View
227
Download
0
Tags:
Embed Size (px)
Citation preview
Cooperation between Nodes in Multi-Hop Wireless Networks
Jean-Pierre Hubaux1
Joint work with Naouel Ben Salem1, Levente Buttyan2, Srdjan Čapkun1, Mark Felegyhazi1 and Markus Jakobsson3
1 EPFL/School of Information and Communication 2 Budapest University of Technology and Economics
3 RSA Labs
2
Outline
• Encourage cooperation between nodes in multi-hop cellular networks (IP4)
• Brief overview of some other recent results :– Cooperation in ad hoc networks without incentives (IP4)– Mobility helps security (IP6)– Provable encounters (IP6)
3
S
D
Multi-Hop cellular networks (1/2)
• Set of base stations connected to a backbone (like in cellular)
• Potentially, multi-hop communication between the mobile station and the base station (unlike in cellular)
• Principle usable for both “classical”, voice centric cellular networks and wireless LANs (e.g., IEEE 802.11)
4
Multi-hop cellular networks (2/2)
• Expected benefits:– Energy consumption of the mobile stations can be reduced– Immediate side effect: Reduced interference– Number of base stations (fixed antennas) can be reduced– Coverage of the network can be increased– Closely located mobile stations can communicate independently
from the infrastructure (ad hoc networking)
• Problem: How to encourage the nodes to relay packets
for the benefit of other nodes?
5
Possible solution : systematic micro-payments (IP4)
A i1 BSA Bj1BSB
Initiator
Correspondent
• Principle: for every packet, the initiator is charged and all relay nodes are rewarded
• Strength : all cheating attempts will be detected
• Weakness : overhead (increase of the communication cost around 3 to 12%)
N. Ben Salem, L. Buttyan, J. P. Hubaux, and M. Jakobsson,"A Charging and Rewarding Scheme for Packet Forwarding in Multi-hop Cellular Networks"Fourth ACM Symposium on Mobile Networking and Computing (MobiHoc), Annapolis, June 2003
6
Alternative solution : probabilistic micro-payments (IP4)
Model for the network:• Multi-hop up-link• Single-hop down-link
S
D
• Proposals for probabilistic payments:– D. Wheeler(1996)– Jarecki and Odlyzko (1997)– S. Micali and R. Rivest (2002)– …
M. Jakobsson, J. P. Hubaux, and L. Buttyan "A Micro-Payment Scheme Encouraging Collaboration in Multi-hop Cellular Networks"Proceedings of Financial Crypto 2003
7
The solution in three easy steps – Step 1
• Assume that all packet sending/receiving events can be observed by an observer
• The observer could tell – who originated a packet (whom to charge)– who forwarded a packet (whom to remunerate)– who dropped a packet (whom to punish?)
8
The solution in three easy steps – Step 2
• Assume that every node honestly reports its own sending/receiving events to the operator
• The operator could tell– who originated a packet (whom to charge)– who forwarded a packet (whom to remunerate)– who dropped a packet (whom to punish?)
• Problems:– nodes may not be motivated to send reports– nodes may lie (send false reports)– reporting all events may be a huge overhead
9
The solution in three easy steps – Step 3
• Nodes get paid for their reports nodes are motivated to send reports
• Events to be reported are selected probabilistically this drastically reduces the overhead
• Neighbors are remunerated as well this further increases the motivation to cooperate
• Based on the received reports, the operator performs statistical analysis (auditing) this allows detection of cheating behavior
10
Assumptions
• Multi-hop cellular with multi-hop up-link and single-hop down-link
• Symmetric-key crypto, each node shares a long-term symmetric key with the operator (base stations)
• The operator manages numerous base stations and one accounting center
• The operator is trusted by every node for– not revealing secret keys– correctly transmitting packets– correctly performing billing and auditing
• Users are not trusted to act according to the protocol– users behave rationally– they can tamper with their devices– they can collude
11
Protocol
• Setup– users register with the operator– each registered user u gets an id and a symmetric key Ku – Ku is shared by the user and the operator (base stations)
• Maintaining connectivity information– each user u keeps a list of triplets (ui, di, Li), where
• ui is a neighbor• with distance (in hops) di from the base station and• with reward level Li
– the list is sorted in terms of increasing values of di and Li
• Reward levels– packets have reward levels too– a higher reward level means higher charge for the originator and
higher reward for the forwarders– ui is willing to forward packets with a reward level higher than Li
12
Packet origination
• Originator o wants to send payload p– o selects a reward level L
– computes a MAC = MACKo( L | p )
– transmits [ o | L | p | ] according to the Packet Transmission Protocol
13
Packet transmission
• User u – originator or forwarder – wants to transmit packet P = [ o | L | p | ]1. u selects his first as yet unselected entry (ui, di, Li) where Li < L
2. sends a forward request to ui (contains L and possibly more info)
3. waits for an ack from ui
• if received, then u sends P to ui
• if not received, then u increases i by one and goes to step 2
in any case: if u is not the originator, then u performs the Reward Recording Protocol
u y
z
x
(u=y, d=2, L=53)
(u=z, d=3, L=82)
(u=x, d=3, L=70)
14
Packet processing by the base stationThe base station receives a packet P = [ o | L | p | ]
– it looks up the secret key Ko of the originator o
– verifies the MAC • if not correct, then drops the packet• if correct, then transmits the packet to the destination
– keeps a count of the number of packets transmitted for o– records a fraction of all triplets (, L, u), where u is the id of the
user from which it received the packet [ o | L | p | ]– periodically sends the recorded information to an accounting center
S
D
Accounting Center
21 3
45
6
Retrieve Ko
Verify
P
15
Reward recording
• User u has forwarded a packet P = [ o | L | p | ]– u interprets as a lottery ticket
– the ticket is winning for u iff f(, Ku) = 1 for some function f
– if is winning, then u records (u1, u2, , L), where
• u1 is the user from which he received P
• u2 is the user (or base station) to which he forwarded P
u1 u2 (or base station)u
f(, Ku) = 1 ?
