eve Charlie Trudy Dominik Sch¨ urmann | Resource Management in DTNs using Proxy Signatures | 3

  5. Motivation Buffer Management Our Approach Evaluation Conclusion Example Attacks on Storage Buffers Denial-of-Service Flooding with big messages, differing in content, and forge source IDs. Set lifetime of bundle very high. Multicast Amplification Address bundle to multicast EID, set Report-to-EID to multicast EID More DTN-Specific Attacks. . . “Amplification by Fragmentation”, “Amplification by Custody Transfers”,. . . Properties of DTNs make attacks worse! What to do against malicious nodes flooding the network? Dominik Sch¨ urmann | Resource Management in DTNs using Proxy Signatures | 3

  6. Motivation Buffer Management Our Approach Evaluation Conclusion Preemptive Buffer Management 1 Basic Idea Sign messages to Alice Bob authenticate their source ID Victor Partition storage equally between IDs of incoming Eve messages Charlie Trudy Example: Eve ’s Buffer (Max: 6 Messages) Stores messages coming from Alice, Victor, and Bob M 1 Alice M 2 Alice M 1 M 1 Bob M 2 Victor Bob 1 John Solis et al. “Controlling resource hogs in mobile delay-tolerant networks”. In: Computer Communications 33.1 (May 14, 2010), pp. 2–10. Dominik Sch¨ urmann | Resource Management in DTNs using Proxy Signatures | 4

  7. Motivation Buffer Management Our Approach Evaluation Conclusion Request-Response Scenario Alice Bob Victor Eve Charlie Trudy Dominik Sch¨ urmann | Resource Management in DTNs using Proxy Signatures | 5

  8. Motivation Buffer Management Our Approach Evaluation Conclusion Request-Response Scenario Alice Bob Victor Eve Charlie Trudy Example: Eve ’s Buffer (Max: 6 Messages) M 1 Alice M 2 Alice M 1 M 1 M 2 1. Request: Victor Bob Bob drop M 1 Alice M 2 Alice M 1 M 2 Bob R 1 2. Response: M 1 Victor Bob Bob Dominik Sch¨ urmann | Resource Management in DTNs using Proxy Signatures | 5

  9. Motivation Buffer Management Our Approach Evaluation Conclusion Improving Fairness? Alice Bob Victor Eve Charlie Trudy Eve ’s Buffer: Original Scheme drop M 1 Alice M 2 Alice M 1 M 2 Bob R 1 2. Response: M 1 Victor Bob Bob Changed Affiliation of Response Bob M 2 M 2 Alice R 1 A ( B ) M 1 M 1 2. Response: Victor Bob drop M 1 Alice Dominik Sch¨ urmann | Resource Management in DTNs using Proxy Signatures | 6

  10. Motivation Buffer Management Our Approach Evaluation Conclusion Scenario with Often Requested Server Node Alice 1 Alice 2 Charlie Eve Bob (= Server ) Alice 3 Dominik Sch¨ urmann | Resource Management in DTNs using Proxy Signatures | 7

  11. Motivation Buffer Management Our Approach Evaluation Conclusion Scenario with Often Requested Server Node Alice 1 Alice 2 Charlie Eve Bob (= Server ) Alice 3 Eve ’s Buffer: Original Scheme drop M 1 M 1 M 1 R 2 R 3 2. Response: A 1 A 2 A 3 B B R 1 B , M 1 B Changed Affiliation of Responses M 1 R 1 M 1 A 2 R 2 A 2 ( B ) M 1 R 3 M 1 2. Response: A 1 A 1 ( B ) A 3 A 3 ( B ) B Dominik Sch¨ urmann | Resource Management in DTNs using Proxy Signatures | 7

  12. Motivation Buffer Management Our Approach Evaluation Conclusion Cryptographic Background Signing Every node i has a public/private key pair � pk i , sk i � and an ID i Every node on the path should be able to verify the signature → Encrypt-then-Sign Encryption when sending message to Bob : c = Enc pk B ( m ) Sign ciphertext by Alice : σ = Sign sk A ( c ) Message to be send: M = � c , σ � Verification Buffering incoming messages based on source ID Verify source ID by verifying signature: Verify pk A ( c , σ ) Dominik Sch¨ urmann | Resource Management in DTNs using Proxy Signatures | 8

