BSMR: Byzantine-Resilient Secure Multicast Routing in Multihop Wireless Networks

Multihop wireless networks rely on node cooperation to provide multicast services. The multihop communication offers increased coverage for such services but also makes them more vulnerable to insider (or Byzantine) attacks coming from compromised nodes that behave arbitrarily to disrupt the network. In this work, we identify vulnerabilities of on-demand multicast routing protocols for multihop wireless networks and discuss the challenges encountered in designing mechanisms to defend against them. We propose BSMR, a novel secure multicast routing protocol designed to withstand insider attacks from colluding adversaries. Our protocol is a software-based solution and does not require additional or specialized hardware. We present simulation results that demonstrate that BSMR effectively mitigates the identified attacks.     

Study of BGP Peering Session Attacks and Their Impacts on Routing Performance

We present a detailed study of the potential impact of border gateway protocol peering session attacks and the resulting exploitation of route flap damping (RFD) that cause network-wide routing disruptions. We consider canonical grid as well as down-sampled realistic autonomous system (AS) topologies and address the impact of various typical service provider routing policies. Our modeling focuses on three dimensions of routing performance sensitivity: 1) protocol aware attacks (e.g., tuned to RFD); 2) route selection policy; and 3) attack-region topology. Analytical results provide insights into the nature of the problem and potential impact of the attacks. Detailed packet-level simulation results complement the analytical models and provide many additional insights into specific protocol interactions and timing issues. Finally, we quantify the potential effect of the BGP graceful restart mechanism as a partial mitigation of the BGP vulnerability to peering session attacks.     

用于多媒体加密的基于身份的密钥协商协议的安全性

最近Yi等(2002)提出了一个用于多媒体加密的基于身份的密钥协商协议。协议建立在Diffie-Hellman 密钥交换协议和RSA公钥密码体系之上。Yi等分析了协议的安全性,并认为该协议对于恶意攻击是鲁棒的。然而,本文证明该协议对于某些攻击如伪造秘密信息和篡改交换消息是脆弱的,并分析了该协议受到这些攻击的原因。本文指出由于该协议内在的缺陷,该协议可能难于改善。     

Cryptanalysis and improvement of an elliptic curve Diffie-Hellman key agreement protocol

In SAC'05, Strangio proposed protocol ECKE- 1 as an efficient elliptic curve Diffie-Hellman two-party key agreement protocol using public key authentication. In this letter, we show that protocol ECKE-1 is vulnerable to key-compromise impersonation attacks. We also present an improved protocol - ECKE-1N, which can withstand such attacks. The new protocol's performance is comparable to the well-known MQV protocol and maintains the same remarkable list of security properties.     

An Efficient Secure Authentication and Key Establishment Scheme for M2M Communication in 6LoWPAN in Unattended Scenarios

Machine-to-machine (M2M) is an important part of Internet of Things (IoT), and is used to describe those technologies applied in wireless communication automatically between mechanics or electronics instruments. With the rapid development and wide application of the Internet of Things, IETF is assigned to design IPv6 over low power wireless personal area network (6LoWPAN). The address of IPv6 is indefinite, which means it can satisfy addressing requirements for M2M. The 6LoWPAN standard has clarified important issues in M2M, but communication security has not been effectively resolved. In this article, we analyzed the existing security protocol for M2M communication in 6LoWPAN. The analysis result shows that the protocol has the defect of data leakage after the node is captured. In addition, the EAKES6Lo protocol is also vulnerable to sinkhole attacks and plaintext-chosen attacks. Based on the above analysis, an M2M communication mutual authentication protocol based on 6LoWPAN in unattended operation is proposed. The protocol establishes a reasonable secret key distribution mechanism and designs an anti-capture attack detection method for unattended nodes to resist attacks, such as replay attacks, sinkhole attacks, plaintext-chosen attacks, and physical capture attacks. Finally, the security of the protocol is proved by BAN.

     

Reid et al.'s distance bounding protocol and mafia fraud attacks over noisy channels

Distance bounding protocols are an effective countermeasure against relay attacks including distance fraud, mafia fraud and terrorist fraud attacks. Reid et al. proposed the first symmetric key distance bounding protocol against mafia and terrorist fraud attacks [1]. However, [2] claims that this is only achieved with a (7/8)ⁿ probability of success for mafia fraud, rather than the theoretical value of (3/4)ⁿ (for n rounds) achieved by distance bounding protocols without a final signature. We prove that the mafia fraud attack success using the Reid et al. protocol is bounded by (3/4)ⁿ and reduces as noise increases. The proof can be of further interest as it is the first ? to the best of our knowledge ? detailed analysis of the effects of communication errors on the security of a distance bounding protocol.     

SecMR – a secure multipath routing protocol for ad hoc networks

Multipath routing in ad hoc networks increases the resiliency against security attacks of collaborating malicious nodes, by maximizing the number of nodes that an adversary must compromise in order to take control of the communication. In this paper, we identify several attacks that render multipath routing protocols vulnerable to collaborating malicious nodes. We propose an on-demand multipath routing protocol, the secure multipath routing protocol (SecMR), and we analyze its security properties. Finally, through simulations, we evaluate the performance of the SecMR protocol in comparison with existing secure multipath routing protocols.     

