The Experts below are selected from a list of 222 Experts worldwide ranked by ideXlab platform
Devesh C. Jinwala - One of the best experts on this subject based on the ideXlab platform.
-
Malleability Resilient Concealed Data Aggregation in Wireless Sensor Networks
Wireless Personal Communications, 2016Co-Authors: Keyur Parmar, Devesh C. JinwalaAbstract:The objective of concealed data Aggregation is to achieve the privacy preservation at intermediate nodes while supporting in-network data Aggregation. The need for privacy preservation at intermediate nodes and the need for data Aggregation at intermediate nodes can be simultaneously realized using privacy homomorphism. Privacy homomorphism processes the encrypted data without decrypting them at intermediate nodes. However, privacy homomorphism is inherently malleable. Although malicious adversaries cannot view transmitted sensor readings, they can manipulate them. Hence, it is a formidable challenge to realize conflicting requirements, such as end-to-end privacy and end-to-end integrity, while performing en Route Aggregation. In this paper, we propose a malleability resilient concealed data Aggregation protocol for protecting the network against active and passive adversaries. In addition, the proposed protocol protects the network against insider and outsider adversaries. The proposed protocol simultaneously realizes the conflicting objectives like privacy at intermediate nodes, end-to-end integrity, replay protection, and en Route Aggregation. As per our knowledge, the proposed solution is the first that achieves end-to-end security and en Route Aggregation of reverse multicast traffic in the presence of insider, as well as outsider adversaries.
-
Concealed data Aggregation in wireless sensor networks
Computer Networks, 2016Co-Authors: Keyur Parmar, Devesh C. JinwalaAbstract:The objectives of concealed data Aggregation are end-to-end privacy preservation and en Route Aggregation of reverse multicast traffic in wireless sensor networks. Privacy homomorphism has been used to realize these objectives together. Although privacy homomorphism helps in achieving conflicting objectives, namely, privacy and data Aggregation, it negatively affects other security objectives such as integrity and freshness. Privacy homomorphism, which protects sensor readings from passive adversaries, makes sensor readings vulnerable against active adversaries whose aim is to modify or to inject malicious data packets in the network. In this article, we present a comprehensive survey of the state-of-the-art concealed data Aggregation protocols in wireless sensor networks. We investigate the need for en Route Aggregation, encrypted data processing, en Route and end-to-end integrity verification, and replay protection. We discuss the challenges and their proposed solutions that achieve the conflicting objectives, such as in-network Aggregation, privacy, integrity, and replay protection, together. We comparatively evaluate the performance of concealed data Aggregation protocols to measure their respective strengths and weaknesses. In addition, we provide a detailed insight into the open research issues in concealed data Aggregation and conclude with possible future research directions.
-
Symmetric-Key Based Homomorphic Primitives for End-to-End Secure Data Aggregation in Wireless Sensor Networks
Journal of Information Security, 2014Co-Authors: Keyur Parmar, Devesh C. JinwalaAbstract:In wireless sensor networks, secure data Aggregation protocols target the two major objectives, namely, security and en Route Aggregation. Although en Route Aggregation of reverse multi-cast traffic improves energy efficiency, it becomes a hindrance to end-to-end security. Concealed data Aggregation protocols aim to preserve the end-to-end privacy of sensor readings while performing en Route Aggregation. However, the use of inherently malleable privacy homomorphism makes these protocols vulnerable to active attackers. In this paper, we propose an integrity and privacy preserving end-to-end secure data Aggregation protocol. We use symmetric key-based homomorphic primitives to provide end-to-end privacy and end-to-end integrity of reverse multicast traffic. As sensor network has a non-replenishable energy supply, the use of symmetric key based homomorphic primitives improves the energy efficiency and increase the sensor network’s lifetime. We comparatively evaluate the performance of the proposed protocol to show its efficacy and efficiency in resource-constrained environments.
-
EUNICE - Malleability Resilient Concealed Data Aggregation
Lecture Notes in Computer Science, 2014Co-Authors: Keyur Parmar, Devesh C. JinwalaAbstract:Concealed data Aggregation protects against passive attackers and ensures privacy of sensor readings at intermediate nodes. However, the use of inherently malleable privacy homomorphism makes it susceptible to active attackers. In addition, it is a well-known fact that encrypted data processing is vulnerable to pollution attacks where a single malicious node can flood the network by fake readings. Hence, there exists a need to authenticate the processed readings. Traditional authentication mechanisms are not viable due to the conflicting requirements like in-network processing and encrypted data processing. The need for en Route Aggregation of sensor readings, the need for encrypted data processing and the need for message authentication both at the base station and at aggregator nodes, make message authentication a formidable challenge. Homomorphic Message Authentication Codes (H-MACs) help to verify the integrity of processed sensor readings. However, the need to verify the integrity of sensor readings both at intermediate node(s) and at the base station cannot be realized simultaneously through the currently available techniques. In this paper, we combine the benefits of privacy homomorphism and H-MACs to provide malleability resilient concealed data Aggregation in the presence of both insider and outsider adversaries. As per our knowledge, our solution is the first to achieve integrity protecting concealed data Aggregation in the presence of both insider and outsider adversaries.
-
ICIC (2) - Aggregate MAC Based Authentication for Secure Data Aggregation in Wireless Sensor Networks
Intelligent Computing Methodologies, 2014Co-Authors: Keyur Parmar, Devesh C. JinwalaAbstract:Wireless sensor networks perform in-network processing to reduce the energy consumption caused by redundant communication. At the same time, its hostile deployment and unreliable communication raise the security concerns. Thus, there is a need to blend security and data Aggregation together to provide secure data Aggregation. Secure data Aggregation becomes challenging if end-to-end privacy is desired. Privacy homomorphism is used to achieve both en Route Aggregation and end-to-end privacy of sensor readings. However, privacy homomorphism is inherently malleable. Using privacy homomorphism, one can modify the ciphertext without decrypting it. Thus, it becomes extremely crucial to ensure authentication along with privacy. Symmetric key based Message Authentication Code (MAC) is an efficient solution to provide authentication. In this paper, we use Aggregate Message Authentication Codes (AMAC) to reduce the transmission cost incurred by MAC. However, conflicting requirements of AMAC and data Aggregation make its usage limited for certain scenarios. In this paper, we present a cluster based scenario where we can apply AMAC to reduce the number of bits transmitted for authentication.
Keyur Parmar - One of the best experts on this subject based on the ideXlab platform.
-
Malleability Resilient Concealed Data Aggregation in Wireless Sensor Networks
Wireless Personal Communications, 2016Co-Authors: Keyur Parmar, Devesh C. JinwalaAbstract:The objective of concealed data Aggregation is to achieve the privacy preservation at intermediate nodes while supporting in-network data Aggregation. The need for privacy preservation at intermediate nodes and the need for data Aggregation at intermediate nodes can be simultaneously realized using privacy homomorphism. Privacy homomorphism processes the encrypted data without decrypting them at intermediate nodes. However, privacy homomorphism is inherently malleable. Although malicious adversaries cannot view transmitted sensor readings, they can manipulate them. Hence, it is a formidable challenge to realize conflicting requirements, such as end-to-end privacy and end-to-end integrity, while performing en Route Aggregation. In this paper, we propose a malleability resilient concealed data Aggregation protocol for protecting the network against active and passive adversaries. In addition, the proposed protocol protects the network against insider and outsider adversaries. The proposed protocol simultaneously realizes the conflicting objectives like privacy at intermediate nodes, end-to-end integrity, replay protection, and en Route Aggregation. As per our knowledge, the proposed solution is the first that achieves end-to-end security and en Route Aggregation of reverse multicast traffic in the presence of insider, as well as outsider adversaries.
-
Concealed data Aggregation in wireless sensor networks
Computer Networks, 2016Co-Authors: Keyur Parmar, Devesh C. JinwalaAbstract:The objectives of concealed data Aggregation are end-to-end privacy preservation and en Route Aggregation of reverse multicast traffic in wireless sensor networks. Privacy homomorphism has been used to realize these objectives together. Although privacy homomorphism helps in achieving conflicting objectives, namely, privacy and data Aggregation, it negatively affects other security objectives such as integrity and freshness. Privacy homomorphism, which protects sensor readings from passive adversaries, makes sensor readings vulnerable against active adversaries whose aim is to modify or to inject malicious data packets in the network. In this article, we present a comprehensive survey of the state-of-the-art concealed data Aggregation protocols in wireless sensor networks. We investigate the need for en Route Aggregation, encrypted data processing, en Route and end-to-end integrity verification, and replay protection. We discuss the challenges and their proposed solutions that achieve the conflicting objectives, such as in-network Aggregation, privacy, integrity, and replay protection, together. We comparatively evaluate the performance of concealed data Aggregation protocols to measure their respective strengths and weaknesses. In addition, we provide a detailed insight into the open research issues in concealed data Aggregation and conclude with possible future research directions.
-
Symmetric-Key Based Homomorphic Primitives for End-to-End Secure Data Aggregation in Wireless Sensor Networks
Journal of Information Security, 2014Co-Authors: Keyur Parmar, Devesh C. JinwalaAbstract:In wireless sensor networks, secure data Aggregation protocols target the two major objectives, namely, security and en Route Aggregation. Although en Route Aggregation of reverse multi-cast traffic improves energy efficiency, it becomes a hindrance to end-to-end security. Concealed data Aggregation protocols aim to preserve the end-to-end privacy of sensor readings while performing en Route Aggregation. However, the use of inherently malleable privacy homomorphism makes these protocols vulnerable to active attackers. In this paper, we propose an integrity and privacy preserving end-to-end secure data Aggregation protocol. We use symmetric key-based homomorphic primitives to provide end-to-end privacy and end-to-end integrity of reverse multicast traffic. As sensor network has a non-replenishable energy supply, the use of symmetric key based homomorphic primitives improves the energy efficiency and increase the sensor network’s lifetime. We comparatively evaluate the performance of the proposed protocol to show its efficacy and efficiency in resource-constrained environments.
-
EUNICE - Malleability Resilient Concealed Data Aggregation
Lecture Notes in Computer Science, 2014Co-Authors: Keyur Parmar, Devesh C. JinwalaAbstract:Concealed data Aggregation protects against passive attackers and ensures privacy of sensor readings at intermediate nodes. However, the use of inherently malleable privacy homomorphism makes it susceptible to active attackers. In addition, it is a well-known fact that encrypted data processing is vulnerable to pollution attacks where a single malicious node can flood the network by fake readings. Hence, there exists a need to authenticate the processed readings. Traditional authentication mechanisms are not viable due to the conflicting requirements like in-network processing and encrypted data processing. The need for en Route Aggregation of sensor readings, the need for encrypted data processing and the need for message authentication both at the base station and at aggregator nodes, make message authentication a formidable challenge. Homomorphic Message Authentication Codes (H-MACs) help to verify the integrity of processed sensor readings. However, the need to verify the integrity of sensor readings both at intermediate node(s) and at the base station cannot be realized simultaneously through the currently available techniques. In this paper, we combine the benefits of privacy homomorphism and H-MACs to provide malleability resilient concealed data Aggregation in the presence of both insider and outsider adversaries. As per our knowledge, our solution is the first to achieve integrity protecting concealed data Aggregation in the presence of both insider and outsider adversaries.
-
ICIC (2) - Aggregate MAC Based Authentication for Secure Data Aggregation in Wireless Sensor Networks
Intelligent Computing Methodologies, 2014Co-Authors: Keyur Parmar, Devesh C. JinwalaAbstract:Wireless sensor networks perform in-network processing to reduce the energy consumption caused by redundant communication. At the same time, its hostile deployment and unreliable communication raise the security concerns. Thus, there is a need to blend security and data Aggregation together to provide secure data Aggregation. Secure data Aggregation becomes challenging if end-to-end privacy is desired. Privacy homomorphism is used to achieve both en Route Aggregation and end-to-end privacy of sensor readings. However, privacy homomorphism is inherently malleable. Using privacy homomorphism, one can modify the ciphertext without decrypting it. Thus, it becomes extremely crucial to ensure authentication along with privacy. Symmetric key based Message Authentication Code (MAC) is an efficient solution to provide authentication. In this paper, we use Aggregate Message Authentication Codes (AMAC) to reduce the transmission cost incurred by MAC. However, conflicting requirements of AMAC and data Aggregation make its usage limited for certain scenarios. In this paper, we present a cluster based scenario where we can apply AMAC to reduce the number of bits transmitted for authentication.
Sang-ha Kim - One of the best experts on this subject based on the ideXlab platform.
-
Distributed IPv6 multihoming support
9th Asia-Pacific Conference on Communications (IEEE Cat. No.03EX732), 1Co-Authors: Da-hye Choi, Ki-il Kim, Hyoung-jun Kim, Sang-ha KimAbstract:The typical motivation for multihoming [Black, B. et al., November 2001] is to improve reliability and performance. However, being multihomed is intrinsically complicated. Specially, the fundamental to IPv6 is based on the concept of firm Route Aggregation, by which that TLA (top level aggregator) would need to announce the aggregate of their space only to other TLA peer [Wegner, J.D. et al., 2000]. Thus, current IPv4 multihoming schemes [Stewart, J. W. III, 1999] that announce the IP address space to all upstream providers violate fundamental principle regarding Aggregation. Due to above reason, it required a fair amount of thoughts and careful configuration to deploy multihoming on IPv6 network. In this paper, we propose a new efficient and deployable multihoming scheme, which is to target for solving the technical and potential problem of multihoming support at site exit Router (RFC 3178) [Hagino, J. L. et al., October 2001]. Moreover, it can also provide the limited load sharing functionality. Such advantages are evaluated specifically through the results of the simulation. For all case, we can see performance of the proposed scheme improved with defined comparison factors.
Da-hye Choi - One of the best experts on this subject based on the ideXlab platform.
-
Distributed IPv6 multihoming support
9th Asia-Pacific Conference on Communications (IEEE Cat. No.03EX732), 1Co-Authors: Da-hye Choi, Ki-il Kim, Hyoung-jun Kim, Sang-ha KimAbstract:The typical motivation for multihoming [Black, B. et al., November 2001] is to improve reliability and performance. However, being multihomed is intrinsically complicated. Specially, the fundamental to IPv6 is based on the concept of firm Route Aggregation, by which that TLA (top level aggregator) would need to announce the aggregate of their space only to other TLA peer [Wegner, J.D. et al., 2000]. Thus, current IPv4 multihoming schemes [Stewart, J. W. III, 1999] that announce the IP address space to all upstream providers violate fundamental principle regarding Aggregation. Due to above reason, it required a fair amount of thoughts and careful configuration to deploy multihoming on IPv6 network. In this paper, we propose a new efficient and deployable multihoming scheme, which is to target for solving the technical and potential problem of multihoming support at site exit Router (RFC 3178) [Hagino, J. L. et al., October 2001]. Moreover, it can also provide the limited load sharing functionality. Such advantages are evaluated specifically through the results of the simulation. For all case, we can see performance of the proposed scheme improved with defined comparison factors.
Ki-il Kim - One of the best experts on this subject based on the ideXlab platform.
-
Novel scheme for efficient and scalable multihoming support in IPv6
The 8th International Conference on Communication Systems 2002. ICCS 2002., 1Co-Authors: Ki-il Kim, C.m. Park, T. Kim, Seunghwan KimAbstract:The typical motivation for multihoming is to improve reliability and performance. However, being multihomed is intrinsically complicated. Specially, the fundamental to IPv6 is the concept of firm Route Aggregation, by which that TLA (top level aggregator) will need to announce the aggregate of their space only to other TLA peers. Due to above reason, it requires a fair of amount of thought and careful configuration to deploy multihoming in IPv6. In this paper, we propose a new efficient and scalable multihoming scheme, which is to target for solving the technical and potential problem of multihoming support at the site exit Router (RFC 2260). Multihoming supporting at the site exit uses tunneling between the border Router of the ISP and the site exit Router during link-failure. However, this tunneling may not be established where there do not exist contracts for traffic between ISPs. So, the key feature of our scheme is to establish a tunneling section directly between the site exit Router at the multihomed site and the border Router of the source site. Though additional functionalities must be included on the border Router under our scheme, the proposed scheme not only has better adaptability but also can perform limited load sharing.
-
Distributed IPv6 multihoming support
9th Asia-Pacific Conference on Communications (IEEE Cat. No.03EX732), 1Co-Authors: Da-hye Choi, Ki-il Kim, Hyoung-jun Kim, Sang-ha KimAbstract:The typical motivation for multihoming [Black, B. et al., November 2001] is to improve reliability and performance. However, being multihomed is intrinsically complicated. Specially, the fundamental to IPv6 is based on the concept of firm Route Aggregation, by which that TLA (top level aggregator) would need to announce the aggregate of their space only to other TLA peer [Wegner, J.D. et al., 2000]. Thus, current IPv4 multihoming schemes [Stewart, J. W. III, 1999] that announce the IP address space to all upstream providers violate fundamental principle regarding Aggregation. Due to above reason, it required a fair amount of thoughts and careful configuration to deploy multihoming on IPv6 network. In this paper, we propose a new efficient and deployable multihoming scheme, which is to target for solving the technical and potential problem of multihoming support at site exit Router (RFC 3178) [Hagino, J. L. et al., October 2001]. Moreover, it can also provide the limited load sharing functionality. Such advantages are evaluated specifically through the results of the simulation. For all case, we can see performance of the proposed scheme improved with defined comparison factors.
