Wen Tao Zhu

An improved smart card based password authentication scheme with provable security

Password authentication has been adopted as one of the most commonly used solutions in network environment to protect resources from unauthorized access. Recently, Lee-Kim-Yoo [S.W. Lee, H.S. Kim, K.Y. Yoo, Improvement of Chien et al.s remote user authentication scheme using smart cards, Computer Standards & Interfaces 27 (2) (2005) 181-183] and Lee-Chiu [N.Y. Lee, Y.C. Chiu, Improved remote authentication scheme with smart card, Computer Standards & Interfaces 27 (2) (2005) 177-180] respectively proposed a smart card based password authentication scheme. We show that these two schemes are both subject to forgery attacks provided that the information stored in the smart card is disclosed by the adversary. We also propose an improved scheme with formal security proof.

Review: Detecting node replication attacks in wireless sensor networks: A survey

A wireless sensor network (WSN) consists of a number of tiny, low-cost, and resource-constrained sensor nodes, but is often deployed in unattended and harsh environments to perform various monitoring tasks. As a result, WSNs are susceptible to many application-dependent and application-independent attacks. In this paper we consider a typical threat in the latter category known as the node replication attack, where an adversary prepares her own low-cost sensor nodes and deceives the network into accepting them as legitimate ones. To do so, the adversary only needs to physically capture one node, extract its secret credentials, reproduce the node in large quantity, and then deploy the replicas under her control into the network, possibly at strategic positions, to cripple various WSN applications with little effort. Defending against such node replication attacks has recently become an imperative research topic in sensor network security, and the design issues may involve different and more threatening challenges than detecting typical application-dependent attacks. In this survey, we classify existent detections in the literature, and explore the various proposals in each category. We look into necessary technical details and make certain comparisons, so as to demonstrate their respective contributions as well as limitations. We also present the technical challenges and indicate some possible directions for future research.

An efficient mutual authentication and key agreement protocol preserving user anonymity in mobile networks

We address the problem of mutual authentication and key agreement with user anonymity for mobile networks. Recently, Lee et al. proposed such a scheme, which is claimed to be a slight modification of, but a security enhancement on Zhu et al.s scheme based on the smart card. In this paper, however, we reveal that both schemes still suffer from certain weaknesses which have been previously overlooked, and thus are far from the desired security. We then propose a new protocol which is immune to various known types of attacks. Analysis shows that, while achieving identity anonymity, key agreement fairness, and user friendliness, our scheme is still cost-efficient for a general mobile node.

Optimizing the tree structure in secure multicast key management

We study the issue of distributing cryptographic keys to a secure multicast group. The key management is focused on virtual tree-based schemes represented by the logical key hierarchy (LKH). We present the optimal key tree structure problem. Specifically, we address minimizing the computational overhead of the key server with analytical formulation and propose two new variations of LKH. The first one is based on hash functions while the second being an observably different approach of generating new keys based on existing ones. Both structures are investigated and optimized for the key server.

Secure localization with attack detection in wireless sensor networks

Rapid technological advances have enabled the development of low-cost sensor networks for various monitoring tasks, where it is important to estimate the positions of a number of regular sensor nodes whose locations cannot be known apriori. We address the problem of localizing the regular nodes with range-based location references obtained from certain anchor nodes referred to as beacons, particularly in an adverse environment where some of the beacons may be compromised. We propose an innovative modular solution featuring two lightweight modules that are for dedicated functionalities, respectively, but can also be closely integrated. First, we harness simple geometric triangular rules and an efficient voting technique to enable the attack detection module, which identifies and filters out malicious location references. We then develop a secure localization module that computes and clusters certain reference points, and the position of the concerned regular node is estimated with the centroid of the most valuable reference points identified. Extensive simulations show that our attack detection module can detect compromised beacons effectively, and the secure localization module can subsequently provide a dependable localization service in terms of bounded estimation error. The integrated system turns out to be tolerant of malicious attacks even in highly challenging scenarios.