  13. Motivation Buffer Management Our Approach Evaluation Conclusion Proxy Signature: “Delegation-by-Certificate” 2 A warrant ω defines the input space of the proxy signing function certificate pcert = Sign skA (00 � ID B � pk B � ω ) ciphertext c 1 = Enc pkB ( m 1 � ω � pcert ) with m 1 as request content request = � c 1 , σ 1 = Sign skA (11 � c 1 ) � A (forwarded hop-by-hop) B decrypt and verify signatures proxy signing key psk B = � sk B , pk A , ( ID B � pk B � ω ) , pcert � ciphertext c 2 = Enc pkA ( m 2 ) with m 2 as response content PSign pskB ( c 2 ) = � ID B , ω, pk B , pcert , σ 2 = Sign skB (01 � pk A � c 2 ) � response = � c 2 , Σ = PSign pskB ( c 2 ) � B (forwarded hop-by-hop) A 2 Alexandra Boldyreva et al. “Secure Proxy Signature Schemes for Delegation of Signing Rights”. In: Journal of Cryptology 25 (1 2012), pp. 57–115. Dominik Sch¨ urmann | Resource Management in DTNs using Proxy Signatures | 9

  14. Motivation Buffer Management Our Approach Evaluation Conclusion Verification of Proxy Signatures Verification by Nodes Forwarding the Response Verify traditional signature Verify proxy signature by PVerify pk A , pk B ( c 2 , Σ) PVerify pk A , pk B ( c 2 , Σ) = Verify pk A (00 � ID B � pk B � ω, pcert ) ∧ Verify pk B (01 � pk A � c 2 , σ 2 ) ∧ ( c 2 ∈ ω ) . Dominik Sch¨ urmann | Resource Management in DTNs using Proxy Signatures | 10

  15. Motivation Buffer Management Our Approach Evaluation Conclusion Application of Proxy Signatures pcert Restrictions Validity Restriction Certificate is only valid for a specific time frame Limited Response Responses are restricted to specific IDs by warrant ω Message Pattern One-time request-response Publish-subscribe Two-way communication Dominik Sch¨ urmann | Resource Management in DTNs using Proxy Signatures | 11

  16. Motivation Buffer Management Our Approach Evaluation Conclusion Simulation with “The ONE” Simulator Does our approach improve request/response success probability? Dominik Sch¨ urmann | Resource Management in DTNs using Proxy Signatures | 12

  17. Motivation Buffer Management Our Approach Evaluation Conclusion Simulation with “The ONE” Simulator Does our approach improve request/response success probability? What happens in presence of malicious nodes? Dominik Sch¨ urmann | Resource Management in DTNs using Proxy Signatures | 12

  18. Motivation Buffer Management Our Approach Evaluation Conclusion Simulation with “The ONE” Simulator Does our approach improve request/response success probability? What happens in presence of malicious nodes? Scenario with Server Nodes (With and Without Proxy Signatures) 95 % nodes with 5 MB storage 5 % are “server” nodes with 50 MB storage 3 message types: Request, response, unidirectional Parameter Choice Movement Model Shortest Path Connectivity Bluetooth-like Routing Model Spray-and-Wait Map Helsinki city’s central area Dominik Sch¨ urmann | Resource Management in DTNs using Proxy Signatures | 12

  19. Motivation Buffer Management Our Approach Evaluation Conclusion Only Benign Nodes Struggle for buffer space between message types Request/response success probability as a metric 0.40 with proxy signatures without proxy signatures 0.35 request/response success probability 0.30 0.25 0.20 0.15 0.10 0.05 0.00 20 40 60 80 100 percentage of generated request bundles Dominik Sch¨ urmann | Resource Management in DTNs using Proxy Signatures | 13

