Welcome to Scribd, the world's digital library. Read, publish, and share books and documents. See more
Download
Standard view
Full view
of .
Look up keyword
Like this
1Activity
0 of .
Results for:
No results containing your search query
P. 1
Cryptography Network Security

Cryptography Network Security

Ratings: (0)|Views: 17|Likes:
Published by Srivatsa Rao
seminar report on cryptography and network security
seminar report on cryptography and network security

More info:

Published by: Srivatsa Rao on Mar 03, 2012
Copyright:Attribution Non-commercial

Availability:

Read on Scribd mobile: iPhone, iPad and Android.
download as PDF, TXT or read online from Scribd
See more
See less

07/24/2013

pdf

text

original

 
A
Novel
Cryptography
for
Ad
Hoc
Network
Security
PI
Jian-yong,
LIU
Xin-song,
WU
Ai,
LIUDan
8010
Research
Lab,School
of
Computer
Science
&
Engineering
University
of
Electronic
Science
andTechnology
of
China
Chengdu
610054,
SiChuan,
P.
R.
China.
pijy2004i163.com
Abstract-In
this
paper,
we
propose
a
novel
cryptography
for
ad
hoc
network
security.
In
this
cryptography,
we
present
a
new
digital
signature
algorithm
for
identity
authentication
and
keyagreement
scheme.
The
identity
authentication
is
validated
by
zero-knowledge
proof,
and
the
identity
authentication
process
includes
the
key
agreement
process,
so
the
cryptography
has
high
efficiency.
Because
of
the
fully
distributed
characteristics
of
ad
hocnetwork,
our
security
scheme
has
no
central
administration
in
the
on-line
process.
The
securityanalysisfor
our
scheme
indicated
that
the
scheme
can
withstand
the
man-in-middle
attack
and
message
replay
attack.
The
security
of
the
scheme
is
guaranteed
by
the
intractability
of
computing
discrete
logarithm.
I.
INTRODUCTION
The
security
of
Ad
Hoc
network
is
an
important
issue
in
current
research
field
ofnetwork
security.
But
there
is
not
any
fixed
infrastructure
and
central
administration
in
Ad
Hoc
network[1],
thereforethe
scheme
we
presented
should
be
a
fullydistributed
architecture.
The
trust
model
of
security
system
is
very
important,especially
security
system
of
Ad
Hoc
network.
We
think
there
are
two
concepts
of
trust
relations
in
fully
distributed
network:
the
first
is
constructing
the
trust
relations,
just
in
fixed
peer
to
peer(P2P)
network;
the
second
is
maintaining
the
trust
relations.
In
most
scenarios,the
mobile
Ad
Hoc
network
is
a
wireless
communication
network
for
temporary
task[2],
so
an
Ad
Hoc
network
can
hardly
exist
timelessly.
It
means
that
constructing
trust
relation
in
Ad
Hoc
network
is
unfeasible.
Thereforeour
scheme
adopts
offline
TrustedThirdParty
(TTP),
each
node
in
Ad
Hoc
network
only
maintains
the
trust
relations
instead
of
constructing.
In
addition,the
TrustedThirdParty
(TTP)
only
sign
the
identity
of
each
node
in
Ad
Hoc
network,
because
we
think
the
identity
ofeach
node
in
Ad
Hoc
network
is
steady
compared
with
session
key.
So
the
key
is
obtained
via
key
agreement
protocol
in
each
session.
The
identity
of
every
participator
in
Ad
Hoc
network
is
not
only
their
unique
symbol
but
also
in
charge
of
key
generation
in
each
session,therefore
every
participator
can
not
get
theidentity
signed
by
offline
TrustedThird
Party
(TTP)
via
asession,
otherwise
the
compromised
participator
can
impersonate
other
participators.
The
zero-
knowledge
proof
algorithm
we
proposed
problem
successfully.
can
solve
the
II.
RELATED
WORK
The
Key
Distribution
Center
(KDC)
architecture
is
mainstream
in
wired
network,
because
KDC
has
so
many
merits:
efficient
key
management,
including
key
generation,
storage,
distribution
and
updating[3]
[4]
[5].
Every
participator
has
a
certificate
signed
by
KDC
for
identityauthentication.
Communication
parties
of
both
sides
not
only
exchange
their
public
keys
but
also
authenticate
their
identities
each
other
in
each
session.
TheKey
Distribution
Center
(KDC)
architecture
has
several
perfect
models
for
application[6].
Although
KDC
architecture
presented
some
distributed
model,
the
essential
thoughts
is
same
as
original
one.
Threshold
cryptography
is
an
eclectic
scheme
between
central
administration
and
fully
distribution
architecture,
which
was
firstly
introduced
by
Zhou
and
Haas
[7].
The
trust
anchor
of
Threshold
cryptography
is
a
conversion
from
single
trusted
server
to
whole
participators.
In
Shamir(k,n)
secret
sharing
scheme,
every
participator
can
own
a
private
key
share
from
KDC
according
to
a
random
polynomial.
When
a
new
participatortakes
part
in
the
communication
network,
it
will
ask
for
identity
authentication,
so
k
participators
will
provide
their
private
key
share
for
combining
the
private
key
of
offline
KDC.
The
simulation
studies
about
secret
sharing
scheme
demonstrated
higher
maintenanceoverhead
in
the
scheme[8].
111.
DIGITAL
SIGNATURE
ALGORITHM
AND
KEY
AGREEMENT
SCHEME
Our
scheme
contains
two
procedures:
the
first
is
offline
TrustedThirdParty(TTP),
which
sign
the
IDof
each
node
in
Ad
Hoc
network
viathe
novel
digital
signature
algorithm
we
proposed.
Every
node
which
wants
to
enter
the
Ad
Hoc
network
should
getthe
Authentication
Code(AC)
signed
by
offline
TTP.
The
second
procedure
is
key
agreement,
our
key
agreement
is
similar
to
Diffie-Hellman
key
agreement
protocol,
but
our
scheme
can
authenticate
identity
betweencommunication
participators.
*Research
supported
by
Basic
Application
Research
Project
of
SiChuanChina
(Grant
No
04JY029-017-2)
0-7803-9584-0/06/$20.00O2006
IEEE.
1448
 