Detecting node replication attacks in mobile sensor networks: theory and approaches

A wireless sensor network composed of a number of sensor nodes is often deployed in unattended and harsh environments to perform various monitoring tasks. Due to cost concerns, usually, sensor nodes are not made tamper-resistant, and a captured node may be easily compromised by an adversary. With the revealed secret credentials, the adversary can create many duplicate nodes that are seemingly legitimate, and deploy them into the network to cripple the monitoring applications. Defending against node replication attacks has become an important research topic in sensor network security, but so far, not many solutions have been proposed, most of which adopt a stationary network model where sensor nodes are fixed and immobile. In this work, we address the problem of detecting node replication attacks in a mobile sensor network, where each sensor node freely and randomly roams in the sensing region all the time, and one node meets with another in an occasional and unpredictable manner. For replication attacks where the replicas do not conspire, we employ very lightweight token-based authentication as a detection approach. In case the replicas conspire by communicating with each other in an efficient manner, we harness the random encounters between physical nodes and propose a detection method based on statistics. Compared with existent solutions, our detections have the nice feature that sensor nodes are freed from the fragile assumption that they can correctly obtain their geographic positions, and that even loose time synchronization may be unnecessary. Copyright

Node Replication Attacks in Wireless Sensor Networks: Bypassing the Neighbor-Based Detection Scheme

We consider the node replication attack, which is an application-independent attack unique to wireless sensor networks. The attack makes it possible for an adversary to prepare her own low-cost sensor nodes and induce the network to accept them as legitimate ones. To do so, the adversary only needs to physically capture one node, reveal its secret credentials, replicate the node in large quantity, and deploy these malicious nodes back into the network so as to subvert the network with little effort. Recently, Ko et al. proposed a neighbor-based detection scheme to cope with replication attacks. The scheme features distributed detection and takes node mobility into account. It harnesses the dynamic observations of the neighbors of a claimer node and avoids the protocol iterations typically found in distributed detections. Unfortunately, we show that their proposal is subject to various replication attacks that can circumvent the detection. Moreover, it is even possible for a sophisticated adversary to exploit the protocol to revoke legitimate nodes.

MobiHydra: Pragmatic and Multi-level Plausibly Deniable Encryption Storage for Mobile Devices

Nowadays, smartphones have started being used as a tool to collect and spread politically sensitive or activism information. The exposure of the possession of such sensitive data shall pose a risk in severely threatening the life safety of the device owner. Particularly, the data owner may be caught and coerced to give away the encryption keys. Under this circumstances, applying the encryption to data still fails to mitigate such risk.

Protecting source location privacy in wireless sensor networks with data aggregation

Many efforts have been made to protect sensor networks against attacks, and standard mechanisms such as encryption are widely used to provide security services. However, the wireless transmission of a message itself may reveal to the adversary the origin of a sensed event, i.e., the source location of the message. Providing such position privacy in sensor networks is a challenging task. Traditional anonymity techniques are inappropriate for resource-constrained sensor networks, but an adversary may easily monitor the network communications. In this work, we focus on protecting source location privacy in the global attack model, where an adversary may have a global view of the communications in a sensor network and employ traffic analysis to locate the message sources. A flexible and effective countermeasure based on secure data aggregation is proposed to prevent the leakage of source location information. Both theoretical analysis and simulations are presented to validate the proposed scheme.

A Cost-Efficient Secure Multimedia Proxy System

Due to limited server and network capacities, proxies are introduced for streaming applications to cache multimedia content from the media source to enable a scalable service and to improve the user experience. In this paper we first review the security aspect of a proxy encryption framework recently presented by Yeung et al. featuring the multikey RSA technique. Then addressing the performance aspect, we propose a redesigned cost-efficient architecture, which is based on a media key management mechanism substantially different from Yeung et al. s framework and improves the overall system significantly.