Secure Classical Bit Commitment Using Fixed Capacity Communication Channels

If mutually mistrustful parties A and B control two or more appropriately located sites, special relativity can be used to guarantee that a pair of messages exchanged by A and B are independent. In earlier work we used this fact to define a relativistic bit commitment protocol, RBC1, in which security is maintained by exchanging a sequence of messages whose transmission rate increases exponentially in time. We define here a new relativistic protocol, RBC2, which requires only a constant transmission rate and could be practically implemented. We prove that RBC2 allows a bit commitment to be indefinitely maintained with unconditional security against all classical attacks. We examine its security against quantum attacks, and show that it is immune from the class of attacks shown by Mayers and Lo-Chau to render non-relativistic quantum bit commitment protocols insecure.     

容忍入侵的密码协议自适应调整策略研究

在密码协议的实际运行中,为保护密码协议安全运行,针对密码协议上攻击产生的原因,文中设计了两种能容忍入侵的密码协议自适应调整策略:算法自适应调整策略和参数自适应调整策略,能根据攻击的类型,动态调节密码协议的运行,以容忍/阻止一部分攻击行为,更好的保护密码协议的运行安全,并对两种策略的原理进行了详细的介绍,对它们的性能进行了仿真实验与分析,验证了这些策略的有效性.     

An experiment on the security of the Norwegian electronic voting protocol

Even when using a provably secure voting protocol, an election authority cannot argue convincingly that no attack that changed the election outcome has occurred, unless the voters are able to use the voting protocol correctly. We describe one statistical method that, if the assumptions underlying the protocol’s security proof hold, could provide convincing evidence that no attack occurred for the Norwegian Internet voting protocol (or other similar voting protocols). To determine the statistical power of this method, we need to estimate the rate at which voters detect possible attacks against the voting protocol. We designed and carried out an experiment to estimate this rate. We describe the experiment and results in full. Based on the results, we estimate upper and lower bounds for the detection rate. We also discuss some limitations of the practical experiment.     

A fault‐tolerant group key agreement protocol exploiting dynamic setting

A fault‐tolerant group key agreement is an essential infrastructure for Internet communication among all involved participants; it can establish a secure session key no matter how many malicious participants exit simultaneously in an effort to disrupt the key agreement process. Recently, Zhao et al. proposed an efficient fault‐tolerant group key agreement protocol named efficient group key agreement that can resist denial‐of‐service attacks, reply attacks, man‐in‐middle attacks, and common modulus attacks; it can also preserve forward secrecy with lower computational cost than previous protocols. We show that it is still vulnerable to active attacks by malicious participants and modify the corresponding security weakness adaptively. Furthermore, we propose an efficient fault‐tolerant group key agreement based on a binary tree structure and enhance it to a dynamic setting where participants can leave or join the group arbitrarily according to their preferences with instant session key refreshment. Additionally, our session key refreshment is based on secure key updating to protect forward/backward confidentiality and is resistant to active/passive attacks. The performance analysis shows that our proposed protocol has lower computational cost and little additional communication cost exploiting dynamic setting. Copyright © 2013 John Wiley & Sons, Ltd.     

Cryptanalysis and improvement of 2 mutual authentication schemes for Session Initiation Protocol

Recently, Chaudhry et al and Kumari et al proposed an advanced mutual authentication protocol for Session Initiation Protocol on the basis of the protocol of Lu et al. The authors claimed that their schemes can be resistant to various attacks. Unfortunately, we observe some important flaws in their respective schemes. We point out that their schemes are prone to off‐line password guessing and privileged insider attacks. To remedy their protocols's drawbacks, in this paper, we present a new improved authentication scheme keeping apart the threats encountered in the design of the schemes of Chaudhry et al and Kumari et al. Furthermore, the security analysis illustrates that our proposed scheme not only removes these drawbacks in their schemes but also can resist all known attacks and provide session key security. We give a heuristic security analysis and also provide the security analysis of the proposed scheme with the help of widespread Burrows‐Abadi‐Needham Logic. Finally, our scheme is compared with the previously proposed schemes on security and performance.     

Design and analysis of a denial-of-service-resistant quality-of-service signaling protocol for MANETs

Quality-of-service (QoS) signaling protocols for mobile ad hoc networks (MANETs) are highly vulnerable to attacks. In particular, a class of denial-of-service (DoS) attacks can severely cripple network performance with relatively little effort expended by the attacker. A distributed QoS signaling protocol that is resistant to a class of DoS attacks on signaling is proposed. The signaling protocol provides QoS for real-time traffic and employs mechanisms at the medium access control (MAC) layer, which serve to avoid potential attacks on network resource usage. The key MAC layer mechanisms that provide support for the QoS signaling scheme include sensing of available bandwidth, traffic policing, and rate monitoring, all of which are performed in a distributed manner by the mobile nodes. The proposed signaling scheme achieves a compromise between signaling protocols that require the maintenance of per-flow state and those that are completely stateless. The signaling scheme scales gracefully in terms of the number of nodes and/or traffic flows in the MANET. The authors analyze the security properties of the protocol and present simulation results to demonstrate its resistance to DoS attacks.     