  20. Motivation Buffer Management Our Approach Evaluation Conclusion 95 % Benign and 5 % Malicious Nodes 0.40 with proxy signatures, benign nodes with proxy signatures, malicious nodes 0.35 without proxy signatures, benign nodes request/response success probability without proxy signatures, malicious nodes 0.30 0.25 0.20 0.15 0.10 0.05 0.00 20 40 60 80 100 percentage of generated request bundles Dominik Sch¨ urmann | Resource Management in DTNs using Proxy Signatures | 14

Recommend

Delay and Disruption Tolerant Networks An Overview NASA through the Delay Tolerant Network

Delay and Disruption Tolerant Networks An Overview NASA through the Delay Tolerant Network

Delay and Disruption Tolerant Networks An Overview NASA through the Delay Tolerant Network Research Group (DTNRG) DTNRG members research aspects of delay-tolerant networking in a number of ways including academic publications, technical

1.03k views • 43 slides
Introduction to Delay/Disruption Tolerant Networking Part I Ioannis Komnios

Introduction to Delay/Disruption Tolerant Networking Part I Ioannis Komnios

Introduction to Delay/Disruption Tolerant Networking Part I Ioannis Komnios (ikomnios@ee.duth.gr) Workshop on New Frontiers in Internet of Things Trieste, 15 March 2016 T raditional networks vs DTNs Traditional Networks Delay Tolerant

711 views • 59 slides
Forward Secure Delay-Tolerant Networking Signe R usch, Dominik Sch urmann, R udiger

Forward Secure Delay-Tolerant Networking Signe R usch, Dominik Sch urmann, R udiger

Forward Secure Delay-Tolerant Networking Signe R usch, Dominik Sch urmann, R udiger Kapitza, Lars Wolf October 20, 2017 Motivation FSE Forward Secure DTNs Evaluation Conclusion Motivation Delay-Tolerant Networks Communication for

637 views • 37 slides
A Delay-Tolerant Network Architecture for Challenged Internets Kevin Fall Presented by Ross

A Delay-Tolerant Network Architecture for Challenged Internets Kevin Fall Presented by Ross

A Delay-Tolerant Network Architecture for Challenged Internets Kevin Fall Presented by Ross Lagerwall University of Cambridge March 5, 2013 Kevin Fall A Delay-Tolerant Network Architecture Background TCP/IP expects performance

416 views • 15 slides
Delay Tolerant Bulk Data Transfers on the Internet Nikolaos Laoutaris, Georgios Smaragdakis,

Delay Tolerant Bulk Data Transfers on the Internet Nikolaos Laoutaris, Georgios Smaragdakis,

Delay Tolerant Bulk Data Transfers on the Internet Nikolaos Laoutaris, Georgios Smaragdakis, Pablo Rodriguez, Ravi Sundaram Presented by Petko Georgiev 5 March 2013 Motivation There are important applications requiring exchange of Delay

367 views • 23 slides
Resource Resource Management Management RESOURCE MANAGEMENT RESOURCE MANAGEMENT We have a

Resource Resource Management Management RESOURCE MANAGEMENT RESOURCE MANAGEMENT We have a

Moreno Baricevic Stefano Cozzini CNR-IOM DEMOCRITOS Trieste, ITALY Resource Resource Management Management RESOURCE MANAGEMENT RESOURCE MANAGEMENT We have a pool of users and a pool of resources, then what? some software that controls

538 views • 22 slides
Introduction to Delay/Disruption Tolerant Networking Part II Ioannis Komnios

Introduction to Delay/Disruption Tolerant Networking Part II Ioannis Komnios

Introduction to Delay/Disruption Tolerant Networking Part II Ioannis Komnios (ikomnios@ee.duth.gr) Workshop on New Frontiers in Internet of Things Trieste, 15 March 2016 Space communications Planet movement impacts Line-of-Sight Solar

725 views • 33 slides
On the intersection of Information Centric Networking and Delay Tolerant Networking (Lessons

On the intersection of Information Centric Networking and Delay Tolerant Networking (Lessons

