Zhiguo Wan,Kui Ren,Bo Zhu,Bart Preneel,Ming Gu

DOI: https://doi.org/10.1109/tvt.2009.2028892

IF: 6.8

2009-01-01

IEEE Transactions on Vehicular Technology

Abstract:As a combination of ad hoc networks and wireless local area network (WLAN), the wireless mesh network (WMN) provides a low-cost convenient solution to the last-mile network-connectivity problem. As such, existing route protocols designed to provide security and privacy protection for ad hoc networks are no longer applicable in WMNs. On the other hand, little research has focused on privacy-preserving routing for WMNs. In this paper, we propose two solutions for security and privacy protection in WMNs. The first scheme relies on group signatures, together with user credentials, to deliver security and privacy protection. By enforcing access control using user credentials, the user's identity has to be disclosed to mesh routers. To avoid this, our second scheme employs pairwise secrets between any two users to achieve stronger privacy protection. In the second scheme, the user is kept anonymous to mesh routers. Finally, we analyze these two schemes in terms of security, privacy, and performance.

WANG Ji-lin,WU Qian-hong,CHEN De-ren,WANG Yu-min

DOI: https://doi.org/10.3321/j.issn:1000-436x.2005.02.019

2005-01-01

Abstract:The study of anonymous techniques was surveyed, corresponding definitions such as link-ability, anonymity and pseudonymity being differentiated, mechanisms used to realize anonymous communication such as Crowds, onion routing and Mix nets being discussed. New issues in the study of the technology of anonymity measurement, anonymous signature algorithm including ring signature and group signature and how to establish mutual trust in anonymous application was given out in the end.

Kui Ren,Shucheng Yu,Wenjing Lou,Yanchao Zhang

DOI: https://doi.org/10.1109/tpds.2009.59

IF: 5.3

2009-01-01

IEEE Transactions on Parallel and Distributed Systems

Abstract:Recently, multihop wireless mesh networks (WMNs) have attracted increasing attention and deployment as a low-cost approach to provide broadband Internet access at metropolitan scale. Security and privacy issues are of most concern in pushing the success of WMNs for their wide deployment and for supporting service-oriented applications. Despite the necessity, limited security research has been conducted toward privacy preservation in WMNs. This motivates us to develop PEACE, a novel Privacy-Enhanced yet Accountable seCurity framEwork, tailored for WMNs. On one hand, PEACE enforces strict user access control to cope with both free riders and malicious users. On the other hand, PEACE offers sophisticated user privacy protection against both adversaries and various other network entities. PEACE is presented as a suite of authentication and key agreement protocols built upon our proposed short group signature variation. Our analysis shows that PEACE is resilient to a number of security and privacy related attacks. Additional techniques were also discussed to further enhance scheme efficiency.

Yi Ouyang,Zhengyi Le,Yurong Xu,Nikos Triandopoulos,Sheng Zhang,James Ford,Fillia Makedon

DOI: https://doi.org/10.1109/perser.2007.4283904

2007-01-01

Abstract:Sensor networks are often used to monitor sensitive information from the environment or track sensitive objects' movements. Anonymity has become an important problem in sensor networks, and has been widely researched in wireless ad hoc and wired networks. The limited capacity and resources of current sensor networks have brought new challenges to anonymity research. In this paper, two efficient methods are proposed based on using a one-way hash chain to dynamically change the identity of sensor nodes in order to provide anonymity, and their anonymity properties are analyzed and compared.

