16,540 research outputs found
Efficient blockchain-based group key distribution for secure authentication in VANETs
This paper proposes a group key distribution scheme using smart contract-based blockchain technology. The smart contract’s functions allow for securely distributing the group session key, following the initial legitimacy detection using public key infrastructure-based authentication. For message authentication, we propose a lightweight symmetric key cryptography-based group signature method, supporting the security and privacy requirements of vehicular ad hoc networks (VANETs). Our discussion examined the scheme’s robustness against typical adversarial attacks. To evaluate the gas costs associated with smart contract’s functions, we implemented it on the Ethereum main network. Finally, comprehensive analyses of computation and communication costs demonstrate the scheme’s effectiveness
Recommended from our members
Efficient key management protocols for mobile ad hoc networks
In this thesis, novel solutions are proposed for key management issues in mobile ad hoc networks. Presented Hierarchical Binary Tree (HBT) based model is distributed, self-organizing, scalable and does not employ online key distribution authority or group manager. Two different group authentication and group key establishment protocols are proposed for the users who form an ad hoc group with distributed trust model. Initially proposed protocols are based on public key cryptography and do not use specific algorithm. However, members can establish the keys faster with proposed customized hybrid scheme which combines elliptic curve cryptography, modular squaring operations and secret key encryption algorithm. Proposed HBT based model provides complete backward and forward security in case of modification in membership and it has comparable efficiency to the other HBT based schemes which employ real time key distribution authority. Mutual authentication and link encryption can be achieved in wireless sensor network only with public key cryptography if there are no pre-distributed keys. However, constraints in resources make fully public key operations not affordable on sensor. Three different authenticated key establishment protocols are proposed with an objective of being respectful to constraints. Sensor needs to make only modular or cyclic convolution multiplications, and expensive public key decryption operation is executed at the data processing station side. Schemes require small size of code and achieve the least sensor processing time in comparison with fully public key cryptography based protocols
Efficient key management in wireless sensor network security
Wireless sensor network is a multi-hop ad hoc network formed by a large number of low-cost micro-sensor nodes which communicate through radio channels. It is widely used in many areas in modern society and attracts a lot of attention from researchers. This research is on wireless sensor network security and it focuses on key management in hierarchical wireless sensor networks. Through literature review, the drawback and weakness of existing key management schemes are analyzed from various aspects including key establishment, key distribution, key update, authentication and node operation mechanism. Assessment criteria for key management scheme are proposed under different requirements and constraints of wireless sensor networks. The security criteria cover keying model, key distribution, key update, node operation and resilience. For cluster based hierarchical wireless sensor networks, an assistant node is introduced in a cluster to deal with the situation of cluster head compromise and to keep the member nodes securely staying in the network. With introduction of assistant nodes, a complete secure efficient hierarchical key management scheme (SEHKM) for wireless sensor network is proposed. The scheme supports three types of keys and the big improvement over existing key management schemes is on group key update, which is based on pseudo-random numbers and group Diffie-Hellman. The analysis and evaluation have shown that that SEHKM offers strong security with efficient operation from energy consumption point of view
Scalable and Efficient Key Agreement Protocols for Secure Multicast Communication in MANETs
In this paper protocols for group key distribution are compared and evaluated from the point of view of Mobile Ad Hoc Networks (MANETs). A MANET is a collection of wireless mobile nodes, communicating among themselves over possibly multihop paths, without the help of any infrastructure such as base stations or access points. So the need to render those networks as autonomous and secure as possible, since no central authorization can be assumed at all times, becomes emergent. Key management is the service that ensures the security of communication among nodes, and the capability of their cooperation as a secure group. It consists of three important services: key generation, user authentication and key distribution. In this work we assume that the participating users have already been authenticated with some mechanism, and we are focused only on studying and comparing protocols for group key establishment in MANETs. We distinguish the protocols in two families, the contributory and non-contributory and we evaluate them from the point of view of MANETs
Privacy in VANET using Shared Key Management
