forward secure delay tolerant networking
play

Forward Secure Delay-Tolerant Networking Signe R usch, Dominik Sch - PowerPoint PPT Presentation

Apr 09, 2023 •261 likes •637 views

Forward Secure Delay-Tolerant Networking Signe R usch, Dominik Sch urmann, R udiger Kapitza, Lars Wolf October 20, 2017 Motivation FSE Forward Secure DTNs Evaluation Conclusion Motivation Delay-Tolerant Networks Communication for

  1. Forward Secure Delay-Tolerant Networking Signe R¨ usch, Dominik Sch¨ urmann, R¨ udiger Kapitza, Lars Wolf October 20, 2017

  2. Motivation FSE Forward Secure DTNs Evaluation Conclusion Motivation Delay-Tolerant Networks Communication for different kinds of environments Use store-carry-forward approach Bundle Protocol (BP): End-to-end message-oriented overlay Bundle Security Protocol (BSP): Defines bundle types for end-to-end and hop-to-hop security Offers confidentiality, integrity, authenticity R¨ usch, Sch¨ urmann, Kapitza, Wolf | Forward Secure DTN | 2

  3. Motivation FSE Forward Secure DTNs Evaluation Conclusion Motivation Forward Secrecy DTN communication vulnerable to attack: Eavesdropping adversary records encrypted bundles When key is leaked, then she can decrypt them Leakage highly probable due to exploits, design flaws, . . . FS provides protection of past communication up to certain time Difficult to achieve in asynchronous communication (Unger et al., 2015) R¨ usch, Sch¨ urmann, Kapitza, Wolf | Forward Secure DTN | 3

  4. Motivation FSE Forward Secure DTNs Evaluation Conclusion Motivation Forward Secrecy Na¨ ıve countermeasure: Encrypt each message with different ephemeral key No common key for bundles But: complex key management, e. g. highly available infrastructure DTN includes highly mobile nodes, ad-hoc connections, . . . Proposed solution: use Puncturable Encryption (FSE) Scheme M. D. Green and I. Miers, “Forward Secure Asynchronous Messaging from Puncturable Encryption”, 2015 R¨ usch, Sch¨ urmann, Kapitza, Wolf | Forward Secure DTN | 4

  5. Motivation FSE Forward Secure DTNs Evaluation Conclusion Puncturable Encryption Approach Asymmetric encryption scheme Messages are encrypted with a tag and a time interval value Update private key: Revoke decryption capabilities for certain messages Based on tag or time value No new key exchange required R¨ usch, Sch¨ urmann, Kapitza, Wolf | Forward Secure DTN | 5

  6. Motivation FSE Forward Secure DTNs Evaluation Conclusion Puncturing On receiving ciphertext CT with tag t Tags Decryption key t SK i-1 = [sk 0 , …, sk i-1 ] Puncture SK i-1 on tag t Decryption key SK i = [sk 0 , …, sk i-1 ,sk i ] R¨ usch, Sch¨ urmann, Kapitza, Wolf | Forward Secure DTN | 6

  7. Motivation FSE Forward Secure DTNs Evaluation Conclusion Puncturing On receiving ciphertext CT with tag t Tags Decryption key t SK i-1 = [sk 0 , …, sk i-1 ] Puncture SK i-1 on tag t Decryption key t SK i = [sk 0 , …, sk i-1 ,sk i ] Decryption not possible, already punctured with tag t R¨ usch, Sch¨ urmann, Kapitza, Wolf | Forward Secure DTN | 6

  8. Motivation FSE Forward Secure DTNs Evaluation Conclusion Puncturable Encryption Key Forwarding Time Key lifetime is divided into time intervals Deriving new private key for a new interval Deleting interval key: remove decryption capabilities for this interval Buffer period: store keys for certain duration for late arrivals time R¨ usch, Sch¨ urmann, Kapitza, Wolf | Forward Secure DTN | 7

  9. Motivation FSE Forward Secure DTNs Evaluation Conclusion Puncturable Encryption Key Forwarding Decryption time and key storage cost (Green & Miers, 2015): Grows with puncturing during interval Linearly in number of messages received within time period Performed at start of each interval to “reset” the private key Duration of interval optimal with one message per interval R¨ usch, Sch¨ urmann, Kapitza, Wolf | Forward Secure DTN | 8

  10. Motivation FSE Forward Secure DTNs Evaluation Conclusion Forward Secure DTNs Bundle Security Protocol t No changes to bundle types Integrate FSE scheme as alternative cipher suite Tags Every bundle should be unique in tag Decrypted only once by receiver, then punctured → Highest level of forward secrecy Hash of node’s EID, timestamp, timestamp sequence number R¨ usch, Sch¨ urmann, Kapitza, Wolf | Forward Secure DTN | 9