A.
System
initialization
In
order
to
validatethe
identity
authentication
for
each
node
which
enters
the
Ad
Hoc
network,
we
postulatethere
are
different
identities
ofnodes
in
Ad
Hoc
network.
Let
n
is
number
of
nodes
in
Ad
Hoc
network,
m
is
identity
ofnodes
in
Ad
Hoc
network.
mi
E
JmJIm2,
......{m
m.,m}
,m
E
m,m2
......
,
mnl
Vi.j,i,
jen,3mi
.m1
The
offline
Trusted
ThirdParty
(TTP)
will
generate
the
authentication
code(AC)
for
every
node
thatwill
enter
the
Ad
Hoc
network.
Firstly,
TrustedThirdParty
(TTP)
generate
a
large
prime
p,
and
g
is
a
generator
element
in
,so
zp
is
a
finite
field.
In
our
scheme,
Z*
should
meet
ZP
p
~~~~~~~~~~p
the
identity
ofeach
node
in
Ad
Hoc
network:
mi
E
GP(p)
i.e.
0
<
mi
<
(p
-1),O
<
i
<
n
,
the
offline
TrustedThirdParty
(TTP)
choose
an
element
randomly:
VAUth
E
GF(p),
and
calculate:
Auth
Vg
mod
p
Offline
TrustedThird
Party
(TTP)
keep
VAUth
as
her
private
key,publicize
(YAuth,
p,
g
)
as
her
publickey,
and
distribute
herpublic
key
to
every
node
which
will
enter
the
Ad
Hoc
network.
B.
Digital
signature
for
identity
of
node
in
Ad
Hoc
networkEvery
node
in
Ad
Hoc
network
has
an
identity
which
is
unique
token
to
the
node
of
Ad
Hoc
network.Therefore
the
identity
of
node
should
participate
in
the
identity
authentication
without
exposing
their
raw
identity.
We
propose
the
new
digital
signature
algorithm
which
can
verify
theauthentic
identity
of
each
node
without
getting
the
raw
identity.
The
off-line
TrustedThird
Party
(TTP)
choose
s
E
GF(p)
and
s'
E
GF(p)
randomly,
s,
<p-1,
s'
<
p
-1,
which
should
meet:
gcd(si,
p
-1)
=
1,
gcd(s',
p
-1)
=
1
Calculate:
W,_
gs,
modp,
Q,
_
gs,
modp
According
to:
mi
-VAUthW
>
QIUI
mod(p
1)
,
Ui
can
be
computed
by
using
the
extendedEuclid
algorithm.
Each
node
which
wants
to
enter
the
Ad
Hoc
network
keeps
(Wi,Q1,
Ui)
as
her
secretprivate
Authentication
Code
(AC),
the
digital
signature
algorithm
is:
Si(Mi
I
VA,th
)
=
I,
Qi,
IUi
)
C.
Signature
verification
In
order
to
verifythe
Authentication
Code
(AC),
we
shouldcompute:
g
g
QUthW,+Q,
modp
i.e.
gmi
=
yWgQ
modp
(1)
therefore:
VerifY(gy
A
"P)
(mi,
(,
Qi,
Ui))
True
D.
Key
agreement
in
communication
In
our
scheme,
(Wi,Qi,
U)
,
as
Authentication
Code
(AC)
of
each
node,
will
take
part
in
identity
authentication
andkey
agreement
in
Ad
Hoc
network.
Let
Alice
as
sponsor
ofcommunication,
Bob
is
receiver.
We
show
the
protocol
of
session
as
follows:
1.
Alice
generate
a
big
integer
x
randomly,
and
compute:
X
gxmodp
(2)
X'
-gX+QUA
modp
Alice
send
(mA,
WA,
X,
X')
to
Bob.
2.
Bob
generate
a
big
integer
y
randomly,
and
compute:
Y4
gymodp
(3)
y4/
gYQUmod
p
Bob
send
(mB,
WB,
Y,
Y')
to
Alice.
3.
Alicereceive
(mB,
WB,
Y,
Y')
from
Bob,
then
compute:
k,-
YX+QAUAmodp
4.
Bob
