Abstract
The emergence of computing environments where smart devices are embedded pervasively in the physical world has made possible many interesting applications and has triggered several new research areas. Mobile ad hoc networks (MANET), sensor networks and radio frequency identification (RFID) systems are all examples of such pervasive systems. Operating on an open medium and lacking a fixed infrastructure, these systems suffer from critical security vulnerabilities for which few satisfactory current solutions exist, particularly with respect to availability and denial-of-service. In addition, most of the extant knowledge in network security and cryptography cannot be readily transferred to the newer settings which involve weaker devices and less structured networks.
In this paper we investigate the security of pervasive systems and focus on availability issues in malicious environments. We articulate a formal security framework that is tuned for the analysis of protocols for constrained systems and show how this can be used with applications that involve MANET and RFID systems. In our approach we shall use optimistic protocols for which the overhead is minimal when the adversary is passive. When the adversary is active, depending on the application, the additional cost is either used to trace malicious behavior or born by non-constrained components of the system. Our goal is to design mechanisms that will support self-healing and promote a fault-free system state, or a stable system state, in the presence of a Byzantine adversary.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Ateniese, G., Camenisch, J., de Medeiros, B.: Untraceable RFID tags via insubvertible encryption. In: Proc. of the ACM Conf. on Computer and Communication Security (ACM CCS 2005), pp. 92–101. ACM Press, New York (2005)
Awerbuch, B., Holmer, D., Nita-Rotaru, C., Rubens, H.: An On-Demand Secure Routing Protocol Resilient to Byzantine Failures. In: ACM Workshop on Wireless Security – WiSe 2002 (2002)
Beaver, D.: Foundations of secure interactive computing. In: Feigenbaum, J. (ed.) CRYPTO 1991. LNCS, vol. 576, pp. 377–391. Springer, Heidelberg (1992)
Beaver, D.: Secure multi-party protocols and zero-knowledge proof systems tolerating a faulty minority. Journal of Cryptology 4(2), 75–122 (1991)
Beaver, D., Goldwasser, S.: Multiparty computation with faulty majority. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol. 435, pp. 589–590. Springer, Heidelberg (1990)
Belding-Royer, E.M., Toh, C.-K.: A review of current routing protocols for ad-hoc mobile wireless networks. In: IEEE Personal Communications Magazine, pp. 46–55 (1991)
Burmester, M., van Le, T.: Secure Multipath Communication in Mobile Ad hoc Networks. In: Proc. International Conference on Information Technology Coding and Computing, pp. 405–409 (2004)
Burmester, M., Van Le, T., Yasinsac, A.: Adaptive gossip protocols: managing security and redundancy in dense ad hoc networks. Journal of Ad hoc Networks 4(3), 504–515 (2006)
Chatmon, C., Van Le, T., Burmester, M.: Anonymous authentication with RFID devices. FSU Technical Report: TR-060112, Available at: http://www.sait.fsu.edu/research/rfid/index.shtml
Canetti, R.: Studies in Secure Multiparty Computation and Applications. Ph. D. thesis, Weizmann Institute of Science, Rehovot 76100, Israel (June 1995)
Canetti, R.: Security and composition of multi-party cryptographic protocols. Journal of Cryptology 13(1), 143–202 (2000)
Canetti, R.: Universally composable security: A new paradigm for cryptographic protocols. In: Proc. of Foundations of Comp. Sci. (FOCS 2001), pp. 136–145 (2001)
Canetti, R., Fischlin, M.: Universally Composable Commitments. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, p. 19. Springer, Heidelberg (2001)
Canetti, R., Herzog, J.: Universally Composable Symbolic Analysis of Cryptographic Protocols (The case of encryption-based mutual authentication and key exchange). In E-print Technical Report # 2004/334, International Association for Cryptological Research (2004), Available at: http://eprint.iacr.org/2004/334
Canetti, R., Krawczyk, H.: Universally Composable Notions of Key Exchange and Secure Channels (extended asbatrct). In: Knudsen, L.R. (ed.) EUROCRYPT 2002. LNCS, vol. 2332, p. 337. Springer, Heidelberg (2002)
Canetti, R., Lindell, Y., Ostrovsky, R., Sahai, A.: Universally Composable Two-Party and Multi-Party Secure Computation. In: Proc. of the ACM Symposim on Theory of Computing, vol. 34, pp. 494–503. ACM Press, New York (2002)
