Upload File

military dtn

31
SECURE DATA RETRIEVAL FOR DECENTRALIZED DISRUPTION-TOLERANT MILITARY NETWORKS External Demonstration

Upload: vishnu-iyengar

Post on 13-Sep-2015

246 views

Category:

Documents


8 download

Report

Tags:

DESCRIPTION

VTU, College

TRANSCRIPT

  • SECURE DATA RETRIEVAL FOR DECENTRALIZED DISRUPTION-TOLERANT MILITARY NETWORKS

    External Demonstration

  • 1.1 Introduction & Objective 1.2 Disruption Tolerant Networks (DTN) 1.3 Attribute Based Encryption (ABE)

    1.2.1 KP-ABE 1.2.2 CP-ABE

    1. Introduction

  • 1.1 Introduction & Objective

    In many military network scenarios, connections of wireless devices carried by soldiers may be temporarily disconnected by jamming, environmental factors and mobility, especially when they operate in hostile conditions.

    Many applications require increased protection of confidential data including access control methods that are cryptographically enforced.

    Our objective is to provide increased protection even under a disruption prone network

  • 1.2 Disruption Tolerant Networks (DTN)

    We make use of Decentralized Disruption Tolerant Network.

    Disruption Tolerant Network is designed to provide connectivity where thenetworkwould normally be subject to frequent and long lasting disruptions. Intensively applicable for: Disaster relief missions Peace keeping missions Vehicular Networks

  • 1.3 Attribute Based Encryption (ABE)

    We make use of following two attributes:

    1.Battalion

    2. Region

    In traditional public-key cryptography, a message is encrypted for a specific receiver using the receivers public-key.

    But ABE defines the receiver as a set of attributes, instead of a specific identity.

    Hence messages can be encrypted/decrypted with respect to subsets of attributes or policies defined over a set of attributes.

  • Why ABE?

    Eliminates dependency on a single user. The message can be configured for future access,

    ie; only after the user achieves the set of attributes. Forward and Backward secrecy is maintained. Threat of collusion can be overcome.

  • 1.2.2 KP-ABE (1 of 2)

    In KP-ABE, the sender only gets to label a cipher-text with a set of attributes.

    The key authority chooses a policy for each user that determines which cipher-texts he can decrypt and issues the key to each user by embedding the policy into the users key.

    Hence the policy is contained in the Users key.

  • 1.2.2 KP-ABE (2 of 2)

    Admin (Key Authorities)

    User Sender

    Message

    Key (Using Policy)

    Uses Key To decrypt

    Uses Policy to encrypt

  • 1.2.3 CP-ABE (1 of 2)

    However, the roles of the cipher-texts and keys are reversed in CP-ABE.

    In CP-ABE, the cipher-text is encrypted with an access policy chosen by an sender, but a key is simply created with respect to an attributes set.

    CP-ABE is more appropriate to DTNs than KP-ABE because it enables sender such as a commander to choose an access policy on attributes and to encrypt confidential data under the access structure via encrypting with the corresponding public keys or attributes.

  • 1.2.3 CP-ABE (2 of 2)

    Admin (Key Authorities)

    User Sender

    Message

    Key (Using Attribute)

    Uses Key To decrypt

    Uses Attributes to encrypt

  • Example (Hospital)

    Sl. no Role Department

    1 Doctor A

    2 Doctor B

    3 Ward Boy A

    4 Cleaner B

    5 Security C

    6 Doctor C

    Employee list Access Chart

    Patient

    OR

    AND

    Doctor A

    AND

    Doctor B A doctor from either Department A or

    Department B should attend the patient.

  • 1. A. Lewko and B. Waters, Decentralizing attribute-based encryption, Cryptology ePrint Archive: Rep. 2010/351, 2010.

    2. M. Chuah and P. Yang, Performance evaluation of content- based information retrieval schemes for DTNs, in Proc. IEEE MILCOM,2007, pp. 17.

    3. V. Goyal, O. Pandey, A. Sahai, and B. Waters, Attribute-based encryption for fine-grained access control of encrypted data, in Proc. ACM Conf. Comput. Commun. Security, 2006, pp. 8998.

    4. S. Rafaeli and D. Hutchison, A survey of key management for secure group communication, Comput. Surv., vol. 35, no. 3, pp. 309329,2003.

    2.Literature survey

  • 3.1 Network Architecture 3.2 Elliptical Curve Cryptography 3.3 Algorithm

    3. Implementation

  • 3.1 Network Architecture

    Secure data retrieval in a Military DTN

  • System Descrip7on

    Key Authori7es: They are key genera7on centre that generate public/secret parameters for CP-ABE.

    Storage node: This stores data from senders and provide corresponding access to users. It may be mobile or sta7c.

    Sender: Sender is responsible for dening access policy and enforcing it on its data by encryp7ng the data under the policy before storing it to the storage node(e.g., a commander).

    User: This is a mobile node who wants to access the data stored at the storage node (e.g., a soldier).

  • 3.2 Elliptic Curve Cryptography(ECC)

    ECC is an Asymmetric cryptography/ Public key Cryptography we would use.

    It is based on the algebraic structure of ellip7c curves.

    Why ECC over RSA? Provides Higher security with Smaller key size. E.g., a 256-bit ECC public key should provide comparable security to a 3072-bit RSA public key

  • 3.3 Algorithm (1 of 3)

    Key Generation

    To generate public key Q = d*P

    Where, n P & Q : Public key n d : Private key (a random number)

  • 3.3 Algorithm (2 of 3)

    For Encryption

    Two cipher texts C1 and C2 C1 = k*P

    C2 = M + k*Q

    Where, n k : Random number n M : Plain Text n P & Q : Public key

  • 3.3 Algorithm (3 of 3)

    For Decryption

    To get back the message M M = C2 - d*C1

    Where, n d : Private key n M : Plain Text

  • 4.1 System Architecture 4.2 Context Analysis 4.3 Admin DFD 4.4 Sender DFD 4.5 User DFD

    4.System Design and Data Flow

  • 4.1 System Architecture

  • 4.2 Context Analysis

  • 4.3 Admin DFD

  • 4.4 Sender DFD

  • 4.5 User DFD

  • 6.1 Challenges in Implementation 6.2 Results 6.3 Future Enhancements 6.4 Other Applications

    6.Conclusion

  • 6.1 Challenges in Implementation

    Confidentiality in Message Visibility: Unauthorized users who do not have enough credentials satisfying the access policy should be deterred from viewing the messages in the storage node.

    Backward secrecy and Forward secrecy: In order to impart secrecy, we had to revoke the before held key as and when the user changes attributes.

    Choice of Attributes to avoid Collusion: Choice of attributes must be such that, though multiple users could possess the same value for few attributes, but the attribute set for each user must be unique.

  • 6.2 Results CP-ABE imparts higher Data Confidentiality. 2pc Protocol eliminates the dependency on multiple

    authorities to compose a master key. Decentralization of Storage nodes give continuous

    connectivity between all users. If any storage node is under jamming then other

    storage node will respond to Receiver and Sender request/response related queries.

  • 6.3 Future Enhancements

    Decentralize storage nodes onto user devices as mini storage nodes, to improve connectivity and data deliverability.

    Incorporate Location Based Services, to track location as an attribute.

    Can be extended into Vehicular Adhoc network (GreenNetwork).

    Online Education.

  • 6.4 Other Applications

    Broadcast encryption: It is the cryptographic problem of delivering encrypted content (e.g. TV programs or data on DVDs) over a broadcast channel in such a way that only qualified users (e.g. subscribers who have paid their fees )can decrypt the content.

    Attribute-Based Anonymous Credential System(ABACS): It allows the verifier to authenticate anonymous users according to any access.

    Log Encryption: Instead of encrypting each part of a log with the keys of all recipients, it is possible to encrypt the log only with attributes which match recipients attributes.

  • THANK YOU


DTN Jan 10

Multicasting in DTN Networks

SIS-DTN Green Book v0 Documents/DTN Green … · / Disruption Tolerant Networking (DTN) protocol targeted at the space internetworking environment. A space internetworking architecture

DTN Aug 2012

2 dtn - oct 2010

Roteamento dtn

DTN Oct 2011

FleetGuard Suite - DTN

DTN Sept 2010

Joint DTN / SOIS Meeting

State Space Models, Linearization, Transfer Function ...2019/10/29  · StateSpaceModels Consideralineardifferentialequationofordern dny dtn + a1 dn 1y dtn 1 + ::: + any= b0 dnu dtn

Dtn 17 3 15

Survey on DTN

Asean vocab dtn

dtn mar 10

Presentacion Ganolife - DTN

SIS-DTN WG Meeting

Dtn dec 2010

DTN March 2012

DTN Guardian3™

Renault DTN-Scheepsbenzinemotoren.pdf

Dtn Cens Seminar

DTN Jan 2012

Che Gvarache Guevara - DTN

DTN Park District presentation

DTN Dec 2011

Hannover Bescheinigung - Maschinenbau Hahn · Normen/Regelwerke DIN 18800-7, DIN 15018, DIN 18801 DtN 18808, DtN 19704, DtN 4119 DtN 4131, DtN 4132, DtN 4133 DIN 4420, DIN 4421, DIN

DTN Routing Verfahren

DTN PRESENTATION

Progesterone EIA Kit - Probiotek · 482602 Progesterone EIA Antiserum 1 vial/100 dtn 1 vial/500 dtn 482600 Progesterone AChE Tracer 1 vial/100 dtn 1 vial/500 dtn 482604 Progesterone

THE VIABILITY OF A DTN SYSTEM FOR CURRENT MILITARY … · 2016. 7. 4. · Delay- and Disruption-Tolerant Networking (DTN) technology has been in development for years, with the first

DTN Charrette 3 Presentation

DTN Produktkatalog Kältetechnik

DTN Feb 2011

DTN Network Management