• No results found

Improving Security Architecture of Anonymous Wireless Mesh Networks

N/A
N/A
Protected

Academic year: 2020

Share "Improving Security Architecture of Anonymous Wireless Mesh Networks"

Copied!
5
0
0

Loading.... (view fulltext now)

Full text

(1)

International Journal of Emerging Technology and Advanced Engineering

Website: www.ijetae.com (ISSN 2250-2459, Volume 2, Issue 9, September 2012)

514

Improving Security Architecture of Anonymous Wireless Mesh

Networks

Rajkumar B

1

, Murali Krishna.A

2

,

Narasimha. G

3

1Associate Professor, 2M. Tech, Dept. of Computer Science and Engineering, SR College of Engineering, Ananthasagar,

Warangal, Andhra Pradesh, India

3Associate Professor, Dept. of Computer Science and Engineering, JNTUH, Hyderabad Abstract

-

As users of networks increasingly aware of their

privacy needs, the importance of anonymity is gaining popularity. The reason behind it is that anonymity can hide the actual identity of end users while allowing their to access services of network or web site. More over they are allowed to do so without being traced. This usage is prevailing in P2P systems and also payment based networks like e-cash. Achieving anonymity and being able to trace misbehaving users are the two conflicting requirements. This paper proposes a security architecture that is aimed at providing complete anonymity to honest users while tracing misbehaving users thus resolving the conflict between anonymity and traceability requirements. In addition to these, this paper also focuses on basic security requirements such as nonrepudiation, data integrity, confidentiality, and authentication. The empirical results revealed that the proposed architecture is effective and can be adapted to real world systems

Keywords

-

Wireless mesh network, misbehaving user, anonymity, traceability, token based security

I. INTRODUCTION

Privacy and anonymity issues have become popularity and the same is provided in the literature in [7], [9], [10], [11], [12], [13], [14], [15], [16], [17], [18], [19], [20] that reviewed a great detail of these issues on various scenarios and contexts. WMNs (Wireless Mesh Networks) have become reliable technology that will have good future in the years to come. The security in such networks has been reviewed on various kinds of networks like cellular networks [1], WLANs [2], MANETs [5], [6],WSNs [3], [4] and VANETs [7] . In case of anonymity in any kind of networks, user’s identity has to be unlinked to his activities in case of e-cash systems [10], [12] and P2P payment systems described in [11], [13]. In anonymous networks, it is required to hide the location information of user also. This is to ensure that the movement of the user is not traced as this is conceived with respect to mobile networks as reviewed in [14], [15], [16] and VANETs as reviewed in [7]. Thus routing anonymity is very important as it is capable of concealing the commuinication between parties.

It achieves it by establishing anonymous path between the parties. The problem with complete anonymity without traceability is that insider attacks might be increased to break security of IT system. For this reason it is essential to have traceability facility in case of misbehaving users [10], [12].

This paper proposes security architecture for Wireless Mesh Networks where we achieve anonymity for honest users and traceability of misbehaving users. The initial architecture is given in [21] and then enhanced in this paper. The proposed system makes use of blind signature concept which has been taken from [10], [11], [13], [22]. The contributions of this paper are summarized here. They include ticket based system with anonymity and traceability; binding ticket and pseudonym that guarantees

anonymous access; hierarchical identity based

cryptography.

II. IBCAND BLIND SIGNATURE

BOneh and Franklin [23] proposed PKI (Public Key Infrastructure) which is based on efficient ID based encryption. This encryption scheme is based on bilinear pairings in elliptic curves. This kind of security mechanism allows public key of an entity to be derived from its identity information. This can effectively avoid the usage of certificates for just verifying public key in the traditional PKI. Blind signature is a scheme that allows a receiver to obtain a signature on a message in such a way that both signature and message remain not known to the signer. The term blind signature is described well in [24]. The main

properties of blind signature are unforgetability,

(2)

International Journal of Emerging Technology and Advanced Engineering

Website: www.ijetae.com (ISSN 2250-2459, Volume 2, Issue 9, September 2012)

515

III. MODEL OF PROPOSED SYSTEM

This section describes various definitions pertaining to the proposed architecture, the network architecture, and trust model.