Douceur, J.R.: The Sybil Attack. In: Druschel, P., Kaashoek, M.F., Rowstron, A. (eds.) IPTPS 2002. LNCS, vol. 2429, p. 251. Springer, Heidelberg (2002)
Ford, L.R., Fulkerson, D.R.: Flows in Networks. Princeton University Press, Princeton, NJ (1962)
Gilbert, H., Rodshaw, M., Sibert, H.: An Active Attack Against HB+ – A Provably Secure Lightweight Authentication Protocol. In: PerSec 2004, Full paper available in E-print Technical Report # 2005/237, International Association for Cryptological Research (March 2004), Available at: http://eprint.iacr.org/2005/237.pdf
Hirt, M., Maurer, U.: Player Simulation and General Adversary Structures in Perfect Multiparty Computation. Journal of Cryptology 13(1), 31–60 (2000)
Hofheinz, D., Müller-Quade, J., Steinwandt, R.: Initiator-Resilient Universally Composable Key Exchange. In: Snekkenes, E., Gollmann, D. (eds.) ESORICS 2003. LNCS, vol. 2808, pp. 61–84. Springer, Heidelberg (2003)
Hopper, N.J., Blum, M.: Secure Human Identification Protocols. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, p. 52. Springer, Heidelberg (2001)
Hu, Y.-C., Johnson, D.B., Perrig, A.: Ariadne: A Secure On-Demand Routing protocol for Ad Hoc Networks. In: Proc. of the ACM Annual Intern. Conf. on Mobile Computing and Networking (MobiCom 2002), ACM Press, New York (2002)
Hu, Y.-C., Johnson, D.B., Perrig, A.: SEAD: Secure Efficient Distance Vector Routing for Mobile Wireless Ad Hoc Networks. In: Proc. 4th IEEE Workshop on Mobile Computing Systems & Applications (WMCSA 2002), IEEE, Calicoon, NY (2002)
Hu, Y.-C., Perrig, A., Johnson, D.B.: Rushing attacks and defense in wireless ad hoc network routing protocols. In: Proc. of WiSe 2003, pp. 30–40 (2003)
Johnson, D.B., Maltz, D.A.: Dynamic Source Routing in Ad-Hoc Wireless Networks. In: Imielinski, T., Korth, H. (eds.) Mobile Computing, pp. 152–181. Kluwer Academic Publisher, Dordrecht (1996)
Juels, A., Weis, S.A.: Authenticating Pervasive Devices with Human Protocols. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 293–308. Springer, Heidelberg (2005)
Katz, J., Shin, J.S.: Parallel and Concurrent Security of the HB and HB +  Protocols. In: Vaudenay, S. (ed.) EUROCRYPT 2006. LNCS, vol. 4004, pp. 73–87. Springer, Heidelberg (2006)
Laud, P.: Formal analysis of crypto protocols: Secrecy types for a simulatable cryptographic library. In: Proc. of the 12th ACM Conf. on Computer and Communications Security (ACM CCS 2005), pp. 26–35. ACM Press, New York (2005)
Papadimitratos, P., Haas, Z.H.: Secure Routing for Mobile Ad hoc Networks. Mobile Computing and Communications Review 6(4) (2002)
Perkins, C.E., Bhagwat, P.: Highly Dynamic Destination-Sequenced Distance-Vector Routing for Mobile Computers. Computer Communications Review, 224–244 (1994)
Perkins, C.E., Royer, E.M.: Ad hoc on-demand distance vector routing. In: Proc. of the IEEE Workshop on Mobile Computing Systems and Applications, pp. 90–100 (1999)
Pfitzmann, B., Waidner, M.: Composition and integrity preservation of secure reactive systems. In: Proc. of the ACM Conf. on Computer and Communications Security (ACM CCS 2000), pp. 245–254. ACM Press, New York (2000)
Pfitzmann, B., Waidner, M.: A model for asynchronous reactive systems and its application to secure message transmission. In: Proc. of the IEEE Security and Privacy Symposium (S & P 2001), pp. 184–200 (2001)
Oren, Y., Shamir, A.: Power Analysis of RFID Tags. In: Invited talk, RSA Conference, Cryptographer’s Track (RSA-CT 2006), Available at: http://www.wisdom.weizmann.ac.il/~yossio/rfid
Menezes, A.J., van Oorschot, P.C., Vanscott, S.A.: Handbook of Applied Cryptography. CRC Press, Boca Raton (1996)
Tsudik, G.: YA-TRAP: Yet another trivial rfid authentication protocol. In: International Conference on Pervasive Computing and Communications (2006)
Zapata, M.G.: Secure Ad hoc On-Demand Vector (SAODV) Routing. IETF Internet Draft (Work in Progress), Available at: http://www.potaroo.net/ietf/all-ids/draft-guerrero-manet-saodv-00.txt
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2006 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Burmester, M., Van Le, T., de Medeiros, B. (2006). Towards Provable Security for Ubiquitous Applications. In: Batten, L.M., Safavi-Naini, R. (eds) Information Security and Privacy. ACISP 2006. Lecture Notes in Computer Science, vol 4058. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11780656_25
Download citation
DOI: https://doi.org/10.1007/11780656_25
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-35458-1
Online ISBN: 978-3-540-35459-8
eBook Packages: Computer ScienceComputer Science (R0)