International Journal of Emerging Technology and Advanced Engineering
Website: www.ijetae.com (ISSN 2250-2459, Volume 2, Issue 9, September 2012)514
Improving Security Architecture of Anonymous Wireless Mesh
Networks
Rajkumar B
1, Murali Krishna.A
2,
Narasimha. G
31Associate Professor, 2M. Tech, Dept. of Computer Science and Engineering, SR College of Engineering, Ananthasagar,
Warangal, Andhra Pradesh, India
3Associate Professor, Dept. of Computer Science and Engineering, JNTUH, Hyderabad Abstract
-
As users of networks increasingly aware of theirprivacy needs, the importance of anonymity is gaining popularity. The reason behind it is that anonymity can hide the actual identity of end users while allowing their to access services of network or web site. More over they are allowed to do so without being traced. This usage is prevailing in P2P systems and also payment based networks like e-cash. Achieving anonymity and being able to trace misbehaving users are the two conflicting requirements. This paper proposes a security architecture that is aimed at providing complete anonymity to honest users while tracing misbehaving users thus resolving the conflict between anonymity and traceability requirements. In addition to these, this paper also focuses on basic security requirements such as nonrepudiation, data integrity, confidentiality, and authentication. The empirical results revealed that the proposed architecture is effective and can be adapted to real world systems
Keywords
-
Wireless mesh network, misbehaving user, anonymity, traceability, token based securityI. INTRODUCTION
Privacy and anonymity issues have become popularity and the same is provided in the literature in [7], [9], [10], [11], [12], [13], [14], [15], [16], [17], [18], [19], [20] that reviewed a great detail of these issues on various scenarios and contexts. WMNs (Wireless Mesh Networks) have become reliable technology that will have good future in the years to come. The security in such networks has been reviewed on various kinds of networks like cellular networks [1], WLANs [2], MANETs [5], [6],WSNs [3], [4] and VANETs [7] . In case of anonymity in any kind of networks, user’s identity has to be unlinked to his activities in case of e-cash systems [10], [12] and P2P payment systems described in [11], [13]. In anonymous networks, it is required to hide the location information of user also. This is to ensure that the movement of the user is not traced as this is conceived with respect to mobile networks as reviewed in [14], [15], [16] and VANETs as reviewed in [7]. Thus routing anonymity is very important as it is capable of concealing the commuinication between parties.
It achieves it by establishing anonymous path between the parties. The problem with complete anonymity without traceability is that insider attacks might be increased to break security of IT system. For this reason it is essential to have traceability facility in case of misbehaving users [10], [12].
This paper proposes security architecture for Wireless Mesh Networks where we achieve anonymity for honest users and traceability of misbehaving users. The initial architecture is given in [21] and then enhanced in this paper. The proposed system makes use of blind signature concept which has been taken from [10], [11], [13], [22]. The contributions of this paper are summarized here. They include ticket based system with anonymity and traceability; binding ticket and pseudonym that guarantees
anonymous access; hierarchical identity based
cryptography.
II. IBCAND BLIND SIGNATURE
BOneh and Franklin [23] proposed PKI (Public Key Infrastructure) which is based on efficient ID based encryption. This encryption scheme is based on bilinear pairings in elliptic curves. This kind of security mechanism allows public key of an entity to be derived from its identity information. This can effectively avoid the usage of certificates for just verifying public key in the traditional PKI. Blind signature is a scheme that allows a receiver to obtain a signature on a message in such a way that both signature and message remain not known to the signer. The term blind signature is described well in [24]. The main
properties of blind signature are unforgetability,
International Journal of Emerging Technology and Advanced Engineering
Website: www.ijetae.com (ISSN 2250-2459, Volume 2, Issue 9, September 2012)515
III. MODEL OF PROPOSED SYSTEMThis section describes various definitions pertaining to the proposed architecture, the network architecture, and trust model.
Definitions
Term Definition
Anonymity It is something that does not allow traceability of the client’s network access activities.
Traceability It is a process of tracing activities of a misbehaving user.
Ticket Reuse This is the process of usage of depleted ticket by a legitimate client.
Collusion It is a process in which TA and gateway are able to trace network access activities of genuine
clients.
Framing It is an attach that is initiated by a compromised TA (Trusted Authority)
Multiple Deposit One kind of misbehavior of a legitimate client. In this approach the credentials of genuine user
[image:2.612.72.536.209.371.2]have been compromised that allows the adversaries to deposit it again.