Daichong Chao,Dawei Xu,Feng Gao,Chuan Zhang,Weiting Zhang,Liehuang Zhu

DOI: https://doi.org/10.1109/comst.2024.3350006

2024-01-01

Abstract:The importance of safeguarding individuals’ privacy rights in online activities is unmistakable in today’s anonymity networks. Since the introduction of Mixnet by Chaum, numerous anonymity networks with different objectives and design principles have emerged, providing a diverse range of applications for privacy-conscious users. However, security issues in anonymity networks have persistently existed and continue to impact their survival and development. Each anonymity network presents distinct security challenges, making it more challenging for researchers to achieve a comprehensive and systematic understanding of their security. The current literature exhibits some unavoidable gaps, including the lack of vulnerability perspectives, a unified understanding of diverse attack types, defense perspectives, and theoretical perspectives. To address these gaps, we investigate prevailing attacks targeting anonymity networks from the viewpoint of network designers and operators. We use Tor, I2P, and Freenet (arguably the three most popular anonymity networks) as case studies. Starting with these attacks, we conduct an in-depth analysis of the vulnerabilities underlying them and explore related defense mechanisms and formal security. Specifically, we classify vulnerabilities into external and internal categories, utilizing the protocol stack of an anonymity network to guide the categorization of internal vulnerabilities. Furthermore, we examine their root causes. In addition to these aspects, we emphasize the importance of formal security in researching the security of anonymity networks by integrating the investigated vulnerabilities, attacks, and defenses. Through this comprehensive, thorough, and unified approach, this paper aims to provide insights into the security of anonymity networks and offer general research findings. Finally, we discuss ongoing challenges and future directions in this specific area.

Rui Chen,Dezhong Peng

DOI: https://doi.org/10.1007/s11277-017-4629-x

IF: 2.017

2017-01-01

Wireless Personal Communications

Abstract:In wireless communication system, a good protocol should satisfy many requirements: user identity authentication, privacy protection, computational efficiency and resist some known attacks. Thus design a highly secure anonymous authentication protocols for wireless networks is a challenging task. Over recent years, many researchers have proposed their own solutions to address this issue. In 2014, Niu et al. analyzed Yoon et al.’s authentication scheme, then put forward a smart card based authentication scheme with anonymity for wireless networks. They claimed their scheme achieves many security requirements and resists some known threats. Nevertheless, after detailed analysis, we prove that the scheme of Niu et al. is prone to some malicious attacks such as replay attacks and DoS attacks. Moreover, the scheme does not work when large amount of mobile users access a foreign agent simultaneously. To overcome these drawbacks, we present a new secure authentication scheme with user anonymity by improving Niu et al.’s scheme. The proposed protocol not only satisfies many security properties, such as strong anonymity, mutual authentication and periodically update session key, but also resists well-known threats. Furthermore, the security and performance analyses indicates that the new scheme is well suitable for wireless communications when it is compared with previous protocols.

Peng Zeng,Zhenfu Cao,Kim-Kwang Raymond Choo,Shengbao Wang

DOI: https://doi.org/10.1109/LCOMM.2009.081821

IF: 3.5529

2009-01-01

IEEE Communications Letters

Abstract:In 2004, Zhu and Ma proposed a new and efficient authentication scheme claiming to provide anonymity for wireless environments. Two years later, Lee et al. revealed several previously unpublished flaws in Zhu-Ma's authentication scheme and proposed a fix. More recently in 2008, Wu et al. pointed out that Lee et al.'s proposed fix fails to preserve anonymity as claimed and then proposed yet another fix to address the problem. In this paper, we use Wu et al.'s scheme as a case study and demonstrate that due to an inherent design flaw in Zhu-Ma's scheme, the latter and its successors are unlikely to provide anonymity. We hope that by identifying this design flaw, similar structural mistakes can be avoided in future designs.

Ping Yi,Tianhao Tong,Ning Liu,Yue Wu,Jianqing Ma

DOI: https://doi.org/10.1109/itng.2009.20

2009-01-01

Abstract:Wireless Mesh Network (WMN) is an emerging technology that has developed a lot these years. WMN has the feather of self-organization, distributed structure. The main topological characteristic of WMN is that there are only one or several node connecting to the infrastructure network as gateway and all other nodes connect to the gateway through the relay of the neighboring nodes, and then connect with the internet. WMN represents a whole new network concept and because of the nature of wireless and multi-hop, the security vulnerabilities have become crucial problems. Therefore, specified security mechanism should be introduced. The research on the key security theories and detection to intrusion of WMN has become of great significance both theoretically and empirically. This article starts from the introduction of the basic organization and characteristics of WMN, presenting major security problems and key security approach gradually to the reader, and concludes with the comparison of several secure routing protocols.

