Affiliation: University of North Carolina at Charlotte
Insecure ``Provably Secure Network Coding'' and Homomorphic Authentication Schemes for Network Coding
Network coding allows the routers to mix the received information before forwarding them to the next nodes. Though this information mixing has been proven to maximize network throughput, it also introduces security challenges such as pollution attacks. A malicious node could insert a malicious packet into the system and this corrupted packet will propagate more quickly than in traditional copy-and-forward networks. Several authors have studied secure network coding from both information theoretic and probabilistic viewpoints. In this paper, we show that there are serious flaws in several of these schemes (the security ``proofs'' for these schemes were presented in these publications). Furthermore, we will propose a secure homomorphic authentication scheme for network coding.
Efficient Identity-Based and Authenticated Key Agreement Protocol
Several identity based and authenticated key agreement protocols have been proposed in recent years and all of them have been shown to be non-secure. It remains an open question to design secure identity based and authenticated key agreement protocols. In this paper, we propose an efficient identity-based and authenticated key agreement protocol IDAK using Weil/Tate pairing. A security model for identity based key agreement protocol is established and the security properties of IDAK are proved in this model with random oracle. In particular, it is shown that the IDAK protocol possesses all characteristics that a secure key agreement should have.
sSCADA: Securing SCADA Infrastructure Communications
Distributed control systems (DCS) and supervisory control and data acquisition (SCADA) systems were developed to reduce labor costs, and to allow system-wide monitoring and remote control from a central location. Control systems are widely used in critical infrastructures such as electric grid, natural gas, water, and wastewater industries. While control systems can be vulnerable to a variety of types of cyber attacks that could have devastating consequences, little research has been done to secure the control systems. This paper presents a suite of security protocols optimized for SCADA/DCS systems which include: point-to-point secure channels, authenticated broadcast channels, authenticated emergency channels, and revised authenticated emergency channels. These protocols are designed to address the specific challenges that SCADA systems have.
Perfectly Secure Message Transmission Revisited
Achieving secure communications in networks has been one of the most important problems in information technology. Dolev, Dwork, Waarts, and Yung have studied secure message transmission in one-way or two-way channels. They only consider the case when all channels are two-way or all channels are one-way. Goldreich, Goldwasser, and Linial, Franklin and Yung, Franklin and Wright, and Wang and Desmedt have studied secure communication and secure computation in multi-recipient (multicast) models. In a ``multicast channel'' (such as Ethernet), one processor can send the same message---simultaneously and privately---to a fixed subset of processors. In this paper, we shall study necessary and sufficient conditions for achieving secure communications against active adversaries in mixed one-way and two-way channels. We also discuss multicast channels and neighbor network channels.