Martin Albrecht
ABSTRACT
We show attacks on several cryptographic schemes that have recently been proposed for achieving various security goals in sensor networks. Roughly speaking, these schemes all use "perturbation polynomials" to add "noise" to polynomialbased systems that offer information-theoretic security, in an attempt to increase the resilience threshold while maintaining efficiency. We show that the heuristic security arguments given for these modified schemes do not hold, and that they can be completely broken once we allow even a slight extension of the parameters beyond those achieved by the underlying information-theoretic schemes.
Our attacks apply to the key predistribution scheme of Zhang et al. (MobiHoc 2007), the access-control schemes of Subramanian et al. (PerCom 2007), and the authentication schemes of Zhang et al. (INFOCOM 2008). Our results cast doubt on the viability of using "perturbation polynomials" for designing secure cryptographic schemes.
- S. Ar, R. Lipton, R. Rubinfeld, and M. Sudan. Reconstructing Algebraic Functions from Mixed Data. phSIAM J. Computing 28(2): 487--510, 1998. Google Scholar
Digital Library
- R. Blom. An Optimal Class of Symmetric Key Generation Systems. Eurocrypt'84. Google ScholarDigital Library
- C. Blundo, A. De Santis, A. Herzberg, S. Kutten, U. Vaccaro, and Moti Yung. Perfectly Secure Key Distribution for Dynamic Conferences. Information and Computation 146(1): 1--23, 1998. Google ScholarDigital Library
- W. A. Stein et al. Sage Mathematics Software (Version 3.3).The Sage Development Team, 2009, http://www.sagemath.org.Google Scholar
- N.V. Subramanian, C. Yang, and W. Zhang. Securing Distributed Data Storage and Retrieval in Sensor Networks. 5th IEEE Intl. Conference on Pervasive Computing and Communications (PerCom), 2007. Google ScholarDigital Library
- W. Zhang, N. Subramanian, and G. Wang. Lightweight and Compromise-Resilient Message Authentication in Sensor Networks. 27th IEEE Conference on Computer Communications(INFOCOM), 2008.Google Scholar
- W. Zhang, M. Tran, S. Zhu, and G. Cao. A Random Perturbation-based Scheme for Pairwise Key Establishment in Sensor Networks. 8th ACM International Symposium on Mobile Ad Hoc Networking and Computing (MobiHoc), 2007. Google ScholarDigital Library
Index Terms
- Attacking cryptographic schemes based on "perturbation polynomials"
Recommendations
A random perturbation-based scheme for pairwise key establishment in sensor networks
MobiHoc '07: Proceedings of the 8th ACM international symposium on Mobile ad hoc networking and computingA prerequisite for secure communications between two sensor nodes is that these nodes exclusively share a pairwise key. Although numerous pairwise key establishment (PKE) schemes have been proposed in recent years, most of them have no guarantee for ...
A constrained random perturbation vector-based pairwise key establishment scheme for wireless sensor networks
MobiHoc '08: Proceedings of the 9th ACM international symposium on Mobile ad hoc networking and computingThis paper presents a Constrained Random Perturbation Vector-based (CRPV) pairwise key establishment scheme and its variant, CRPV+ scheme, for wireless sensor networks (WSNs). Compared to all existing schemes which satisfy only some requirements in a so-...
Security analysis of three cryptographic schemes from other cryptographic schemes
CISC'05: Proceedings of the First SKLOIS conference on Information Security and CryptologyRelations between various cryptographic schemes make it possible to build a new cryptographic scheme from (some components of) other kinds of cryptographic schemes. Recently, three new schemes are proposed by exploiting these relationships: a group ...
Comments