Abstract: Vehicular Ad-Hoc Networks (VANET) are very likely to be emerged in the coming years. The main objective of this paper is to provide privacy in VANET using shared distributed key management. In shared key management, a short group signature scheme is used to facilitate the revocation of malicious vehicles and heterogeneous security policies. In this framework, road side unit (RSU) acts as the key distributor. A new problem encountered is that a RSU may misbehave. A secure key distribution protocol is used to detect such misbehaved RSUs. The protocol guarantees the traceability of compromised RSUs and malicious vehicles. Moreover, the issue of large computation overhead is also addressed in this paper. A group authentication protocol is proposed to mitigate the communication and computation overhead that occur while using the group signature scheme. Here only a small number of vehicles participate in verification process. Keywords: VANET, privacy, shared key management, Road side units, ad-hoc networks I INTRODUCTION VANET is a form of ad-hoc network that enables communications between nearby vehicles (V2V communications) and the road-side infrastructure (V2I communications).In other words , VANET is a special kind of mobile ad-hoc networks where wireless equipped vehicles form a network. VANET research came into existence with the Fleet-Net project in mid 2001. The main aim of that was to develop a communication platform for inter-vehicle communication. Privacy is an important issue in VANETS II BACKGROUND KNOWLEDGE A VANET is a form of MANET which provides communication between vehicles and between vehicles and road-side base stations. A vehicle in VANET is considered to be an intelligent mobile node capable of communicating with its neighbors and other vehicles in the network. VANET is mainly designed to provide safety related information, traffic management, and infotainment services. Privacy and security are the two important issues in VANET. Without security, a Vehicular Ad Hoc Network (VANET) system is wide open to a number of attacks such as propagation of false warning messages as well as suppression of actual warning messages, thereby causing accidents. Another form of attack in VANET is tracking. This makes security and privacy a factor of major concern in building such networks. There have been several proposals for privacy preservation of VANETs. Some of them are using pseudonyms, silent period [4], mix-zones [3] etc. Each vehicle in a mix zone will keep silent in transmission, and randomly update its pseudonyms when it travels out of the mix zone and becomes reactivated. Given a reasonable large mix zone, the location privacy can be well protected due to the untraceability of location and pseudonym updating in the silent period. In the AMOEBA [5], vehicles form groups. The messages of all group members are forwarded by the group leader, which implies that the privacy of group members is protected by sacrificing the privacy of group leader. Moreover, if a malicious vehicle is selected as a group leader, all group members' privacy may be leaked by the malicious leader. While the pure pseudonym schemes do not support the secure functionality of authentication, integrity, and nonrepudiation, an anonymous signing protocol [1] is proposed to provide such functions as well as privacy. In the protocol, each vehicle preloads a large number of certificated anonymou
Security and Privacy Issues in Wireless Mesh Networks: A Survey
This book chapter identifies various security threats in wireless mesh
network (WMN). Keeping in mind the critical requirement of security and user
privacy in WMNs, this chapter provides a comprehensive overview of various
possible attacks on different layers of the communication protocol stack for
WMNs and their corresponding defense mechanisms. First, it identifies the
security vulnerabilities in the physical, link, network, transport, application
layers. Furthermore, various possible attacks on the key management protocols,
user authentication and access control protocols, and user privacy preservation
protocols are presented. After enumerating various possible attacks, the
chapter provides a detailed discussion on various existing security mechanisms
and protocols to defend against and wherever possible prevent the possible
attacks. Comparative analyses are also presented on the security schemes with
regards to the cryptographic schemes used, key management strategies deployed,
use of any trusted third party, computation and communication overhead involved
etc. The chapter then presents a brief discussion on various trust management
approaches for WMNs since trust and reputation-based schemes are increasingly
becoming popular for enforcing security in wireless networks. A number of open
problems in security and privacy issues for WMNs are subsequently discussed
before the chapter is finally concluded.Comment: 62 pages, 12 figures, 6 tables. This chapter is an extension of the
author's previous submission in arXiv submission: arXiv:1102.1226. There are
some text overlaps with the previous submissio
ID-Based Key Agreement for WANETs
2013 - 2014The increasing interest about wireless ad hoc networks (WANETs) is due to some key features not owned by traditional networks such as nodes mobility, network self-organization and the ability to rely on infrastructure-less setup. WANETs can be used in many application scenarios such as health care, environmental monitoring, military and many others commercial applications.
