Key management for wireless sensor network security

Wireless Sensor Networks (WSNs) have attracted great attention not only in industry but also in academia due to their enormous application potential and unique security challenges. A typical sensor network can be seen as a combination of a number of low-cost sensor nodes which have very limited computation and communication capability, memory space, and energy supply. The nodes are self-organized into a network to sense or monitor surrounding information in an unattended environment, while the self-organization property makes the networks vulnerable to various attacks.Many cryptographic mechanisms that solve network security problems rely directly on secure and efficient key management making key management a fundamental research topic in the field of WSNs security. Although key management for WSNs has been studied over the last years, the majority of the literature has focused on some assumed vulnerabilities along with corresponding countermeasures. Specific application, which is an important factor in determining the feasibility of the scheme, has been overlooked to a large extent in the existing literature.This thesis is an effort to develop a key management framework and specific schemes for WSNs by which different types of keys can be established and also can be distributed in a self-healing manner; explicit/ implicit authentication can be integrated according to the security requirements of expected applications. The proposed solutions would provide reliable and robust security infrastructure for facilitating secure communications in WSNs.There are five main parts in the thesis. In Part I, we begin with an introduction to the research background, problems definition and overview of existing solutions. From Part II to Part IV, we propose specific solutions, including purely Symmetric Key Cryptography based solutions, purely Public Key Cryptography based solutions, and a hybrid solution. While there is always a trade-off between security and performance, analysis and experimental results prove that each proposed solution can achieve the expected security aims with acceptable overheads for some specific applications. Finally, we recapitulate the main contribution of our work and identify future research directions in Part V

A Survey on Routing in Anonymous Communication Protocols

The Internet has undergone dramatic changes in the past 15 years, and now forms a global communication platform that billions of users rely on for their daily activities. While this transformation has brought tremendous benefits to society, it has also created new threats to online privacy, ranging from profiling of users for monetizing personal information to nearly omnipotent governmental surveillance. As a result, public interest in systems for anonymous communication has drastically increased. Several such systems have been proposed in the literature, each of which offers anonymity guarantees in different scenarios and under different assumptions, reflecting the plurality of approaches for how messages can be anonymously routed to their destination. Understanding this space of competing approaches with their different guarantees and assumptions is vital for users to understand the consequences of different design options. In this work, we survey previous research on designing, developing, and deploying systems for anonymous communication. To this end, we provide a taxonomy for clustering all prevalently considered approaches (including Mixnets, DC-nets, onion routing, and DHT-based protocols) with respect to their unique routing characteristics, deployability, and performance. This, in particular, encompasses the topological structure of the underlying network; the routing information that has to be made available to the initiator of the conversation; the underlying communication model; and performance-related indicators such as latency and communication layer. Our taxonomy and comparative assessment provide important insights about the differences between the existing classes of anonymous communication protocols, and it also helps to clarify the relationship between the routing characteristics of these protocols, and their performance and scalability

Multimedia

The nowadays ubiquitous and effortless digital data capture and processing capabilities offered by the majority of devices, lead to an unprecedented penetration of multimedia content in our everyday life. To make the most of this phenomenon, the rapidly increasing volume and usage of digitised content requires constant re-evaluation and adaptation of multimedia methodologies, in order to meet the relentless change of requirements from both the user and system perspectives. Advances in Multimedia provides readers with an overview of the ever-growing field of multimedia by bringing together various research studies and surveys from different subfields that point out such important aspects. Some of the main topics that this book deals with include: multimedia management in peer-to-peer structures & wireless networks, security characteristics in multimedia, semantic gap bridging for multimedia content and novel multimedia applications

