63 research outputs found
GVG-RP: A Net-centric Negligibility-based Security Model for Self-organizing Networks
We present a rigorous approach to building a secure self-organizing
mobile ad hoc network (MANET). In a highly dynamic environment like
MANET, it is impossible to ensure absolute security to protect
everything. We have to speak of the infeasibility of breaking the
security system rather than the impossibility of breaking the same
system. More formally, security is defined on the concept of
negligible , which is asymptotically sub-polynomial with respect to a
pre-defined system parameter . Intuitively, the parameter in
modern cryptography is the key length. The crypto-system\u27s security is
broken if the adversary\u27s capability is of exponentials of , and the
efficiency of all related algorithms is measured in polynomials of .
We adopt the same formal security notion in ad hoc network security
research. In network security, the network scale (i.e., number of
network members) replaces the role of key length in
cryptography. If a security scheme can be devised to ensure that the
probability of security failure is negligible, then the larger the
network scale is or the more complex the network system is, the more
secure the network is. In other words, given a negligibility-based
protection against a specific security attack, larger or more complex
systems are favored over smaller or simpler systems. Intuitively, this
is consistent with the evolution theory where more complex entities
probabilistically emerge from and likely survive longer than their less
complex counterparts.
In this paper, we use ``rushing attack\u27\u27 as the exemplary security
attack to disrupt mobile ad hoc routing. We show that ``rushing
attack\u27\u27 is a severe attack against on-demand ad hoc routing schemes.
Fortunately, ``localized forwarding community area\u27\u27 is an available
countermeasure to ensure that the failure probability of packet
forwarding is negligible. This demonstrates the usefulness of our
negligibility-based network security model. We expect to augment the
pool of negligibility-based protections and explore the general notion
in other types of networks.\\
\emph{Keywords}---Net-centric Security = Negligibility + Scalabilit
Towards a Probabilistic Complexity-theoretic Modeling of Biological Cyanide Poisoning as Service Attack in Self-organizing Networks
We draw an analogy of \emph{biological cyanide poisoning} to security
attacks in self-organizing mobile ad hoc networks. When a circulatory
system is treated as an enclosed network space, a hemoglobin is treated
as a mobile node, and a hemoglobin binding with cyanide ion is treated
as a compromised node (which cannot bind with oxygen to furnish its
oxygen-transport function), we show how cyanide poisoning can reduce the
probability of oxygen/message delivery to a rigorously defined
``negligible\u27\u27 quantity. Like formal cryptography, security problem in
our network-centric model is defined on the complexity-theoretic concept
of ``negligible\u27\u27, which is asymptotically sub-polynomial with respect
to a pre-defined system parameter . Intuitively, the parameter
is the key length in formal cryptography, but is changed to the
network scale, or the number of network nodes , in our model. We use
the \RP (-runs) complexity class with a virtual oracle to formally
model the cyanide poisoning phenomenon and similar network threats.
This new
analytic approach leads to a new view of biological threats from the
perspective of network security and complexity theoretic study
Formal Notions of Anonymity for Peer-to-peer Networks
Providing anonymity support for peer-to-peer (P2P) overlay networks is critical. Otherwise, potential privacy attacks (e.g., network address traceback) may deter a storage source from providing the needed data. In this paper we use this practical application scenario to verify our observation that network-based anonymity can be modeled as a complexity based cryptographic problem. We show that, if the routing process between senders and recipients can be modeled as abstract entities, network-based anonymity becomes an analogy of cryptography. In particular, perfect anonymity facing an unbounded traffic analyst corresponds to Shannonâs perfect secrecy facing an unbounded cryptanalyst. More importantly, in this paper we propose Probabilistic Polynomial Route (PPR) model, which is a new polynomially-bounded anonymity model corresponding to the Probabilistic Polynomial Time (PPT) model in cryptography. Afterwards, network-based anonymity attacks are with no exception in BPP. This phenomenon has not been discovered in previous anonymity research. KeywordsâFormal notion of anonymity; Probabilistic Polynomial Route model; Chosen Recipien
The Role of Latin Square in Cipher Systems: A Matrix Approach To . . .