Table 1 shows the definitions of terms Network Architecture
Network architecture of the proposed system is as described in fig. 1. The WMN (Wireless Mesh Network)
backbone has mesh routers, gateways, TAs and CL. The details are known from the following figure
Fig. 1 shows proposed network architecture
As can be seen in the above figure, there are many parties involved in the proposed network infrastructure. TA (Trusted Authority) resides in Internet; MR (Mesh Router) and Gateways. Other party is CL (Client). The client can invoke any MR.
[image:2.612.105.506.456.608.2]International Journal of Emerging Technology and Advanced Engineering
Website: www.ijetae.com (ISSN 2250-2459, Volume 2, Issue 9, September 2012)516
IV. TRUST RELATIONSHIPWithin a WMN domain the entities such as TA, GW, and MR are assumed to be trusted. Standard IBC is used to for secure communications at backbone and network levels.
After registration at the TA, the client presents his/her ID. Then the TA assigns a private key associated with that ID. The client also chooses a unique account number which is stored at TA. TA assigns ID and private key pair of client to each gateway and mesh router so as to make it available to all trusted parties in the domain. The security scheme also supports inter-domain communication. When a client moves to different TA’s domain with different secret key, in that case foreign TA’s domain parameters are obtained which are certified by a trusted third party. Such certificate is used in the inter-domain authentication process.
V. SECURITY ARCHITECTURE OF THE PROPOSED SYSTEM
The architecture proposed is ticket – based which has protocols such as ticket issuance, ticket deposit, and fraud detection and ticket revocation.
Ticket Issuance
Tickets are issued by the TA to clients based on the behavioral history of clients. The ticket issuance takes place when the client attempts to access network or when all the tickets that have been are dissipated. Client shows his real ID to TA. The TA should be not able to link the ticket it issued to client’s real identity. The client applies some blinding technique to convert the ticket to be unlikable. The input given to this protocol is the ID of client, TAs secret numbers, common agreements and public parameters.
Ticket Deposit
After receiving a valid ticket, the client can use it whenever required. When client wants to access network services, he is supposed to deposit the ticket. The rule is that a ticket can be deposited only once otherwise it is considered misbehavior. The ticket is considered valid when equality check and signature verification succeeded. The client is not allowed to change pseudonym as it is essential for the purpose of genuine ticket deposit.
Fraud Detection
Fraud is associated with the misbehavior users as per this paper and the fraud is always an internal attack. Ticket reuse is due to the client’s inability to obtain tickets from TA. The client when reuses a ticket, it leads to consider the action of the node ―FRAUD‖.
Multiple deposits also results in the same. Only one ticket can be deposited at a time. However, the client can have multiple pseudonyms. The client can provide the tickets/pseudonym pairs to others and they can’t be traced as long as they use only one ticket at a time. Remedy to this problem is to specify non-overlapping active period of a ticket instead of giving expiry date and time.
Pseudonym Generation and Revocation
In the process of authentication, the pseudonym is used to hide the real ID of the client. This is meant for ensuring the location transparency and also anonymous access. In case of intra-domain authentication of the proposed system. The clients can generated their own pseudonyms by choosing secret numbers.
VI. SECURITY ANALYSIS
Fundamental security objectives such as authentication, data integrity, confidentiality have been achieved easily in the architecture. To achieve this digital signature, message authentication code and encryption code are used. Only the other thing is nonrepudiation. When client provides different representation, a fraud can be repudiated. When client misbehaves, the TA can find the nonrepudiation.
Anonymity: Gateway or Mesh router can’t establish client’s
real identity which is to ensure anonymity. This is achieved with the use of pseudonyms in the authentication process. Pseudonyms are generated by clients using secret keys. Therefore obtaining real identity is nothing but solving the problem of anonymity. The client’s DGW (Deposit Gateway) also can’t get the identity of client from any deposited ticket.
VII. EFFICIENCY ANALYSIS
Communication
International Journal of Emerging Technology and Advanced Engineering
Website: www.ijetae.com (ISSN 2250-2459, Volume 2, Issue 9, September 2012)517
Storage
TA is capable of using multiple servers for storage. Storage in these servers is not a problem of concern. During protocol execution stage, storage takes place at low end client side. This is the concern and discussed here. There is tradeoff between storage and computational overhead. When tickets are issued the client stores 621 bytes for each protocol instance. When protocol is being executed, the mesh routers do not store information. However, they store information required for inter-domain access. Parameters cause the large portion of overhead with respect to storage.