Attacks and parameter choices in HIMMO

The HIMMO scheme has been introduced as a lightweight collusion-resistant key pre-distribution scheme, with excellent efficiency in terms of bandwidth, energy consumption and computation time. As its cryptanalysis relies on lattice techniques, HIMMO is also an interesting quantum-safe candidate. Unlike the schemes by Blom, by Matsumoto and Imai, and by Blundo {\em et al}, which break down once the number of colluding nodes exceeds a given threshold, it aims at tolerating any number of colluding nodes. In 2015, a contest for the verification of the scheme was held. During the contest, a method was developed to guess a key by finding an approximate solution of one of the problems underlying the scheme. This attack involves finding a short vector in a lattice of dimension linear in a system parameter $\alpha$ and allowed key recovery for several challenges. Thwarting this attack by increasing $\alpha$ would lead to a significant performance degradation, as CPU and memory requirements for the implementation of the scheme scale quadratically in $\alpha$. This paper describes a generalization of HIMMO parameters that allows configuring the scheme such that both its performance and the dimension of the lattice involved in the attack grow linearly in $\alpha$. Two attacks inspired by the one developed in the contest are described, and the impact of those attacks for different parameter choices is discussed. Parameters choices are described that thwart existing attacks while enabling high performance implementations of the scheme

Group Key Management in Wireless Ad-Hoc and Sensor Networks

A growing number of secure group applications in both civilian and military domains is being deployed in WAHNs. A Wireless Ad-hoc Network (WARN) is a collection of autonomous nodes or terminals that communicate with each other by forming a multi-hop radio network and maintaining connectivity in a decentralized manner. A Mobile Ad-hoc Network (MANET) is a special type of WARN with mobile users. MANET nodes have limited communication, computational capabilities, and power. Wireless Sensor Networks (WSNs) are sensor networks with massive numbers of small, inexpensive devices pervasive throughout electrical and mechanical systems and ubiquitous throughout the environment that monitor and control most aspects of our physical world. In a WAHNs and WSNs with un-trusted nodes, nodes may falsify information, collude to disclose system keys, or even passively refuse to collaborate. Moreover, mobile adversaries might invade more than one node and try to reveal all system secret keys. Due to these special characteristics, key management is essential in securing such networks. Current protocols for secure group communications used in fixed networks tend to be inappropriate. The main objective of this research is to propose, design and evaluate a suitable key management approach for secure group communications to support WAHNs and WSNs applications. Key management is usually divided into key analysis, key assignment, key generation and key distribution. In this thesis, we tried to introduce key management schemes to provide secure group communications in both WAHNs and WSNs. Starting with WAHNs, we developed a key management scheme. A novel architecture for secure group communications was proposed. Our proposed scheme handles key distribution through Combinatorial Key Distribution Scheme (CKDS). We followed with key generation using Threshold-based Key Generation in WAHNs (TKGS). For key assignment, we proposed Combinatorial Key Assignment Scheme (CKAS), which assigns closer key strings to co-located nodes. We claim that our architecture can readily be populated with components to support objectives such as fault tolerance, full-distribution and scalability to mitigate WAHNs constraints. In our architecture, group management is integrated with multicast at the application layer. For key management in WSNs, we started with DCK, a modified scheme suitable for WSNs. In summary, the DCK achieves the following: (1) cluster leader nodes carry the major part of the key management overhead; (2) DCK consumes less than 50% of the energy consumed by SHELL in key management; (3) localizing key refreshment and handling node capture enhances the security by minimizing the amount of information known by each node about other portions of the network; and (4) since DCK does not involve the use of other clusters to maintain local cluster data, it scales better from a storage point of view with the network size represented by the number of clusters. We went further and proposed the use of key polynomials with DCK to enhance the resilience of multiple node capturing. Comparing our schemes to static and dynamic key management, our scheme was found to enhance network resilience at a smaller polynomial degree t and accordingly with less storage per node