On the intersection of Information Centric Networking and Delay Tolerant Networking (Lessons learned from the GreenICN project) Jan Seedorf HFT Stuttgart Visit at HAW Hamburg December 2019 1 Outline (Very) Short Introduction to

682 views • 43 slides
OUTLINE OUTLINE Where weve come from: CCSDS space links Where we are now:

OUTLINE OUTLINE Where weve come from: CCSDS space links Where we are now:

OUTLINE OUTLINE Where weve come from: CCSDS space links Where we are now: Delay Intolerant Networking (the IP suite) The first Delay Tolerant Application (CFDP) Where we are going: Delay Tolerant Networking

401 views • 28 slides
Delay Tolerant Bulk Data Transfers on the Internet by N. Laoutaris et al., SIGMETRICS09 Ilias

Delay Tolerant Bulk Data Transfers on the Internet by N. Laoutaris et al., SIGMETRICS09 Ilias

Delay Tolerant Bulk Data Transfers on the Internet by N. Laoutaris et al., SIGMETRICS09 Ilias Giechaskiel Cambridge University, R212 ig305@cam.ac.uk March 4, 2014 Conclusions Takeaway Messages Need to transfer multiple terabytes daily

441 views • 21 slides
Moving data in DTNs with HTTP and MIME Making use of HTTP for delay- and disruption-tolerant

Moving data in DTNs with HTTP and MIME Making use of HTTP for delay- and disruption-tolerant

Moving data in DTNs with HTTP and MIME Making use of HTTP for delay- and disruption-tolerant networks with convergence layers Lloyd Wood, Daniel Floreani, Peter Holliday, Ioannis Psaras e-DTN workshop, ICUMT, St Petersburg, 14 October 2009. Why

406 views • 11 slides
Improving performance in delay/disruption tolerant networks through passive relay points Saeed

Improving performance in delay/disruption tolerant networks through passive relay points Saeed

Wireless Netw (2012) 18:931 DOI 10.1007/s11276-011-0384-1 Improving performance in delay/disruption tolerant networks through passive relay points Saeed Shahbazi Shanika Karunasekera Aaron Harwood Published online: 30 September 2011

605 views • 23 slides
Use of the Delay-Tolerant Networking Bundle Protocol from space Cisco Systems, NASA Glenn

Use of the Delay-Tolerant Networking Bundle Protocol from space Cisco Systems, NASA Glenn

Use of the Delay-Tolerant Networking Bundle Protocol from space Cisco Systems, NASA Glenn Research Center, Surrey Satellite Technology Ltd. Alex da Silva Curiel 30 September 2008 59th International Astronautical Congress, Glasgow B2-3

492 views • 15 slides
Delay-Tolerant Networking An Approach to Interplanetary Internet Scott Burleigh, Adrian Hooke,

Delay-Tolerant Networking An Approach to Interplanetary Internet Scott Burleigh, Adrian Hooke,

Delay-Tolerant Networking An Approach to Interplanetary Internet Scott Burleigh, Adrian Hooke, Leigh Torgerson, Kevin Fall, Vint Cerf, Bob Durst, Keith Scott and Howard Weiss Presented by: James Kazmierczak Introduction: The Problem A

611 views • 33 slides
Designing Delay-Tolerant Data Services for the Network of Things Daniel Austin Interstellar

Designing Delay-Tolerant Data Services for the Network of Things Daniel Austin Interstellar

Designing Delay-Tolerant Data Services for the Network of Things Daniel Austin Interstellar Travel, Inc. 1st Annual Big Data Innovation Summit daniel@thestarsmydestination.com April 09 2014 Silicon Valley, California Big Ideas for Todays

669 views • 20 slides
digital Stadium Delay Tolerant Networks in the Real World Overview Introduce the team and the

digital Stadium Delay Tolerant Networks in the Real World Overview Introduce the team and the

digital Stadium Delay Tolerant Networks in the Real World Overview Introduce the team and the project PROBLEM SPACE: Connectivity and services in stadia SOLUTION SPACE: Technology potential User/Fan and Stadium engagement