  11. Motivation FSE Forward Secure DTNs Evaluation Conclusion Forward Secure DTNs Parameters n : time interval length d : amount of time intervals 2 31 intervals supported by library (Green & Miers, 2015) After this, new keys have to be exchanged N : interval keys N for buffer period R¨ usch, Sch¨ urmann, Kapitza, Wolf | Forward Secure DTN | 10

  12. Motivation FSE Forward Secure DTNs Evaluation Conclusion Microbenchmarks: Key Generation Evaluation 300 IBR-DTN : RSA www.ibr.cs.tu-bs.de/ FSE Time in ms 200 projects/ibr-dtn Dell OptiPlex 7010 104 . 7 102 . 9 89 . 3 91 . 1 Desktop-PC 100 Intel Core i7-2770 CPU @ 4(8) x 3 . 4 GHz 0 library full 16 GB RAM call Ubuntu 14.04 LTS R¨ usch, Sch¨ urmann, Kapitza, Wolf | Forward Secure DTN | 11

  13. Motivation FSE Forward Secure DTNs Evaluation Conclusion Microbenchmarks: Cryptographic Operations Puncturing included in decryption (18 . 6 ms) 100 RSA 80 FSE Time in ms 62 . 7 60 40 18 . 4 20 4 . 4 1 . 2 0 Encrypt Decrypt R¨ usch, Sch¨ urmann, Kapitza, Wolf | Forward Secure DTN | 12

  14. Motivation FSE Forward Secure DTNs Evaluation Conclusion Microbenchmarks: Latency dtnping 200 300 FSE Latency in ms 142 . 7 RSA 150 200 None 100 100 50 12 . 7 3 . 1 0 0 1 2 3 4 5 6 7 None RSA FSE # consecutive bundles (a) Latency introduced by FSE (b) Latency during interval progression R¨ usch, Sch¨ urmann, Kapitza, Wolf | Forward Secure DTN | 13

  15. Motivation FSE Forward Secure DTNs Evaluation Conclusion FSE Parameters Scenarios Choice of parameters for FSE scheme in DTNs: InterPlanetary network (Apollonio et al., 2013) Rural village (Grasic & Lindgren, 2014) Vehicular network (Doering et al., 2010) Chosen for varying delays and traffic loads Interval duration n : typically mean transmission time Buffer period: N = ⌈ Max / Mean ⌉ + 1 R¨ usch, Sch¨ urmann, Kapitza, Wolf | Forward Secure DTN | 14

  16. Motivation FSE Forward Secure DTNs Evaluation Conclusion FSE Parameters InterPlanetary Network Streaming scenario Moon lander sends bundles to Earth via multiple hops 5 kB bundles every 10 s Fully known contact plan of nodes Transmission time: mean (Apollonio et al., 2013) ∼ 124 s, max ∼ 153 s R¨ usch, Sch¨ urmann, Kapitza, Wolf | Forward Secure DTN | 15 •

  17. Motivation FSE Forward Secure DTNs Evaluation Conclusion FSE Parameters InterPlanetary Network Interval length n = 124 s N = ⌈ 153 / 124 ⌉ + 1 = 3 ∼ 5 − 11 bundles/interval → decryption time ∼ 170 − 250ms/bundle (Apollonio et al., 2013) R¨ usch, Sch¨ urmann, Kapitza, Wolf | Forward Secure DTN | 16 •

  18. Motivation FSE Forward Secure DTNs Evaluation Conclusion FSE Parameters Rural Village Communication services to remote village Provided via data mule helicopter Direct connection to DTN Facebook, messaging 13 end-user nodes (Grasic & Lindgren, 2014) R¨ usch, Sch¨ urmann, Kapitza, Wolf | Forward Secure DTN | 17

  19. Motivation FSE Forward Secure DTNs Evaluation Conclusion FSE Parameters Rural Village 115 bundles/day → 9 bundles/day/device Transmission time: mean ∼ 1 day, max ∼ 2 days Parameters: n = 1 day N = ⌈ 2 / 1 ⌉ + 1 = 3 Decryption time ∼ 225 ms → acceptable performance (Grasic & Lindgren, 2014) R¨ usch, Sch¨ urmann, Kapitza, Wolf | Forward Secure DTN | 18