Dapeng Cheng,Jinsong Han,Mo Li,Baijian Yang

DOI: https://doi.org/10.1109/ICCCAS.2006.284966

2006-01-01

Abstract:Privacy and anonymity have become an increasing requirement in today's wireless networks. However, current mobile peer-to-peer architectures have not taken into account anonymity, especially the mutual anonymity between two nodes. In this paper, we propose a secure-information-dispersal-algorithm-based mutual anonymity protocol (SIDAM), for mobile P2P networks. SIDAM achieves mutual anonymity in mobile P2P networks. We simulate SIDAM in a prototyped test-bed and initiate comprehensive attacks on our protocol. The simulation results indicate that SIDAM provides high anonymity with a low cryptography processing overhead

Zhang Liang,Liu Jianwei

DOI: https://doi.org/10.3969/j.issn.2095-1000.2010.02.014

2010-01-01

Abstract:The wireless Mesh network is composed of self-organizing mobile nodes.It is particularly vulnerable due to its features of shared wireless transmission medium and dynamic changing topology.The recent progress of wireless Mesh network security research is introduced in this paper.Firstly,the security weaknesses of wireless Mesh network are analyzed in terms of transmission channel,authentication mechanism,physical protection,dynamic topology and routing protocol.Secondly,the representative solutions are illustrated in terms of authentication,secure routing,intrusion detection and other secure technologies.At the same time,the respective merits and faults of these solutions are indicated and a comprehensive comparison is made.Some problems of the present protocols are clarified and the direction of future research is indicated.

Juan Chen,Hongli Zhang,Binxing Fang,Xiaojiang Du,Lihua Yin,Xiang-Zhan Yu

DOI: https://doi.org/10.1109/GLOCOM.2011.6133560

2011-01-01

Abstract:Anonymous communication is a challenging task in resource constrained wireless sensor networks (WSN). However, anonymity is important for many sensor networks, in which we want to conceal the location and identify of important nodes (such as source nodes and base stations) from attackers. Existing WSN anonymous protocols either cannot achieve complete anonymity, or have large computation and/or storage overheads. In this paper, we present an efficient anonymous communication protocol for sensor networks. Our protocol can achieve sender/source anonymity, communication -relationship anonymity, and the base station anonymity simultaneously, while having small overheads on computation, storage and communication.

Qiong Zhang,Kewang Zhang

DOI: https://doi.org/10.1155/2022/2440313

IF: 1.968

2022-01-01

Security and Communication Networks

Abstract:Location privacy is very important for event-triggered type of Wireless Sensor Networks (WSNs) applications such as tracking and monitoring of wild animals. Most of the security schemes for WSNs are designed to provide protection for content privacy. Contextual privacy such as node identity anonymity has received much less attention. The adversary can fully explore such contextual information to disclose the location of critical components such as source nodes or base station. Most existing schemes provide location privacy at network layer. As no measures are taken to provide node identity anonymity at data link layer, the adversary can launch traffic analysis attacks to jeopardize location privacy. In this paper, a scheme named HASHA is proposed to defend against traffic analysis attacks through hashed one-time addresses. Hashed results of payload are used to create dynamic one-time MAC addresses between the communication pairs. Because of inevitable wireless frame errors, it is impossible for adversaries to track dynamic addresses. Therefore, HASHA can provide strong node identity anonymity, which makes traffic analysis attacks much more difficult and provides better location privacy. Simulations and analysis results show that HASHA can provide better location privacy with limited communication overheads, which is particularly suitable for resource-limited WSNs.

Jianwei Niu,Xiong Li

DOI: https://doi.org/10.1002/sec.601

IF: 1.968

2012-01-01

Security and Communication Networks

Abstract:ABSTRACTUser authentication and privacy protection are important issues for wireless and mobile communication systems such as GSM, 3G, and 4G wireless networks. Recently, Yoon et al. proposed a user‐friendly authentication scheme with anonymity for wireless communications. However, in this paper, we show that user anonymity of their scheme is not achieved under the eavesdropping attack and their scheme is not fair in the key agreement. In order to ensure security authentication and protect user anonymity for wireless communications, we propose a novel user authentication scheme with anonymity based on elliptic curve cryptosystem, which can resist various known types of attacks and is more practical for wireless and mobile communications. Copyright © 2012 John Wiley & Sons, Ltd.