Efficient and Secure Data Sharing Using Attribute-based Cryptography

La crescita incontrollata di dati prodotti da molte sorgenti, eterogenee e di- namiche, spinge molti possessori di tali dati a immagazzinarli su server nel cloud, anche al fine di condividerli con terze parti. La condivisione di dati su server (possibilmente) non fidati fonte di importanti e non banali questioni riguardanti sicurezza, privacy, confidenzialit e controllo degli accessi. Al fine di prevenire accessi incontrollati ai dati, una tipica soluzione consiste nel cifrare i dati stessi. Seguendo tale strada, la progettazione e la realizzazione di politiche di accesso ai dati cifrati da parte di terze parti (che possono avere differenti diritti sui dati stessi) un compito complesso, che impone la presenza di un controllore fidato delle politiche. Una possibile soluzione l\u2019impiego di un meccanismo per il controllo degli accessi basato su schemi di cifratura attribute-base (ABE ), che permette al possessore dei dati di cifrare i dati in funzione delle politiche di accesso dei dati stessi. Di contro, l\u2019adozione di tali meccanismi di controllo degli accessi presentano due problemi (i) privacy debole: le politiche di accesso sono pubbliche e (ii) inefficienza: le politiche di accesso sono statiche e una loro modifica richiede la ricifratura (o la cifratura multipla) di tutti i dati. Al fine di porre rimedio a tali problemi, il lavoro proposto in questa tesi prende in con- siderazione un particolare schema di cifratura attribute-based, chiamato inner product encryption (IPE, che gode della propriet attribute-hiding e pertanto riesce a proteggere la privatezza delle politiche di accesso) e lo combina con le tecniche di proxy re-encryption, che introducono una maggiore flessibilit ed efficienza. La prima parte di questa tesi discute l\u2019adeguatezza dell\u2019introduzione di un meccanismo di controllo degli accessi fondato su schema basato su inner product e proxy re-encryption (IPPRE ) al fine di garantire la condivisione sicura di dati immagazzinati su cloud server non fidati. Pi specificamente, proponiamo due proponiamo due versioni di IPE : in prima istanza, presentiamo una versione es- tesa con proxy re-encryption di un noto schema basato su inner product [1]. In seguito, usiamo tale schema in uno scenario in cui vengono raccolti e gestiti dati medici. In tale scenario, una volta che i dati sono stati raccolti, le politiche di ac- cesso possono variare al variare delle necessit dei diversi staff medici. Lo schema proposto delega il compito della ricifratura dei dati a un server proxy parzial- mente fidato, che pu trasformare la cifratura dei dati (che dipende da una polit- ica di accesso) in un\u2019altra cifratura (che dipende da un\u2019altra politica di accesso) senza per questo avere accesso ai dati in chiaro o alla chiave segreta utilizzata dal possessore dei dati. In tal modo, il possessore di una chiave di decifratura corrispondente alla seconda politica di accesso pu accedere ai dati senza intera- gire con il possessore dei dati (richiedendo cio una chiave di decifratura associata alla propria politica di accesso). Presentiamo un\u2019analisi relativa alle prestazioni di tale schema implementato su curve ellittiche appartenenti alle classi SS, MNT e BN e otteniamo incoraggianti risultati sperimentali. Dimostriamo inoltre che lo schema proposto sicuro contro attacchi chosen plaintext sotto la nota ipotesi DLIN. In seconda istanza, presentiamo una versione ottimizzata dello schema proposto in precedenza (E-IPPRE ), basata su un ben noto schema basato suinner product, proposto da Kim [2]. Lo schema E-IPPRE proposto richiede un numero costante di operazioni di calcolo di pairing e ci garantisce che gli oggetti prodotti dall esecuzione dello schema (chiavi di decifratura, chiavi pubbliche e le cifrature stesse) sono di piccole rispetto ai parametri di sicurezza e sono efficientemente calcolabili. Testiamo sperimentalmente l\u2019efficienza dello schema proposto e lo proviamo (selettivamente nei confronti degli attributi) sicuro nei confronti di attacchi chosen plaintext sotto la nota ipotesi BDH. In altri termini, lo schema proposto non rivela alcuna informazione riguardante le politiche di accesso. La seconda parte di questa tesi presenta uno schema crittografico per la condivisione sicura dei dati basato su crittografia attribute-based e adatto per scenari basati su IoT. Come noto, il problema principale in tale ambito riguarda le limitate risorse computazionali dei device IoT coinvolti. A tal proposito, proponiamo uno schema che combina la flessibilit di E-IPPRE con l\u2019efficienza di uno schema di cifratura simmetrico quale AES, ottenendo uno schema di cifratura basato su inner product, proxy-based leggero (L-IPPRE ). I risultati sperimentali confermano l\u2019adeguatezza di tale schema in scenari IoT.Riferimenti [1] Jong Hwan Park. Inner-product encryption under standard assumptions. Des. Codes Cryptography, 58(3):235\u2013257, March 2011. [2] Intae Kim, Seong Oun Hwang, Jong Hwan Park, and Chanil Park. An effi- cient predicate encryption with constant pairing computations and minimum costs. IEEE Trans. Comput., 65(10):2947\u20132958, October 2016.With the ever-growing production of data coming from multiple, scattered, and highly dynamical