karim el defrawy and gene tsudik
play

Karim El Defrawy and Gene Tsudik IEEE- ICNP08 10/22/2008 1 - PowerPoint PPT Presentation

Oct 31, 2023 •275 likes •613 views

Karim El Defrawy and Gene Tsudik IEEE- ICNP08 10/22/2008 1 Introduction Privacy and Security in MANETs Related Work Overview of Group Signatures PRISM Protocol and Operation Security Analysis and Simulations

  1. Karim El Defrawy and Gene Tsudik IEEE- ICNP’08 10/22/2008 1

  2.  Introduction  Privacy and Security in MANETs  Related Work ◦ Overview of Group Signatures  PRISM ◦ Protocol and Operation ◦ Security Analysis and Simulations  Future Work and Conclusion IEEE- ICNP’08 10/22/2008 2

  3.  Infrastructure-less  Mobile  Multitude of devices and capabilities  May be deployed in extreme settings (e.g. military, search and rescue) IEEE- ICNP’08 10/22/2008 3

  4.  Environment is “hostile” and “suspicious” ◦ Military/battlefield: infantry, naval- and air-craft ◦ Law enforcement: sting operations, attack/disaster aftermath IEEE- ICNP’08 10/22/2008 4

  5.  Special type of MANETs  Restricted mobility (highways and roads)  High speeds  Privacy is a must IEEE- ICNP’08 10/22/2008 5

  6.  Goal: ◦ Tracking resistance  no exposure of long-term IDs ◦ Escrowed Anonymity  only certain authorized entities (e.g. law enforcement) can learn long-term ID  Challenges: ◦ How to authenticate if no long-term ID? ◦ How to achieve integrity, accountability in case of misbehavior? ◦ Malicious insiders become harder to combat IEEE- ICNP’08 10/22/2008 6

  7.  Typical security requirements: ◦ Confidentiality ◦ Integrity ◦ Authentication ◦ Accountability and non-repudiation Main difficulty when coupled with privacy requirements IEEE- ICNP’08 10/22/2008 7

  8.  Secure on-demand routing protocols: Ariadne, SRDP, SEAD, EndairA , SRP… (no privacy)  Privacy preserving on demand protocols: ANODR, MASK, D- ANODR, ARM, ODAR… ◦ All use identity-centric communication ◦ All require either:  Long Term ID or pseudonyms  Source shares information/keys with destination (ASR,ARM,ASRP,ANODR)  Source knows public key of destination (SDAR)  Online location/certificate servers (SPAAR, AO2P,ODAR) ◦ Not location based IEEE- ICNP’08 10/22/2008 8

  9. ◦ ALARM (ICNP’07) – privacy-preserving link state-based (proactive) routing protocol  Optimized Link State Routing (OLSR) is closest to ALARM but without privacy and security ◦ Location-aided forwarding scheme (e.g., LAR, GeoGrid …etc) IEEE- ICNP’08 10/22/2008 9

  10.  Location-centric communication instead of identity-centric more suitable in certain MANETs (VANETs) settings.  Location-centric communication more privacy- friendly  Group signatures used to construct privacy- preserving and secure on-demand MANETs routing protocol (PRISM)  PRISM is based on AODV IEEE- ICNP’08 10/22/2008 10

  11.  Any member of a potentially large and dynamic group can sign a message (produce a GSIG)  GSIG can be verified by anyone who has a constant- length group public key  Valid signature  signer is a group member  Given two GSIGs, it is computationally infeasible to determine if produced by same member  In the event of a dispute, a GSIG can be opened by off-line authority to reveal actual signer IEEE- ICNP’08 10/22/2008 11

  12.  SETUP: an algorithm run by GM: ◦ input: security parameter k ◦ output: cryptographic specification of group, GM public ( pkGM ) and private keys ( skGM )  JOIN: a protocol between GM and user resulting in user becoming a member ( U ) and having a public/private key ( pkU,skU) .  SIGN: an algorithm executed by a group member: ◦ input: message (m), group public key ( pkGM ) , member public/private key ( pkU,skU) ◦ output: GSIG= δ of m IEEE- ICNP’08 10/22/2008 12

