Study and Implementation ofEfficient Security for Wireless

Networks

04/19/23 1

M. Razvi DoomunM. Razvi DoomunFaculty of EngineeringFaculty of EngineeringUniversity of MauritiusUniversity of Mauritius

r.doomun@uom.ac.mu

Project Supervisor: Prof. K.M.S. SoyjaudahProject Supervisor: Prof. K.M.S. Soyjaudah

Research Week 2009/2010

Doctoral Consortium e-Poster

ObjectivesObjectives

Design efficient security and privacy mechanisms for resource-constrained wireless networks

Analysis of operational complexity and efficiency of IEEE 802.11i security protocol

Propose integrated security and privacy of source and

destination in ad hoc wireless networks against global attackers.

2

Energy-efficient security protocol can be achieved by:Software optimization techniques and better hardware

implementation, or a combination of both, for constituent cryptographic operations.

Use equivalent alternative cipher primitives that consume less energyReduce workload of a security protocol

Modify or simplify the structure of security protocol componentsFrame formatting, minimize redundant operations and overheads

Innovative and energy-aware security provisioning with flexible security frameworkDifferent combinations of security primitives for different security

requirements at different operating conditions

M. R. Doomun, K.M.S. Soyjaudah, “Adaptive IEEE 802.11i security for energy-security optimization,” In Proceedings of The Third Advanced International Conference on Telecommunications AICT ’07, IARIA- Mauritius, 13-19 May, 2007.

General Energy Cost of Security Protocol

Comparative complexity of WEP, TKIP, AES-CCMP

Complexity of TKIP is proportional to the message size encrypted

With message size less than 100 bytes, TKIP has faster execution speed than AES-CCMP

Complexity of CCMP increases linearly with increasing key length, more encryption rounds, as well as larger payload size.

CTR-mode and CBC-MAC contributes almost equally to the overall complexity of CCMP

M. R. Doomun, K.M.S. Soyjaudah, D. Bundhoo, “Energy Consumption and Computational Analysis of Rijndael-AES,” In Proceedings of Third IEEE International Conference in Central Asia on Internet The Next Generation of Mobile, Wireless and Optical Communications Networks, September 26-28, 2007.

M. R. Doomun and K.M.S. Soyjaudah, “Analytical Comparison of Cryptographic Techniques for Resource Constrained Wireless Security”, International Journal of Network Security, Vol.9, No.1, pp. 82–94, July 2009.

Complexity comparison of WEP, TKIP and CCMP

M. R. Doomun, K.M. Sunjiv Soyjaudah, “Modified Temporal Key Integrity protocol for efficient wireless network security,” In Proceedings of International Conference on Security and Cryptography (SECRYPT 2007) IEEE, Spain, 28-31 July 2007.

M. R.Doomun and K.M.S. Soyjaudah “LOTKIP: Low Overhead TKIP optimization for Wireless Ad hoc Networks” International Journal of Network Security (IJNS).

Communication PrivacyCommunication Privacy

Traffic analysis in large wireless ad hoc networksPassive attackReveal contextual information

Direction of traffic flow, nodes with high packet transmission rate

Locate of source and destination nodes

Traffic analysis countermeasures:Use multipath to spread the network trafficUse anonymous routing techniquesAll packets encrypted link-by-link

8

Two types of attackersTwo types of attackers Local attacker :

Eavesdrop on transmitted packets around one node at a time Does not know the overall network traffic flow

Global attacker : Visualize the overall network traffic flow Capable of network-wide traffic rate monitoring and time-

correlation attacks.Network-wide rate monitoring attack involves counting the

number of transmitted/received packets around every node in the network.

Time-correlation attack involves finding the communication patterns by analyzing latencies between packet transmissions around nodes in the network.

9

Models and Assumptions (1)Models and Assumptions (1)

Network modelAd hoc grid-distribution or random-distribution network

nodesMAC and routing protocol messages are encryptedAssume existing key management protocol that can

distribute pair-wise keys between nodes or public-private key pairs for each node

All packets are transmitted in the same format and have same length (by padding or fragmenting).