sources, many providers are motivated to upload their data to the cloud servers and share them with other persons for different purposes. However, storing data on untrusted cloud servers imposes serious concerns in terms of security, privacy, data confidentiality, and access control. In order to prevent privacy and security breaches, it is vital that data is encrypted first before it is outsourced to the cloud. However, designing access control mod- els that enable different users to have various access rights to the shared data is the main challenge. To tackle this issue, a possible solution is to employ a cryptographic-based data access control mechanism such as attribute-based encryption (ABE ) scheme, which enables a data owner to take full control over data access. However, access control mechanisms based on ABE raise two chal- lenges: (i) weak privacy: they do not conceal the attributes associated with the ciphertexts, and therefore they do not satisfy attribute-hiding security, and (ii) inefficiency: they do not support efficient access policy change when data is required to be shared among multiple users with different access policies. To address these issues, this thesis studies and enhances inner-product encryption (IPE ), a type of public-key cryptosystem, which supports the attribute-hiding property as well as the flexible fine-grained access control based payload-hiding property, and combines it with an advanced cryptographic technique known as proxy re-encryption (PRE ). The first part of this thesis discusses the necessity of applying the inner- product proxy re-encryption (IPPRE ) scheme to guarantee secure data sharing on untrusted cloud servers. More specifically, we propose two extended schemes of IPE : in the first extended scheme, we propose an inner-product proxy re- encryption (IPPRE ) protocol derived from a well-known inner-product encryp- tion scheme [1]. We deploy this technique in the healthcare scenario where data, collected by medical devices according to some access policy, has to be changed afterwards for sharing with other medical staffs. The proposed scheme delegates the re-encryption capability to a semi-trusted proxy who can transform a dele- gator\u2019s ciphertext associated with an attribute vector to a new ciphertext associ- ated with delegatee\u2019s attribute vector set, without knowing the underlying data and private key. Our proposed policy updating scheme enables the delegatee to decrypt the shared data with its own key without requesting a new decryption key. We analyze the proposed protocol in terms of its performance on three dif- ferent types of elliptic curves such as the SS curve, the MNT curve, and the BN curve, respectively. Hereby, we achieve some encouraging experimental results. We show that our scheme is adaptive attribute-secure against chosen-plaintext under standard Decisional Linear (D-Linear ) assumption. To improve the per- formance of this scheme in terms of storage, communication, and computation costs, we propose an efficient inner-product proxy re-encryption (E-IPPRE ) scheme using the transformation of Kim\u2019s inner-product encryption method [2]. The proposed E-IPPRE scheme requires constant pairing operations for its al- gorithms and ensures a short size of the public key, private key, and ciphertext,making it the most efficient and practical compared to state of the art schemes in terms of computation and communication overhead. We experimentally as- sess the efficiency of our protocol and show that it is selective attribute-secure against chosen-plaintext attacks in the standard model under Asymmetric De- cisional Bilinear Diffie-Hellman assumption. Specifically, our proposed schemes do not reveal any information about the data owner\u2019s access policy to not only the untrusted servers (e.g, cloud and proxy) but also to the other users. The second part of this thesis presents a new lightweight secure data sharing scheme based on attribute-based cryptography for a specific IoT -based health- care application. To achieve secure data sharing on IoT devices while preserving data confidentiality, the IoT devices encrypt data before it is outsourced to the cloud and authorized users, who have corresponding decryption keys, can ac- cess the data. The main challenge, in this case, is on the one hand that IoT devices are resource-constrained in terms of energy, CPU, and memory. On the other hand, the existing public-key encryption mechanisms (e.g., ABE ) require expensive computation. We address this issue by combining the flexibility and expressiveness of the proposed E-IPPRE scheme with the efficiency of symmet- ric key encryption technique (AES ) and propose a light inner-product proxy re-encryption (L-IPPRE ) scheme to guarantee secure data sharing between dif- ferent entities in the IoT environment. The experimental results confirm that the proposed L-IPPRE scheme is suitable for resource-constrained IoT scenar- ios.References [1] Jong Hwan Park. Inner-product encryption under standard assumptions. Des. Codes Cryptography, 58(3):235\u2013257, March 2011. [2] Intae Kim, Seong Oun Hwang, Jong Hwan Park, and Chanil Park. An effi- cient predicate encryption with constant pairing computations and minimum costs. IEEE Trans. Comput., 65(10):2947\u20132958, October 2016