Definitions

Term Definition

Anonymity It is something that does not allow traceability of the client’s network access activities.

Traceability It is a process of tracing activities of a misbehaving user.

Ticket Reuse This is the process of usage of depleted ticket by a legitimate client.

Collusion It is a process in which TA and gateway are able to trace network access activities of genuine

clients.

Framing It is an attach that is initiated by a compromised TA (Trusted Authority)

Multiple Deposit One kind of misbehavior of a legitimate client. In this approach the credentials of genuine user

[image:2.612.72.536.209.371.2]

have been compromised that allows the adversaries to deposit it again.

Table 1 shows the definitions of terms Network Architecture

Network architecture of the proposed system is as described in fig. 1. The WMN (Wireless Mesh Network)

backbone has mesh routers, gateways, TAs and CL. The details are known from the following figure

Fig. 1 shows proposed network architecture

As can be seen in the above figure, there are many parties involved in the proposed network infrastructure. TA (Trusted Authority) resides in Internet; MR (Mesh Router) and Gateways. Other party is CL (Client). The client can invoke any MR.

[image:2.612.105.506.456.608.2]
(3)

International Journal of Emerging Technology and Advanced Engineering

Website: www.ijetae.com (ISSN 2250-2459, Volume 2, Issue 9, September 2012)

516

IV. TRUST RELATIONSHIP

Within a WMN domain the entities such as TA, GW, and MR are assumed to be trusted. Standard IBC is used to for secure communications at backbone and network levels.

After registration at the TA, the client presents his/her ID. Then the TA assigns a private key associated with that ID. The client also chooses a unique account number which is stored at TA. TA assigns ID and private key pair of client to each gateway and mesh router so as to make it available to all trusted parties in the domain. The security scheme also supports inter-domain communication. When a client moves to different TA’s domain with different secret key, in that case foreign TA’s domain parameters are obtained which are certified by a trusted third party. Such certificate is used in the inter-domain authentication process.

V. SECURITY ARCHITECTURE OF THE PROPOSED SYSTEM

The architecture proposed is ticket – based which has protocols such as ticket issuance, ticket deposit, and fraud detection and ticket revocation.

Ticket Issuance

Tickets are issued by the TA to clients based on the behavioral history of clients. The ticket issuance takes place when the client attempts to access network or when all the tickets that have been are dissipated. Client shows his real ID to TA. The TA should be not able to link the ticket it issued to client’s real identity. The client applies some blinding technique to convert the ticket to be unlikable. The input given to this protocol is the ID of client, TAs secret numbers, common agreements and public parameters.

Ticket Deposit

After receiving a valid ticket, the client can use it whenever required. When client wants to access network services, he is supposed to deposit the ticket. The rule is that a ticket can be deposited only once otherwise it is considered misbehavior. The ticket is considered valid when equality check and signature verification succeeded. The client is not allowed to change pseudonym as it is essential for the purpose of genuine ticket deposit.

Fraud Detection

Fraud is associated with the misbehavior users as per this paper and the fraud is always an internal attack. Ticket reuse is due to the client’s inability to obtain tickets from TA. The client when reuses a ticket, it leads to consider the action of the node ―FRAUD‖.

Multiple deposits also results in the same. Only one ticket can be deposited at a time. However, the client can have multiple pseudonyms. The client can provide the tickets/pseudonym pairs to others and they can’t be traced as long as they use only one ticket at a time. Remedy to this problem is to specify non-overlapping active period of a ticket instead of giving expiry date and time.

Pseudonym Generation and Revocation

In the process of authentication, the pseudonym is used to hide the real ID of the client. This is meant for ensuring the location transparency and also anonymous access. In case of intra-domain authentication of the proposed system. The clients can generated their own pseudonyms by choosing secret numbers.

