L.V. Mancini

LKHW: a directed diffusion-based secure multicast scheme for wireless sensor networks

In this paper, we present a mechanism for securing group communications in Wireless Sensor Networks (WSN). First, we derive an extension of logical key hierarchy (LKH). Then we merge the extension with directed diffusion. The resulting protocol, LKHW, combines the advantages of both LKH and directed diffusion: robustness in routing, and security from the tried and tested concepts of secure multicast. In particular, LKHW enforces both backward and forward secrecy, while incurring an energy cost that scales roughly logarithmically with the group size. This is the first security protocol that leverages directed diffusion, and we show how directed diffusion can be extended to incorporate security in an efficient manner.

Secure cooperative channel establishment in wireless sensor networks

This paper presents the ECCE protocol, a new distributed, probabilistic, cooperative protocol to establish a secure pair-wise communication channel between any pair of sensors in a wireless sensor network (WSN). The main contribution of the ECCE protocol is to allow the set up of a secure channel between two sensors (principals) that do not share any pre-deployed key. This feature is obtained involving a set of sensors (cooperators) in the channel establishment protocol. Further, the security provided by the protocol is adaptive with the level of threat in the WSN, that is, the higher the security threat, the more cooperators can be involved to enhance the resiliency of the channel. We provide extensive simulations of the proposed scheme, which show that ECCE increases both the probability of a secure channel set up and the probability of channel resilience with respect to other protocols

A reliable key authentication schema for secure multicast communications

The paper analyzes the Logical Key Hierarchy (LKH) secure multicast protocol focusing on the reliability of the re-keying authentication process. We show that the key management in the LKH model is subject to some attacks. In particular, these attacks can be performed by entities external to the multicast group, as well as from internal users of the multicast group. The spectrum of these attacks is spread from the denial of service (DoS) to the session hijack that is the attacker is able to have legitimate users to commit on a session key that is provided by the attacker. The contributions of this paper are: (1) the definition of the threats the LKH key management is subject to; and (2) a reliable key authentication scheme that solves the weaknesses previously identified. This objective is achieved without resorting to public key signatures.

FastRIPP: RFID Privacy Preserving protocol with Forward Secrecy and Fast Resynchronisation

In the next future radio frequency identiflcation (RFID) systems will be so pervasive that everyone will wear (maybe unawares) a kit of personal tags. However, a major concern that prevents a wide diffusion of this emerging technology is privacy. Several proposed protocols try to solve the privacy issue, but are exposed to many others security flaws, such as denial of service or lack of forward secrecy. One recently proposed solution addressing all these problems is RIPP-FS: an RFID identification protocol that guarantees privacy, authentication and forward secrecy, allowing the reading of many tags at once. While efficient, RIPP-FS requires some extra computations on the tag side when a tag misses several consecutive queries from the reader. In this paper we propose FastRIPP, an efficient protocol that significantly reduces the exposed overhead. This improvement is inspired by an efficient hash traversal amortization technique that uses fractal hash sequence representation. We analyzed the performances of the proposed protocol compared with the original version of RIPP-FS. The results of extensive simulations confirm the gain of performance of the proposed protocol. Finally, note that the proposed solution could be adopted by other RFID identification protocols as well.

BaRT, balanced randomized tree: a scalable and distributed protocol for lookup in peer-to-peer networks

This paper proposes a new scheme for p2p networks. The main contributions are an extensive use of randomization techniques and a novel usage of tree-data structure. The combination of these two ingredients allows a great flexibility of network parameters, such as: load balance among the peers, fast lookups and reduced memory usage. For instance, with routing tables of size (d-1) log/sub d/n, the average number of hops for a lookup is of the order of 1/d ((d-1) log/sub d/n+1), where n is the number of peers in the network and d is the variety of the tree data structure. Further, we propose a few new optimization mechanisms that can be adopted in DHT Extensive simulations support these results.