916 views • 53 slides
Practical Routing for Delay Tolerant Networks Evan Jones Lily Li Paul Ward The Problem:

Practical Routing for Delay Tolerant Networks Evan Jones Lily Li Paul Ward The Problem:

Practical Routing for Delay Tolerant Networks Evan Jones Lily Li Paul Ward The Problem: Routing in DTNs Get data from the source to the destination without an end-to-end connection Previous Work: Epidemic Routing Eventually, all buffers

606 views • 24 slides
XOR Network Coding for Data Mule Delay Tolerant Networks (Invited Paper for IEEE/CIC ICCC 2015)

XOR Network Coding for Data Mule Delay Tolerant Networks (Invited Paper for IEEE/CIC ICCC 2015)

XOR Network Coding for Data Mule Delay Tolerant Networks (Invited Paper for IEEE/CIC ICCC 2015) Qiankun Su, Katia Jaffr` es-Runser, Gentian Jakllari and Charly Poulliat November 4 th , 2015 Outline Introduction 1 Scenario descriptions

478 views • 26 slides
Behavioral Detection and Containment of Proximity Malware in Delay Tolerant Networks Wei Peng,

Behavioral Detection and Containment of Proximity Malware in Delay Tolerant Networks Wei Peng,

Behavioral Detection and Containment of Proximity Malware in Delay Tolerant Networks Wei Peng, Feng Li, Xukai Zou, and Jie Wu 1 / 47 Proximity malware Definition. Proximity malware is a malicious program which propagates

618 views • 47 slides
Delay-tolerant Networking Research Group (DTNRG) 83 rd IETF Paris March 27 th , 2012 Jabber

Delay-tolerant Networking Research Group (DTNRG) 83 rd IETF Paris March 27 th , 2012 Jabber

Delay-tolerant Networking Research Group (DTNRG) 83 rd IETF Paris March 27 th , 2012 Jabber room: dtnrg@jabber.ietf.org Mailing list: dtn-interest@irtf.org Before we start Jabber scribe Note taker 2 Intellectual Property The

317 views • 7 slides
Data Elevators Applying the Bundle Protocol in Delay Tolerant Wireless Sensor Networks

Data Elevators Applying the Bundle Protocol in Delay Tolerant Wireless Sensor Networks

Data Elevators Applying the Bundle Protocol in Delay Tolerant Wireless Sensor Networks Wolf-Bastian P ottner, Felix B usching, Georg von Zengen, Lars Wolf IEEE MASS 2012, 2012-10-09 Introduction Bundle Protocol Data Elevator Network

209 views • 19 slides
Saratoga a Delay-Tolerant Networking convergence layer with efficient link utilization Wesley

Saratoga a Delay-Tolerant Networking convergence layer with efficient link utilization Wesley

Saratoga a Delay-Tolerant Networking convergence layer with efficient link utilization Wesley M. Eddy co-authors: Lloyd Wood (Cisco Systems) Verizon / NASA GRC Wesley M. Eddy (Verizon / NASA GRC) Will Ivancic (NASA Glenn Research Center)

573 views • 15 slides
DTN7 An Open-Source Disruption-tolerant Networking Implementation of Bundle Protocol 7 Alvar

DTN7 An Open-Source Disruption-tolerant Networking Implementation of Bundle Protocol 7 Alvar

DTN7 An Open-Source Disruption-tolerant Networking Implementation of Bundle Protocol 7 Alvar Penning, Lars Baumg artner, Jonas H ochst, Artur Sterz, Mira Mezini, Bernd Freisleben AdHoc-Now 2019 Delay / Disruption-tolerant Networking

520 views • 24 slides
Real-Time Applications Tolerant: can tolerate occasional loss of data. Intolerant: cannot tolerate

Real-Time Applications Tolerant: can tolerate occasional loss of data. Intolerant: cannot tolerate

Real-Time Applications Tolerant: can tolerate occasional loss of data. Intolerant: cannot tolerate such losses. Delay-adaptive: applications that can adjust their playback point (delay or advance over time). Rate-adaptive: can alter the bit rate

218 views • 21 slides

More recommend