VI. SECURITY ANALYSIS

Fundamental security objectives such as authentication, data integrity, confidentiality have been achieved easily in the architecture. To achieve this digital signature, message authentication code and encryption code are used. Only the other thing is nonrepudiation. When client provides different representation, a fraud can be repudiated. When client misbehaves, the TA can find the nonrepudiation.

Anonymity: Gateway or Mesh router can’t establish client’s

real identity which is to ensure anonymity. This is achieved with the use of pseudonyms in the authentication process. Pseudonyms are generated by clients using secret keys. Therefore obtaining real identity is nothing but solving the problem of anonymity. The client’s DGW (Deposit Gateway) also can’t get the identity of client from any deposited ticket.

VII. EFFICIENCY ANALYSIS

Communication

(4)

International Journal of Emerging Technology and Advanced Engineering

Website: www.ijetae.com (ISSN 2250-2459, Volume 2, Issue 9, September 2012)

517

Storage

TA is capable of using multiple servers for storage. Storage in these servers is not a problem of concern. During protocol execution stage, storage takes place at low end client side. This is the concern and discussed here. There is tradeoff between storage and computational overhead. When tickets are issued the client stores 621 bytes for each protocol instance. When protocol is being executed, the mesh routers do not store information. However, they store information required for inter-domain access. Parameters cause the large portion of overhead with respect to storage.

Computation

Having discussed the claims of storage analysis, the computational overhead that has been revealed at client side is of interest now. Such tasks at client include hash operations, point additions and multiplications, and also pairing operations. Out of all these things, the pairing operations are more computational expensive. In case of ticket issuance, the client computes two basis pairings. This is done in real time for each protocol instance. The remaining computational overheads can be computed once or can be done later. From the analysis of the computations, it can be concluded that the protocol’s real time computation intensity is totally acceptable.

VIII. SECURITY ENHANCEMENTS

Possible enhancement to be to incorporate peer to peer cooperation in the present networks. There might be multi-hop communications between the client and mesh router. Peer cooperation is an essential requirement for P2P systems. The peers are understood to be selfish. Therefore incentive mechanisms are required in order to encourage them to participate actively in the security mechanisms. This enables availability and also cooperativeness [13]. Some of the incentive mechanisms can be found in [30], [31], [32], [33]. In these systems low availability is an unobservable behavior [13]. This results in lack of feasibility in promoting availability in reputation based systems.

IX. CONCLUSION

The proposed security architecture in this paper implements protocols which are ticket-based in order to resolve the two security requirements that conflict each other.

This has been achieved and ensured unconditional anonymity for genuine users of the network and at the same time ability to trace misbehaving users.

The usage of identity based cryptography, hierarchical identity; self generated pseudonyms and utilization of tickets made it possible in the proposed security architecture. The empirical results revealed that the proposed architecture meets objectives of security and desired level of efficiency.

REFERENCES

[1 ] European Telecomm. Standards Inst. (ETSI), ―GSM 2.09: Security Aspects,‖ June 1993.

[2 ] P. Kyasanur and N.H. Vaidya, ―Selfish MAC Layer Misbehavior in Wireless Networks,‖ IEEE Trans. Mobile Computing, vol. 4, no. 5, pp. 502-516, Sept. 2005.

[3 ] A. Perrig, J. Stankovic, and D. Wagner, ―Security in Wireless Sensor Networks,‖ Comm. ACM, vol. 47, no. 6, pp. 53-57, 2004.

[4 ] S. Zhu, S. Setia, and S. Jajodia, ―LEAP+: Efficient Security Mechanisms for Large-Scale Distributed Sensor Networks,‖ACM Trans. Sensor Networks, vol. 2, no. 4, pp. 500-528, Nov. 2006. [5 ] W. Lou and Y. Fang, A Survey on Wireless Security in Mobile Ad

Hoc Networks: Challenges and Possible Solutions, X. Chen, X. Huang, and D.-Z. Du, eds., Kluwer Academic Publishers/Springer, 2004.

