Steffen Reidt

Strongly-Resilient and Non-interactive Hierarchical Key-Agreement in MANETs

Key agreement is a fundamental security functionality by which pairs of nodes agree on shared keys to be used for protecting their pairwise communications. In this work we study key-agreement schemes that are well-suited for the mobile network environment. Specifically, we describe schemes with the following characteristics: Non-interactive:any two nodes can compute a unique shared secret key without interaction; Identity-based:to compute the shared secret key, each node only needs its own secret key and the identity of its peer; Hierarchical:the scheme is decentralized through a hierarchy where intermediate nodes in the hierarchy can derive the secret keys for each of its children without any limitations or prior knowledge on the number of such children or their identities; Resilient:the scheme is fully resilient against compromise of any number of leavesin the hierarchy, and of a threshold number of nodes in each of the upper levels of the hierarchy. Several schemes in the literature have three of these four properties, but the schemes in this work are the first to possess all four. This makes them well-suited for environments such as MANETs and tactical networks which are very dynamic, have significant bandwidth and energy constraints, and where many nodes are vulnerable to compromise. We provide rigorous analysis of the proposed schemes and discuss implementations aspects.

The fable of the bees: incentivizing robust revocation decision making in ad hoc networks

In this paper we present a new key-revocation scheme for ad hoc network environments with the following characteristics: Distributed: Our scheme does not require a permanently available central authority. Active: Our scheme incentivizes rational (selfish but honest) nodes to revoke malicious nodes. Robust: Our scheme is resilient against large numbers of colluding malicious nodes (30% of the network for a detection error rate of 15%). Detection error tolerant: Revocation decisions fundamentally rely on intrusion detection systems (IDS). Our scheme is active for any meaningful IDS (IDS error rate 0.5) and robust for an IDS error rate of up to 29%. Several schemes in the literature have two of the above four characteristics (characteristic four is typically not explored). This work is the first to possess all four, making our revocation scheme well-suited for environments such as ad hoc networks, which are very dynamic, have significant bandwidth-constraints, and where many nodes must operate under the continual threat of compromise.

A metadata calculus for secure information sharing

In both commercial and defense sectors a compelling need is emerging for rapid, yet secure, dissemination of information to the concerned actors. Traditional approaches to information sharing that rely on security labels (e.g., Multi-Level Security (MLS)) suffer from at least two major drawbacks. First, static security labels do not account for tactical information whose value decays over time. Second, MLS-like approaches have often ignored information transform semantics when deducing security labels (e.g., output security label = max over all input security labels). While MLS-like label deduction appears to be conservative, we argue that this approach can result in both underestimation and overestimation of security labels. We contend that overestimation may adversely throttle information flows, while underestimation incites information misuse and leakage. In this paper we present a novel calculus approach to securely share tactical information. We model security metadata as a vector half-space (as against a lattice in a MLS-like approach) that supports three operators: Γ, + and · . The value operator Γ maps a metadata vector into a time sensitive scalar value. The operators + and · support arithmetic on the metadata vector space that are homomorphic with the semantics of information transforms. We show that it is unfortunately impossible to achieve strong homomorphism without incurring exponential metadata expansion. We use B-splines (a class of compact parametric curves) to develop concrete realizations of our metadata calculus that satisfy weak homomorphism without suffering from metadata expansion and quantify the tightness of values estimates in the proposed approach.

Securing information flows: A metadata framework

Recently, risk-based information trading has emerged as a new paradigm for securely sharing information across traditional organizational boundaries. In this paradigm, the risk of sharing information between organizations is characterized using expected losses (due, for example, to (un)intended information disclosure) and billed to a recipient. However, within risk-based information trading systems, quantifying the risks associated with sharing information is a non-trivial task, particularly when risk calculations depend on a number of factors. In this paper we introduce a data-centric metadata framework that extends risk-based information trading approaches by allowing one or more domains to exchange sensitive information based on metadata evaluated against internal risk assessments of the domains. We present a use case of our metadata framework using a coalition military scenario, wherein information flows can be controlled and regulated by our framework whilst allowing sufficiently high-quality tactical information to be disseminated.

Efficient Distribution of Trust Authority Functions in Tactical Networks

In this paper we describe an algorithm for the distribution of trust authority functions such as key generation and distribution in tactical mobile ad hoc networks. Such networks cannot rely on existing infrastructures and must operate under severe resource constraints. Moreover, network partitioning and node failure, including Byzantine failures must be compensated in tactical networks. We propose the combination of metrics on both network state and beliefs or trust in other nodes to form a composite metric for use in a clustering algorithm. The effectiveness and other characteristics of this improved clustering algorithm are then evaluated and analyzed in a simulation environment, demonstrating a significant improvement over the baseline clustering algorithm.