receive
(mA,
X,
X')from
Alice,
then
compute:
k
-=XY+QBUB
modp
5.
In
order
to
authenticatethe
identity
ofBob,
Alice
compute:
Congruence(3)xCongruence
(1)
i.e.
yg
YAuth
99
Yg
n
YB
hY
mod
p
If
the
congruence
hold,
then
the
identity
of
Bob
is
authentic.
Where
k2
is
theauthentic
key
of
session.
6.
In
order
to
authenticatetheidentity
of
Alice,
Bob
compute:
Congruence(2)
x
Congruence
(1)
i.e.
g
AthgQugx
mod
p
Xgn
YAthX
mod
p
If
the
congruence
hold,
then
theidentity
of
Alice
is
authentic.
Where
k1
is
theauthentic
key
of
session.
In
addition:
k1
=
k2
-
gXQAUA)(Y+QBUB)
modp
7.
The
Alice
and
Bob
can
communicate
securely
with
key
k1
=
k2
via
arbitrary
algorithm
of
symmetrickey
1449
 
cryptography.
When
the
session
is
over,
Alice
and
Bob
should
discardthe
key.
IV.
SECURITY
ANALYSIS
Inthe
fully
distributed
computing
environment,each
node
that
wants
to
enter
Ad
Hoc
network
should
obtain
an
authentication
code(AC)
from
offline
TrustedThirdParty
(TTP).
The
authentication
code(AC)
is
unique
identity
of
node
in
Ad
Hoc
network,
actually
authentication
code(AC)which
take
part
in
identity
authentication
andkey
agreement
in
each
session
is
also
the
identity
digital
signature
of
each
node
in
Ad
Hoc
network.
A.
Security
notion
for
digital
signature
In
order
to
generate
the
authentication
code(AC)
for
each
node
in
Ad
Hoc
network,
offline
TrustedThirdParty
(TTP)
choose
(s1,
s')
pair
randomly.Every
(s1,
s')
pair
which
we
selected
evenly
and
randomly
from
GF(p)
space
matches
every
node
in
Ad
Hoc
network.Therefore
every
(Wi
,
Qi,
Ui)
pair,
i.e.
authentication
code(AC)
for
every
node
in
Ad
Hoc
network
has
strong
randomicity.
The
node
which
hasByzatine
behavior
can
notrecover
the
private
key
of
TrustedThirdParty
(TTP)
via
conspiracy.
Traditional
ElGamal
digital
signature
need
to
format
the
message
for
preventing
existential
forgery[9][10].
The
most
commonly
used
message
formatting
mechanism
is
to
have
m
to
be
a
hashed
value
of
the
message
to
be
signed.
An
example
of
such
a
hashed
message
can
be:
M
=
H(m,
r)
Where
H
is
a
cryptographic
hash
function
and
m
is
a
bit
string
representing
a
message.Therefore
message
M
is
recognizable.
But
in
our
scheme,
the
identity
of
each
node
is
a
recognizable
string.
As
the
outcomeof
digital
signature,the
authentication
code(AC)
can
prevent
identity
ofeach
nodefrom
existential
forgery
attacks.
B.
Zero
knowledgeprooffor
identity
authentication
As
the
authentication
code(AC),
(W
,
Q1,
U1)
is
unique
token
for
each
node
in
Ad
Hoc
network.Therefore
(W,
Q1,
U1)
cannot
be
leaked
to
theother
side
of
communication
completely
in
each
session.
In
order
to
meet
identity
authentication
requirement,
only
Wi
should
besend
to
theother
side
ofcommunication.
The