[6 ] L. Zhou and Z.J. Haas, ―Securing Ad Hoc Networks,‖ IEEE Network Magazine, vol. 13, no. 6, pp. 24-30, Dec. 1999.

[7 ] M. Raya and J-P. Hubaux, ―Securing Vehicular Ad Hoc Networks,‖ J. Computer Security, special issue on security of ad hoc and sensor networks, vol. 15, no. 1, pp. 39-68, 2007.

[8 ] Y. Zhang and Y. Fang, ―ARSA: An Attack-Resilient Security Architecture for Multihop Wireless Mesh Networks,‖ IEEE J.Selected Areas Comm., vol. 24, no. 10, pp. 1916-1928, Oct. 2006. [9 ] S. Brands, ―Untraceable Off-Line Cash in Wallets with

Observers,‖Proc. 13th Ann. Int’l Cryptology Conf. Advances in Cyptology (CRYPTO ’93), pp. 302-318, Aug. 1993.

[10 ] K. Wei, Y.R. Chen, A.J. Smith, and B. Vo, ―Whopay: A Scalable and Anonymous Payment System for Peer-to-Peer Environments,‖Proc. IEEE Int’l Conf. Distributed Computing Systems (ICDCS), July 2006.

[11 ] D. Chaum, A. Fiat, and M. Naor, ―Untraceable Electronic Cash,‖Proc. Conf. Advances in Cryptology (CRYPTO ’88), 2002. [12 ] D. Figueiredo, J. Shapiro, and D. Towsley, ―Incentives to Promote

Availability in Peer-to-Peer Anonymity Systems,‖ Proc. IEEE Int’l Conf. Network Protocols (ICNP), pp. 110-121, Nov. 2005. [13 ] G. Ateniese, A. Herzberg, H. Krawczyk, and G. Tsudik,

―Untraceable Mobility or How to Travel Incognito,‖ Computer Networks,vol. 31, no. 8, pp. 871-884, Apr. 1999.

[14 ] Q. He, D. Wu, and P. Khosla, ―Quest for Personal Control over Mobile Location Privacy,‖ IEEE Comm. Magazine, vol. 42, no. 5,pp. 130-136, May 2004.

(5)

International Journal of Emerging Technology and Advanced Engineering

Website: www.ijetae.com (ISSN 2250-2459, Volume 2, Issue 9, September 2012)

518

[16 ] Y. Zhang, W. Liu, W. Lou, and Y. Fang, ―MASK: Anonymous On-Demand Routing in Mobile Ad Hoc Networks,‖ IEEE Trans.Wireless Comm., vol. 5, no. 9, pp. 2376-2385, Sept. 2006. [17 ] S. Seys and B. Preneel, ―ARM: Anonymous Routing Protocol for

Mobile Ad Hoc Networks,‖ Proc. 20th Int’l Conf. Advanced Information Networking and Applications (AINA), pp. 133-137, Apr.2006.

[18 ] M.G. Reed, P.F. Syverson, and D.M. Goldschlag, ―Anonymous Connections and Onion Routing,‖ IEEE J. Selected Areas Comm.,vol. 16, no. 4, pp. 482-494, May 1998.

[19 ] R. Dingledine, N. Mathewson, and P. Syverson, ―Tor: The Second-Generation Onion Router,‖ Proc. USENIX Security Symp., pp. 303-320, Aug. 2004.

[20 ] J. Sun, C. Zhang, and Y. Fang, ―A Security Architecture Achieving Anonymity and Traceability in Wireless Mesh Networks,‖ Proc.IEEE INFOCOM, pp. 1687-1695, Apr. 2008.

[21 ] D. Chaum, ―Blind Signatures for Untraceable Payments,‖ Advances in Cryptology—Crypto ’82, pp. 199-203, Springer-Verlag,1982. [22 ] D. Boneh and M. Franklin, ―Identity-Based Encryption from the

Weil Pairings,‖ Advances in Cryptology-Asiacrypt 2001, pp. 514-532,Springer-Verlag, 2001.

