Plug-and-Play IP Security: Anonymity Infrastructure Instead of PKI

We present the Plug-and-Play IP Security (PnP-IPsec) protocol. PnP-IPsec automatically establishes IPsec security associations between gateways, avoiding the need for manual administration and coordination between gateways, and the dependency on IPsec public key certificates - the two problems which are widely believed to have limited the use of IPsec mostly to intra-organization communication. PnP-IPsec builds on Self-validated Public Data Distribution (SvPDD), a protocol that we present to establish secure connections between remote peers/networks, without depending on pre-distributed keys or certification infrastructure. Instead, SvPDD uses available anonymous communication infrastructures such as Tor, which we show to allow detection of MitM attacker interfering with communication. SvPDD may also be used in other scenarios lacking secure public key distribution, such as the initial connection to an SSH server. We provide an open-source implementation of PnP-IPsec and SvPDD, and show that the resulting system is practical and secure

STWSN: A novel secure distributed transport protocol for wireless sensor networks

Several transport protocols for wireless sensor networks (WSNs) have been designed to fulfill efficiency requirements such as energy and reliability. Unfortunately, most of these transport protocols do not include sufficient security mechanisms and hence are vulnerable to numerous reliability and energy attacks. To address these vulnerabilities, this paper proposes a novel secure transport protocol, named as secure transport protocol for wireless sensor networks (STWSN). On the basis of distributed transport for sensor networks (DTSN) protocol, our protocol adds a new security extension in order to provide secure transport protocol. We provide both informal and formal security analyses of STWSN and show that it resists attacks on energy efficiency and reliability requirements. Last but not least, a performance analysis and simulation results are also presented