  13.  VERIFY: an algorithm run by anyone: ◦ input: message ( m ), GSIG ( δ ), group public key ( pkGM ) ◦ output: binary flag indicating validity of GSIG  OPEN: an algorithm run by the GM: ◦ input: message ( m ), GSIG ( δ ), group public key ( pkGM ), GM secret key ( skGM ) ◦ output: validity of signature, identity of signer ( pkU ), a proof that allows anyone to verify identity of signer  REVOKE: an algorithm run by GM to remove (revoke a user from the group) IEEE- ICNP’08 10/22/2008 13

  14.  Group Manager (GM): entity responsible for administering the group. Has private key and the group public key.  Group Members: users/entities that represent the current set of authorized signers. Each has a public/private key and the group public key.  Outsiders: any other user/entity external to group. Has group public key. IEEE- ICNP’08 10/22/2008 14

  15.  [LOCATION] nodes can obtain location info (e.g., GPS)  [PRIVACY] no long-term public node ID or address  [MOBILITY] network is mobile but nodes are loosely synchronized (e.g., using GPS)  [SECURITY] ◦ Outside attackers ◦ Passive (honest-but-curious) insiders IEEE- ICNP’08 10/22/2008 15

  16. GM sets up the GSIG scheme 1. Nodes join the group with GM and generate 2. keys and get the group public key MANET deployment 3. IEEE- ICNP’08 10/22/2008 16

  17. PR PRISM SM Ope peration ration IEEE- ICNP’08 10/22/2008 17

  18. PR PRISM SM Ope peration ration IEEE- ICNP’08 10/22/2008 18

  19. PR PRISM SM Ope peration ration IEEE- ICNP’08 10/22/2008 19

  20. PR PRISM SM Ope peration ration IEEE- ICNP’08 10/22/2008 20

  21. PR PRISM SM Ope peration ration IEEE- ICNP’08 10/22/2008 21

  22. PR PRISM SM Ope peration ration IEEE- ICNP’08 10/22/2008 22

  23. PR PRISM SM Ope peration ration IEEE- ICNP’08 10/22/2008 23

  24.  Active/Passive Outsiders: ◦ Records, replays and/or injects routing messages  Replay attacks prevented due to RREQ/RREP time- stamps  Injecting or modifying messages requires producing genuine GSIGs (computationally infeasible) IEEE- ICNP’08 10/22/2008 24

  25.  Passive (honest-but-curious) Insider: ◦ Eavesdrops to track peer nodes  Can't link multiple messages to same node (computationally infeasible to link GSIGs)  Can track node movement by monitoring likely trajectories (but need lots of topology knowledge)  Sees less topology than in link-state protocols (simulation) IEEE- ICNP’08 10/22/2008 25

  26.  Active Insiders: ◦ PRISM is not secure against active insiders in real- time ◦ Active insiders can lie about their locations and create phantom nodes (does not hurt privacy) ◦ Can be detected off-line by GM IEEE- ICNP’08 10/22/2008 26

  27.  Two mobility models: ◦ RWM (Random Waypoint) ◦ RPGM (Reference Point Group Mobility)  DST-AREA radius = 20m  Area = 1000m2  Tx-Range=150m  Num Nodes= 1000  50 sending sources IEEE- ICNP’08 10/22/2008 27

  28.  One-time certificates instead of GSIG (scalability issues)  Prevent active insiders based on location information and directions of RREQ  Accommodate heterogeneous MANET devices (i.e. no GPS and GSIG capability)  Evaluation with real mobility traces IEEE- ICNP’08 10/22/2008 28

  29. IEEE- ICNP’08 10/22/2008 29

  30.  Location-centric communication is more privacy friendly  Group signatures are a promising building block for privacy-preserving secure protocols  Several research problems remain IEEE- ICNP’08 10/22/2008 30

  31. IEEE- ICNP’08 10/22/2008 31

  32. IEEE- ICNP’08 10/22/2008 32

Recommend

Obtaining Provably Secure Services from Formally Verified Remote Attestation Gene Tsudik 1 Joint

Obtaining Provably Secure Services from Formally Verified Remote Attestation Gene Tsudik 1 Joint