  20. Motivation FSE Forward Secure DTNs Evaluation Conclusion FSE Parameters Vehicular Networks Public transportation system 54 bus stops, 28 vehicles Vehicle positions, traffic information: ∼ 2 bundles/s Routing algorithm RUTS: fixed network with high traffic Transmission time: mean ∼ 13 min, max ∼ 98 min (Doering et al., 2010) R¨ usch, Sch¨ urmann, Kapitza, Wolf | Forward Secure DTN | 19

  21. Motivation FSE Forward Secure DTNs Evaluation Conclusion FSE Parameters Vehicular Networks Parameters: n = 13 min N = ⌈ 98 / 13 ⌉ + 1 = 9 1560 bundles/interval Decryption time ∼ 21 . 6 s (Doering et al., 2010) R¨ usch, Sch¨ urmann, Kapitza, Wolf | Forward Secure DTN | 20

  22. Motivation FSE Forward Secure DTNs Evaluation Conclusion FSE Parameters Vehicular Networks Parameters: n = 13 min N = ⌈ 98 / 13 ⌉ + 1 = 9 1560 bundles/interval Decryption time ∼ 21 . 6 s Alternative parameters: n = 1 min N = 99 120 bundles/interval (Doering et al., 2010) Decryption time ∼ 1 . 8 s Trade-off: performance vs. memory usage → impractical! R¨ usch, Sch¨ urmann, Kapitza, Wolf | Forward Secure DTN | 20

  23. Motivation FSE Forward Secure DTNs Evaluation Conclusion Conclusion Forward Secure Delay-Tolerant Networking DTN communication previously not forward secure Integrate FSE scheme by Green and Miers into IBR-DTN Ensures forward secrecy of bundles using puncturing Acceptable performance overhead, but high latency Remedy with suitable parameters, analyze scenario requirements R¨ usch, Sch¨ urmann, Kapitza, Wolf | Forward Secure DTN | 21

  24. Motivation FSE Forward Secure DTNs Evaluation Conclusion Conclusion Forward Secure Delay-Tolerant Networking DTN communication previously not forward secure Integrate FSE scheme by Green and Miers into IBR-DTN Ensures forward secrecy of bundles using puncturing Acceptable performance overhead, but high latency Remedy with suitable parameters, analyze scenario requirements Questions? R¨ usch, Sch¨ urmann, Kapitza, Wolf | Forward Secure DTN | 21

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Delay and Disruption Tolerant Networks An Overview NASA through the Delay Tolerant Network

Delay and Disruption Tolerant Networks An Overview NASA through the Delay Tolerant Network

Delay and Disruption Tolerant Networks An Overview NASA through the Delay Tolerant Network Research Group (DTNRG) DTNRG members research aspects of delay-tolerant networking in a number of ways including academic publications, technical

1.03k views • 43 slides
On the intersection of Information Centric Networking and Delay Tolerant Networking (Lessons

On the intersection of Information Centric Networking and Delay Tolerant Networking (Lessons

On the intersection of Information Centric Networking and Delay Tolerant Networking (Lessons learned from the GreenICN project) Jan Seedorf HFT Stuttgart Visit at HAW Hamburg December 2019 1 Outline (Very) Short Introduction to

682 views • 43 slides
Introduction to Delay/Disruption Tolerant Networking Part I Ioannis Komnios

Introduction to Delay/Disruption Tolerant Networking Part I Ioannis Komnios

Introduction to Delay/Disruption Tolerant Networking Part I Ioannis Komnios (ikomnios@ee.duth.gr) Workshop on New Frontiers in Internet of Things Trieste, 15 March 2016 T raditional networks vs DTNs Traditional Networks Delay Tolerant

711 views • 59 slides
Introduction to Delay/Disruption Tolerant Networking Part II Ioannis Komnios

Introduction to Delay/Disruption Tolerant Networking Part II Ioannis Komnios

Introduction to Delay/Disruption Tolerant Networking Part II Ioannis Komnios (ikomnios@ee.duth.gr) Workshop on New Frontiers in Internet of Things Trieste, 15 March 2016 Space communications Planet movement impacts Line-of-Sight Solar

725 views • 33 slides
OUTLINE OUTLINE Where weve come from: CCSDS space links Where we are now:

OUTLINE OUTLINE Where weve come from: CCSDS space links Where we are now:

OUTLINE OUTLINE Where weve come from: CCSDS space links Where we are now: Delay Intolerant Networking (the IP suite) The first Delay Tolerant Application (CFDP) Where we are going: Delay Tolerant Networking

401 views • 28 slides
Use of the Delay-Tolerant Networking Bundle Protocol from space Cisco Systems, NASA Glenn

Use of the Delay-Tolerant Networking Bundle Protocol from space Cisco Systems, NASA Glenn

