byzan ne resilient rou ng and key management protocols
play

Byzan&ne(Resilient.Rou&ng.and.Key. - PowerPoint PPT Presentation

Nov 20, 2023 •382 likes •939 views

Byzan&ne(Resilient.Rou&ng.and.Key. Management.Protocols.using.Network.Coding. Cris&na.Nita(Rotaru.. . Department.of.Computer.Science.and.CERIAS. Purdue.University. Acknowldegment. This.work.was.funded.by. NSF,%

  1. Byzan&ne(Resilient.Rou&ng.and.Key. Management.Protocols.using.Network.Coding. Cris&na.Nita(Rotaru.. . Department.of.Computer.Science.and.CERIAS. Purdue.University.

  2. Acknowldegment. This.work.was.funded.by. NSF,% Secure.Networking.Using.Network.Coding. % Relevant.publica&ons. ! Node%Capture,Resilient,Key,Establishment,in,Sensor,Networks:,Design, Space,and,Protocols. .Andrew.Newell,.Hongyi.Yao,.Alex.Ryker,.Tracey.Ho,. and.Cris&na.Nita(Rotaru..ACM.Compu&ng.Surveys,.Jan..2015 .. ! On,the,PracBcality,of,Cryptographic,Defenses,against,PolluBon,AEacks,in, Wireless,Network,Coding. .Andrew.Newell,.Jing.Dong,.and.Cris&na.Nita( Rotaru..In.ACM.Compu&ng.Surveys,.June.2013.. ! PolluBon,AEacks,and,Defense,in,Inter%flow,Network,Coding,Systems. .Jing. Dong,.Reza.Curtmola,.Cris&na.Nita(Rotaru,.and.David.Yau..In.IEEE. Transac&ons.on.Dependable.and.Secure.Systems,.Sept..2012... ! PracBcal,Defenses,Against,PolluBon,AEacks,in,Wireless,Network,Coding. . Jing.Dong,.Reza.Curtmola,.and.Cris&na.Nita(Rotaru..In.ACM.Transac&ons. on.Systems.and.Informa&on.Security,.vol..14.no..1,.May.2011... . Cris&na.Nita(Rotaru. 2.

  3. hUp://ds2.cs.purdue.edu. ! Overarching.goal:.. ! Create.and.build.distributed.systems.and.network.protocols. that.achieve. security ,. availability ,.and. performance .in.spite.of. misconfigura1ons ,. failures ,.and. a5acks% ! Approach:.. ! Combine.theore&cal.principles.and.experimental. methodologies.from.distributed.systems,..cryptography,. networking,.informa&on.theory,.and.machine.learning... Cris&na.Nita(Rotaru. 3.

  4. The.Internet.of.everything.is.here.…. ! Compu&ng.services. ! Everything.is.connected. ! Many.types.of.devices.. ! Tremendous.amount.of.data. ! Available.via.cloud.compu&ng,. accessed.via.personal.devices. ! Higher.expecta&ons. ! Services.must.be.available.24h,. working.correctly.100%.of.the. Users.called.911.because. &me. Facebook.was.down.!!!.. ! Data(centric.business,.policy. decisions. Cris&na.Nita(Rotaru. 4.

  5. What.does.it.mean.for.security. ! Large.number.of.devices.with.different.capabili&es. and.vulnerabili&es.managed.by.different.en&&es. ! Higher.chances.that.some.system.components.are.going. to.be.compromised. ! The%next%a5ack%is%going%to%come%from%your%kitchen% ! Subset.of.compu&ng.systems.or.protocol.par&cipants. controlled.by.an.adversary.can.influence. ! Communica&on.and.availability. ! Data.quality,.processing,.and.learning. Designing.systems.resilient.to.only. . outsider.aUackers.no.longer.sufficient,.. . need.for.insider(resilient.systems. Cris&na.Nita(Rotaru. 5.

