Seminar Report
On
Submitted by
II
KJS Educational Institutes
Trinity College of Engineering and Research
CERTIFICATE
This is to certify that Mr. Suyash Choudhary of Trinity College of Engineering and
Pune for Third Year Computer Engineering for the Academic Year 2013 2014
Place : Pune
Date :
Head,
Seminar Guide Department of Computer
Engineering
II
UNIVERSITY OF PUNE
An
Submitted by
Mr. Suyash Choudhary
Sign of Guide:
II
ACKNOWLEDGEMENT
We thank our seminar guide Prof. Suryawanshi for helping us and providing all
necessary information regarding our seminar.
Finally we wish to thank all our teachers and friends for their constructive comments,
suggestions and criticism and all those directly or indirectly helped us in completing this
seminar.
Suyash Choudhary
II
ABSTRACT
COMBINING CRYPTOGRAPHIC PRIMITIVES TO PREVENT JAMMING ATTACKS
IN WIRELESS NETWORKS
The Open Nature of wireless medium leaves an intentional interference attack, typically referred to as
jamming. This intentional interference with wireless transmission launch pad for mounting Denial-Of-
Service attack on wireless networks. Typically, jamming has been addresses under an external threat
model. However, adversaries with internal knowledge of protocol specification and network secrets
can launch low-effort jamming attacks that are difficult to detect and counter. In this work we address
the problem of jamming attacks and adversary is active for short period of time, selectively targeting
the messages of high importance. We show that the selective jamming attacks can be launched by
performing real-time packet classification at the physical layer. To mitigate these attacks, we develop
three schemes that prevent real time packet classification by combining cryptographic primitives with
physical-layer attributes. They are Strong Hiding Commitment Schemes (SHCS), Cryptographic
Puzzles Hiding Schemes (CPHS), and All- Or-Nothing Transformation Hiding Schemes (AONTSHS).
Random key distribution methods are done along with three schemes to give more secured packet
transmission in wireless networks. In this paper, the problem of jamming under an internal threat
model is addressed. Consider a sophisticated adversary who is aware of network secrets and the
implementation details of network protocols at any layer in the network stack. The adversary exploits
his internal knowledge for launching selective jamming attacks in which specific messages of high
importance are targeted. For example, a jammer can target route-request/route-reply messages at the
routing layer to prevent route discovery, or target TCP acknowledgments in a TCP session to severely
degrade the throughput of an end-to end flow. Aim is to show that selective jamming attacks can be
launched by performing real time packet classification at the physical layer. To mitigate these attacks
develop a schemes that prevent real-time packet classification by combining cryptographic primitives
with physical layer attributes. Advantages of proposed system are evaluated the impact of selective
jamming attacks on network protocols such as TCP and routing and show that a selective jammer can
significantly impact performance with very low effort and developed three schemes that transform a
selective jammer to a random one by preventing real-time packet classification. Schemes combine
cryptographic primitives such as commitment schemes, cryptographic puzzles, and all-or-nothing
transformations with physical layer characteristics and analyzed the security of our schemes and
quantified their computational and communication overhead. With these schemes a random key
distribution has been implemented to more secure the packet transmission in the wireless networks.
REFERENCE:
Author(s):NgangbamHerojit Singh and, A.Kayalvizhi, M.Tech. Combining Cryptographic Primitives
to Prevent Jamming Attacks in Wireless Networks IEEE CONFERENCE 2013.
Date of Conference: 21-22 Feb. 2013
II
TABLE OF CONTENTS
2 LITERATURE SURVEY. 13
2.1 Basic Concepts.. 13
2.1.1 Cryptography. 13
2.1.2 Cipher. 14
2.1.3 Packet Classification.. 14
2.1.4 Adversary... 15
2.1.5 Wireless Network... 15
2.1.6 Denial-of-service (DoS). 15
2.1.7 Transmission Control Protocol (TCP) 16
2.1.8 Jamming Attack.. 17
3 CRYPTOGRAPHIC PRMITIVES AND JAMMING ATTACK.. 18
3.1 Cryptographic Primitives... 20
3.1.1 Combining Cryptographic Primitives.. 21
3.1.2 Why Combining Cryptographic Primitives. 21
3.2 Jamming Attacks... 22
3.2.1 Types of Jamming Attacks... 22
3.2.2 Jamming Solution.. 23
3.2.3 Identify Presence of Jammer.... 23
4 ANALYTICAL WORK... 24
II
4.1 Existing System...... 24
4.1.1 Disadvantages of Existing System.. 24
4.2 Proposed System.... 25
4.2.1 Advantages of Proposed System 25
4.3 Modules.......... 26
4.3.1 Modules...... 26
4.3.2 Modules Description.. 26
II
List of Figures
Sr.No. Name of Figure Page No.
