2,082 research outputs found
A Distributed Public Key Caching Scheme in Large Wireless Networks.
When asymmetric cryptography techniques are used in wireless networks, the public
keys of the nodes need to be widely available and signed by a Certificate Authority (CA).
However, the existence of a single CA in large wireless networks such as mobile ad hoc
networks and wireless sensor networks can lead the hotspot problem and become a security
weakness. In this work, we propose a distributed technique to cache the public keys on
regular nodes. Due to the limited memory size that each node is allowed to dedicate
for key caching, only some keys can be cached. In our proposed technique, each node
caches the public keys of a mix of local and remote nodes. The local nodes are defined as
the nodes within the same neighborhood according to the transmission range, while the
remote nodes are the ones outside the range. Access to the public keys of other nodes is
possible based on a chain of trust. Multiple copies of public keys from different chains of
trusted nodes provide fault tolerance. We explain our technique in detail and investigate
its salient features in this work. An interesting observation is the need to balance caching
public keys of local nodes and remote nodes. We studied the optimum local/remote public
key caching ratios for different networks via investigating the availability of the number
of required public key copies. These simulation results showed that by balancing the
caching public keys with the optimum ratios, the availability of the required public keys
kept increasing and finally became stable. We also did the simulation about studying the
number of hops to find the first copies of required public keys. The results showed how
local/remote ratios affected the minimum number of hops for reaching the first copies
Sea of Lights: Practical Device-to-Device Security Bootstrapping in the Dark
Practical solutions to bootstrap security in today's information and
communication systems critically depend on centralized services for
authentication as well as key and trust management. This is particularly true
for mobile users. Identity providers such as Google or Facebook have active
user bases of two billion each, and the subscriber number of mobile operators
exceeds five billion unique users as of early 2018. If these centralized
services go completely `dark' due to natural or man made disasters, large scale
blackouts, or country-wide censorship, the users are left without practical
solutions to bootstrap security on their mobile devices. Existing distributed
solutions, for instance, the so-called web-of-trust are not sufficiently
lightweight. Furthermore, they support neither cross-application on mobile
devices nor strong protection of key material using hardware security modules.
We propose Sea of Lights(SoL), a practical lightweight scheme for bootstrapping
device-to-device security wirelessly, thus, enabling secure distributed
self-organized networks. It is tailored to operate `in the dark' and provides
strong protection of key material as well as an intuitive means to build a
lightweight web-of-trust. SoL is particularly well suited for local or urban
operation in scenarios such as the coordination of emergency response, where it
helps containing/limiting the spreading of misinformation. As a proof of
concept, we implement SoL in the Android platform and hence test its
feasibility on real mobile devices. We further evaluate its key performance
aspects using simulation
Unified architecture of mobile ad hoc network security (MANS) system
In this dissertation, a unified architecture of Mobile Ad-hoc Network Security (MANS) system is proposed, under which IDS agent, authentication, recovery policy and other policies can be defined formally and explicitly, and are enforced by a uniform architecture. A new authentication model for high-value transactions in cluster-based MANET is also designed in MANS system. This model is motivated by previous works but try to use their beauties and avoid their shortcomings, by using threshold sharing of the certificate signing key within each cluster to distribute the certificate services, and using certificate chain and certificate repository to achieve better scalability, less overhead and better security performance. An Intrusion Detection System is installed in every node, which is responsible for colleting local data from its host node and neighbor nodes within its communication range, pro-processing raw data and periodically broadcasting to its neighborhood, classifying normal or abnormal based on pro-processed data from its host node and neighbor nodes. Security recovery policy in ad hoc networks is the procedure of making a global decision according to messages received from distributed IDS and restore to operational health the whole system if any user or host that conducts the inappropriate, incorrect, or anomalous activities that threaten the connectivity or reliability of the networks and the authenticity of the data traffic in the networks. Finally, quantitative risk assessment model is proposed to numerically evaluate MANS security
Mobile Ad-Hoc Networks
Being infrastructure-less and without central administration control, wireless ad-hoc networking is playing a more and more important role in extending the coverage of traditional wireless infrastructure (cellular networks, wireless LAN, etc). This book includes state-of the-art techniques and solutions for wireless ad-hoc networks. It focuses on the following topics in ad-hoc networks: vehicular ad-hoc networks, security and caching, TCP in ad-hoc networks and emerging applications. It is targeted to provide network engineers and researchers with design guidelines for large scale wireless ad hoc networks
Recommended from our members
Key management for beyond 5G mobile small cells: a survey
The highly anticipated 5G network is projected to be introduced in 2020. 5G stakeholders are unanimous that densification of mobile networks is the way forward. The densification will be realized by means of small cell technology, and it is capable of providing coverage with a high data capacity. The EU-funded H2020-MSCA project “SECRET” introduced covering the urban landscape with mobile small cells, since these take advantages of the dynamic network topology and optimizes network services in a cost-effective fashion. By taking advantage of the device-to-device communications technology, large amounts of data can be transmitted over multiple hops and, therefore, offload the general network. However, this introduction of mobile small cells presents various security and privacy challenges. Cryptographic security solutions are capable of solving these as long as they are supported by a key management scheme. It is assumed that the network infrastructure and mobile devices from network users are unable to act as a centralized trust anchor since these are vulnerable targets to malicious attacks. Security must, therefore, be guaranteed by means of a key management scheme that decentralizes trust. Therefore, this paper surveys the state-of-the-art key management schemes proposed for similar network architectures (e.g., mobile ad hoc networks and ad hoc device-to-device networks) that decentralize trust. Furthermore, these key management schemes are evaluated for adaptability in a network of mobile small cells
- …