  6. Seeing.the.world.through.a.Byzan&ne.len. ! An.insider.can.not.be.trusted.to. correctly.generate.or.process. data.(i.e..lie):.. ! Trus&ng.info.limita&ons. ! Many.insider.nodes.collude. ! Not.enough.history.is.available. ! Single.source.of.informa&on. ! An.insider.can.not.be.trusted.to. correctly.deliver.data:.. ! Dissemina&ng.info.limita&ons. ! Lack.of.non(adversarial.paths... ! Not.enough.redundancy.. ! Correlated.failures. Cris&na.Nita(Rotaru. 6.

  7. Network.coding:.A.New.paradigm.. ! Key,principle: .packet.mixing.at.intermediate.nodes. =. f (.. ...,.......,...... ) . A. A. Tradi&onal.rou&ng. Network.coding. ! Benefits :.Higher.throughput,.reliability,.robustness,.energy. efficiency. ! ApplicaBons :.wireless.unicast.and.mul&cast,.p2p.storage.and. content.distribu&on,.delay(tolerant.networks,.vehicular.networks. Cris&na.Nita(Rotaru. 7.

  8. Network.coding.in.wireless.networks. ! Opportuni&es.. ! Broadcast.advantage.. ! Opportunis&c.listening. ! Benefits. ! Improved.throughput. ! Reduced.delay. ! Improved.reliability. p2 Cris&na.Nita(Rotaru. 8.

  9. This.talk. ! Network.coding.under. aUack:. ! Pollu&on.aUacks.in. intra(flow.network. coding. ! Network.coding.to.the. rescue:. ! All.pairwise.and. connected.graph.key. management.resilient. to.node.capture. Cris&na.Nita(Rotaru. 9.

  10. Wireless.network.coding.systems. ! Intra(Flow.Network.Coding. ! Mix.packets.within.individual.flows. ! Examples:.[Park;.2006],.MORE.[Chachulski;.2007],.[Zhang;. 2008a],.[Zhang;.2008b],.MIXIT.[Kap;.2008],.[Lin;.2008]. ! Inter(Flow.Network.Coding. ! Mix.packets.across.mul&ple.flows. ! Examples:.COPE.[Kap;.2006],.DCAR.[Le;.08],.[Das;.2008],. [Omiwade;.2008a],.[Omiwade;.2008b]. Cris&na.Nita(Rotaru. 10.

  11. Intra(flow.network.coding. 1. Buffer.overheard.coded.packets. Forwarder.nodes. 2. Broadcast.new.coded.packets. 1. Divide. plain%packets .into.genera&ons. 2. Broadcast. coded%packets% A D …. G Source.node. …. S E Plain.packets. B R H …. …. Receiver.node. F C 1. Buffer.coded.packets. Generation# 2. Decode.packets. p 1 ,# p 2 ,#…# p n # 3. Send.ACK.to.source. Cris&na.Nita(Rotaru. 11.

  12. Packet.coding.and.decoding. G ! p i = ( p i1 , p i2 , …, p im ) T , p ij ∈ F q ................................................................. p i ! G = [ p 1 , p 2 ,…, p n ] ! Coding.with.random.linear.combina&on. p ij c = ( c 1 , c 2 , …, c n ), c i ∈ F q …. …, …, …, e = c 1 p 1 + c 2 p 2 +…+ c n p n = G c ! Decoding. ! Given.n.linearly.independent.coded.packets. ( c 1 , e 1 ) … ( c n , e n ) . solve.a.system.of.linear.equa&ons. ! AUacks. ! Packet,PolluBon :.injec&ng.incorrect.packets. . Cris&na.Nita(Rotaru. 12. .

  13. Pollu&on.aUacks. Defini&on. ! Pollu&on.aUacks.are.aUacks.where. a5ackers% inject. polluted(coded(packets( into.the.network.. ! A.coded.packet.(c,.e).is.a.polluted. coded%packet% if. c = ( c 1 , c 2 , …, c n ), c i ∈ F q but. e ≠ c 1 p 1 + c 2 p 2 +…+ c n p n ! Generic.aUack.to.any.network.coding.system. Cris&na.Nita(Rotaru. 13.

  14. Impact.of.pollu&on.aUacks. . Forwarder.nodes. A D …. G Source.node. S B …. R E H …. …. Receiver.node. C F Generation# p 1 ,# p 2 ,#…# p n # Epidemic#attack#propagation# Cris&na.Nita(Rotaru. 14.

  15. Prior.work. ! Cryptographic.approaches.[Krohn;.2004],.[Li;.2006],.[Charles;. 2006],.[Zhao;.2007],.[Yu;.2008],.[Boneh;.2009]. ! Homomorphic.digital.signatures.or.hash.func&ons. ! Too%expensive%computa1onally% ! Informa&on.theore&c.approaches.[Ho;.2004],.[Jaggi;.2007],. [Wang;.2007]. ! Coding.redundant.informa&on. ! Low%achievable%throughput% ! Network.error.correc&on.coding.[Yeung;.2006],.[Cai;.2006],. [Silva;.2007],.[KoeUer;.2008]. ! Using.error.correc&on.coding.techniques. ! Limited%error%correc1on%capability,%unsuitable%for%adversarial% environment% Cris&na.Nita(Rotaru. 15.

  16. Throughput.CDF.when.no.aUack.happens. ...The.high.overhead.of.crypto(based.schemes. render.them.imprac&cal.for.wireless.networks. Cris&na.Nita(Rotaru. 16.

  17. Our.approach. Non(cryptographic.checksum.created.by.the.source. Based.on.lightweight.random.linear.transforma&ons. Carries.the.&mestamp.of.when.it.was.created. Disseminated.by.the.source.in.an.authen&cated.manner. Not.pre(image.or.collision.resistant!. S ecurity.relies.on.&me.asymmetry. checksum.verifica&on. A.node.verifies.a.packet.against.a. checksum.that.is.created. a-er .the. packet.is.received. 17. Cris&na.Nita(Rotaru.

  18. Our.approach:.Example. AUacker.can.not.inject.a.checksum.or.modify. &mestamp.because.checksum.is.signed.by.source. CS 1. p.received. p. CS 1 .created. by.B. &me. S t 2 t 4 A t 1 t 3 B CS 2. CS 1 .received. CS 2 .created. by.A. Packet.p.will.be.verified.against.CS 2 .and.not.CS 1 ..The. aUacker.does.not.gain.anything.by.observing.CS 1 ... Cris&na.Nita(Rotaru. 18.

  19. DART.and.EDART. ! DART. ! Forwarder.nodes.buffer.packets.. checksum.verifica&on. ! Only.verified.packets.are.combined.to.. form.new.packets.for.forwarding. ! Polluted.packets.are.dropped.at.first.hop,. elimina&ng.epidemic.propaga&on. ! EDART. ! Improves.performance.with.op&mis&c.forwarding. Cris&na.Nita(Rotaru. 19.

  20. Checksum.computa&on.and.verifica&on. ! A.genera&on.of.packets. G = [ p 1 , p 2 ,…, p n ] , Checksum.computa&on. ! Compute. H s .a.random. b × m matrix.from.a.seed. s ! Compute.the.checksum CHK s ( G ) = H s G ! b.is.a.system.parameter.that.trades.off.security.and.overhead. Checksum.verifica&on. Given. CHK s ( G ) ,. s and t ,.check.if.a.coded.packet. ( c , e ) .is.valid ! Check CHK s ( G ) c = H s e . ! Why?. CHK s ( G ) c = ( H s G ) c = H s ( G c ) = H s e ! No,false,posiBve,,may,have,false,negaBve, Cris&na.Nita(Rotaru. 20.

