Security and Privacy Issues in Wireless Mesh Networks: A Survey

This book chapter identifies various security threats in wireless mesh network (WMN). Keeping in mind the critical requirement of security and user privacy in WMNs, this chapter provides a comprehensive overview of various possible attacks on different layers of the communication protocol stack for WMNs and their corresponding defense mechanisms. First, it identifies the security vulnerabilities in the physical, link, network, transport, application layers. Furthermore, various possible attacks on the key management protocols, user authentication and access control protocols, and user privacy preservation protocols are presented. After enumerating various possible attacks, the chapter provides a detailed discussion on various existing security mechanisms and protocols to defend against and wherever possible prevent the possible attacks. Comparative analyses are also presented on the security schemes with regards to the cryptographic schemes used, key management strategies deployed, use of any trusted third party, computation and communication overhead involved etc. The chapter then presents a brief discussion on various trust management approaches for WMNs since trust and reputation-based schemes are increasingly becoming popular for enforcing security in wireless networks. A number of open problems in security and privacy issues for WMNs are subsequently discussed before the chapter is finally concluded.Comment: 62 pages, 12 figures, 6 tables. This chapter is an extension of the author's previous submission in arXiv submission: arXiv:1102.1226. There are some text overlaps with the previous submissio

Secure Communication using Identity Based Encryption

Secured communication has been widely deployed to guarantee confidentiality and\ud integrity of connections over untrusted networks, e.g., the Internet. Although\ud secure connections are designed to prevent attacks on the connection, they hide\ud attacks inside the channel from being analyzed by Intrusion Detection Systems\ud (IDS). Furthermore, secure connections require a certain key exchange at the\ud initialization phase, which is prone to Man-In-The-Middle (MITM) attacks. In this paper, we present a new method to secure connection which enables Intrusion Detection and overcomes the problem of MITM attacks. We propose to apply Identity Based Encryption (IBE) to secure a communication channel. The key escrow property of IBE is used to recover the decryption key, decrypt network traffic on the fly, and scan for malicious content. As the public key can be generated based on the identity of the connected server and its exchange is not necessary, MITM attacks are not easy to be carried out any more. A prototype of a modified TLS scheme is implemented and proved with a simple client-server application. Based on this prototype, a new IDS sensor is developed to be capable of identifying IBE encrypted secure traffic on the fly. A deployment architecture of the IBE sensor in a company network is proposed. Finally, we show the applicability by a practical experiment and some preliminary performance measurements

Neural Network Contribute to Reverse Cryptographic Processes in Bitcoin Systems: attention on SHA256

Bitcoin is a digital currency created in January 2009 following the housing market crash that promises lower transaction fees than traditional online payment mechanisms. Though each bitcoin transaction is recorded in a public log, the names of buyers and sellers are never revealed. While that keeps bitcoin users' transactions private, it also lets them buy or sell anything without easily tracing it back to them. Bitcoin is based on cryptographic evidence, which therefore does not suffer from the weakness present in a model based on trust in guarantee authorities. The use of cryptography is of crucial importance in the Bitcoin system. In addition to maintaining data secrecy, in the case of Bitcoin, cryptography is used to make it impossible for anyone to spend money from another user's wallet. In our paper, we develop the idea that it is possible to reverse the cryptography process based on hash functions (one-way) through Machine Translation with neural networks. Assuming this hypothesis is true and considering some quantistic algorithms to decrypt certain types of hash functions, we will highlight their effects on the Bitcoin system

Secure and Privacy-Preserving Authentication Protocols for Wireless Mesh Networks

Wireless mesh networks (WMNs) have emerged as a promising concept to meet the challenges in next-generation wireless networks such as providing flexible, adaptive, and reconfigurable architecture while offering cost-effective solutions to service providers. As WMNs become an increasingly popular replacement technology for last-mile connectivity to the home networking, community and neighborhood networking, it is imperative to design efficient and secure communication protocols for these networks. However, several vulnerabilities exist in currently existing protocols for WMNs. These security loopholes can be exploited by potential attackers to launch attack on WMNs. The absence of a central point of administration makes securing WMNs even more challenging. The broadcast nature of transmission and the dependency on the intermediate nodes for multi-hop communications lead to several security vulnerabilities in WMNs. The attacks can be external as well as internal in nature. External attacks are launched by intruders who are not authorized users of the network. For example, an intruding node may eavesdrop on the packets and replay those packets at a later point of time to gain access to the network resources. On the other hand, the internal attacks are launched by the nodes that are part of the WMN. On example of such attack is an intermediate node dropping packets which it was supposed to forward. This chapter presents a comprehensive discussion on the current authentication and privacy protection schemes for WMN. In addition, it proposes a novel security protocol for node authentication and message confidentiality and an anonymization scheme for privacy protection of users in WMNs.Comment: 32 pages, 10 figures. The work is an extended version of the author's previous works submitted in CoRR: arXiv:1107.5538v1 and arXiv:1102.1226v

Integration of post-quantum cryptography in the TLS protocol (LWE Option)

Dissertação de mestrado em Computer ScienceWith the possibility of quantum computers making an appearance, possibly capable of breaking several well established and widespread crytposystems (especially those that implement public key cryptography), necessity has arisen to create new cryptographic algorithms which remain safe even against adversaries using quantum computers. Several algorithms based on different mathematical problems have been proposed which are considered to be hard to solve with quantum computers. In recent years, a new lattice-based mathematical problem called Learning With Errors (and its variant Ring - Learning With Errors) was introduced, and several cryptosystems based on this problem were introduced, some of which are becoming practical enough to compete with traditional schemes that have been used for decades. The primary focus in this work is the implementation of two Ring - Learning With Errors based schemes (one key exchange mechanism and one digital signature scheme) on the TLS protocol via the OpenSSL library as a way of checking their overall viability in real-world scenarios, by comparing them to classical schemes implementing the same functionalities.Com a possibilidade do surgimento dos primeiros computadores quânticos, possivelmente capazes de quebrar muitos dos cripto-sistemas bem difundidos e considerados seguros, tornou-se necessário tomar precauções com a criação de novas técnicas criptográficas que visam manter as suas propriedades de segurança mesmo contra adversários que usem computadores quânticos. Existem já muitas propostas de algoritmos baseados em problemas matemáticos distintos que são considerados difíceis de resolver recorrendo a computadores quânticos. Recentemente, foi introduzido um novo problema baseado em reticulados denominado de Learning With Errors (e a sua variante Ring - Learning With Errors), e consequentemente foram propostos vários cripto-sistemas baseados nesse problema, alguns dos quais começam já a ser utilizáveis ao ponto de poderem ser comparados com os esquemas clássicos usados há décadas. O foco principal neste trabalho é a implementação de dois esquemas baseados no problema Ring - Learning With Errors (mais precisamente, um esquema de troca de chaves e uma assinatura digital) no protocolo TLS através da sua integração no OpenSSL como forma de verificar a sua viabilidade em contextos reais, comparando-os com esquemas clássicos que implementem as mesmas funcionalidades