Jian-bin Hu,Hu Xiong,Zhong Chen

2012-01-01

Abstract:Seamless roaming is highly desirable for wireless communications, and security such as authentication and privacy preserving of mobile users is challenging. Recently, Wu et al. and Wei et al. proposed two authentication schemes that guarantee user anonymity in wireless communications, respectively. However, Kang et al. pointed out some security flaws of Wu et al.’s and Wei et al.’s authentication schemes and showed how to overcome the problems regarding anonymity and the forged login messages. In this paper, we will show that Kang et al.’s improved scheme still did not provide user anonymity as they claimed and give a further improvement to fix the problem without losing any features of the original scheme.

Yun He,Min Zhang,Xiaolong Yang,Jingtang Luo,Yiming Chen

DOI: https://doi.org/10.1109/access.2020.2981517

IF: 3.9

2020-01-01

IEEE Access

Abstract:In an untrusted Internet environment, there is a large amount of user privacy information being vulnerable to various attacks, and it is an important security concern for users on how to protect their privacy, and to further provide the anonymity guarantee. Recently, most privacy-sensitive users prefer anonymous communication to protect their private information from eavesdropping by attackers. Each user has different privacy protection demands for anonymous communication. However, anonymous communication methods cannot meet the various anonymity needs of users. Hence, the user on-demand anonymous communication is proposed, which can dynamically adjust the anonymity level according to a user's anonymity needs. However, the defense capabilities against attacks are insufficient in the existing user on-demand anonymous communication. Some malicious users in the network employ anonymous communication to hide their identities and attack the Internet. Moreover, the existing user on-demand anonymous communication is weak against traffic classification attacks based on machine learning. Therefore, this paper investigates its progresses and defects in privacy protection and network security. User on-demand anonymous communication is mainly composed of the user side and the transmission side. We separately investigate privacy protection and network security of user on-demand anonymous communication from the user side and the transmission side. By surveying various identity anonymity of users on the user side and the hierarchical anonymous transmission on the transmission side, we find two kinds of serious attacks in user on-demand anonymous communication, i.e., abuse of anonymous communication and traffic classification attacks based on machine learning. To solve the above security issues, we suggest the balancing mechanism of anonymous communication and behavior tracking which is used to prevent anonymous abuse, and the secure defense mechanism which is u-ed to resist traffic classification attacks. To inspire follow-up research, we identify some open problems and emphasize future trends concerning user on-demand anonymous communication.

computer science, information systems,telecommunications,engineering, electrical & electronic

Ping Yi,Yue Wu,Futai Zou,Ning Liu

DOI: https://doi.org/10.4103/0256-4602.58969

2010-01-01

IETE Technical Review

Abstract:Wireless mesh networks is a new emerging field with its potential applications in extremely unpredictable and dynamic environments. However, it is particularly vulnerable due to its features of open medium, dynamic changing topology, and cooperative routing algorithms. The article surveys the state of the art in security for wireless mesh networks. First, we analyze various possible threats to security in wireless mesh networks. Second, we introduce some representative solutions to these threats, including solutions to the problems of key management, secure network routing, and intrusion detection. We also provide a comparison and discussion of their respective merits and drawbacks, and propose some improvements for these drawbacks. Finally, we also discuss the remaining challenges in the area.

