GVG-RP: A Net-centric Negligibility-based Security Model for Self-organizing Networks

We present a rigorous approach to building a secure self-organizing mobile ad hoc network (MANET). In a highly dynamic environment like MANET, it is impossible to ensure absolute security to protect everything. We have to speak of the infeasibility of breaking the security system rather than the impossibility of breaking the same system. More formally, security is defined on the concept of negligible , which is asymptotically sub-polynomial with respect to a pre-defined system parameter $n$. Intuitively, the parameter $n$ in modern cryptography is the key length. The crypto-system\u27s security is broken if the adversary\u27s capability is of exponentials of $n$, and the efficiency of all related algorithms is measured in polynomials of $n$. We adopt the same formal security notion in ad hoc network security research. In network security, the network scale (i.e., number of network members) $N$ replaces the role of key length $n$ in cryptography. If a security scheme can be devised to ensure that the probability of security failure is negligible, then the larger the network scale is or the more complex the network system is, the more secure the network is. In other words, given a negligibility-based protection against a specific security attack, larger or more complex systems are favored over smaller or simpler systems. Intuitively, this is consistent with the evolution theory where more complex entities probabilistically emerge from and likely survive longer than their less complex counterparts. In this paper, we use ``rushing attack\u27\u27 as the exemplary security attack to disrupt mobile ad hoc routing. We show that ``rushing attack\u27\u27 is a severe attack against on-demand ad hoc routing schemes. Fortunately, ``localized forwarding community area\u27\u27 is an available countermeasure to ensure that the failure probability of packet forwarding is negligible. This demonstrates the usefulness of our negligibility-based network security model. We expect to augment the pool of negligibility-based protections and explore the general notion in other types of networks.\\ \emph{Keywords}---Net-centric Security = Negligibility + Scalabilit

Towards a Probabilistic Complexity-theoretic Modeling of Biological Cyanide Poisoning as Service Attack in Self-organizing Networks

We draw an analogy of \emph{biological cyanide poisoning} to security attacks in self-organizing mobile ad hoc networks. When a circulatory system is treated as an enclosed network space, a hemoglobin is treated as a mobile node, and a hemoglobin binding with cyanide ion is treated as a compromised node (which cannot bind with oxygen to furnish its oxygen-transport function), we show how cyanide poisoning can reduce the probability of oxygen/message delivery to a rigorously defined ``negligible\u27\u27 quantity. Like formal cryptography, security problem in our network-centric model is defined on the complexity-theoretic concept of ``negligible\u27\u27, which is asymptotically sub-polynomial with respect to a pre-defined system parameter $x$. Intuitively, the parameter $x$ is the key length $n$ in formal cryptography, but is changed to the network scale, or the number of network nodes $N$, in our model. We use the \RP ($n$-runs) complexity class with a virtual oracle to formally model the cyanide poisoning phenomenon and similar network threats. This new analytic approach leads to a new view of biological threats from the perspective of network security and complexity theoretic study

Formal Notions of Anonymity for Peer-to-peer Networks

Providing anonymity support for peer-to-peer (P2P) overlay networks is critical. Otherwise, potential privacy attacks (e.g., network address traceback) may deter a storage source from providing the needed data. In this paper we use this practical application scenario to verify our observation that network-based anonymity can be modeled as a complexity based cryptographic problem. We show that, if the routing process between senders and recipients can be modeled as abstract entities, network-based anonymity becomes an analogy of cryptography. In particular, perfect anonymity facing an unbounded traffic analyst corresponds to Shannon’s perfect secrecy facing an unbounded cryptanalyst. More importantly, in this paper we propose Probabilistic Polynomial Route (PPR) model, which is a new polynomially-bounded anonymity model corresponding to the Probabilistic Polynomial Time (PPT) model in cryptography. Afterwards, network-based anonymity attacks are with no exception in BPP. This phenomenon has not been discovered in previous anonymity research. Keywords—Formal notion of anonymity; Probabilistic Polynomial Route model; Chosen Recipien

The Role of Latin Square in Cipher Systems: A Matrix Approach To . . .

