Privacy Preserving Cryptographic Protocols for Secure Heterogeneous Networks

Disertační práce se zabývá kryptografickými protokoly poskytující ochranu soukromí, které jsou určeny pro zabezpečení komunikačních a informačních systémů tvořících heterogenní sítě. Práce se zaměřuje především na možnosti využití nekonvenčních kryptografických prostředků, které poskytují rozšířené bezpečnostní požadavky, jako je například ochrana soukromí uživatelů komunikačního systému. V práci je stanovena výpočetní náročnost kryptografických a matematických primitiv na různých zařízeních, které se podílí na zabezpečení heterogenní sítě. Hlavní cíle práce se zaměřují na návrh pokročilých kryptografických protokolů poskytujících ochranu soukromí. V práci jsou navrženy celkově tři protokoly, které využívají skupinových podpisů založených na bilineárním párování pro zajištění ochrany soukromí uživatelů. Tyto navržené protokoly zajišťují ochranu soukromí a nepopiratelnost po celou dobu datové komunikace spolu s autentizací a integritou přenášených zpráv. Pro navýšení výkonnosti navržených protokolů je využito optimalizačních technik, např. dávkového ověřování, tak aby protokoly byly praktické i pro heterogenní sítě.The dissertation thesis deals with privacy-preserving cryptographic protocols for secure communication and information systems forming heterogeneous networks. The thesis focuses on the possibilities of using non-conventional cryptographic primitives that provide enhanced security features, such as the protection of user privacy in communication systems. In the dissertation, the performance of cryptographic and mathematic primitives on various devices that participate in the security of heterogeneous networks is evaluated. The main objectives of the thesis focus on the design of advanced privacy-preserving cryptographic protocols. There are three designed protocols which use pairing-based group signatures to ensure user privacy. These proposals ensure the protection of user privacy together with the authentication, integrity and non-repudiation of transmitted messages during communication. The protocols employ the optimization techniques such as batch verification to increase their performance and become more practical in heterogeneous networks.

Improving IF Algorithm for Data Aggregation Techniques in Wireless Sensor Networks

In Wireless Sensor Network (WSN), fact from different sensor nodes is collected at assembling node, which is typically complete via modest procedures such as averaging as inadequate computational power and energy resources. Though such collections is identified to be extremely susceptible to node compromising attacks. These approaches are extremely prone to attacks as WSN are typically lacking interfere resilient hardware. Thus, purpose of veracity of facts and prestige of sensor nodes is critical for wireless sensor networks. Therefore, imminent gatherer nodes will be proficient of accomplishment additional cultivated data aggregation algorithms, so creating WSN little unresisting, as the performance of actual low power processors affectedly increases. Iterative filtering algorithms embrace inordinate capacity for such a resolution. The way of allocated the matching mass elements to information delivered by each source, such iterative algorithms concurrently assemble facts from several roots and deliver entrust valuation of these roots. Though suggestively extra substantial against collusion attacks beside the modest averaging techniques, are quiet vulnerable to a different cultivated attack familiarize. The existing literature is surveyed in this paper to have a study of iterative filtering techniques and a detailed comparison is provided. At the end of this paper new technique of improved iterative filtering is proposed with the help of literature survey and drawbacks found in the literature

A Framework for Secure and Survivable Wireless Sensor Networks

Wireless sensor networks increasingly become viable solutions to many challenging problems and will successively be deployed in many areas in the future. A wireless sensor network (WSN) is vulnerable to security attacks due to the insecure communication channels, limited computational and communication capabilities and unattended nature of sensor node devices, limited energy resources and memory. Security and survivability of these systems are receiving increasing attention, particularly critical infrastructure protection. So we need to design a framework that provide both security and survivability for WSNs. To meet this goals, we propose a framework for secure and survivable WSNs and we present a key management scheme as a case study to prevent the sensor networks being compromised by an adversary. This paper also considers survivability strategies for the sensor network against a variety of threats that can lead to the failure of the base station, which represents a central point of failure.key management scheme, security, survivability, WSN