2 Cryptography 13
3 Cipher 14
4 Ciphertext 14
6 TCP/IP 17
7 Jamming Attacks 17
8 Cryptographic Primitives 20
9 Jamming 22
11 28
Strong Hiding Commitment Schemes (SHCS)
12 29
Cryptographic Puzzles Hiding Schemes (CPHS)
13 30
All - Or - Nothing Transformation Hiding Schemes (AONTSHS)
14 Architecture 31
15 Example 32
List of Tables:
Sr.No. Name of Table Page No.
1 Hardware Requirement 12
2 Software Requirement 12
CHAPTER 1: INTRODUCTION
II
1.1 Network Security
Network security is the process of protecting information and systems from malicious
intentions. This includes the unauthorized access, use, disclosure, disruption, modification
and destruction of data. Computer systems are designed with securitymechanisms to prevent
such attempts. This can often be achieved through the employment of dedicated technologies
constructed using cryptographic systems. Cryptographic systems are applications and
protocols built from the combination of one ormore cryptographic primitives: the
fundamental building blocks of cryptography.
Before the modern era, cryptography was concerned solely with message confidentiality i.e.
encryption Encryption was used to ensure secrecy in communications, such as those of spies,
military leaders, and diplomats. In recent decades, the field has expanded beyond
confidentiality concerns to include techniques for message integrity checking, sender/receiver
identity authentication, digital signatures, interactive proofs and secure computation, among
others.
The earliest forms of secret writing required little more than writing implements since most
people could not read. More literacy, or literate opponents, required actual cryptography.
II
Steganography (i.e. hiding even the existence of a message so as to keep it confidential) was
also first developed in ancient times. Another Greek method was developed by Polybius (now
called the "Polybius Square").More modern examples of steganography include the use
of invisible ink, microdots, and digital watermarks to conceal information.
Many mechanical encryption/decryption devices were invented early in the 20th century, and
several patented, among them rotor machinesfamously including the Enigma machine used
by the German government and military from the late 1920s and during World War II. The
ciphers implemented by better quality examples of these machine designs brought about a
substantial increase in cryptanalytic difficulty after WWI.
Computers allowed for the encryption of any kind of data representable in any binary format,
unlike classical ciphers which only encrypted written language texts. This was new and
significant. Computer use has thus supplanted linguistic cryptography, both for cipher design
and cryptanalysis. Many computer ciphers can be characterized by their operation
on binary bit sequences (sometimes in groups or blocks), unlike classical and mechanical
schemes, which generally manipulate traditional characters (i.e., letters and digits) directly.
However, computers have also assisted cryptanalysis, which has compensated to some extent
for increased cipher complexity. Nonetheless, good modern ciphers have stayed ahead of
cryptanalysis; it is typically the case that use of a quality cipher is very efficient (i.e., fast and
requiring few resources, such as memory or CPU capability), while breaking it requires an
effort many orders of magnitude larger, and vastly larger than that required for any classical
cipher, making cryptanalysis so inefficient and impractical as to be effectively impossible.
Essentially, prior to the early 20th century, cryptography was chiefly concerned
with linguistic and lexicographic patterns. Since then the emphasis has shifted, and
cryptography now makes extensive use of mathematics, including aspects of information
theory, computational complexity, statistics, abstract algebra, number theory, and finite
mathematics generally.
Cryptography is, also, a branch of engineering, but an unusual one as it deals with active,
intelligent, and malevolent opposition. There is also active research examining the
relationship between cryptographic problems andquantum physics.
II
1.3CRYPTOGRAPHIC SYSTEMS
Cryptographic systems are applications and protocols built from the combination of one
ormore cryptographic primitives: the fundamental building blocks of cryptography.
This paper gives solution on the adversaries which try to corrupt the transmitting packet .As
they have internal knowledge of protocol specification & network secret they can easily
launch low effort jamming attacks that are difficult to detect. The aim is to show that
selective jamming attacks can be launched by performing real time packet classification at
physical layer. To minimize these attacks, three schemes are developed by combining
cryptographic primitives with physical layer attributes.