  21. Batch.Checksum.Verifica&on. ! Verify.a.set.of.coded.packets. {( c 1 , e 1 ), …, ( c k , e k )} at once ( c 1 , e 1 ) . ( c 2 , e 2 ) . ( c k , e k ) . ( c , e ) . Declare.all.k.packets. are.valid. Random.linear. combina&on. Verify. …. …, …, …, At.least.one.input. …, packet.is.invalid. Divide.and.verify. Invalid.packets. ! For.higher.accuracy,.we.can.repeat.the.procedure. Cris&na.Nita(Rotaru. 21.

  22. DART.Algorithm. Source.node Forwarder.node ! Disseminate.coded.packets.as.usual. ! On.sending.a.packet. ! Periodically.disseminate.a.signed.random. .Code.packets.in.verified.set. checksum. (CHK, s , t ) ! On.receiving.coded.packet.p. . .Add.p.to.unverified.set,.record.receive.&me. ! On.receiving.checksum. (CHK, s , t ) . .Verify.packets.in.unverified.set.with.receive. Unverified. Verified. &me.before. t . checksum. D G A R . B E S Receiver.node. H Source.node. C F Cris&na.Nita(Rotaru. 22.

Recommend

Byzan&ne Fault Tolerance CS 425: Distributed Systems Fall 2011 Material drived from slides by

Byzan&ne Fault Tolerance CS 425: Distributed Systems Fall 2011 Material drived from slides by

Byzan&ne Fault Tolerance CS 425: Distributed Systems Fall 2011 Material drived from slides by I. Gupta and N.Vaidya 1 Reading List L. Lamport, R. Shostak, M. Pease, The Byzan&ne Generals Problem, ACM ToPLaS 1982. M.

624 views • 33 slides
4 Application Layer Protocols Device Management Protocols Application layer protocols offering

4 Application Layer Protocols Device Management Protocols Application layer protocols offering

EPFL, Spring 2017 4 Application Layer Protocols Device Management Protocols Application layer protocols offering remote services for large networks of devices: - Monitoring (health of devices and network, get current state) - Management

1.31k views • 93 slides
Mobility Management Protocols for Wireless Networks By Sanaa Taha outline Mobility

Mobility Management Protocols for Wireless Networks By Sanaa Taha outline Mobility

Mobility Management Protocols for Wireless Networks By Sanaa Taha outline Mobility Management Mobility Management Models Host-based Mobility Management Protocols Network- based Mobility Management Protocols Which is the

319 views • 19 slides
Resilient Networking 07: Denial of Service 1 Outline Classification DoS examples

Resilient Networking 07: Denial of Service 1 Outline Classification DoS examples

Resilient Networking 07: Denial of Service 1 Outline Classification DoS examples Countermeasures against DoS Crypto Puzzles Stateless Protocols Avoid IP address spoofing / identifying malicious nodes Ingress filtering

937 views • 72 slides
Resilient children and schools: techniques for effective management before, during and after

Resilient children and schools: techniques for effective management before, during and after

Resilient children and schools: techniques for effective management before, during and after emergencies and disasters 1 2 Resilience and Recovery from Trauma Most students recover over time, yet the reality is that a significant number of

557 views • 23 slides
1 Key Exchange Diffie-Hellman Key Exchange Parties may have initial information Assume

1 Key Exchange Diffie-Hellman Key Exchange Parties may have initial information Assume

TECS Week 2005 Key Management Options Key Management Protocols Out of band and Compositionality Can set up some keys this way (Kerberos) Public-key infrastructure (PKI) Leverage small # of public signing keys Protocols for

282 views • 5 slides
Towards Low-Latency Byzantine Agreement Protocols Using RDMA DSN Workshop on Byzantine Consensus

Towards Low-Latency Byzantine Agreement Protocols Using RDMA DSN Workshop on Byzantine Consensus

Towards Low-Latency Byzantine Agreement Protocols Using RDMA DSN Workshop on Byzantine Consensus and Resilient Blockchains Signe Rsch, Ines Messadi, Rdiger Kapitza, 2018-06-25 ruesch@ibr.cs.tu-bs.de Technische Universitt Braunschweig,