Unfortunately, the open nature of the communication channel exposes WANETs to a great number of security threats (e.g. jamming, eavesdropping, node replication, unfairness, wormhole, packet injection). The security of WANETs hinges on node authentication, which by mean of Cryptography can be obtained through key distribution mechanisms. Moreover, WANET applications often require the establishment of session keys, that will be used for encryption, message authentication and others cryptographic purposes.
In this thesis we present a cryptographic framework for WANETs, named JIKA (Java framework for ID-based key agreement) which simulates a key generation center (KGC) and offers an ID-based key distribution service for signature schemes and key agreement protocols. Moreover, JIKA makes use of elliptic curve cryptography (ECC) which allows fast computations, small key size and short signatures of messages. It includes two new ID-based signature schemes (IBS-1 and IBS-2) which get shorter signatures, an ID-based two-party key agreement protocol
(eFG) and two new group key agreement protocols (GKA v1 and GKA v2). GKA protocols are full-contributory and offer implicit key authentication through the ID-based signature schemes described above, at the cost of just two rounds... [edited by Author]XIII n.s
Gestão segura de rotas numa VANET
Mestrado em Engenharia de Computadores e TelemáticaVehicular ad hoc networks (VANETs) are a specific case of ad hoc networks
where nodes are vehicles. VANETs have being emerging in the
last few years and are likely to play a major role in the future for a wide
number of applications. Routing is essential for any ad hoc network,
thus security strategies for protecting VANETs’ routing must be considered
essential. In this thesis we present: (1) TROPHY (Trustworthy
VANET ROuting with grouP autHentication keYs), a set of protocols
to authenticate routing messages in a VANET, under highly restrictive
time conditions, capable of protecting the distributed routing information;
(2) loop (loop over orderly phases), an interactive simulator for
testing and validating TROPHY along with a prototype of KDC (Key
Distribution Center). Authorized nodes recursively receive new messages
that allow them to refresh their cryptographic material and keep
the authentication keys updated across the network. These messages
are built in a way that any node pinpointed as lost or physically compromised
will not be able to perform the refreshment using them, and
so, is excluded from the routing process. Due to the use of a KDC,
a central entity, where all the cryptographic material is stored, we included
a mechanism to recover from any unauthorised physical access
and disclosure of all that material at once, without requiring the need
of human intervention on devices’ re-setup.As redes veiculares (VANETs) são um caso especÃfico de redes ad hoc
onde os nós são veÃculos. VANETs têm vindo a surgir nos últimos anos
e é expectável que venham a desempenhar um papel importante no futuro
para um grande número de aplicações. O roteamento é essencial
para qualquer rede ad hoc, consequentemente, as estratégias de segurança
para proteger o roteamento das VANETs devem ser consideradas
essenciais. Nesta tese apresentamos: (1) TROPHY (Trustworthy VANET
ROuting with grouP autHentication keYs), um conjunto de protocolos
para autenticar mensagens de roteamento numa VANET, capaz
de proteger as informações de roteamento distribuÃdas em condições
de tempo altamente restritas; (2) loop (loop over orderly phases), um
simulador interativo para testar e validar TROPHY juntamente com
um protótipo de um KDC (Key Distribution Center). Os nós autorizados
recebem recursivamente novas mensagens que lhes permitem
atualizar o seu material criptográfico e manter as chaves de autenticação
atualizadas na rede. Essas mensagens são construÃdas da forma
a que qualquer nó que seja identificado como perdido ou fisicamente
comprometido não seja capaz de executar a atualização, ficando assim
excluÃdo do processo de roteamento. Devido ao uso do KDC, uma
entidade central, onde todo o material criptográfico é armazenado, incluÃmos
um mecanismo para recuperar de qualquer acesso fÃsico não
autorizado e divulgação de todo esse material de uma só vez, sem exigir
a intervenção humana na configuração dos dispositivos
- …