Use of the Delay-Tolerant Networking Bundle Protocol from space Cisco Systems, NASA Glenn Research Center, Surrey Satellite Technology Ltd. Alex da Silva Curiel 30 September 2008 59th International Astronautical Congress, Glasgow B2-3

492 views • 15 slides
Delay-Tolerant Networking An Approach to Interplanetary Internet Scott Burleigh, Adrian Hooke,

Delay-Tolerant Networking An Approach to Interplanetary Internet Scott Burleigh, Adrian Hooke,

Delay-Tolerant Networking An Approach to Interplanetary Internet Scott Burleigh, Adrian Hooke, Leigh Torgerson, Kevin Fall, Vint Cerf, Bob Durst, Keith Scott and Howard Weiss Presented by: James Kazmierczak Introduction: The Problem A

611 views • 33 slides
DTN7 An Open-Source Disruption-tolerant Networking Implementation of Bundle Protocol 7 Alvar

DTN7 An Open-Source Disruption-tolerant Networking Implementation of Bundle Protocol 7 Alvar

DTN7 An Open-Source Disruption-tolerant Networking Implementation of Bundle Protocol 7 Alvar Penning, Lars Baumg artner, Jonas H ochst, Artur Sterz, Mira Mezini, Bernd Freisleben AdHoc-Now 2019 Delay / Disruption-tolerant Networking

520 views • 24 slides
Delay-tolerant Networking Research Group (DTNRG) 83 rd IETF Paris March 27 th , 2012 Jabber

Delay-tolerant Networking Research Group (DTNRG) 83 rd IETF Paris March 27 th , 2012 Jabber

Delay-tolerant Networking Research Group (DTNRG) 83 rd IETF Paris March 27 th , 2012 Jabber room: dtnrg@jabber.ietf.org Mailing list: dtn-interest@irtf.org Before we start Jabber scribe Note taker 2 Intellectual Property The

317 views • 7 slides
Saratoga a Delay-Tolerant Networking convergence layer with efficient link utilization Wesley

Saratoga a Delay-Tolerant Networking convergence layer with efficient link utilization Wesley

Saratoga a Delay-Tolerant Networking convergence layer with efficient link utilization Wesley M. Eddy co-authors: Lloyd Wood (Cisco Systems) Verizon / NASA GRC Wesley M. Eddy (Verizon / NASA GRC) Will Ivancic (NASA Glenn Research Center)

573 views • 15 slides
Delay-tolerant Networking Routing Protocol Development With The One Simulator Jonathan Humphrey

Delay-tolerant Networking Routing Protocol Development With The One Simulator Jonathan Humphrey

Delay-tolerant Networking Routing Protocol Development With The One Simulator Jonathan Humphrey Introduction Routing Protocol Background Hybrid Routing ONE Simulator Test Results Further Work Routing Protocol Background

561 views • 10 slides
A Delay-Tolerant Network Architecture for Challenged Internets Kevin Fall Presented by Ross

A Delay-Tolerant Network Architecture for Challenged Internets Kevin Fall Presented by Ross

A Delay-Tolerant Network Architecture for Challenged Internets Kevin Fall Presented by Ross Lagerwall University of Cambridge March 5, 2013 Kevin Fall A Delay-Tolerant Network Architecture Background TCP/IP expects performance

416 views • 15 slides
Delay Tolerant Bulk Data Transfers on the Internet Nikolaos Laoutaris, Georgios Smaragdakis,

Delay Tolerant Bulk Data Transfers on the Internet Nikolaos Laoutaris, Georgios Smaragdakis,

Delay Tolerant Bulk Data Transfers on the Internet Nikolaos Laoutaris, Georgios Smaragdakis, Pablo Rodriguez, Ravi Sundaram Presented by Petko Georgiev 5 March 2013 Motivation There are important applications requiring exchange of Delay

367 views • 23 slides
Secure Client Applications HTTPS Secure Email Networking Sirindhorn International Institute of

Secure Client Applications HTTPS Secure Email Networking Sirindhorn International Institute of

Networking Secure apps Aims Crypto Basics Secure Client Applications HTTPS Secure Email Networking Sirindhorn International Institute of Technology Thammasat University Prepared by Steven Gordon on 26 June 2014

389 views • 26 slides
Delay Tolerant Bulk Data Transfers on the Internet by N. Laoutaris et al., SIGMETRICS09 Ilias

Delay Tolerant Bulk Data Transfers on the Internet by N. Laoutaris et al., SIGMETRICS09 Ilias