This paper studies the theoretic background of cryptographic modes of operation, in particular those modes proposed to ensure message privacy. A novel algebraic model is presented as an archetype of encryption design. In th
Formal Notions of Anonymity for Peer-to-peer Networks
Providing anonymity support for peer-to-peer (P2P) overlay networks is critical. Otherwise, potential privacy attacks (e.g., network address traceback) may deter a storage source from providing the needed data. In this paper we use this practical application scenario to verify our observation that network-based anonymity can be modeled as a complexity based cryptographic problem. We show that, if the routing process between senders and recipients can be modeled as abstract entities, network-based anonymity becomes an analogy of cryptography. In particular, perfect anonymity facing an unbounded traffic analyst corresponds to Shannonâs perfect secrecy facing an unbounded cryptanalyst. More importantly, in this paper we propose Probabilistic Polynomial Route (PPR) model, which is a new polynomially-bounded anonymity model corresponding to the Probabilistic Polynomial Time (PPT) model in cryptography. Afterwards, network-based anonymity attacks are with no exception in BPP. This phenomenon has not been discovered in previous anonymity research. KeywordsâFormal notion of anonymity; Probabilistic Polynomial Route model; Chosen Recipien
GVG-RP: A Net-centric Negligibility-based Security Model For . . .
We present a rigorous approach to building a secure self-organizing mobile ad hoc network (MANET). In a highly dynamic environment like MANET, it is impossible to ensure absolute security to protect everything. We have to speak of the "infeasibility" of breaking the security system rather than the "impossibility" of breaking the same system. More formally, security is defined on the concept of "negligible", which is asymptotically subpolynomial with respect to a pre-defined system parameter n. Intuitively, the parameter n in modern cryptography is the key length. The crypto-system's security is broken if the adversary's capability is of exponentials of n, and the efficiency of all related algorithms is measured in polynomials of n. We adop
The Role of Latin Square in Cipher Systems: A Matrix Approach to Model Encryption Modes of Operation
This paper studies the theoretic background of cryptographic modes of operation, in particular those modes proposed to ensure message privacy. A novel algebraic model is presented as an archetype of encryption design. In the ideal case, encrypting multiple messages is treated as inductively applying the algebraic operation â, an operation corresponding to block-by-block processing, on Latin Squares over a sequence of finite groups {Zrn, Zr2ân, Zr3ân, · · ·,}. We further show that a Latin Square cipher is a newly discovered hard-core function for any strong one-way length-preserving function. Based on the discovery, we propose a thesis that encryption modes of operation should implement cryptographically strong pseudorandom generators in the ideal case, so that the random oracle model can be used to justify the practice of replacing Latin Square ciphers with âgood â implementations (e.g., AES). Finally we present a cryptanalysis of NISTâs standard modes of operation based on this work. The algebraic model shows that, even when an ideally strong one-way function is used, none of NISTâs standard modes of operation (OFB, CFB, CTR, CBC) can produce cryptographically strong pseudorandom ensembles based on the ideal one-way functionâthe distinction of this work is to use formal method (rather than empirical attacks) to illustrate the design flaws in the standard modes of operation. As numerous security protocols are using the flawed modes of operation, we argue that these national standards should be repaired, and efficient repairs (double encryption) can be easily achieved. I
GVG â RP: A Net-centric Negligibility-based Security Model for Self-organizing Networks
We present a rigorous approach to building a secure self-organizing mobile ad hoc network (MANET). In a highly dynamic environment like MANET, it is impossible to ensure absolute security to protect everything. We have to speak of the âinfeasibility â of breaking the security system rather than the âimpossibility â of breaking the same system. More formally, security is defined on the concept of ânegligibleâ, which is asymptotically subpolynomial with respect to a pre-defined system parameter n. Intuitively, the parameter n in modern cryptography is the key length. The crypto-systemâs security is broken if the adversaryâs capability is of exponentials of n, and the efficiency of all related algorithms is measured in polynomials of n. We adopt the same formal security notion in ad hoc network security research. In network security, the network scale (i.e., number of network members) N replaces the role of key length n in cryptography. If a security scheme can be devised to ensure that the probability of security failure is negligible, then the larger the network scale is or the more complex the network system is, the more secure the network is. In other words, given a negligibility-based protection against a specific security attack, larger or more complex systems are favored over smaller or simpler systems. Intuitively, this is consistent with the evolution theory where more complex entities probabilistically emerge from and likely survive longer than their less complex counterparts. In this paper, we use ârushing attack â as the exemplary security attack to disrupt mobile ad hoc routing. We show that ârushing attack â is a severe attack against on-demand ad hoc routing schemes. Fortunately, âlocalized forwarding community area â is an available countermeasure to ensure that the failure probability of packet forwarding is negligible. This demonstrates the usefulness of our negligibility-based network security model. We expect to augment the pool of negligibility-based protections and explore the general notion in other types of networks. KeywordsâNet-centric Security = Negligibility + Scalability I
- âŠ