Elisavet Konstantinou

Cluster-based Group Key Agreement for Wireless Ad hoc Networks

The establishment of a group key in wireless ad hoc networks is considered a difficult task from both an algorithmic and computational point of view. The reason is the special nature and the constraints posed by these networks. In this paper, we present an efficient group key agreement protocol which is particularly suitable for energy constrained, dynamically evolving wireless ad hoc networks. The topology of the network is reflected in a structure composed by small clusters. This clustering allows the synchronous execution of efficient tripartite key agreement protocols based on pairings. The required computations are simple for the devices to implement, the size of the exchanged messages is minimum and the storage memory required in every node is very small. The proposed protocol also avoids the usage of a TTP or a central authority and achieves a good energy balance. Finally, we compare the communication/computation complexity of our protocol with previously known protocols and show that it compares favourably with them.

Efficient cluster-based group key agreement protocols for wireless ad hoc networks

The special nature and the constraints posed by wireless ad hoc networks make the establishment of a group key among all nodes a difficult and challenging task. Therefore, the execution of a group key agreement protocol which involves all the nodes in the network must be very carefully selected having in mind both the computation and communication efficiency. In this paper, we present an efficient group key agreement protocol which is particularly suitable for energy constrained, dynamically evolving wireless ad hoc networks. The topology of the network is reflected in a structure composed by small clusters. This clustering allows the synchronous execution of efficient tripartite key agreement protocols based on pairings. The required computations are simple for the devices to implement, the size of the exchanged messages is minimum and the storage memory required in every node is very small. The proposed protocol achieves a good energy balance and is very flexible because it can be used either as contributory, non-contributory, unauthenticated or authenticated protocol by simply modifying a step of the protocol. Finally, we compare the communication/computation complexity of the unauthenticated and authenticated versions of our protocol with previously known protocols and show that they compare favourably with them.

On the Efficient Generation of Elliptic Curves over Prime Fields

We present a variant of the complex multiplication method that generates elliptic curves of cryptographically strong order. Our variant is based on the computation ofWeber polynomials that require significantly less time and space resources than their Hilbert counterparts. We investigate the time efficiency and precision requirements for generating off-line Weber polynomials and its comparison to another variant based on the off-line generation of Hilbert polynomials. We also investigate the efficiency of our variant when the computation of Weber polynomials should be made on-line due to limitations in resources (e.g., hardware devices of limited space). We present trade-offs that could be useful to potential implementors of elliptic curve cryptosystems on resource-limited hardware devices.

Efficient certification path discovery for MANET

A Mobile Ad Hoc Network (MANET) is characterized by the lack of any infrastructure, absence of any kind of centralized administration, frequent mobility of nodes, network partitioning, and wireless connections. These properties make traditional wireline security solutions not straightforwardly applicable in MANETs, and of course, constitute the establishment of a Public Key Infrastructure (PKI) in such networks a cumbersome task. After surveying related work, we propose a novel public key management scheme using the well-known web-of-trust or trust graph model. Our scheme is based on a binary tree formation of the networks nodes. The binary tree structure is proved very effective for building certificate chains between communicating nodes that are multihops away and the cumbersome problem of certificate chain discovery is avoided. We compare our scheme with related work and show that it presents several advantages, especially when a fair balancing between security and performance is desirable. Simulations of the proposed scheme under different scenarios demonstrate that it is effective in terms of tree formation, join and leave occurrences, and certificate chain establishment.

On the Construction of Prime Order Elliptic Curves

We consider a variant of the Complex Multiplication (CM) method for constructing elliptic curves (ECs) of prime order with additional security properties. Our variant uses Weber polynomials whose discriminant D is congruent to 3 (mod 8), and is based on a new transformation for converting roots of Weber polynomials to their Hilbert counterparts. We also present a new theoretical estimate of the bit precision required for the construction of the Weber polynomials for these values of D. We conduct a comparative experimental study investigating the time and bit precision of using Weber polynomials against the (typical) use of Hilbert polynomials. We further investigate the time efficiency of the new CM variant under four different implementations of a crucial step of the variant and demonstrate the superiority of two of them.

Revisiting WiMAX MBS security

IEEE 802.16 technology also well known as WiMax is poised to deliver the next step in the wireless evolution. This is further fostered by the 802.16e specification which, amongst other things, introduces support for mobility. The Multicast/Broadcast Service (MBS) is also an integral part of 802.16e destined to deliver next generation services to subscribers. In this paper we concentrate on the Multicast and Broadcast Rekeying Algorithm (MBRA) of 802.16e. This algorithm has been recently criticized for various vulnerabilities and security inefficiencies, as its designers are trying to balance wisely between performance and security. After surveying related work, we extensively discuss MBRA security issues and propose the use of a novel asymmetric group key agreement protocol based on the work in Wu et al. (2009) [3]. Our scheme guarantees secure delivery of keys to all the members of a given group and mandates rekeying upon join and leave events. It can prevent insider attacks since only the Base Station possesses a secret encryption key while all other members in the network acquire the transmitted data by using their secret decryption keys. We compare our scheme with related work and demonstrate that although heavier in terms of computing costs, it compensates when scalability and security come to the foreground.