Computation
Having discussed the claims of storage analysis, the computational overhead that has been revealed at client side is of interest now. Such tasks at client include hash operations, point additions and multiplications, and also pairing operations. Out of all these things, the pairing operations are more computational expensive. In case of ticket issuance, the client computes two basis pairings. This is done in real time for each protocol instance. The remaining computational overheads can be computed once or can be done later. From the analysis of the computations, it can be concluded that the protocol’s real time computation intensity is totally acceptable.
VIII. SECURITY ENHANCEMENTS
Possible enhancement to be to incorporate peer to peer cooperation in the present networks. There might be multi-hop communications between the client and mesh router. Peer cooperation is an essential requirement for P2P systems. The peers are understood to be selfish. Therefore incentive mechanisms are required in order to encourage them to participate actively in the security mechanisms. This enables availability and also cooperativeness [13]. Some of the incentive mechanisms can be found in [30], [31], [32], [33]. In these systems low availability is an unobservable behavior [13]. This results in lack of feasibility in promoting availability in reputation based systems.
IX. CONCLUSION
The proposed security architecture in this paper implements protocols which are ticket-based in order to resolve the two security requirements that conflict each other.
This has been achieved and ensured unconditional anonymity for genuine users of the network and at the same time ability to trace misbehaving users.
The usage of identity based cryptography, hierarchical identity; self generated pseudonyms and utilization of tickets made it possible in the proposed security architecture. The empirical results revealed that the proposed architecture meets objectives of security and desired level of efficiency.
REFERENCES
[1 ] European Telecomm. Standards Inst. (ETSI), ―GSM 2.09: Security Aspects,‖ June 1993.
[2 ] P. Kyasanur and N.H. Vaidya, ―Selfish MAC Layer Misbehavior in Wireless Networks,‖ IEEE Trans. Mobile Computing, vol. 4, no. 5, pp. 502-516, Sept. 2005.
[3 ] A. Perrig, J. Stankovic, and D. Wagner, ―Security in Wireless Sensor Networks,‖ Comm. ACM, vol. 47, no. 6, pp. 53-57, 2004.
[4 ] S. Zhu, S. Setia, and S. Jajodia, ―LEAP+: Efficient Security Mechanisms for Large-Scale Distributed Sensor Networks,‖ACM Trans. Sensor Networks, vol. 2, no. 4, pp. 500-528, Nov. 2006. [5 ] W. Lou and Y. Fang, A Survey on Wireless Security in Mobile Ad
Hoc Networks: Challenges and Possible Solutions, X. Chen, X. Huang, and D.-Z. Du, eds., Kluwer Academic Publishers/Springer, 2004.
[6 ] L. Zhou and Z.J. Haas, ―Securing Ad Hoc Networks,‖ IEEE Network Magazine, vol. 13, no. 6, pp. 24-30, Dec. 1999.
[7 ] M. Raya and J-P. Hubaux, ―Securing Vehicular Ad Hoc Networks,‖ J. Computer Security, special issue on security of ad hoc and sensor networks, vol. 15, no. 1, pp. 39-68, 2007.
[8 ] Y. Zhang and Y. Fang, ―ARSA: An Attack-Resilient Security Architecture for Multihop Wireless Mesh Networks,‖ IEEE J.Selected Areas Comm., vol. 24, no. 10, pp. 1916-1928, Oct. 2006. [9 ] S. Brands, ―Untraceable Off-Line Cash in Wallets with
Observers,‖Proc. 13th Ann. Int’l Cryptology Conf. Advances in Cyptology (CRYPTO ’93), pp. 302-318, Aug. 1993.
[10 ] K. Wei, Y.R. Chen, A.J. Smith, and B. Vo, ―Whopay: A Scalable and Anonymous Payment System for Peer-to-Peer Environments,‖Proc. IEEE Int’l Conf. Distributed Computing Systems (ICDCS), July 2006.
[11 ] D. Chaum, A. Fiat, and M. Naor, ―Untraceable Electronic Cash,‖Proc. Conf. Advances in Cryptology (CRYPTO ’88), 2002. [12 ] D. Figueiredo, J. Shapiro, and D. Towsley, ―Incentives to Promote
Availability in Peer-to-Peer Anonymity Systems,‖ Proc. IEEE Int’l Conf. Network Protocols (ICNP), pp. 110-121, Nov. 2005. [13 ] G. Ateniese, A. Herzberg, H. Krawczyk, and G. Tsudik,
―Untraceable Mobility or How to Travel Incognito,‖ Computer Networks,vol. 31, no. 8, pp. 871-884, Apr. 1999.
