Anonymity and security in delay tolerant networks

IEEE Access

Today's society has a fundamental need for security and anonymity. Well suited, real-life scenarios such as whistleblower reports, intelligence service operations, and the ability to communicate within oppressive governments, call for such fundamental needs. The contribution and focus of this paper is the study of anonymous communications in the context of Delay Tolerant Networks (DTNs). Current literature achieves anonymity via mechanisms that are built around the onion routing paradigm which, unfortunately, is vulnerable to malicious nodes. Instead, our work introduces a novel message forwarding algorithm that delivers messages, from source to destination, via a random walk process. As such, our protocol does not list the intermediate nodes along the route's path and, therefore, enhances significantly the anonymity of the underlying communications. We propose two different approaches for encrypting the exchanged messages. The first one is based solely on public key cryptosystems and is, thus, suitable for short, SMS-style messaging. The second one is a hybrid solution that combines both public and symmetric key cryptography and is targeted towards large multimedia messages, such as images or video. Through extensive simulation experiments, we show that our proposed anonymous routing protocol achieves high message delivery rates, while using modest computational resources on the mobile devices.

IEEE Transactions on Mobile Computing, 2017

Delay tolerant network (DTN) routing provides a communication primitive in intermittently disconnected networks, such as battlefield communications and human-contact networks. In these applications, the anonymity preserving mechanism, which hides the identities of communicating parties, plays an important role as a defense against cyber and physical attacks. While anonymous routing protocols for DTNs have been proposed in the past, to the best of our knowledge, there is no work that emphasizes the theoretical aspects. In this paper, we first design an abstract of anonymous routing protocols for DTNs and augment the existing solution with multi-copy message forwarding. Then, we construct simplified mathematical models, which can be used to understand the fundamental performance and security guarantees of onion-based anonymous routing in DTNs. The numerical and simulation results using randomly generated contact graphs and the real traces demonstrate that our models provide very close approximations to the performance of the anonymous DTN routing protocol.

2011

In this paper, we attempt to develop a secure delaytolerant network system that enables citizens to communicate freely in an environment where public communication methods, such as mobile networks and the Internet, are intercepted and used by the authorities to monitor civilian activities. The proposed system is composed of several disconnected zones in which data marshals between private key generators and normal nodes in different zones through mobile gateway nodes that carry messages between the different zones.

Proceedings of the 1st international MobiSys workshop on Mobile opportunistic networking - MobiOpp '07, 2007

Traditional approaches for communication security do not work well in disruption-and delay-tolerant networks (DTNs). Recently, the use of identity-based cryptography (IBC) has been proposed as one way to help solve some of the DTN security issues. We analyze the applicability of IBC in this context and conclude that for authentication and integrity, IBC has no significant advantage over traditional cryptography, but it can indeed enable better ways of providing confidentiality. Additionally, we show a way of bootstrapping the needed security associations for IBC use from an existing authentication infrastructure.

2009 33rd Annual IEEE …, 2009

2012

Despite the fast pace at which technology is spreading and communication networks are growing, some environments remain a challenge for communication service providers. In areas characterized by intermittent connectivity, long propagation delays, and high interference, connectionoriented communication protocols do not provide the optimal solution. These limitations increased the interest in developing delay-tolerant networks that can provide the basic means of communication without a strict demand for connectivity, network capacity, or regular mobility patterns of communicating nodes. A possible application of delay-tolerant networks is communication in the presence of oppressive governments. In this paper, we attempt to develop a secure delay-tolerant network system that enables citizens to communicate freely in an environment where public communication methods, such as mobile networks and the Internet, are intercepted and used by the authorities to monitor civilian activities. The proposed system is composed of several disconnected zones in which data marshals between Private Key Generators and normal nodes in different zones through mobile gateway nodes that carry messages between those zones. We simulate the system using GrooveNet, and describe the effects of different parameters on overall performance and security.

Indonesian Journal of Electrical Engineering and Computer Science

Cloud computing gives customers instant access to a network of remote servers, networks, and data centres. Cloud computing makes data analysis helpful to society and individuals. Sharing data with many people causes efficiency, integrity, and privacy issues. Ring signatures may enable secure and anonymous data transfer. It anonymizes data verification for cloud-based analytics. Identity-based (ID) ring signatures are becoming popular alternatives to public key infrastructure (PKI)-based public-key encryption. PKI bottlenecks are certificate verification time and cost. ID-based ring signatures speed up certificate verification. We observed that encrypting ID-based ring signatures with a variation of SHA-384 and adding forward security considerably improves their security. Padding divides the input text into 512-byte blocks and adds the length as a 48-bit value to the hash in newer SHA versions. Signatures made before a user's secret key was compromised are legitimate. If a user&#...

2018

Delay Tolerant networking is a field that lies under the wireless networks that is characterized by intermittent connectivity and frequent disruptions. In this paper, an approach is presented where the DTN nodes can be deployed as spy nodes in highly sensitive border areas. These nodes would act as data acquisition nodes, would acquire data from the surroundings, and transfer it to the respective commanding officer or the monitoring authority. Therefore, they work as spy in border regions, capable of sensing even minute movements of the enemies and alarming the soldiers well in time.

—Data sharing has never been easier with the advances of cloud computing, and an accurate analysis on the shared data provides an array of benefits to both the society and individuals. Data sharing with a large number of participants must take into account several issues, including efficiency, data integrity and privacy of data owner. Ring signature is a promising candidate to construct an anonymous and authentic data sharing system. It allows a data owner to anonymously authenticate his data which can be put into the cloud for storage or analysis purpose. Yet the costly certificate verification in the traditional public key infrastructure (PKI) setting becomes a bottleneck for this solution to be scalable. Identity-based (ID-based) ring signature, which eliminates the process of certificate verification, can be used instead. In this paper, we further enhance the security of ID-based ring signature by providing forward security: If a secret key of any user has been compromised, all previous generated signatures that include this user still remain valid. This property is especially important to any large scale data sharing system, as it is impossible to ask all data owners to re-authenticate their data even if a secret key of one single user has been compromised. We provide a concrete and efficient instantiation of our scheme, prove its security and provide an implementation to show its practicality.

Future Internet

Since their appearance at the dawn of the second millennium, Delay or Disruption Tolerant Networks (DTNs) have gradually evolved, spurring the development of a variety of methods and protocols for making them more secure and resilient. In this context, perhaps, the most challenging problem to deal with is that of cryptographic key management. To the best of our knowledge, the work at hand is the first to survey the relevant literature and classify the various so far proposed key management approaches in such a restricted and harsh environment. Towards this goal, we have grouped the surveyed key management methods into three major categories depending on whether the particular method copes with (a) security initialization, (b) key establishment, and (c) key revocation. We have attempted to provide a concise but fairly complete evaluation of the proposed up-to-date methods in a generalized way with the aim of offering a central reference point for future research.