Example for f : f(, Ku) = 1 iff dHamming(, Ku) h
• Note: If f is not one-way, then all claims should be encrypted during transmission
16
Reward claim
• User u has a list M of reward records– when u is adjacent to a base station, he transmits a claim
[ u | M | MACKu(M) ] to the base station
– the base station verifies the MAC• if incorrect, then ignores the claim
• if correct then records the claim and sends an ack
– when u receives the ack, he deletes M from memory– the base station sends the recorded reward claims to the
accounting center
u
Accounting Center
[ u | M | MACKu(M) ]
17
Accounting
• The accounting center receives– reward claims of the form: “u claims (u1, u2, , L)”
– traffic info recorded by the base stations of the form: “(, L, u) from o”
• All originators whose identity has been recorded by a base station are charged
• All users whose identity figures as a claimant in an accepted reward claim are credited
• All users whose identity appears as sending or receiving neighbor in an accepted reward claim are also credited
18
Auditing
The probability for a ticket to win is independent of the identity of the user who evaluates it
each user should appear as a claimant with approximately the same frequency as he figures as either sending or receiving neighbor of a claimant
19
Examples of abuses and their detection (1/2)
• Packet droppingDescription: the user agrees to forward, but he doesn’t forward
Detection: receiving neighbor freq. > sending neighbor freq.
• Ticket sniffingDescription: the user claims credit for overheard packets
Detection:– claimant freq. > receiving neighbor or sending neighbor freq.– conflicting claims
a b c
d
b claims (a, c, , L)
d claims (b, c, , L)
20
Examples of abuses and their detection (2/2)
• Greedy collection of ticketsDescription: a set of users collect and share tickets allowing each
other to choose from a larger pool than they forwarded
Detection:– unusually long transmission paths (counted in number of claims
per packet)– abnormally high packet transmission rates per time unit by some
user (if timing information is also collected at the base station)
• Tampering with the reward levelDescription: the packet carries a large reward level during some
portion of the route, but the reward level is reduced by a colluder before the packet is transmitted to the base station
Detection:– claimants indicate a higher reward level in their claim than that
registered by the base station for a given packet
21
Conclusion on the probabilistic encouragement for collaboration
• Cooperation between nodes can be fostered by micro-payments
• Probabilistic micro-payments can drastically reduce the overhead
• The operator can fine tune the detection mechanisms according to the level of observed cheating
• Future work– Study attacks by malicious users– Pricing issues (e.g., computation of the reward levels)
22
Cooperation without incentivesin pure ad hoc networks (IP4)
0)( xi
Examples of strategies:
Strategy Function
Initial cooperation
level
AllD (always defect)
AllC (always cooperate)
TFT (Tit-For-Tat)
0
1
1
1)( xi
xxi )(
σiAi
yi
xi
Conclusion: In a static network, the conditions for spontaneous cooperation are extremely unlikely to be met; but mobility improves things.
Conclusion: In a static network, the conditions for spontaneous cooperation are extremely unlikely to be met; but mobility improves things.
M. Felegyhazi, Levente Buttyan, and J. P. Hubaux"Equilibrium Analysis of Packet Forwarding Strategies in Wireless Ad Hoc Networks – the Static Case"Proceedings of Personal Wireless Communications (PWC `03), Venice, Italy, September 2003
23
Mobility helps security (IP6)
Conclusion: Mobility can help security, both in symmetric and asymmetric crypto: initial key setup, re-keying operations, intrusion detection,…
Conclusion: Mobility can help security, both in symmetric and asymmetric crypto: initial key setup, re-keying operations, intrusion detection,…
Infrared link
(Alice, PuKAlice, XYZ)
(Bob, PuKBob , UVW)
Visual recognition, conscious establishment of
a two-way security association
Secure side channel
Alice Bob
S. Capkun, J. P. Hubaux, and L. Buttyan"Mobility Helps Security in Ad Hoc Networks" Fourth ACM Symposium on Mobile Networking and Computing (MobiHoc), Annapolis, June 2003
24
Provable encounters (IP6)
• claimant : a node claiming that it has met another node at a given time t• certifier : a node that certified the encounter with the claimant• verifier : a node that verifies the encounter between two nodes
claimant certifier
1. Encounter
claimant verifier
2. Proof of encounter
Verification is:• a posteriori• frequent
Conclusion: Mobile nodes can prove their encounters, at a very reasonable cost
Conclusion: Mobile nodes can prove their encounters, at a very reasonable cost
S. Capkun, L. Buttyan, and J. P. Hubaux"SECTOR : Secure Tracking of Node Encounters in Multi-hop Wireless Networks"First ACM Workshop on Security of Ad Hoc and Sensor Networks (SASN) 2003
25
Conclusion
• Cooperation and security issues are closely related to each other
• We propose several techniques to study / foster cooperation between nodes in multi-hop networks
• More research is needed– Investigation of the trade-off between overhead and robustness– Be able to compare different proposals– Be able to prove that a given proposal fulfills given expected
properties