[14 ] Q. He, D. Wu, and P. Khosla, ―Quest for Personal Control over Mobile Location Privacy,‖ IEEE Comm. Magazine, vol. 42, no. 5,pp. 130-136, May 2004.
International Journal of Emerging Technology and Advanced Engineering
Website: www.ijetae.com (ISSN 2250-2459, Volume 2, Issue 9, September 2012)518
[16 ] Y. Zhang, W. Liu, W. Lou, and Y. Fang, ―MASK: Anonymous On-Demand Routing in Mobile Ad Hoc Networks,‖ IEEE Trans.Wireless Comm., vol. 5, no. 9, pp. 2376-2385, Sept. 2006. [17 ] S. Seys and B. Preneel, ―ARM: Anonymous Routing Protocol for
Mobile Ad Hoc Networks,‖ Proc. 20th Int’l Conf. Advanced Information Networking and Applications (AINA), pp. 133-137, Apr.2006.
[18 ] M.G. Reed, P.F. Syverson, and D.M. Goldschlag, ―Anonymous Connections and Onion Routing,‖ IEEE J. Selected Areas Comm.,vol. 16, no. 4, pp. 482-494, May 1998.
[19 ] R. Dingledine, N. Mathewson, and P. Syverson, ―Tor: The Second-Generation Onion Router,‖ Proc. USENIX Security Symp., pp. 303-320, Aug. 2004.
[20 ] J. Sun, C. Zhang, and Y. Fang, ―A Security Architecture Achieving Anonymity and Traceability in Wireless Mesh Networks,‖ Proc.IEEE INFOCOM, pp. 1687-1695, Apr. 2008.
[21 ] D. Chaum, ―Blind Signatures for Untraceable Payments,‖ Advances in Cryptology—Crypto ’82, pp. 199-203, Springer-Verlag,1982. [22 ] D. Boneh and M. Franklin, ―Identity-Based Encryption from the
Weil Pairings,‖ Advances in Cryptology-Asiacrypt 2001, pp. 514-532,Springer-Verlag, 2001.
[23 ] A. Juels, M. Luby, and R. Ostrovsky, ―Security of Blind Digital Signatures,‖ Advances in Cryptology—Crypto ’97, pp. 150-164,Springer-Verlag, 1997.
[24 ] S. Brands, ―An Efficient Offline Electronic Cash System Based on the Representation Problem,‖ CWI Technical Report CS-R9323,1993.
[25 ] M. Abe and T. Okamoto, ―Provably Secure Partially Blind Signatures,‖ Advances in Cryptology—Crypto 2000, pp. 271-286,Springer-Verlag, 2000.306 IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING, VOL. 8, NO. 2, MARCH-APRIL 2011
[26 ] S.M. Chow, C.K. Hui, S.M. Yiu, and K.P. Chow, ―Two Improved Partially Blind Signature Schemes from Bilinear Pairings,‖ Proc.Australasian Conf. Information Security and Privacy (ACISP ’05),pp. 316-328, 2005.
[27 ] G. Maitland and C. Boyd, ―A Provably Secure Restrictive Partially Blind Signature Scheme,‖ Lecture Notes in Computer Science, pp. 99- 114, Springer-Verlag, 2002.
[28 ] X. Chen, F. Zhang, Y. Mu, and W. Susilo, ―Efficient Provably Secure Restrictive Partially Blind Signatures from Bilinear Pairings,‖ Proc. 10th Conf. Financial Cryptography and Data Security (FC ’06), pp. 251-265, Feb. 2006.
[29 ] X. Chen, F. Zhang, and S. Liu, ―ID-Based Restrictive Partially Blind Signatures and Applications,‖ J. Systems and Software, vol. 80, no. 2, pp. 164-171, Feb. 2007.
[30 ] S. Buchegger and J.L. Boudec, ―The Effect of Rumor Spreading in Reputation Systems for Mobile Ad-Hoc Networks,‖ Proc. Workshop Modeling and Optimization in Mobile, Ad Hoc and Wireless Networks (WiOpt ’03), Mar. 2003.
[31 ] Y. Zhang and Y. Fang, ―A Fine-Grained Reputation System for Reliable Service Selection in Peer-to-Peer Networks,‖ IEEE Trans.Parallel and Distributed Systems, vol. 18, no. 8, pp. 1134-1145, Aug.2007.
[32 ] S. Zhong, J. Chen, and Y. Yang, ―Sprite: A Simple, Cheat-Proof,Credit-Based System for Mobile Ad Hoc Networks,‖ Proc. IEEE INFOCOM, vol. 3, pp. 1987-1997, Apr. 2003.