Obtaining Provably Secure Services from Formally Verified Remote Attestation Gene Tsudik 1 Joint work with: Ivan De Oliveira Nunes 1 , Karim Eldefrawy 2 , Norrathep Rattanavipanon 1 University of California Irvine 1 , SRI International 2 1 In

847 views • 48 slides
Smart Everything: Dr Jekyll or Mr Hyde? Cure by Remote A>esta@on GENE TSUDIK Computer Science

Smart Everything: Dr Jekyll or Mr Hyde? Cure by Remote A>esta@on GENE TSUDIK Computer Science

Smart Everything: Dr Jekyll or Mr Hyde? Cure by Remote A>esta@on GENE TSUDIK Computer Science Department UCI gene.tsudik@uci.edu LAB: h>p://sprout.ics.uci.edu Joint work with: HRL, Eurecom, TU Darmstadt, Aalto, Intel 1 Outline

1.12k views • 26 slides
HYDRA: HYbrid Design for Remote Attestation (Using a Formally Verified Microkernel) Karim

HYDRA: HYbrid Design for Remote Attestation (Using a Formally Verified Microkernel) Karim

HYDRA: HYbrid Design for Remote Attestation (Using a Formally Verified Microkernel) Karim Eldefrawy , Norrathep Rattanavipanon, Gene Tsudik HRL Labs UC Irvine UC Irvine (Currently at SRI) July 18, 2017 karim.eldefrawy@sri.com IoT/CPS/ES 2

1.07k views • 41 slides
Fusing Hybrid Remote Attestation with a Formally Verified Microkernel: Lessons Learned Karim

Fusing Hybrid Remote Attestation with a Formally Verified Microkernel: Lessons Learned Karim

Fusing Hybrid Remote Attestation with a Formally Verified Microkernel: Lessons Learned Karim Eldefrawy, Norrathep Rattanavipanon , Gene Tsudik June 28, 2017 nrattana@uci.edu http://sprout.ics.uci.edu IoT/CPS/ES IoT/CPS/ES IoT/CPS/ES Remote

451 views • 33 slides
CS CS 683 683 - Security y and Privacy Fa Fall 2019 In Instructor or: Ka Karim El Elde

CS CS 683 683 - Security y and Privacy Fa Fall 2019 In Instructor or: Ka Karim El Elde

CS CS 683 683 - Security y and Privacy Fa Fall 2019 In Instructor or: Ka Karim El Elde defrawy Un University ty of of Sa San Francisco http://www.cs.usfca.edu/~keldefrawy/teaching/f all2019/cs683/cs683_main.htm 1 Lectures 3 and 4

976 views • 81 slides
CS CS 683 683 - Security y and Privacy Sp Spri ring 2018 In Instructor or: Ka Karim El

CS CS 683 683 - Security y and Privacy Sp Spri ring 2018 In Instructor or: Ka Karim El

CS CS 683 683 - Security y and Privacy Sp Spri ring 2018 In Instructor or: Ka Karim El Elde defrawy Un University ty of of Sa San Francisco http://www.cs.usfca.edu/~keldefrawy/teaching/ spring2018/cs683/cs683_main.htm

1.22k views • 79 slides
1 , Roberta Baronio 1 , Emiliano De Cristofaro 2 , Pierre Baldi 1 , and Gene Tsudik 1 Paolo

1 , Roberta Baronio 1 , Emiliano De Cristofaro 2 , Pierre Baldi 1 , and Gene Tsudik 1 Paolo

1 , Roberta Baronio 1 , Emiliano De Cristofaro 2 , Pierre Baldi 1 , and Gene Tsudik 1 Paolo Gasti 1 UC Irvine 2 PARC work done while at UC Irvine * See: http://www.imdb.com/title/tt0119177/ 2 Outline Genomics Background Privacy

266 views • 26 slides
KRB-CCN: Lightweight Authentication & Access Control for Private Content-Centric Networks

KRB-CCN: Lightweight Authentication & Access Control for Private Content-Centric Networks

KRB-CCN: Lightweight Authentication & Access Control for Private Content-Centric Networks Ivan O. Nunes and Gene Tsudik University of California Irvine {ivanoliv, gene.tsudik}@uci.edu ACNS 2018 1 Agenda CCN Overview