II
1.6System Requirements
1.6.1 HardwareRequirements:
2 RAM 512 MB
3 MONITOR
4 HARD DISK 20 GB
5 CDDRIVE 52X
****
II
CHAPTER 2: LITERATURE SURVEY
2.1.1Cryptography:
Cryptography is, traditionally, the study of ways to convert information from its normal,
comprehensible form into an unreadable script without special knowledge and it is a practice
of encryption.
Cryptography or cryptology means "hidden, secret writing or study.
It is the practice and study of techniques for secure communication in the presence of third
parties also called as adversaries.
Modern cryptography intersects the disciplines of mathematics, computer science,
and electrical engineering.
Applications of cryptography include ATM cards, computer passwords, and electronic
commerce.
Figure 2 Cryptography
II
2.1.2 Cipher:
A cipher (or cypher) is a pair of algorithms that create the encryption and the reversing
decryption.
Figure 3 Cipher
2.1.4 Adversary:
II
In cryptography, an adversary is a malicious entity whose aim is to prevent the users of
the cryptosystem from achieving their goal (primarily privacy, integrity, and availability of
data).
An adversary's efforts might take the form of attempting to discover secret data, corrupting
some of the data in the system, spoofing the identity of a message sender or receiver, or
forcing system downtime.
II
Figure 5Transmission Control Protocol
II
Figure 6 TCP/IP
Jamming is one of many exploits used compromise the wireless environment. It works by
denying service to authorized users as legitimate traffic is jammed by the overwhelming
frequencies of illegitimate traffic.
****
II
CHAPTER 3:CRYPTOGRAPHIC PRIMITIVES AND
JAMMING ATTACKS
3.1Cryptographic Primitives:
Now-a-days the word cryptography is used to name the research area that has arise from
the ancient secret writing. Secret writing is only one out of many different problems that has
found a solution within cryptography. From the introduction of public-key cryptography,
many seemingly impossible problems could suddenly be solved. The solutions to different
cryptographic problems are referred to as cryptographic primitives. Cryptographic
primitives are well-established, low-level cryptographic algorithms that are frequently used to
build computer security systems. Cryptographic primitives form the fundamental building
blocks for cryptographic applications and protocols.
For example, the primitive symmetric encryption scheme refers to a cipher where the
sender and the receiver share a common secret key, which enables them to communicate
some message in such a way that an enemy cannot get any information about the message
even though he observes the communication, provided that he is not in possession of the
secret key.
The primitive symmetric encryption scheme can then be divided into stream ciphers and
block ciphers, which are two different types of symmetric ciphers. Other types of general
primitives are for example: asymmetric encryption schemes, digital signatures, secret sharing
scheme, etc.
Cryptographic primitives are never isolated occurrences, but are implemented in a larger
system. The cryptographic primitives are used to provide security in the system. The area of
designing secure systems is called Information security (or Data security).The role of
cryptographic primitives in information security can be viewed as the role tools and building
material for a carpenter. In information security, we use different cryptographic primitives to
build a whole system that provides security. Each primitive provides a certain service in the
system. It is worth pointing out that failure in the security of a system is almost always due to
a badly designed system or anerronous use of a primitive, and almost never due to a bad
primitive.
II
There are two different types of primitives:
1. Stream ciphers:
A stream cipher provides a method for obtaining confidentiality of data.
2. Hash functions:
A hash function can be used to obtain integrity and authenticity of data.
A stream cipher provides a method for obtaining confidentiality of data and a hash function
can be used to obtain integrity and authenticity of data.
Cryptographic primitives include, but are not limited to, encryption functions, hash functions,
message authentication codes and digital signatures. Primitives are designed for specific
purposes with the aim of accomplishing a number of security goals. A number of objectives
are listed, the primary goals of concern are:
1. Confidentiality: keeping information secret from all but those who are authorized to see it.
2. Integrity: ensuring information has not been altered by unauthorized or unknown means.
3. Authenticity: corroboration of the identity of an entity; or corroborating the source of
information.
4. Non-Repudiation: preventing the denial of previous commitments or actions.
Primitives can be grouped into classes depending on the security goals they provide or the
setting within which they are placed. The setting in which cryptographic mechanisms operate
often feature transactions between two end points: the sender and receiver. A common
convention for classing primitives is the division in to asymmetric and symmetric primitives.
