-
POSTER: Towards Secure 5G Infrastructures for Production Systems
Authors:
Martin Henze,
Maximilian Ortmann,
Thomas Vogt,
Osman Ugus,
Kai Hermann,
Svenja Nohr,
Zeren Lu,
Sotiris Michaelides,
Angela Massonet,
Robert H. Schmitt
Abstract:
To meet the requirements of modern production, industrial communication increasingly shifts from wired fieldbus to wireless 5G communication. Besides tremendous benefits, this shift introduces severe novel risks, ranging from limited reliability over new security vulnerabilities to a lack of accountability. To address these risks, we present approaches to (i) prevent attacks through authentication…
▽ More
To meet the requirements of modern production, industrial communication increasingly shifts from wired fieldbus to wireless 5G communication. Besides tremendous benefits, this shift introduces severe novel risks, ranging from limited reliability over new security vulnerabilities to a lack of accountability. To address these risks, we present approaches to (i) prevent attacks through authentication and redundant communication, (ii) detect anomalies and jamming, and (iii) respond to detected attacks through device exclusion and accountability measures.
△ Less
Submitted 24 January, 2024;
originally announced January 2024.
-
TRAIL: Topology Authentication in RPL
Authors:
Heiner Perrey,
Martin Landsmann,
Osman Ugus,
Thomas C. Schmidt,
Matthias Wählisch
Abstract:
The IPv6 Routing Protocol for Low-Power and Lossy Networks (RPL) was recently introduced as the new routing standard for the Internet of Things. Although RPL defines basic security modes, it remains vulnerable to topological attacks which facilitate blackholing, interception, and resource exhaustion. We are concerned with analyzing the corresponding threats and protecting future RPL deployments…
▽ More
The IPv6 Routing Protocol for Low-Power and Lossy Networks (RPL) was recently introduced as the new routing standard for the Internet of Things. Although RPL defines basic security modes, it remains vulnerable to topological attacks which facilitate blackholing, interception, and resource exhaustion. We are concerned with analyzing the corresponding threats and protecting future RPL deployments from such attacks.
Our contributions are twofold. First, we analyze the state of the art, in particular the protective scheme VeRA and present two new rank order attacks as well as extensions to mitigate them. Second, we derive and evaluate TRAIL, a generic scheme for topology authentication in RPL. TRAIL solely relies on the basic assumptions of RPL that (1) the root node serves as a trust anchor and (2) each node interconnects to the root as part of a hierarchy. Using proper reachability tests, TRAIL scalably and reliably identifies any topological attacker without strong cryptographic efforts.
△ Less
Submitted 15 December, 2015; v1 submitted 3 December, 2013;
originally announced December 2013.
-
Optimized Implementation of Elliptic Curve Based Additive Homomorphic Encryption for Wireless Sensor Networks
Authors:
Osman Ugus,
Dirk Westhoff,
Ralf Laue,
Abdulhadi Shoufan,
Sorin A. Huss
Abstract:
When deploying wireless sensor networks (WSNs) in public environments it may become necessary to secure their data storage and transmission against possible attacks such as node-compromise and eavesdrop**. The nodes feature only small computational and energy resources, thus requiring efficient algorithms. As a solution for this problem the TinyPEDS approach was proposed in [7], which utilizes…
▽ More
When deploying wireless sensor networks (WSNs) in public environments it may become necessary to secure their data storage and transmission against possible attacks such as node-compromise and eavesdrop**. The nodes feature only small computational and energy resources, thus requiring efficient algorithms. As a solution for this problem the TinyPEDS approach was proposed in [7], which utilizes the Elliptic Curve ElGamal (EC-ElGamal) cryptosystem for additive homomorphic encryption allowing concealed data aggregation. This work presents an optimized implementation of EC-ElGamal on a MicaZ mote, which is a typical sensor node platform with 8-bit processor for WSNs. Compared to the best previous result, our implementation is at least 44% faster for fixed-point multiplication. Because most parts of the algorithm are similar to standard Elliptic Curve algorithms, the results may be reused in other realizations on constrained devices as well.
△ Less
Submitted 23 March, 2009;
originally announced March 2009.