Dr. M Nasir Mumtaz Bhutta

Institute of Computing

Bahauddin Zakariya University

Multan, Punjab, 60,000

Pakistan

Email: nasir.bhutta@bzu.edu.pk

www.bzu.edu.pk

Introduction to Secure

Delay/Disruption Tolerant

Networks

21 January 2015

Dr. M N M Bhutta www.bzu.edu.pk 2

Introduction to Delay/Disruption Tolerant

Networking (DTN).

Overview of Security Architecture in DTN:

• Hop-by-Hop Authentication and Integrity.

• End-to-End Authentication and Integrity.

• End-to-End Confidentiality.

Requirements of Key Management in DTN.

Objectives

Dr. M N M Bhutta www.bzu.edu.pk 3

Introduction to DTN

Wired, TCP/IP based internet is no doubt

a success.

Some design assumptions and

characteristics of TCP/IP based internet

are:

• Devices are always connected.

• Data loss rate is comparatively low.

• Small round trip times. etc

Dr. M N M Bhutta www.bzu.edu.pk 4

Wireless Networks Applications

With advancement in wireless technology new kinds of networks have grown/growing. For example, • Satellite Networks

• Sensor Networks

• Ad-hoc networks

• Mobile Phone Networks

• Vehicular Networks etc.

In wired internet, some new applications are also developing which are different from traditional internet. For example, Peer-to-Peer networks etc.

Dr. M N M Bhutta www.bzu.edu.pk 5

Future Internetworking

Dr. M N M Bhutta www.bzu.edu.pk 6

Future Networking Issues

Characteristics of these wireless networks

are different from wired networks and also

vary within different domains as well.

Some characteristics are as follows:

• High Loss rate

• Large and/or variable delays.

• Links are not always connected,

Disconnectivity”.

Dr. M N M Bhutta www.bzu.edu.pk 7

Future Networking Issues

(continued)

Heterogeneity

• Sensor networks are very low powered

devices and usually delays tolerant (e.g.

monitoring applications).

• Satellite are long delayed networks (e.g. inter

planet networks).

• Mobile phone networks have their own

characteristics (mobility).

• Adhoc have variable disconnectivity.

Dr. M N M Bhutta www.bzu.edu.pk 8

Solutions

TCP/IP without modification

• Maximum RTT = 2 mins (high delays ?)

• Lossy links (Congestion Control ?)

• Sensor Networks (Low Powered devices ?)

• Mobile Phone networks (Better Performance &

Handoffs ?)

TCP with Modifications

• Have to solve each individual problem (e.g. Long

delays, applications on top of TCP, IPSec etc).

Dr. M N M Bhutta www.bzu.edu.pk 9

Solutions (continued..)

Overlay networking approach

• Different protocols have been developed for

different networks (Heterogeneity will be

solved).

• Long and variable delays, high loss rate, and

disconnectivity need to be handled on upper

layer than TCP to give better performance.

• Here DTN comes..

Dr. M N M Bhutta www.bzu.edu.pk 10

Overview of DTN

• DTN is an overlay network which runs on top of existing different networks to better handle high & variable delays, disruptions.

• It introduces new layer called bundle layer on top of TCP layer in TCP/IP stack.

Node Router Gateway

Persistent storage Optional Application Layer

Physical A

Link A

Network A

Transport A

Bundle

Application

Physical A

Link A

Network A

Transport A

Physical A

Link A

Network A

Transport A

Bundle

Application

Physical B

Link B

Network B

Transport B

Physical A

Link A

Network A

Transport A

Bundle

Application

Dr. M N M Bhutta www.bzu.edu.pk 11

High Delays/Disruptions and DTN

• High delays/disruptions are handled using

custodian transfer on bundle layer.

Dr. M N M Bhutta www.bzu.edu.pk 12

Heterogeneous Networks and DTN

• Different protocols family runs in

different region.

Dr. M N M Bhutta www.bzu.edu.pk 13

Security Architecture in DTN

Security Architecture for Internet (IPSec) can not be used with DTN for provision of security services.

Some highlighted issues for using with DTN are as follows: • Very chatty in nature.

• Intermediate devices will have conflict with IPSec.

• Cross-Layer Optimization will not work for IPSec. etc.

Dr. M N M Bhutta www.bzu.edu.pk 14

Security Architecture in DTN

(continued..)

DTN security architecture use its own idea compliant with DTN networking architecture for security services.

The security goals are given below:

• Hop-by-Hop integrity.

• Hop-by-Hop Authentication.

• End-to-End Integrity.

• End-to-End Authentication.

• End-to-End Confidentiality.

Dr. M N M Bhutta www.bzu.edu.pk 15

Hop-by-Hop Integrity and

Authentication.

Dr. M N M Bhutta www.bzu.edu.pk 16

End-to-End Integrity

Dr. M N M Bhutta www.bzu.edu.pk 17

End-to-End Confidentiality

Dr. M N M Bhutta www.bzu.edu.pk 18

Key Management in DTN

For secure and efficient key management for DTN, following are some of the requirements. • Key management should be communication efficient

and computational efficiency should also be taken into consideration. Key Transport will be more suitable

• Should support the DTN security architecture functionality and components. Public Key Cryptography should be supported.

Dr. M N M Bhutta www.bzu.edu.pk 19

Thanks for listening !

»Questions ?