This paper studies the theoretic background of cryptographic modes of operation, in particular those modes proposed to ensure message privacy. A novel algebraic model is presented as an archetype of encryption design. In th

Formal Notions of Anonymity for Peer-to-peer Networks

Providing anonymity support for peer-to-peer (P2P) overlay networks is critical. Otherwise, potential privacy attacks (e.g., network address traceback) may deter a storage source from providing the needed data. In this paper we use this practical application scenario to verify our observation that network-based anonymity can be modeled as a complexity based cryptographic problem. We show that, if the routing process between senders and recipients can be modeled as abstract entities, network-based anonymity becomes an analogy of cryptography. In particular, perfect anonymity facing an unbounded traffic analyst corresponds to Shannon’s perfect secrecy facing an unbounded cryptanalyst. More importantly, in this paper we propose Probabilistic Polynomial Route (PPR) model, which is a new polynomially-bounded anonymity model corresponding to the Probabilistic Polynomial Time (PPT) model in cryptography. Afterwards, network-based anonymity attacks are with no exception in BPP. This phenomenon has not been discovered in previous anonymity research. Keywords—Formal notion of anonymity; Probabilistic Polynomial Route model; Chosen Recipien

GVG-RP: A Net-centric Negligibility-based Security Model For . . .

We present a rigorous approach to building a secure self-organizing mobile ad hoc network (MANET). In a highly dynamic environment like MANET, it is impossible to ensure absolute security to protect everything. We have to speak of the "infeasibility" of breaking the security system rather than the "impossibility" of breaking the same system. More formally, security is defined on the concept of "negligible", which is asymptotically subpolynomial with respect to a pre-defined system parameter n. Intuitively, the parameter n in modern cryptography is the key length. The crypto-system's security is broken if the adversary's capability is of exponentials of n, and the efficiency of all related algorithms is measured in polynomials of n. We adop

The Role of Latin Square in Cipher Systems: A Matrix Approach to Model Encryption Modes of Operation

This paper studies the theoretic background of cryptographic modes of operation, in particular those modes proposed to ensure message privacy. A novel algebraic model is presented as an archetype of encryption design. In the ideal case, encrypting multiple messages is treated as inductively applying the algebraic operation ⋆, an operation corresponding to block-by-block processing, on Latin Squares over a sequence of finite groups {Zrn, Zr2∗n, Zr3∗n, · · ·,}. We further show that a Latin Square cipher is a newly discovered hard-core function for any strong one-way length-preserving function. Based on the discovery, we propose a thesis that encryption modes of operation should implement cryptographically strong pseudorandom generators in the ideal case, so that the random oracle model can be used to justify the practice of replacing Latin Square ciphers with “good ” implementations (e.g., AES). Finally we present a cryptanalysis of NIST’s standard modes of operation based on this work. The algebraic model shows that, even when an ideally strong one-way function is used, none of NIST’s standard modes of operation (OFB, CFB, CTR, CBC) can produce cryptographically strong pseudorandom ensembles based on the ideal one-way function—the distinction of this work is to use formal method (rather than empirical attacks) to illustrate the design flaws in the standard modes of operation. As numerous security protocols are using the flawed modes of operation, we argue that these national standards should be repaired, and efficient repairs (double encryption) can be easily achieved. I

GVG − RP: A Net-centric Negligibility-based Security Model for Self-organizing Networks

We present a rigorous approach to building a secure self-organizing mobile ad hoc network (MANET). In a highly dynamic environment like MANET, it is impossible to ensure absolute security to protect everything. We have to speak of the ”infeasibility ” of breaking the security system rather than the ”impossibility ” of breaking the same system. More formally, security is defined on the concept of ”negligible”, which is asymptotically subpolynomial with respect to a pre-defined system parameter n. Intuitively, the parameter n in modern cryptography is the key length. The crypto-system’s security is broken if the adversary’s capability is of exponentials of n, and the efficiency of all related algorithms is measured in polynomials of n. We adopt the same formal security notion in ad hoc network security research. In network security, the network scale (i.e., number of network members) N replaces the role of key length n in cryptography. If a security scheme can be devised to ensure that the probability of security failure is negligible, then the larger the network scale is or the more complex the network system is, the more secure the network is. In other words, given a negligibility-based protection against a specific security attack, larger or more complex systems are favored over smaller or simpler systems. Intuitively, this is consistent with the evolution theory where more complex entities probabilistically emerge from and likely survive longer than their less complex counterparts. In this paper, we use “rushing attack ” as the exemplary security attack to disrupt mobile ad hoc routing. We show that “rushing attack ” is a severe attack against on-demand ad hoc routing schemes. Fortunately, “localized forwarding community area ” is an available countermeasure to ensure that the failure probability of packet forwarding is negligible. This demonstrates the usefulness of our negligibility-based network security model. We expect to augment the pool of negligibility-based protections and explore the general notion in other types of networks. Keywords—Net-centric Security = Negligibility + Scalability I