Report

Chien-Ming Chen, Yue-Hsun Lin, Ya-Ching Lin, and Hung-Min Sun IEEE TRANSACTIONS ON PARALLEL AND DISTRIBUTED SYSTEMS, VOL. 23, NO. 4, APRIL 2012 Citation:42 Presenter:張哲豪 Date:2014/9/22 Introduction Preliminaries RCDA-HOMO RCDA-HETE Analysis Implementation Comparisons Conclusions 2 To reduce the communication cost in WSN, data aggregation is performed by cluster head. Problem ◦ Adversary has the ability to capture cluster heads. 3 Concealed Data Aggregation ◦ data are encrypted during transmission ◦ cluster heads directly aggregate encrypted data without decryption (privacy homomorphism) Problem ◦ The usage aggregation functions is constrained ◦ Base station can’t verify the integrity and authenticity of each sensing data. 4 Recoverable Concealed Data Aggregation ◦ The base station can verify the integrity and authenticity of all sensing data. ◦ The base station can perform any aggregation functions on them. 5 Introduction Preliminaries RCDA-HOMO RCDA-HETE Analysis Implementation Comparisons Conclusions 6 Homogeneous WSN ◦ cluster heads act as normal SNs. Heterogeneous WSN ◦ cluster heads act as by powerful high-end sensors (H-Sensors) ◦ Different types of SNs 7 Without compromising any SN or CH ◦ Forged messages with public information Compromising SNs ◦ Obtain sensing data or forge malicious data Compromising CHs ◦ Decrypt the ciphertext ◦ Forged aggregation results 8 (): is security parameter ◦ Construct an elliptic curve over a finite field ◦ Select private key ∈ ◦ Generate public key = (, , , , ) where = #( ), = × , is a generator on , × = ∞ ◦ Return key pair(, ) () ◦ Select ∈ [0, − 1] where ∈ ◦ Compute = (), where ()1 = × ◦ Output cipher = , = ( × , + × ) 9 (1 , 2 ) ◦ Compute ′ = ′ , ′ = 1 + 2 = 1 + 2 , 1 + 2 = 1 × + 2 × , 1 + 1 × + 2 + 2 × = ( 1 + 2 × , 1 + 2 + 1 + 2 × ) () ◦ Computer = − × + = + × − × ◦ Reverse through = 2 () ◦ Return the plaintext 10 = 1 × 2 → × = × = ∞, where ∀ ∈ 1 , ∀ ∈ 2 ◦ Generate private key ∈ ◦ Generate public key ∈ 2 where = × 2 ◦ Output key pair ( , ) for entity ◦ Compute ℎ = () where h ∈ 1 ◦ Generate signature = × ℎ and return (, ) 11 (, ) ◦ Computer ℎ = ◦ , 2 ≟ (ℎ, ) , ◦ = =1 where ∈ 1 − , ◦ = {1 , … }, public key set = {1 , … } ◦ Compute ℎ = ( ),for 1 ≤ ≤ ◦ , 2 ≟ =1 (ℎ , ) 12 Introduction Preliminaries RCDA-HOMO RCDA-HETE Analysis Implementation Comparisons Conclusions 13 14 (BS generate) ◦ ( , N ) for each sensor SN ,where = , N = ◦ ( , ) where = , , , , , = − ◦ ◦ ◦ ◦ Encoding : = ∥ 0 , where = ∙ − 1 Signature: = × ℎ ,where ℎ = ( ) Ciphertext: = , = ( × , + × ) sends the pair( , ) to 1 15 ◦ = , = −1 −1 =1 =( −1 =1 , −1 =1 ) ◦ = =1 ◦ Send (, ) to the BS ◦ ′ = −ζ × + = 1 + ⋯ + −1 ◦ ′ = ′ = 1 + ⋯ + −1 ◦ ′ , − 1, : = ′ [( − 1) ∙ , ∙ − 1] ◦ (1 , 2 ) ≟ −1 =1 (ℎ , ) 16 Introduction Preliminaries RCDA-HOMO RCDA-HETE Analysis Implementation Comparisons Conclusions 17 K11 18 ◦ ( , ) for each H-sensor SN ,where = , = ◦ ( , ) where = , , , , , = ◦ Each L-sensors share a pairwise key K with its CH ◦ Secure channel between L-sensors and H-sensor (preferred aggregation) ◦ ◦ ◦ ◦ Encoding 1 : = 1 ∥ 0 , where = ∙ − 1 Signature: 1 = 1 × ℎ1 ,where 1 = 1 , ℎ1 = (1 ) Ciphertext:1 = 1 , 1 = (1 × , 1 + 1 × ) 1 sends the pair(1 , 1 ) to 3 19 ◦ 3 = ( ◦ 3 = 3 =1 3 =1 , 3 =1 ) ◦ ◦ ◦ ◦ ′ = −ζ × + = 1 + ⋯ + 5 ′ = ′ = 1 + ⋯ + 5 ′ , 5, : = ′ [( − 1) ∙ , ∙ − 1] (5 , 2 ) ≟ 5=1 (ℎ , ) 20 allows to send ( ) and MAC(message authentication code) of ( ) to Every H-Sensor is loaded several necessary aggregation functions before deployment 21 Introduction Preliminaries RCDA-HOMO RCDA-HETE Analysis Performance Comparisons Conclusions 22 Without compromising any SN or CH ◦ Adversary can’t sign forged messages without private keys Compromising SNs ◦ Signature required for each generated message Compromising CHs ◦ No decryption private key is stored in a cluster ◦ Selective forwarding attack was defended 23 24 25 The base station can securely recover all sensing data rather than aggregated results, but the transmission overhead is still acceptable. The aggregate signature scheme to ensure data authenticity and integrity 26