781 views • 47 slides
Resilient Chicago 100 Resilient Cities is a global initiative that seeks to help cities around

Resilient Chicago 100 Resilient Cities is a global initiative that seeks to help cities around

Resilient Chicago 100 Resilient Cities is a global initiative that seeks to help cities around the world become more resilient to the physical, social, and economic challenges that are a growing part of the 21st century. Credit: City of Chicago

882 views • 47 slides
Application-Layer Protocols The World-Wide Web (HTTP) Reliable file transfer (FTP)

Application-Layer Protocols The World-Wide Web (HTTP) Reliable file transfer (FTP)

COMP 431 Application-Layer Protocols Internet Services & Protocols Outline application application transport Example client/server systems and network their application-level protocols: link physical Application-Layer Protocols

281 views • 13 slides
Application-Layer Protocols: The World-Wide Web (HTTP) Reliable file transfer (FTP) The

Application-Layer Protocols: The World-Wide Web (HTTP) Reliable file transfer (FTP) The

COMP 431 Application-Layer Protocols Internet Services & Protocols Outline application application transport network Example client/server systems and link their application-level protocols: physical Application-Layer Protocols:

432 views • 10 slides
Resilient Food Systems, Resilient Cities Presented by Kim Zeuli Resilience A

Resilient Food Systems, Resilient Cities Presented by Kim Zeuli Resilience A

Resilient Food Systems, Resilient Cities Presented by Kim Zeuli Resilience A resilient Growing food Processing system Distribution 60% of NYCs produce; 50% meat and fish 28% of site in

181 views • 15 slides
A DoS-Resilient Information System for Dynamic Data Management by Baumgart, M. and Scheideler, C.

A DoS-Resilient Information System for Dynamic Data Management by Baumgart, M. and Scheideler, C.

A DoS-Resilient Information System for Dynamic Data Management by Baumgart, M. and Scheideler, C. and Schmid, S. In SPAA 2009 Mahdi Asadpour (amahdi@student.ethz.ch) Outline Denial of Service Attacks Chameleon: System Description

638 views • 43 slides
Error Resilient Internet Video Transmission Ciro A. Noronha, Ph.D. Director of Technology,

Error Resilient Internet Video Transmission Ciro A. Noronha, Ph.D. Director of Technology,

Error Resilient Internet Video Transmission Ciro A. Noronha, Ph.D. Director of Technology, Compression Systems Juliana W. Noronha University of California, Davis Motivation There are a number of protocols in use today to transport Video

708 views • 37 slides
Water Resource Conservation and Management for climate resilient development CLIMATE

Water Resource Conservation and Management for climate resilient development CLIMATE

Water Resource Conservation and Management for climate resilient development CLIMATE CHANGE & WATER RESOURCES A STEP TAKEN BY TERRE v Introduction In India, rivers and aquatic eco systems have been very much degraded by a

423 views • 13 slides
Application of ICH Q12 Tools and Enablers Post-Approval Lifecycle Management Protocols 1 Outline

Application of ICH Q12 Tools and Enablers Post-Approval Lifecycle Management Protocols 1 Outline

Joint BWP/QWP/GMDP IWG Industry European Workshop on Lifecycle Management Application of ICH Q12 Tools and Enablers Post-Approval Lifecycle Management Protocols 1 Outline Introduction: evolution of PACMP concept Expanded (multi-site,

580 views • 33 slides
RESILIENT RESILIENT & HE & HEAL ALTHY CO THY COUNT UNTIES IES LUN UNCH: CH:

RESILIENT RESILIENT & HE & HEAL ALTHY CO THY COUNT UNTIES IES LUN UNCH: CH:

RESILIENT RESILIENT & HE & HEAL ALTHY CO THY COUNT UNTIES IES LUN UNCH: CH: Strengthening Counties Resilience by Addressing the Public Health Impacts of Natural Disasters Sunday, March 4, 12:00pm 1:30pm #ResilientCounties

601 views • 38 slides
Attacking Multicast Group Key Management Protocols Graham Steel and Alan Bundy I V N E U R

Attacking Multicast Group Key Management Protocols Graham Steel and Alan Bundy I V N E U R

Attacking Multicast Group Key Management Protocols Graham Steel and Alan Bundy I V N E U R S E I H T Y T O H F G R E U D B I N 1 Multicast Key Management Protocols Aim: To maintain a secure key for multicast within a

164 views • 15 slides
New Jersey Coastal Management Program Office of Coastal and Land Use Planning Resilient NJ

New Jersey Coastal Management Program Office of Coastal and Land Use Planning Resilient NJ

New Jersey Coastal Management Program Office of Coastal and Land Use Planning Resilient NJ Overview Funded by the National Disaster Resilience Competition (HUD CDBG-DR) Will fund 4 regional resiliency planning projects Focused on

413 views • 17 slides
RCC: High-Throughput Secure Transaction Processing Shawn Qiu, Di Zhao Introduction Resilient

RCC: High-Throughput Secure Transaction Processing Shawn Qiu, Di Zhao Introduction Resilient

RCC: High-Throughput Secure Transaction Processing Shawn Qiu, Di Zhao Introduction Resilient Concurrent Consensus is a paradigm used to increase throughput of consensus protocols such as PBFT , HotStuff , ZYZZYVA, etc Works with

816 views • 26 slides
Monitoring and management of climate resilient water services in the Afar and Somali regions of

Monitoring and management of climate resilient water services in the Afar and Somali regions of

27 th International World Water Day and Water Expo celebration Leaving No One Behind March 22, 2019 Monitoring and management of climate resilient water services in the Afar and Somali regions of Ethiopia John Butterworth, Country

168 views • 15 slides
Communication Chapter 2 Layered Protocols (1) 2-1 Layers, interfaces, and protocols in the OSI

Communication Chapter 2 Layered Protocols (1) 2-1 Layers, interfaces, and protocols in the OSI

Communication Chapter 2 Layered Protocols (1) 2-1 Layers, interfaces, and protocols in the OSI model. 1 Layered Protocols (2) 2-2 A typical message as it appears on the network. Data Link Layer 2-3 Discussion between a receiver and a

577 views • 23 slides
Ecological Enhancement Works in River Channels Smart, Green and Resilient Stormwater Management

Ecological Enhancement Works in River Channels Smart, Green and Resilient Stormwater Management

Ecological Enhancement Works in River Channels Smart, Green and Resilient Stormwater Management Ms. Julia W. Y. CHAN 14 November 2017 Drainage Services Department Research & Development Forum 2017 Agenda 1. Background of the

434 views • 39 slides
RESILIENT REDESIGN III - 2016 2016 Resilient Redesign Workshop November 15, 2016 1 Welcome!

RESILIENT REDESIGN III - 2016 2016 Resilient Redesign Workshop November 15, 2016 1 Welcome!

RESILIENT REDESIGN III - 2016 2016 Resilient Redesign Workshop November 15, 2016 1 Welcome! THE SE FLORIDA REGIONAL CLIMATE CHANGE COMPACT Fully Ratified January 2010 Commitments include: Policy Collaboration Develop

721 views • 12 slides
Is the efficacy of the pediatric-like protocols for ALL superior to the protocols for adult ALL?

Is the efficacy of the pediatric-like protocols for ALL superior to the protocols for adult ALL?

The 1 st World Congress on Controversies in Hematology (COHEM) Rome, September, 2-5, 2010 Session 4. Acute Lymphoblastic Leukemia Is the efficacy of the pediatric-like protocols for ALL superior to the protocols for adult ALL? No No JM

991 views • 44 slides

More recommend