[23 ] A. Juels, M. Luby, and R. Ostrovsky, ―Security of Blind Digital Signatures,‖ Advances in Cryptology—Crypto ’97, pp. 150-164,Springer-Verlag, 1997.

[24 ] S. Brands, ―An Efficient Offline Electronic Cash System Based on the Representation Problem,‖ CWI Technical Report CS-R9323,1993.

[25 ] M. Abe and T. Okamoto, ―Provably Secure Partially Blind Signatures,‖ Advances in Cryptology—Crypto 2000, pp. 271-286,Springer-Verlag, 2000.306 IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING, VOL. 8, NO. 2, MARCH-APRIL 2011

[26 ] S.M. Chow, C.K. Hui, S.M. Yiu, and K.P. Chow, ―Two Improved Partially Blind Signature Schemes from Bilinear Pairings,‖ Proc.Australasian Conf. Information Security and Privacy (ACISP ’05),pp. 316-328, 2005.

[27 ] G. Maitland and C. Boyd, ―A Provably Secure Restrictive Partially Blind Signature Scheme,‖ Lecture Notes in Computer Science, pp. 99- 114, Springer-Verlag, 2002.

[28 ] X. Chen, F. Zhang, Y. Mu, and W. Susilo, ―Efficient Provably Secure Restrictive Partially Blind Signatures from Bilinear Pairings,‖ Proc. 10th Conf. Financial Cryptography and Data Security (FC ’06), pp. 251-265, Feb. 2006.

[29 ] X. Chen, F. Zhang, and S. Liu, ―ID-Based Restrictive Partially Blind Signatures and Applications,‖ J. Systems and Software, vol. 80, no. 2, pp. 164-171, Feb. 2007.

[30 ] S. Buchegger and J.L. Boudec, ―The Effect of Rumor Spreading in Reputation Systems for Mobile Ad-Hoc Networks,‖ Proc. Workshop Modeling and Optimization in Mobile, Ad Hoc and Wireless Networks (WiOpt ’03), Mar. 2003.

[31 ] Y. Zhang and Y. Fang, ―A Fine-Grained Reputation System for Reliable Service Selection in Peer-to-Peer Networks,‖ IEEE Trans.Parallel and Distributed Systems, vol. 18, no. 8, pp. 1134-1145, Aug.2007.

[32 ] S. Zhong, J. Chen, and Y. Yang, ―Sprite: A Simple, Cheat-Proof,Credit-Based System for Mobile Ad Hoc Networks,‖ Proc. IEEE INFOCOM, vol. 3, pp. 1987-1997, Apr. 2003.

Figure

Table 1 shows the definitions of terms

References

Related documents

By mid-November when the raids on Malta were called off, a total of 385 Spitfire had been sent to the Island of which 12 returned to the carrier; 367 reached Malta and 134 had

Amir Awang (1983) menyenaraikan tiga sebab utama mengapa berlakunya kesukaran dalam membuat keputusan mengenai pemilihan kerjaya dalam kalangan individu. Antara kesukaran

was detected in the tests, especially in the greenhouse conditions, in which moderate to high heritabilities for thrips resistance and at least one resistance gene were estimated

capital adequacy ratio of Common Equity Tier 1 (CET1) capital to risk-weighted assets (RWA) as a risk criterion for interbank lending, as well as the proposed 300% risk- weight

• Nielsen worked with Pfizer’s brand and market research teams, the Drug Safety Group and legal teams to establish a methodology that enabled Pfizer to monitor CGM and,

Una possibile spiegazione per questa diferenza può essere ritrovata nelle diferenti intensità di ricognizione, infatti nella zona indagata intensivamente sono presenti molte strade,

When grazing at the upper end of the prey size spectrum, an ineY- cient feeding behaviour may occur due to sloppy feeding (e.g. 1989 ) which may strongly impact the food web

Assessment of optic disc size is an important component of optic nerve head examination, as optic disc parameters such as neuroretinal rim area and cup-disc