Delay Tolerant Bulk Data Transfers on the Internet by N. Laoutaris et al., SIGMETRICS09 Ilias Giechaskiel Cambridge University, R212 ig305@cam.ac.uk March 4, 2014 Conclusions Takeaway Messages Need to transfer multiple terabytes daily

441 views • 21 slides
Authenticated Resource Management in Delay-Tolerant Networks using Proxy Signatures Dominik Sch

Authenticated Resource Management in Delay-Tolerant Networks using Proxy Signatures Dominik Sch

Authenticated Resource Management in Delay-Tolerant Networks using Proxy Signatures Dominik Sch urmann, J org Ott, Lars Wolf March 18, 2013 Motivation Buffer Management Our Approach Evaluation Conclusion Mobile Communication in Rural

681 views • 24 slides
ProtoDUNE-SP Beamline Reconstruction: Time of Flight and Cherenkov Detectors Justin Hugon

ProtoDUNE-SP Beamline Reconstruction: Time of Flight and Cherenkov Detectors Justin Hugon

ProtoDUNE-SP Beamline Reconstruction: Time of Flight and Cherenkov Detectors Justin Hugon Louisiana State University ProtoDUNE Sim/Reco Meeting 2018-11-07 Introduction Id like to look at beam pionsneed to understand beamline

422 views • 14 slides
TOF calibration: status Roberto Preghenella Museo Storico della Fisica e Centro Studi e Ricerche

TOF calibration: status Roberto Preghenella Museo Storico della Fisica e Centro Studi e Ricerche

TOF calibration: status Roberto Preghenella Museo Storico della Fisica e Centro Studi e Ricerche Enrico Fermi, Roma INFN, Sezione di Bologna ALICE Offline Week CERN, 16/03/2010 TOF data flow RAW DATA 01100110011010 01100110011010

179 views • 15 slides
Neutron time-of-flight measurements and transmission measurements Peter Schillebeeckx Workshop

Neutron time-of-flight measurements and transmission measurements Peter Schillebeeckx Workshop

The European Commissions science and knowledge service Joint Research Centre Neutron time-of-flight measurements and transmission measurements Peter Schillebeeckx Workshop on the Evaluation of Nuclear Reaction Data for Applications 2

949 views • 77 slides
Enter Hydra towards (more) secure smart contracts Philip Daian, Ari Juels Cornell [Tech] .

Enter Hydra towards (more) secure smart contracts Philip Daian, Ari Juels Cornell [Tech] .

Enter Hydra towards (more) secure smart contracts Philip Daian, Ari Juels Cornell [Tech] . Lorenz Breidenbach ETH Zurich, Cornell [Tech] . Florian Tramer . Stanford . Bug bounties Problems with Bug bounties Unaligned incentives (exploit $$$

582 views • 31 slides
A Matching Model for Vehicle Sharing Based on User Characteristics and Tolerated-Time Govind

A Matching Model for Vehicle Sharing Based on User Characteristics and Tolerated-Time Govind

A Matching Model for Vehicle Sharing Based on User Characteristics and Tolerated-Time Govind Yatnalkar & Husnu Narman Marshall University Weisberg Division of Computer Science October 06-09, 2019 yatnalkar@marshall.edu |

573 views • 29 slides
Visually Exploring Transportation Schedules Paper By :Cesar Palomo, Zhan Guo, and Juliana

Visually Exploring Transportation Schedules Paper By :Cesar Palomo, Zhan Guo, and Juliana

Visually Exploring Transportation Schedules Paper By :Cesar Palomo, Zhan Guo, and Juliana Presentation By :Huaying Tian 1 Outline Previous Work- Methods- Comments/ Framework Mareys TR-EX Critiques Graph 2 Framework Domain :

354 views • 24 slides
X carbonate Balancing Chemical Equations #1 name:

X carbonate Balancing Chemical Equations #1 name:

CHEMICAL REACTIONS PART II Arbuiso Chem This is work that you are supposed to DO, and most of the time, HAND IN for a grade. MAKE SURE YOU PUT YOUR NAME ON TOP OF EACH ONE. Table F Handout name ________________ List only the precipitates.

342 views • 13 slides
Calculi for Service Oriented Computing Roberto Bruni Dipartimento di Informatica Universit` a

Calculi for Service Oriented Computing Roberto Bruni Dipartimento di Informatica Universit` a

Calculi for Service Oriented Computing Roberto Bruni Dipartimento di Informatica Universit` a di Pisa SFM-WS 2009 Bertinoro, Italy June 16, 2009 Tales from joint work with: Michele Boreale, Chiara Bodei, Linda Brodo, Rocco De Nicola,

1.21k views • 110 slides

More recommend