Security of distance-bounding: A survey

The file attached to this record is the author's final peer reviewed version. The Publisher's final version can be found by following the DOI linkDistance-bounding protocols allow a verifier to both authenticate a prover and evaluate whether the latter is located in his vicinity. These protocols are of particular interest in contactless systems, e.g., electronic payment or access control systems, which are vulnerable to distance-based frauds. This survey analyzes and compares in a unified manner many existing distance-bounding protocols with respect to several key security and complexity features

Software Protection and Secure Authentication for Autonomous Vehicular Cloud Computing

Artificial Intelligence (AI) is changing every technology we deal with. Autonomy has been a sought-after goal in vehicles, and now more than ever we are very close to that goal. Vehicles before were dumb mechanical devices, now they are becoming smart, computerized, and connected coined as Autonomous Vehicles (AVs). Moreover, researchers found a way to make more use of these enormous capabilities and introduced Autonomous Vehicles Cloud Computing (AVCC). In these platforms, vehicles can lend their unused resources and sensory data to join AVCC. In this dissertation, we investigate security and privacy issues in AVCC. As background, we built our vision of a layer-based approach to thoroughly study state-of-the-art literature in the realm of AVs. Particularly, we examined some cyber-attacks and compared their promising mitigation strategies from our perspective. Then, we focused on two security issues involving AVCC: software protection and authentication. For the first problem, our concern is protecting client’s programs executed on remote AVCC resources. Such a usage scenario is susceptible to information leakage and reverse-engineering. Hence, we proposed compiler-based obfuscation techniques. What distinguishes our techniques, is that they are generic and software-based and utilize the intermediate representation, hence, they are platform agnostic, hardware independent and support different high level programming languages. Our results demonstrate that the control-flow of obfuscated code versions are more complicated making it unintelligible for timing side-channels. For the second problem, we focus on protecting AVCC from unauthorized access or intrusions, which may cause misuse or service disruptions. Therefore, we propose a strong privacy-aware authentication technique for users accessing AVCC services or vehicle sharing their resources with the AVCC. Our technique modifies robust function encryption, which protects stakeholder’s confidentiality and withstands linkability and “known-ciphertexts” attacks. Thus, we utilize an authentication server to search and match encrypted data by performing dot product operations. Additionally, we developed another lightweight technique, based on KNN algorithm, to authenticate vehicles at computationally limited charging stations using its owner’s encrypted iris data. Our security and privacy analysis proved that our schemes achieved privacy-preservation goals. Our experimental results showed that our schemes have reasonable computation and communications overheads and efficiently scalable

Blockchain's adoption in IoT: The challenges, and a way forward

© 2018 Elsevier Ltd The underlying technology of Bitcoin is blockchain, which was initially designed for financial value transfer only. Nonetheless, due to its decentralized architecture, fault tolerance and cryptographic security benefits such as pseudonymous identities, data integrity and authentication, researchers and security analysts around the world are focusing on the blockchain to resolve security and privacy issues of IoT. However, presently, not much work has been done to assess blockchain's viability for IoT and the associated challenges. Hence, to arrive at intelligible conclusions, this paper carries out a systematic study of the peculiarities of the IoT environment including its security and performance requirements and progression in blockchain technologies. We have identified the gaps by mapping the security and performance benefits inferred by the blockchain technologies and some of the blockchain-based IoT applications against the IoT requirements. We also discovered some practical issues involved in the integration of IoT devices with the blockchain. In the end, we propose a way forward to resolve some of the significant challenges to the blockchain's adoption in IoT