Clustering Oriented Architectures in Medical Sensor Environments

Wireless sensor networks are expected to make a significant contribution in the healthcare sector by enabling continuous patient monitoring. Since medical services and the associated to them information are considered particularly sensitive, the employment of wireless sensors in medical environments poses many security issues and challenges. However, security services and the underlying key management mechanisms cannot be seen separately from the efficiency and scalability requirements. Network clustering used in both routing and group key management mechanisms can improve the efficiency and scalability and therefore can also be envisioned in medical environments. This paper introduces a general framework for cluster-based wireless sensor medical environments on the top of which efficient security mechanisms can rely. We describe two different scenarios for infrastructure and infrastructure- less application environments, covering this way a wide area of medical applications (in-hospital and medical emergencies). We also examine the existing group-key management schemes for cluster-based wireless networks and discuss which protocols fit best for each proposed scenario.

Design, Analysis and Performance Evaluation of Group Key Establishment in Wireless Sensor Networks

Wireless sensor networks are comprised of a vast number of ultra-small autonomous computing, communication and sensing devices, with restricted energy and computing capabilities, that co-operate to accomplish a large sensing task. Such networks can be very useful in practice, e.g. in the local monitoring of ambient conditions and reporting them to a control center. In this paper we propose a new lightweight, distributed group key establishment protocol suitable for such energy constrained networks. Our approach basically trade-offs complex message exchanges by performing some amount of additional local computations. The extra computations are simple for the devices to implement and are evenly distributed across the participants of the network leading to good energy balance. We evaluate the performance our protocol in comparison to existing group key establishment protocols both in simulated and real environments. The intractability of all protocols is based on the Diffie-Hellman problem and we used its elliptic curve analog in our experiments. Our findings basically indicate the feasibility of implementing our protocol in real sensor network devices and highlight the advantages and disadvantages of each approach given the available technology and the corresponding efficiency (energy, time) criteria.

Electronic national lotteries

We describe the design and implementation of secure and robust protocol and system for a national electronic lottery. Electronic lotteries at a national level are a viable cost effective alternative to mechanical ones when there is a business need to support many types of ”games of chance” and to allow increased drawing frequency. Electronic lotteries are, in fact, extremely high risk financial application: If one discovers a way to predict or otherwise claim the winning numbers (even once) the result is huge financial damages. Moreover, the e-lottery process is complex, which increases the possibility of fraud or costly accidental failures. In addition, a national lottery must adhere to auditability and (regulatory) fairness requirements regarding its drawings. Our mechanism, which we believe is the first one of its kind to be described in the literature, builds upon a number of cryptographic primitives that ensure the unpredictability of the winning numbers, the prevention of their premature leakages and prevention of fraud. We also provide measures for auditability, fairness, and trustworthiness of the process. Besides cryptography, we incorporate security mechanisms that eliminate various risks along the entire process. Our system which was commissioned by a national organization, was implemented in the field and has been operational and active for a while, now.

Efficient generation of secure elliptic curves

In many cryptographic applications it is necessary to generate elliptic curves (ECs) whose order possesses certain properties. The method that is usually employed for the generation of such ECs is the so-called Complex Multiplication method. This method requires the use of the roots of certain class field polynomials defined on a specific parameter called the discriminant. The most commonly used polynomials are the Hilbert and Weber ones. The former can be used to generate directly the EC, but they are characterized by high computational demands. The latter have usually much lower computational requirements, but they do not directly construct the desired EC. This can be achieved if transformations of their roots to the roots of the corresponding (generated by the same discriminant) Hilbert polynomials are provided. In this paper we present a variant of the Complex Multiplication method that generates ECs of cryptographically strong order. Our variant is based on the computation of Weber polynomials. We present in a simple and unifying manner a complete set of transformations of the roots of a Weber polynomial to the roots of its corresponding Hilbert polynomial for all values of the discriminant. In addition, we prove a theoretical estimate of the precision required for the computation of Weber polynomials for all values of the discriminant. We present an extensive experimental assessment of the computational efficiency of the Hilbert and Weber polynomials along with their precision requirements for various discriminant values and we compare them with the theoretical estimates. We further investigate the time efficiency of the new Complex Multiplication variant under different implementations of a crucial step of the variant. Our results can serve as useful guidelines to potential implementers of EC cryptosystems involving generation of ECs of a desirable order on resource limited hardware devices or in systems operating under strict timing response constraints.