When creating cryptographic systems, designers use cryptographic primitives as their most
basic building blocks. Because of this, cryptographic primitives are designed to do one very
specific task in a highly reliable fashion. They include encryption schemes, hash
functions and digital signatures schemes. Since cryptographic primitives are used as building
blocks, they must be very reliable, i.e. perform according to their specification.
II
Figure 8 Cryptographic Primitives
II
3.1.2Why Combine Cryptographic Primitives?
Since RF (radio frequency) is essentially an open medium, jamming can be a huge problem
for wireless networks. Jamming is one of many exploits used compromise the wireless
environment. It works by denying service to authorized users as legitimate traffic is jammed
by the overwhelming frequencies of illegitimate traffic. A knowledgeable attacker with the
right tools can easily jam the 2.4 GHz frequency in a way that drops the signal to a level
where the wireless network can no longer function.
The complexity of jamming is the fact that it may not be caused intentionally, as other forms
of wireless technology are relying on the 2.4 GHz frequency as well. Some widely used
consumer products include cordless phones, Bluetooth-enabled devices and baby monitors,
all capable of disrupting the signal of a wireless network and faltering traffic.
The issue of jamming mostly relates to older wireless local area networks as they are not fully
equipped to make the adaptation to numerous types of interference. These networks typically
call for an administrator to manually adjust each access point through trial and error. To avoid
this daunting task, the best practice is to invest into a newer WLAN system. These
environments offer real-time RF management features capable of identifying and adapting to
unintentional interference.
II
Figure 9Jamming
II
If an attacker truly wanted to compromise your LAN and wireless security, the most effective
approach would be to send random unauthenticated packets to every wireless station in the
network. This exploit can be easily achieved by purchasing hardware off the shelf from an
electronics retailer and downloading free software from the internet. In some cases, it is
simply impossible to defend against jamming as an experienced attacker may have the ability
to flood all available network frequencies.
If the major concern relates to malicious jamming, an intrusion prevention and detection
system may be your best option. At the bare minimum, this type of system should be able to
detect the presence of an RPA (Rogue Access Point) or any authorized client device in your
wireless network. More advanced systems can prevent unauthorized clients from accessing
the system, alter configurations to maintain network performance in the presence of an attack,
blacklist certain threats and pinpoint the physical location of a rogue device to enable faster
containment. It doesn't what type of interference you're experiencing; the network must have
the ability to detect it, react and quickly make adjustments.
****
II
4.1 Existing System
Jamming attacks are much harder to counter and more security problems. They have been
shown to actualize severe Denial-of-Service (DoS) attacks against wireless networks. In the
simplest form of jamming, the adversary interferes with the reception of messages by
transmitting a continuous jamming signal, or several short jamming pulses jamming attacks
have been considered under an external threat model, in which the jammer is not part of the
network. Under this model, jamming strategies include the continuous or random
transmission of high power interference signals. Conventional anti-jamming techniques
extensively on spread-spectrum communications or some form of jamming evasion (e.g. slow
frequency hopping or spatial retreats).SS techniques provide bit-level protection by spreading
bits according to a secret pseudo noise (PN) code, Known only to the communicating parties.
These methods can only protect wireless transmissions under the external threat model.
Potential disclosure of secrets due to node compromise neutralizes the gains of SS. Broadcast
communications are particularly vulnerable under an internal threat model because all
intended receivers must be aware of the secrets used to protect transmissions. Hence, the
compromise of a single receiver is sufficient to reveal relevant cryptographic information.
Under this model, jamming strategies include the continuous or random transmission of high
power interference signals. However adopting an always-on strategy has several
disadvantages.
1. First, the adversary has to expend a significant amount of energy to jam frequency
bands of interest.
2. Second, the continuous presence of unusually high interference levels makes this type
of attacks easy to detect.