receiver
get
Wi,
however
he
can
notrecover
(Q1,
U1)
pair,
for
gQU
-'YAUthmodp
To
recover
(Q1,
U1)
pair
is
equal
to
the
intractability
of
computing
discrete
logarithm.
As
the
same,
we
described
the
scenario
about
Alice
and
Bob
sessionscenario
above:
X
_
gxmodp
X'
X
+Qui
mod
p
Finally:
gQIUu
=
Xg-x
modp
Therefore,
if
Bob
will
obtain
(Q1,
U1)
pair,
he
should
havecoped
with
the
intractability
ofcomputing
discrete
logarithm.
So
we
prove
that
receiver
can
not
obtain
the
complete
(Wi,
Q1,
U1)of
sender
at
either
situation.C.
Message
replay
attack
In
Ad
Hoc
network,
the
messagesof
every
session
can
beeavesdropped
and
recorded.
The
eavesdropper
can
replay
the
messages
in
the
coming
communication[1
1].
Forkeeping
the
messages
fresh,
communication
parts
will
generate
an
integer
x
randomly
before
key
agreement,
i.e.
X
_
gX+Q'U
modp
Therandom
integer
x
is
applying
for
key
agreementwith
communication
parts.
Therefore
the
key
of
every
session
is
different.
The
communication
parts
should
save
the
key.
If
the
key
appear
again,the
node
in
Ad
Hoc
network
would
have
rejectedthe
communication.
D.
Man
in
middle
attack
Becauseof
the
absence
of
message
authentication,
traditional
key
agreement
protocol
is
attacked
easily
by
man-in-middle
attack[12].
Therefore
in
our
scheme,
we
propose
that
the
key
agreement
protocolinclude
message
authentication.
The
scheme
authenticate
firstly:
Xg
YAuthg
g
modp
Where
X
_
gx
mod
p,
x
is
a
random
integer.
If
the
congruence
above
is
false,
thereceiver
can
not
believe
thesender.
In
addition,
thereceiver
can
not
believe:
k
_
YX+Q'U'
modp
Where
Y
_
gy+QU
mod
p,
y
is
the
random
integer
of
theother
side,
k
is
the
key
of
session.
Therefore
the
message
authentication
in
key
agreement
protocol
guarantee
consistency
between
the
identity
of
the
node
mi
and
authentication
code(AC)
(WL,
Q1,
U1)
.
The
man-in-middle
can
get
mi
,
butcan
not
get
(WL,
Q1,
Ui).
Therefore
they
can
notguarantee
the
success
of
verification
from
the
receiver.
V.
PERFORMANCE
ANALYSIS
In
this
Section,
we
first
analyze
our
proposedapproach
in
terms
of
communication
overhead
and
then
present
some
simulation
results.
A.
Communication
overhead
In
our
scheme,
we
generate
authentication
code(AC)
for
the
node
want
to
join
the
mobile
Ad
Hoc
networkfrom
offline
TrustedThirdParty
(TTP).
Compared
with
the
traditional
PKI/CA
solutions,
our
proposedapproach
omitted
management
overhead
to
public
key,
i.e.
certification
management,
such
as
certification
generation,propagation,
and
storage.
So
the
communication
overhead
1450

You're Reading a Free Preview

Download
scribd
/*********** DO NOT ALTER ANYTHING BELOW THIS LINE ! ************/ var s_code=s.t();if(s_code)document.write(s_code)//-->