Peng Xiong,Wei Zhang,Fu-ke Shen

DOI: https://doi.org/10.1109/ALPIT.2008.75

2008-01-01

Abstract:Communicating nodes in a wireless and mobile ad hoc network usually seek the help of other intermediate nodes to get communicate channels. In such an open environment, malicious intermediate nodes can be a threat to the security and/or anonymity of the exchanged data between the mobile nodes. The main purposes of this work are to define more strict requirements on the anonymity and security properties of the routing protocol in ad hoc network, and propose a solution of achieving the goal. Our solution includes a mechanism to establish a trusted relation between all neighboring nodes and a secure routing protocol of protecting privacy. The routing protocol based on the mechanism can avoid untrustworthy nodes during his route discovery process and resist the attack of DoS. We present our scheme, and report on its performance using an extensive set of simulation set of experiments using GloMoSim simulator. Our results indicate clearly that protecting privacy can be achieved in mobile ad hoc network.

Haojin Zhu,Xiaodong Lin,Minghui Shi,Pin-Han Ho,Xuemin (Sherman) Shen

DOI: https://doi.org/10.1109/TVT.2008.2007983

IF: 6.8

2009-01-01

IEEE Transactions on Vehicular Technology

Abstract:Wireless metropolitan area sharing networks (WMSNs) are wide-area wireless networks with nodes owned and managed by independent wireless Internet service providers (WISPs). To support seamless roaming in emerging WMSNs, in this paper, we propose a localized and distributed authentication and billing architecture that aims at enabling efficient and privacy-preserving mutual authentication between mobile users (MUs) and WISPs. User anonymity and identity privacy can be protected, even in the presence of collusion between WISPs and a roaming broker (RB), which is considered to be the strongest user privacy protection. An efficient billing architecture is introduced and performed in the same stage of roaming, where U-tokens are defined and can be purchased by MUs from an RB as authentication credentials for the MUs to access the wireless network. The WISPs, thus, can cash the collected U-tokens in the RB for payment. We show that the proposed authentication and billing architecture can support localized inter-WISP authentication through the divisible blind signature scheme and a local witness strategy. A detailed analysis on a number of performance metrics, such as computation time and power consumption, is given to validate the performance of the proposed architectures.

Peng Zhang,Chuang Lin

DOI: https://doi.org/10.1007/978-3-319-31083-1_5

2016-01-01

Abstract:Wireless network coding is a promising technique that can enhance the throughput of wireless networks. However, such a technique also bears a serious security drawback: it breaks the current privacy-preserving protocols (e.g., Onion Routing), since their operations conflict each other. As user privacy in wireless networks is highly valued nowadays, a new privacy-preserving scheme that can function with wireless network coding becomes indispensable. To this end, this chapter presents a novel anonymity scheme named ANOC, which can function in network coding-based wireless mesh networks. ANOC is built upon the classic Onion Routing protocol and resolves its conflict with network coding by introducing efficient cooperation among relay nodes. Using ANOC, we can perform network coding to achieve a higher throughput, while still preserving user privacy in wireless mesh networks. We formally show how ANOC achieves the property of relationship anonymity and conduct extensive experiments via NSclick to demonstrate its feasibility and efficiency when integrated with network coding.

Yao Yu,Zhaolong Ning,Lei Guo

DOI: https://doi.org/10.1007/s11432-015-5467-7

2016-01-01

Science China Information Sciences

Abstract:As an extension of wireless ad hoc and sensor networks, wireless mesh networks(WMNs) are employed as an emerging key solution for wireless broadband connectivity improvement. Due to the lack of physical security guarantees, WMNs are susceptible to various kinds of attack. In this paper, we focus on node social selfish attack, which decreases network performance significantly. Since this type of attack is not obvious to detect, we propose a security routing scheme based on social network and reputation evaluation to solve this attack issue. First, we present a dynamic reputation model to evaluate a node’s routing behavior, from which we can identify selfish attacks and selfish nodes. Furthermore, a social characteristic evaluation model is studied to evaluate the social relationship among nodes. Groups are built based on the similarity of node social status and we can get a secure routing based on these social groups of nodes. In addition, in our scheme, nodes are encouraged to enter into multiple groups and friend nodes are recommended to join into groups to reduce the possibility of isolated nodes. Simulation results demonstrate that our scheme is able to reflect node security status, and routings are chosen and adjusted according to security status timely and accurately so that the safety and reliability of routing are improved.