In this paper, we address the problem of jamming under an internal threat model. We consider
a sophisticated adversary who is aware of network secrets and the implementation details of
network protocols at any layer in the network stack. The adversary exploits his internal
II
knowledge for launching selective jamming attacks in which specific messages of high
importance are targeted. For example, a jammer can target route-request/route-reply
messages at the routing layer to prevent route discovery, or target TCP acknowledgments in a
TCP session to severely degrade the throughput of an end-to-end flow
4.3 MODULES
4.3.1 Modules:
Network module
Real Time Packet Classification
Selective Jamming Module
A Strong Hiding Commitment Scheme
II
Cryptographic Puzzle Hiding Scheme
Hiding based on All-Or-Nothing Transformations
MD5 Algorithm
Network Module:
1. We address the problem of preventing the jamming node from classifyingm in real
time, thus mitigating Js ability to perform selectivejamming.
2. The network consists of a collection of nodes connected via wireless links.
3. Nodes may communicate directly if they are within communication range, or
indirectly via multiple hops.
4. Nodes communicate both in unicast mode and broadcast mode.
5. Communications can be either unencrypted or encrypted.
6. For encrypted broadcast communications, symmetric keys are shared among all
intended receivers.
7. These keys are established using preshared pairwise keys or asymmetric
cryptography.
4. Moreover, even if the encryption key of a hiding scheme were to remain secret, the
static portions of a transmitted packet could potentially lead to packet classification.
II
5. This is because for computationally-efficient encryption methods such as block
encryption, the encryption of a prefix plaintext with the same key yields a static
cipher text prefix.
6. Hence, an adversary who is aware of the underlying protocol specifics (structure of
the frame) can use the static cipher text portions of a transmitted packet to classify it.
II
Figure 11Strong Hiding Commitment Scheme (Shcs)
II
Figure 12 Cryptographic puzzles based hiding scheme
MD5 Algorithm:
1. When a password is encrypted by a hash algorithm the resultant is called hashed
password.
II
2. This type of transmission is always a subject of interception by the hackers.
3. These hashed passwords are passed through the Internet as a data packet.
4. TCP header is a most common part of the data packet. In a TCP header there are six
reserved bits which remains always unused.
5. In this paper we propose a new approach to enhance the security of hashed passwords
by using the six reserved bits of a TCP header.
6. Here we encrypt the hashed password by a random key using simple mathematical
function.
7. The information needed to decrypt the encrypted hashed password is carried by the
six bits of TCP header.
II
Architecture:
II
Web service req/rec
Application
Figure 14Architecture
****
5.1 Objective
To show that selective jamming attacks can be launched by performing real time packet
classification at the physical layer. To mitigate these attacks develop a schemes that prevent
real-time packet classification by combining cryptographic primitives with physical layer
attributes.
5.2 Problem
Consider the scenario depicted in Figure below. Nodes A and B communicate via a wireless
link. Within the communication range of both A and B,there is a jamming node J. When A
transmits apacket m to B, node J classifies m by receivingonly the first few bytes o f m. J
then corrupts m beyond recovery by interfering with itsreception at B. We address the
problem ofpreventing the jamming node from classifying m in real time, thus mitigating Js
ability to performselective jamming.
Figure 15 Example
****
II
CHAPTER 6: DISCUSSION
DoS attacks are a growing threat to availability due to the advancement in information
technology and its application to electronic commerce. In recent years, several Internet e-
commerce sites were disabled due to a type of DoS attacks. Some of the victims were eBay,
Yahoo, Amazon and Microsofts name server.The outcome of this research mainly be used to
counteract DoS attacks.
6.1 Outcome
The outcome of this thesis is to reduce these attacks, by developing three schemes that
prevent real time packet classification by combining cryptographic primitives with physical-
layer attributes. They are
1. Strong Hiding Commitment Schemes (SHCS)
2. Cryptographic Puzzles Hiding Schemes (CPHS)
3. All- Or-Nothing Transformation Hiding Schemes (AONTSHS)
Random key distribution methods are done along with three schemes to give more secured
packet transmission in wireless networks.
II
3. The disciplines of public-key infrastructure, software security, computer security,
network security, and tamper-resistant hardware design are very poorly
understood.
4. Half knowledge is dangerous in case of cryptography hence if one does not
perform
****
II
CHAPTER 7: CONCLUSION
****
II
Chapter 8: BIBLIOGRAPHY
A. Research Papers
B. Books
C. Website
[11] http://en.wikipedia.org/wiki/Cryptographicprimitive#Combiningcryptographicprimitives
[12] www.ijrcct.org
[13]http://jwcn.eurasipjournals.com/content/2013/1/208
II
[14] http://www.eit.lth.se/fileadmin/eit/courses/edi051/lecture_notes/LN2.pdf
II