MAC aggregation protocols resilient to DoS attacks

In smart grid, sensor measurements are often sent to a control node over a hop–by–hop network of sensors themselves. To prevent en route accidental and malicious data corruption, each message is authenticated with a MAC, keyed with a symmetric key known to the generating sensor and the control node. MACs represent a significant overhead: a typical 128–bit MAC may often authenticate a 10–bit temperature reading. To mitigate these overheads, MAC aggregation methods were proposed. However, previously proposed MAC aggregation schemes are not resilient to Denial–of–Service (DoS) attacks, where a rogue node or a man–in–the–middle attacker can easily disrupt the entire set of MACs, and hence prevent using any of the transmitted data. In this work we propose a new way of MAC aggregation, which will allow the relay sensors to greatly reduce transmission overhead due to MACs, while achieving full unforgeability, and, simultaneously, much stronger resilience to DoS attacks.

[1]  Jonathan Katz,et al.  Aggregate Message Authentication Codes , 1995 .

[2]  David B. Johnson,et al.  Routing in Ad Hoc Networks of Mobile Hosts , 1994, 1994 First Workshop on Mobile Computing Systems and Applications.

[3]  Ran Canetti,et al.  Efficient authentication and signing of multicast streams over lossy channels , 2000, Proceeding 2000 IEEE Symposium on Security and Privacy. S&P 2000.

[4]  Elizabeth M. Belding-Royer,et al.  A secure routing protocol for ad hoc networks , 2002, 10th IEEE International Conference on Network Protocols, 2002. Proceedings..

[5]  Mihir Bellare,et al.  The Power of Verification Queries in Message Authentication and Authenticated Encryption , 2004, IACR Cryptol. ePrint Arch..

[6]  Hugo Krawczyk,et al.  Keying Hash Functions for Message Authentication , 1996, CRYPTO.

[7]  M. Dohler,et al.  Secure Lossless Aggregation for Smart Grid M2M Networks , 2010, 2010 First IEEE International Conference on Smart Grid Communications.