MAC Aggregation with Message Multiplicity

Kolesnikov, Vladimir

doi:10.1007/978-3-642-32928-9_25

Vladimir Kolesnikov¹⁷

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 7485))

Included in the following conference series:

International Conference on Security and Cryptography for Networks

1286 Accesses
2 Citations

Abstract

Wireless sensor networks (WSN) collect and report measurements, such as temperature, to a central node. Because sensors are usually low-powered devices, data is transmitted hop-by-hop, through neighboring nodes, before it reaches the destination.

Each nodes’ messages are authenticated with a MAC (Message Authentication Code), keyed with a key known to the generating sensor and the control node. Because transmission channel capacity is often small, MACs represent a significant overhead. Indeed, a typical 128-bit MAC is as much as an order of magnitude larger than the data it authenticates – a temperature or consumption reading, even with a timestamp, can be stored in 10-15 bits. To mitigate these overheads, methods to compute aggregate MACs, of length much shorter than the concatenation of constituent MACs, were proposed.

Unfortunately, known MAC aggregation techniques require that any message may not appear twice in the aggregate MAC. This is entrenched both in the definitions and constructions/proofs. This is a significant impediment in many typical practical deployments of WSNs. Indeed, one typical message relay strategy, flooding, relies on each node retransmitting received packets to all neighbors, almost certainly causing message repetition and inability to aggregate MACs. Further, we are not aware of any WSN protocols that guarantee non-duplication of messages.

We propose a simple and very practical new way of MAC aggregation which allows message duplicates, and hence is usable in many more deployment scenarios. We derive a new security definition of this type of aggregate MAC, and discuss several variants of our construction and additional benefits such as Denial-of-Service resilience.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 39.99; Price excludes VAT (USA)

Softcover Book: USD 54.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

References

Boneh, D., Gentry, C., Lynn, B., Shacham, H.: Aggregate and Verifiably Encrypted Signatures from Bilinear Maps. In: Biham, E. (ed.) EUROCRYPT 2003. LNCS, vol. 2656, pp. 416–432. Springer, Heidelberg (2003)
Chapter Google Scholar
Bellare, M., Goldreich, O., Mityagin, A.: The power of verification queries in message authentication and authenticated encryption. Cryptology ePrint Archive, Report 2004/309 (2004), http://eprint.iacr.org/
Bhaskar, R., Herranz, J., Laguillaumie, F.: Aggregate designated verifier signatures and application to secure routing. IJSN 2(3/4), 192–201 (2007)
Article Google Scholar
Bellare, M., Namprempre, C., Neven, G.: Unrestricted Aggregate Signatures. In: Arge, L., Cachin, C., Jurdziński, T., Tarlecki, A. (eds.) ICALP 2007. LNCS, vol. 4596, pp. 411–422. Springer, Heidelberg (2007)
Chapter Google Scholar
Chan, H., Perrig, A., Song, D.: Secure hierarchical in-network aggregation in sensor networks. In: Juels, A., Wright, R.N., De Capitani di Vimercati, S. (eds.) 13th Conference on Computer and Communications Security, ACM CCS 2006, pp. 278–287. ACM Press (October/November 2006)
Google Scholar
Dargie, W., Poellabauer, C.: Fundamentals of wireless sensor networks: theory and practice. John Wiley and Sons (2010)
Google Scholar
Eikemeier, O., Fischlin, M., Götzmann, J.-F., Lehmann, A., Schröder, D., Schröder, P., Wagner, D.: History-Free Aggregate Message Authentication Codes. In: Garay, J.A., De Prisco, R. (eds.) SCN 2010. LNCS, vol. 6280, pp. 309–328. Springer, Heidelberg (2010)
Chapter Google Scholar
Hu, L., Evans, D.: Secure aggregation for wireless networks. In: Proceedings of the 2003 Symposium on Applications and the Internet Workshops (SAINT 2003 Workshops), SAINT-W 2003, p. 384. IEEE Computer Society, Washington, DC (2003)
Google Scholar
Katz, J., Lindell, A.Y.: Aggregate Message Authentication Codes. In: Malkin, T. (ed.) CT-RSA 2008. LNCS, vol. 4964, pp. 155–169. Springer, Heidelberg (2008)
Chapter Google Scholar
Kolesnikov, V., Lee, W.: MAC aggregation protocols resilient to DoS attacks. International Journal of Security and Networks (IJSN) (to appear, 2012)
Google Scholar
Kolesnikov, V., Lee, W., Hong, J.: MAC aggregation resilient to DoS attacks. In: 2011 IEEE International Conference on Smart Grid Communications (SmartGridComm), pp. 226–231 (October 2011)
Google Scholar
Sohraby, K., Minoli, D., Znati, T.: Wireless sensor networks: technology, protocols, and applications. John Wiley and Sons (2007)
Google Scholar

Download references

Author information

Authors and Affiliations

Bell Labs, Murray Hill, NJ, 07974, USA
Vladimir Kolesnikov

Authors

Vladimir Kolesnikov
View author publications
You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

Dipartimento di Informatica, Università di Salerno, via Ponte don Melillo, 84084, Fisciano, SA, Italy
Ivan Visconti & Roberto De Prisco &

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Kolesnikov, V. (2012). MAC Aggregation with Message Multiplicity. In: Visconti, I., De Prisco, R. (eds) Security and Cryptography for Networks. SCN 2012. Lecture Notes in Computer Science, vol 7485. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-32928-9_25

Download citation

DOI: https://doi.org/10.1007/978-3-642-32928-9_25
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-32927-2
Online ISBN: 978-3-642-32928-9
eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics