Research On Technologies Of Secure Data Transmission And Authentication In Wireless Networks

With the development of wireless technologies,Wireless Sensor Networks(WSNs),Vehicular Ad Hoc Networks(VANETs),and Mobile Networks have recently attracted extensive attentions.However,for the open wireless channel,wireless networks are susceptible to attacks,such as eavesdropping,message modification and identity impersonation.Therefore,it is essential to solve security problems in wireless networks.Due to the varying topology of wireless networks and wireless devices constrained by battery,storage and computation capability,traditional security schemes cannot be directly deployed over wireless networks.Thus,researchers now put efforts on designing secure,lightweight,and scalable mechanisms in the field of wireless networks.In this dissertation,we mainly work on the problem of secure routing,broadcast authentication,and location verification in wireless networks.First,to address a wide range of attacks in wireless sensor networks,we design secure geographic routings to ensure that data packets can be fast and reliably transmitted to destination nodes or sinks in the networks.Second,for safetyrelated applications based on one-hop beacon messages in vehicular ad hoc networks,we design efficient and scalable broadcast authentication schemes to ensure messages are sent by legitimate vehicles and not altered during transmission.Finally,for mobile applications to provide locationbased services,we propose a protocol for secure verification of users' mobility traces,which is the first work to provide a secure protocol for continuous location proofs.We have given our solutions to security problems in wireless networks,and wish our research will provide security protection to target a wider range of applications of wireless networks.The main contributions of this dissertation are:1.An efficient and secure geographic routing protocol is proposed,based on the assumption that nodes are loosely time synchronized in the WSNs.To resist a wide variety of attacks in wireless sensor networks scenarios,e.g.,Sybil attacks,wormhole attacks,and blackhole attacks,an Efficient and Secure Geographic Routing protocol named ESGR is proposed to exploit the geographic location,cryptography mechanisms,and broadcast nature of the wireless channel.ESGR utilizes the geographic leashes and the TESLA scheme to provide resistance against Sybil attacks and wormhole attacks.Meanwhile,we design a distributed trust model,and use it in packet opportunistic forwarding to mitigate packet dropping due to blackhole attacks.Simulation results indicate that the packet delivery rate(PDR)of ESGR can maintain more than 85% in hostile wireless sensor networks.2.A secure and scalable geographic opportunistic routing with received signal strength is proposed.To address more types of attacks,we propose a Secure and Scalable Geographic Opportunistic Routing with received signal strength named SGOR.In SGOR,a distributed location verification algorithm is presented to utilize the received signal strength to address location-related attacks.Moreover,an ambient-sensitive trust model is designed and then used in opportunistic geographic forwarding to defend against other kinds of attacks.The theoretical results are given to demonstrate the effectiveness and robustness of SGOR to survive more severe attacks.Simulation results show that SGOR achieves about two times higher PDR than other routing protocols,and is scalable with acceptable overhead.3.A novel authentication mechanism is proposed to resist computation-based Denial of Service(Do S)attacks.In VANETs,to secure periodic beacon messages for safety-related applications,Elliptic Curve Digital Signature Algorithm(ECDSA)is used as the fundamental security approach.However,it is vulnerable to computation-based Do S attacks.We propose a novel authentication mechanism called VSPT,which combines the advantages of both ECDSA and Prediction-based TESLA.On the one hand,although ECDSA is computationally expensive,we use it to provide authentication and non-repudiation.On the other hand,by exploiting the sender's ability to predict its own future beacons,we design Predictionbased TESLA to enable fast and efficient verification.Simulation results indicate that VSPT outperforms either ECDSA or TESLA not only in lossless situations but also in lossy environments.4.A broadcast authentication scheme for vehicle-to-vehicle communication is designed.In VANETs,it becomes a challenging problem to design a broadcast authentication scheme for secure vehicle-to-vehicle communications.We design an efficient broadcast authentication scheme called PBA,to not only defend against computation-based Do S attacks,but also resist packet losses caused by high mobility of vehicles.In contrast to most existing authentication schemes,our PBA is an efficient and lightweight scheme since it is primarily built on symmetric cryptography.In addition,to prevent memory-based Do S attacks,PBA only stores shortened re-keyed Message Authentication Codes(MACs)of signatures without decreasing security.We prove PBA is secure.Simulation results demonstrate that PBA fast verifies almost 99% messages with low storage cost not only in high-density traffic environments but also in lossy wireless environments.5.A secure protocol for verification of users' mobility traces is designed.Many location-based services require a mobile user to continuously prove his location.In absence of a secure mechanism,malicious users may lie about their locations to get these services.We propose a Continuous Location Integrity and Provenance protocol called CLIP.CLIP uses low-power accelerometer sensor with a light-weight entropy-based commitment mechanism and is able to authenticate the user's mobility trace without any trusted hardware.Meanwhile,CLIP maintains users' location privacy.Wireless Access Points(APs)or co-located mobile devices are used to generate the location proofs.We also propose a light-weight spatial-temporal trust model to detect fake location proofs from collusion attacks.The implementation results demonstrate that CLIP is low-cost of both computational and storage resources.Simulation results show that the spatial-temporal trust model can achieve high(> 0.9)detection accuracy against collusion attacks.