604 views • 59 slides
Communication-efficient Group Key Agreement June 20, 2001 Gene Tsudik, UC Irvine

Communication-efficient Group Key Agreement June 20, 2001 Gene Tsudik, UC Irvine

Communication-efficient Group Key Agreement June 20, 2001 Gene Tsudik, UC Irvine gts@ics.uci.edu Joint work with: Adrian Perrig, CMU/UC Berkeley Yongdae Kim, USC/UC Irvine Outline Definitions/concepts Related work

761 views • 31 slides
Collaborative Security Collaborative Security Gene Tsudik USC/ISI 4676 Admiralty Way Marina

Collaborative Security Collaborative Security Gene Tsudik USC/ISI 4676 Admiralty Way Marina

Collaborative Security Collaborative Security Gene Tsudik USC/ISI 4676 Admiralty Way Marina del Rey, CA 90292 gts@isi.edu http://www.isi.edu/~gts 4/ 21/ 99 1 Group Communication One-to- many Single-source

264 views • 24 slides
Collaborative Security Gene Tsudik Computer Networks Division, USC/ISI gts@ics.uci.edu

Collaborative Security Gene Tsudik Computer Networks Division, USC/ISI gts@ics.uci.edu

Collaborative Security Gene Tsudik Computer Networks Division, USC/ISI gts@ics.uci.edu http://www.ics.uci.edu/~gts and Information and Computer Science Department, UC Irvine gts@isi.edu http://www.isi.edu/~gts 12/ 9/ 99

491 views • 26 slides
Thermanator: Thermanator: Ercan Ozturk Gene Tsudik Thermal Residue Attacks Thermal Residue

Thermanator: Thermanator: Ercan Ozturk Gene Tsudik Thermal Residue Attacks Thermal Residue

5/25/2019 Tyler Kaczmarek Thermanator: Thermanator: Ercan Ozturk Gene Tsudik Thermal Residue Attacks Thermal Residue Attacks University of California, Irvine A Common Scenario: 1. You arrive at work (shared workspace) 2. Go to your desk

431 views • 15 slides
Secure Services for Group CLIQUES: Comm unication Gene Tsudik gts@isi.edu D ARP A High

Secure Services for Group CLIQUES: Comm unication Gene Tsudik gts@isi.edu D ARP A High

Secure Services for Group CLIQUES: Comm unication Gene Tsudik gts@isi.edu D ARP A High Condence Net w o rking W o rkshop, 06/12/98, Ro ckp o rt, MA. USC Info rmation Sciences Institute D ARP A High Condence

381 views • 11 slides
Interest-Based Access Control in CCN Cesar Ghali, Marc A. Schlosberg, Gene Tsudik, Christopher A.

Interest-Based Access Control in CCN Cesar Ghali, Marc A. Schlosberg, Gene Tsudik, Christopher A.

Interest-Based Access Control in CCN Cesar Ghali, Marc A. Schlosberg, Gene Tsudik, Christopher A. Wood Department of Computer Science University of California Irvine woodc1@uci.edu Confidential Agenda 1. Introduction and Access Control

398 views • 38 slides
CLIQUES: Security for Dynamic Peer Groups CLIQUES: Gene Tsudik Yongdae Kim Formation Member

CLIQUES: Security for Dynamic Peer Groups CLIQUES: Gene Tsudik Yongdae Kim Formation Member

CLIQUES: Security for Dynamic Peer Groups CLIQUES: Gene Tsudik Yongdae Kim Formation Member add Member leave Group fusion Giuseppe Ateniese Damian Group fission Hasse 4/ 11/ 99 1 Background Targeted environment

442 views • 11 slides
Temporal Consistency of Integrity-Ensuring Computations and Applications to Embedded Systems

Temporal Consistency of Integrity-Ensuring Computations and Applications to Embedded Systems

Temporal Consistency of Integrity-Ensuring Computations and Applications to Embedded Systems Security Karim Eldefrawy Xavier Carpent Norrathep (Oak) Rattanavipanon Gene Tsudik University of California, Irvine SRI International Agenda

409 views • 38 slides
Staphylococcus aureus Pathogenesis - Gene exchanges - Gene regulation - Gene products - Gene

Staphylococcus aureus Pathogenesis - Gene exchanges - Gene regulation - Gene products - Gene

Staphylococcus aureus Pathogenesis - Gene exchanges - Gene regulation - Gene products - Gene product cooperation Brussels 07 Some Staphylococcal Species from Mammals Host Species Coagulase Clumping factor Virulence Human ++ ++ +++ S.