Security protocols suite for machine-to-machine systems

Nowadays, the great diffusion of advanced devices, such as smart-phones, has shown that there is a growing trend to rely on new technologies to generate and/or support progress; the society is clearly ready to trust on next-generation communication systems to face today’s concerns on economic and social fields. The reason for this sociological change is represented by the fact that the technologies have been open to all users, even if the latter do not necessarily have a specific knowledge in this field, and therefore the introduction of new user-friendly applications has now appeared as a business opportunity and a key factor to increase the general cohesion among all citizens. Within the actors of this technological evolution, wireless machine-to-machine (M2M) networks are becoming of great importance. These wireless networks are made up of interconnected low-power devices that are able to provide a great variety of services with little or even no user intervention. Examples of these services can be fleet management, fire detection, utilities consumption (water and energy distribution, etc.) or patients monitoring. However, since any arising technology goes together with its security threats, which have to be faced, further studies are necessary to secure wireless M2M technology. In this context, main threats are those related to attacks to the services availability and to the privacy of both the subscribers’ and the services providers’ data. Taking into account the often limited resources of the M2M devices at the hardware level, ensuring the availability and privacy requirements in the range of M2M applications while minimizing the waste of valuable resources is even more challenging. Based on the above facts, this Ph. D. thesis is aimed at providing efficient security solutions for wireless M2M networks that effectively reduce energy consumption of the network while not affecting the overall security services of the system. With this goal, we first propose a coherent taxonomy of M2M network that allows us to identify which security topics deserve special attention and which entities or specific services are particularly threatened. Second, we define an efficient, secure-data aggregation scheme that is able to increase the network lifetime by optimizing the energy consumption of the devices. Third, we propose a novel physical authenticator or frame checker that minimizes the communication costs in wireless channels and that successfully faces exhaustion attacks. Fourth, we study specific aspects of typical key management schemes to provide a novel protocol which ensures the distribution of secret keys for all the cryptographic methods used in this system. Fifth, we describe the collaboration with the WAVE2M community in order to define a proper frame format actually able to support the necessary security services, including the ones that we have already proposed; WAVE2M was funded to promote the global use of an emerging wireless communication technology for ultra-low and long-range services. And finally sixth, we provide with an accurate analysis of privacy solutions that actually fit M2M-networks services’ requirements. All the analyses along this thesis are corroborated by simulations that confirm significant improvements in terms of efficiency while supporting the necessary security requirements for M2M networks

SECURED DATA AGGREGATION METHODS IN WIRELESS SENSOR NETWORKS USING HOMOMORPHIC OPERATION - A REVIEW

Wireless sensor networks are energy constrained. Data aggregation is an important mechanism for achieving energy efficiency in such networks. The aggregation reduces redundancy in data transmission which results in improved energy usage. Several security issues are there in data aggregation, which includes data confidentiality, data integrity, availability, and freshness. Such issues become complex since WSN is deployed in hostile and unattended environment. So the sensor nodes may fail and compromised by adversaries. Secured data aggregation in sensor network is a topic of research.  Many solutions are proposed for secured data aggregation, using different encryption methods. Homomorphic encryption is one of such technique. In homomorphic encryption, all the nodes participate in the aggregation. Here, nodes can't see any intermediate or final result but the aggregation is efficient. In this paper, secured data aggregation methods are classified and the performance is compared in terms of integrity and confidentiality

SDAMQ: Secure Data Aggregation for Multiple Queries in Wireless Sensor Networks

Wireless Sensor Network consists of severely energy constrained sensor nodes and are susceptible to security attacks due to broadcast communication model. It is necessary to optimize the transmission of packets to reduce the energy consumption. In addition data has to be encrypted in order to overcome the attack from the compromising nodes. We propose Secure Data Aggregation for Multiple Queries (SDAMQ) in Wireless Sensor Networks where multiple aggregate queries from the sink are authenticated and distributed to the sensor nodes. The sensor nodes respond by aggregating data belonging to multiple coexisting queries into a single packet, there by reducing the transmission cost. The intermediary nodes aggregate the encrypted data using additively homomorphic encryption. Thus authenticated query propagation combined with homomorphic encryption provide secure data aggregation at low energy consumption. Simulation results shows that SDAMQ provides better performance