Route discovery communications are assumed to be anonymous using any of the anonymous routing protocols

10

Models and Assumptions (2)Models and Assumptions (2)

Attacker ModelAn external, global, and powerful attacker modelAttacker is passive and cannot compromise nodes in the

networkKnowledge of network topology and can keep statistical

measurements for all of the network trafficA possible method for this attack is by deploying an

overlay network with several malicious nodes simply to sense traffic from the given ad hoc network

Privacy Evaluation MetricsPrivacy Evaluation Metrics Anonymity

The level of anonymity is defined as the probability that a node of interest is incorrectly identified in an anonymous group

Depends on the number of nodes in the anonymous zone If a node is hidden among A nodes that have the same behavior,

then the level of anonymity Unlinkability

3-D graph of transmitted data around nodes to determine whether or not a global attacker can visualize the existence of communication between a source and destination.

Edge detection algorithms to extract traffic pattern Entropy

If node i transmits ui packets and a total of V packets were transmitted in the network in time T, the fraction of packets sent by i is pi = ui/V and the entropy is defined as

12

Privacy Protocol (1)Privacy Protocol (1) Initialization

Source node S broadcasts a hello message to discover all its one-hop neighbors N(1, i) for i = 1,2, …, m, where m is the total number of neighbor nodes.

The nodes in N(1, i) discover their respective neighbors N(2, i) which are two-hops away from node S.

Consequently, source node S constructs the list: N(1, i),N(2, i),N(3, i), …, N (k, i), where N(k, i) is the set of kth hop neighbors of node S.

This initialization process of neighbor discovery is done periodically by all nodes in the network.

13

Privacy Protocol (2)Privacy Protocol (2) Cloud Construction

Let the cloud region be of maximum width k hops from the source S.

For e.g, with k = 3, source node S will randomly select a number of nodes, B < 4k(k+1), such that B {N(1, i) N(2, i) N(3, i)}.

Nodes in cloud B Marked as pseudosources in the cloud Requested to transmit encrypted dummy

packets at a rate similar to the source transmission rate

Forward real packets when available from source to delegated sources.

Drop dummy packets.

Privacy Protocol (3)Privacy Protocol (3)Destination node D: do same initialization

procedure & also construct a cloud. Size of the source and the destination clouds

can be different.

Delegated Source and Delegated DestinationNode S randomly selects one or more nodes

from the set B to act as delegated sources. (D will do the same)

R. Doomun, T. Hayajneh, P. Krishnamurthy and D. Tipper, “SECLOUD: Source and Destination Seclusion using Clouds for Wireless Ad Hoc Networks”, IEEE Symposium on Computers and Communications (ISCC) Tunisia, 5-8 July, 2009.

SimulationSimulation 400 nodes distributed in an area of 2000m x 2000m with

average node degree between 7 and 8. Quasi-Unit disk graph (Q-UDG) The source sends 5000 data packets in a time window of T

seconds

The attacker: Will sample n of the nodes that have the highest number of

packets transmitted in T and computes the average value U of packets transmitted.

Will mark nodes that transmit at least βU packets where 0<β< 1. Will vizualize graph of nodes, the number of packets transmitted

and the marked nodes to determine possible communication paths, sources, and destinations.

We pick n = 10 in our simulations. Different values of n and β will create sharp or fuzzy boundaries in the graph

16

17

Results Privacy Results Privacy TechniqueTechnique

With single Source-Destination

With multiple paths

Example of Security-Privacy Policy Decision Matrix

ConclusionsConclusions Complexity overhead analysis of existing 802.11i

wireless security mechanisms Optimizing execution of TKIP and AES-CCM

algorithm by minimizing redundant operations and reducing communication overhead E.g. Low Overhead TKIP & Resource Saving AES-CCMP Design with Hybrid

Counter Mode Block Chaining –MAC Anonymity level and transmission overhead analysis

of existing communication privacy mechanisms Communication overhead cannot be reduced without sacrificing some

privacy strength because hiding traffic pattern comes at a cost. Future / Ongoing work

Develop privacy techniques for better seclusion for both, source and destination nodes location

Adaptive and resource-aware security-privacy model provides more efficient energy consumption