678 views • 43 slides
SCONCE 1 sconce Pronunciation: \ skn(t)s\ Function: noun Etymology: Middle English, from

SCONCE 1 sconce Pronunciation: \ skn(t)s\ Function: noun Etymology: Middle English, from

9/4/2008 Security and Privacy in Unattended Sensor Networks (or How to Cope with a Mobile Adversary) Gene Tsudik SCONCE Secure Computing and Networking Center UC Irvine http://sconce.ics.uci.edu Joint work with: Roberto Di Pietro

985 views • 40 slides
. Arithmtique et cryptologie Karim Belabas Karim.Belabas@math.u-psud.fr

. Arithmtique et cryptologie Karim Belabas Karim.Belabas@math.u-psud.fr

. Arithmtique et cryptologie Karim Belabas Karim.Belabas@math.u-psud.fr http://www.math.u-psud.fr/~belabas/ Universit e Paris-Sud France F ete de la Science 2003 (Orsay) p. 1/16 Chiffrer (1/3) Un grand nombre d

340 views • 16 slides
Fast Mobile IP Handoffs in Cellular Systems Presented by: Karim El Malki (karim@dcs.shef.ac.uk) (

Fast Mobile IP Handoffs in Cellular Systems Presented by: Karim El Malki (karim@dcs.shef.ac.uk) (

Fast Mobile IP Handoffs in Cellular Systems Presented by: Karim El Malki (karim@dcs.shef.ac.uk) ( draft-elmalki-mobileip-fast-handoffs-00.txt by K. El Malki, N. Fikouras and S. Cvetkovic) X MIP Handoff performance can cause excessive packet loss

168 views • 6 slides
Gene$c Varia$on and Gene$c Diversity 02-223 How to Analyze

Gene$c Varia$on and Gene$c Diversity 02-223 How to Analyze

Gene$c Varia$on and Gene$c Diversity 02-223 How to Analyze Your Own Genome Fall 2013 Terminology Allele: different forms of gene@c Individual 1

189 views • 14 slides
Gene Finding Strategies to find gene structures on the web Swiss Institute of Bioinformatics

Gene Finding Strategies to find gene structures on the web Swiss Institute of Bioinformatics

Gene Finding Strategies to find gene structures on the web Swiss Institute of Bioinformatics (SIB) 26-30 November 2001 Course 2001 Gene finding Introduction Gene finding is about detecting coding regions and infer gene structure Gene finding

647 views • 36 slides
Lecture 3 Encryption I Suggested Readings: Chs 3 & 4 in KPS (recommended) Ch 3 in

Lecture 3 Encryption I Suggested Readings: Chs 3 & 4 in KPS (recommended) Ch 3 in

Lecture 3 Encryption I Suggested Readings: Chs 3 & 4 in KPS (recommended) Ch 3 in Stinson (optional) [lecture slides are adapted from previous slides by Prof. Gene Tsudik] 1 Crypto Ba Cr Basi sics 2 Cryptosystems Classified

329 views • 29 slides
Timely Estimation Using Coded Quantized Samples Ahmed Arafa 1 Karim Banawan 2 Karim G. Seddik 3 H.

Timely Estimation Using Coded Quantized Samples Ahmed Arafa 1 Karim Banawan 2 Karim G. Seddik 3 H.

Timely Estimation Using Coded Quantized Samples Ahmed Arafa 1 Karim Banawan 2 Karim G. Seddik 3 H. Vincent Poor 4 1 Department of Electrical and Computer Engineering, University of North Carolina at Charlotte 2 Department of Electrical Engineering,

720 views • 32 slides

More recommend