Efficient Trust Authority Distribution in Tactical MANET Environments

Determining the efficiency of protocols in MANET environments depends heavily on accurate characterization of the operating environment, particularly of message complexity. In this paper we therefore describe an extensible group mobility model intended to capture platoon-level light infantry operations, characterized by a hierarchical set of evolutions. Movement in this model is further constrained by a terrain model reported in previous work, allowing for a more precise modeling and simulation of algorithms on tactical networks. We subsequently describe a mechanism for disseminating key revocation information across a distributed trust authority (TA) in which nodes may be compromised or exhibit Byzantine failure. We propose and evaluate key revocation mechanisms to optimize the requirements of fast revocation propagation, complete coverage, and low message complexity in the previously described modeling and simulation environment.

Robust and efficient communication overlays for trust authority computations

This paper presents a novel algorithm for enhancing the efficiency and robustness of distributed trust authority protocols for mobile ad hoc networks (MANETs). Our algorithm determines a quorum of trust authority nodes required for a distributed protocol run based upon a set of quality metrics and establishes an efficient routing strategy to contact these nodes. An implementation and efficiency analysis illustrates the viability of our algorithm for small tactical networks consisting of 50 to 150 nodes and shows an approximate 32% reduction in communication overhead over traditional broadcast-based approaches to trust authority computations.

Connectivity augmentation in tactical mobile ad hoc networks

Tactical networks in urban environments are constrained by limited line-of-sight communication and frequent network partitioning. Moreover, energy efficiency for both communication and computation is a major concern as such networks are typically limited to battery-powered devices. Additional resources such as autonomous unmanned vehicles (UVs) or unmanned aerial vehicles (UAVs) are available in today missions. In this paper we investigate the connectivity augmentation of platoon size networks by said network resources, especially UAVs. We propose an authentication and negotiation protocol to securely request information and services from said resources. Services potentially provided in considered scenarios can incorporate the forwarding of data with a certain bandwidth, information about the UVs primary mission or missions, or a communication back-link to an infrastructure network. We furthermore investigate a more sophisticated support by motional adjustment of the UAVs. The efficiency and efficacy of the proposed protocols is evaluated in an simulated small-unit tactical network operating in an urban environment.

Resource-constrained signal propagation modeling for tactical mobile ad hoc networks

Connectivity and security of tactical mobile ad hoc networks (MANETs) can be enhanced significantly by explicit consideration of radio propagation as this not only allows determination of route feasibility and minimization of radio frequency power, but also avoids detectability of emanations. Tactical MANETs (and increasingly general MANETs) typically have geolocation and terrain information available, however as they are likely to be deployed in urban, broken, or indoor environments, simple Free Space or Two-Ray Ground models are not adequate. Although highly accurate radio propagation models exist, they require considerable computational resources and are hence unsuitable for incorporation into real-time protocols, particularly on resource-constrained platforms such as MANET nodes. We therefore propose a simplified, scalable ray-optical radio frequency propagation model that incorporates a Two-Ray Ground model and takes reflections and deflections on terrain features into account. Although our proposed model does not incorporate a comprehensive model of all physical effects, we argue that the approximation provided by our model is sufficient and suitable for the purposes of enhancing network performance and accuracy in the frequency range currently used by wireless networks. The model was incorporated in the NS-2 simulator and validated both using simulation and experimentally.

Energy-efficient key distribution and revocation in tactical networks with asymmetric links

Wildcard identity-based encryption (IBE) provides an effective means of communicating among groups which do not have a well-defined membership or hierarchy pre-established, as may frequently be the case in dynamic coalition operations. The protection of group communication against compromised nodes is, however, expensive in that it typically requires frequent re-keying in the case of attribute-based IBE or voting-based revocation mechanisms, which can be problematic in multi-hop ad-hoc networks. In this paper we investigate the use of asymmetric communication links such as may be provided by unmanned aerial vehicles to provide efficient revocation mechanisms for small ad-hoc networks. Such link characteristics allow the efficient maintenance and propagation of blacklists as proposed by Saxena et al. and also enable the development of probability and plausibility metrics for revocation requests. We therefore propose a scheme for the distribution of group keys that requires nodes of the group to collaborate in order to obtain the group secret key. Consequently, untrusted nodes are hindered from communicating with other groups. This isolation from untrusted nodes allows to avoid or at least to postpone expensive node revocations which require the rekeying of the whole group.