MAC aggregation protocols resilient to DoS attacks

Authors:
Vladimir Kolesnikov;Wonsuck Lee
Affiliations:
Bell Labs, Alcatel-Lucent, 600 Mountain Avenue, Murray Hill, NJ 07974, USA.;Bell Labs, Alcatel-Lucent, 600 Mountain Avenue, Murray Hill, NJ 07974, USA
Venue:
International Journal of Security and Networks
Year:
2012

Citing 8
Cited 2

Ariadne: a secure on-demand routing protocol for ad hoc networks

Proceedings of the 8th annual international conference on Mobile computing and networking
A Secure Routing Protocol for Ad Hoc Networks

ICNP '02 Proceedings of the 10th IEEE International Conference on Network Protocols
Keying Hash Functions for Message Authentication

CRYPTO '96 Proceedings of the 16th Annual International Cryptology Conference on Advances in Cryptology
Efficient Authentication and Signing of Multicast Streams over Lossy Channels

SP '00 Proceedings of the 2000 IEEE Symposium on Security and Privacy
Routing in Ad Hoc Networks of Mobile Hosts

WMCSA '94 Proceedings of the 1994 First Workshop on Mobile Computing Systems and Applications
Aggregate and verifiably encrypted signatures from bilinear maps

EUROCRYPT'03 Proceedings of the 22nd international conference on Theory and applications of cryptographic techniques
Aggregate message authentication codes

CT-RSA'08 Proceedings of the 2008 The Cryptopgraphers' Track at the RSA conference on Topics in cryptology
History-free aggregate message authentication codes

SCN'10 Proceedings of the 7th international conference on Security and cryptography for networks

MAC aggregation with message multiplicity

SCN'12 Proceedings of the 8th international conference on Security and Cryptography for Networks
Secure and robust multipath routings for advanced metering infrastructure

The Journal of Supercomputing

Quantified Score

Hi-index	0.00

Visualization

Abstract

In smart grid, sensor measurements are often sent to a control node over a hop-by-hop network of sensors themselves. To prevent en route accidental and malicious data corruption, each message is authenticated with a MAC, keyed with a symmetric key known to the generating sensor and the control node. MACs represent a significant overhead: a typical 128-bit MAC may often authenticate a 10-bit temperature reading. To mitigate these overheads, MAC aggregation methods were proposed. However, previously proposed MAC aggregation schemes are not resilient to Denial-of-Service (DoS) attacks, where a rogue node or a man-in-the-middle attacker can easily disrupt the entire set of MACs, and hence prevent using any of the transmitted data. In this work we propose a new way of MAC aggregation, which will allow the relay sensors to greatly reduce transmission overhead due to MACs, while achieving full unforgeability, and, simultaneously, much stronger resilience to DoS attacks.