无线传感器网络SPINS安全协议分析与改进

针对传感器网络不仅有更多的攻击方式,而且可以采用的防御手段也极为有限的问题,文章从安全协议的设计角度出发阐述了无线传感器网络存在的安全问题并有针对性地提出了解决方法。在详细分析SPINS[1]协议安全特性的基础上指出了该协议尚存的安全问题,并对协议进行了有效的改进。     

Cryptanalysis and improvement of the YAK protocol with formal security proof and security verification via Scyther

Hao proposed the YAK as a robust key agreement based on public‐key authentication, and the author claimed that the YAK protocol withstands all known attacks and therefore is secure against an extremely strong adversary. However, Toorani showed the security flaws in the YAK protocol. This paper shows that the YAK protocol cannot withstand the known key security attack, and its consequences lead us to introduce a new key compromise impersonation attack, where an adversary is allowed to reveal both the shared static secret key between two‐party participation and the ephemeral private key of the initiator party in order to mount this attack. In addition, we present a new security model that covers these attacks against an extremely strong adversary. Moreover, we propose an improved YAK protocol to remedy these attacks and the previous attacks mentioned by Toorani on the YAK protocol, and the proposed protocol uses a verification mechanism in its block design that provides entity authentication and key confirmation. Meanwhile, we show that the proposed protocol is secure in the proposed formal security model under the gap Diffie‐Hellman assumption and the random oracle assumption. Moreover, we verify the security of the proposed protocol and YAK protocol by using an automatic verification method such as the Scyther tool, and the verification result shows that the security claims of the proposed protocol are proven, in contrast to those of the YAK protocol, which are not proven. The security and performance comparisons show that the improved YAK protocol outperforms previous related protocols.     

无线传感器网络中匿名的聚合节点选举协议

提出一种分簇无线传感器网络中匿名的簇头选举协议。给出了匿名簇头选举的判定规则及成簇模式,并采用基于双线性对的匿名否决协议对选举结果进行验证以保证存在节点成功当选。设计了相应的匿名数据聚合方案,无需泄露节点身份信息即可完成聚合。分析及仿真结果表明,协议同时实现了簇头选举的匿名性、高效性及安全性,可有效抵抗窃听攻击、节点妥协攻击及合谋攻击等恶意行为。     

AN IMPROVED AUTHENTICATED KEY AGREEMENT PROTOCOL

In 1999, Seo and Sweeney proposed a simple authenticated key agreement protocol that was designed to act as a Diffie-Hellman key agreement protocol with user authentication. Various attacks on this protocol are described and enhanced in the literature. Recently, Ku and Wang proposed an improved authenticated key agreement protocol, where they asserted the protocol could withstand the existing attacks. This paper shows that Ku and Wang＇s protocol is still vulnerable to the modification attack and presents an improved authenticated key agreement protocol to enhance the security of Ku and Wang＇s protocol. The protocol has more efficient performance by replacing exponentiation operations with message authentication code operations.     

影响TCP协议安全性的几个要素

TCP／IP协议簇本身的缺陷是导致别有用心者构造现今互联网上众多攻击的原因。TCP协议是面向连接的、端到端的字节流通信协议。是TCP／IP协议簇中主要协议之一。他的功能强大自不必说。他的缺陷也是导致大量攻击的根源。本文分析了TCP协议的要点及可能导致攻击的薄弱环节，并提出了相应的改进办法。     

协议抗拒绝服务攻击性自动化证明

首先从攻击者上下文与进程表达式2个方面对标准应用PI演算进行扩展,然后从协议状态的角度,应用扩展后的应用PI演算对协议抗拒绝服务攻击性进行建模,提出一个基于定理证明支持一阶定理证明器ProVerif的抗拒绝服务攻击性自动化证明方法,最后应用ProVerif分析与验证了JFK协议与IEEE 802.11四步握手协议抗拒绝服务攻击性,发现IEEE 802.11四步握手协议存在一个新的拒绝服务攻击,并且针对IEEE 802.11四步握手协议存在的拒绝服务攻击提出了改进方法。     

An efficient and secure 3‐factor user‐authentication protocol for multiserver environment

In the last decade, the number of web‐based applications is increasing rapidly, which leads to high demand for user authentication protocol for multiserver environment. Many user‐authentication protocols have been proposed for different applications. Unfortunately, most of them either have some security weaknesses or suffer from unsatisfactory performance. Recently, Ali and Pal proposed a three‐factor user‐authentication protocol for multiserver environment. They claimed that their protocol can provide mutual authentication and is secure against many kinds of attacks. However, we find that Ali and Pal's protocol cannot provide user anonymity and is vulnerable to 4 kinds of attacks. To enhance security, we propose a new user‐authentication protocol for multiserver environment. Then, we provide a formal security analysis and a security discussion, which indicate our protocol is provably secure and can withstand various attacks. Besides, we present a performance analysis to show that our protocol is efficient and practical for real industrial environment.