The Information Security Assurance Markup Language - Computer…

6,806 views

Published on

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
6,806
On SlideShare
0
From Embeds
0
Number of Embeds
5
Actions
Shares
0
Downloads
13
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

The Information Security Assurance Markup Language - Computer…

  1. 1. Extracts of the Minutes of Fifth ExecCom (2006-’07) held on 31st March, 2007 at Delhi (Venue : Guru Gobind Singh Indraprastha University, Delhi) Eleven ExecCom Members, nine President informed the ExecCom take it forwardSpecial Invitees and one from the that DSIR, Delhi has recently granted New CSI Student Branches :Secretariate attended the meeting. recognition to CSI as a scientific and ExecCom approved formation Mr. Lalit K Sawhney, President, research organisation for the 3 year of the CSI Student Branches at thecalled the meeting to order. He period 2006 to 2009 based on which following institutions:welcomed Prof. K K Aggarwal, the CSI will seek to get approval of Director i) AISSMS College of Engineering,incoming President, and his newly General of Income-Tax (Exemptions), Puneelected team, and all others present, Kolkata to avail of income-tax exemption ii) Anil Neerukonda Inst. of Tech. &to the fifth meeting of the ExecCom as in the past. Sciences, Vishakapatnamfor the year 2006-07. He thanked Education Directorate Budget iii) G H Raisoni College of Engineering,all the outgoing members of the Update: Mr S Sudharssanam, Advisor, NagpurExecCom and others concerned for their CSI Education Directorate, apprised iv) K S R College of Engineering,active cooperation and assistance in members the actual performance and Coimbatorecollectively carrying out the objectives achievements of the CSI Education v) Valliammai Engg. College, Chennaiof the Society during his tenure as Directorate vis-à-vis the budget for the ExecCom also ratified formation ofPresident. period 1st April 2006 to 28th March the CSI Student Branch at IIM, Indore The items on the agenda were 2007 and mentioned that there was with less than 75 student membersthereafter taken up for consideration. significant improvement compared to approved by OBs earlier. President briefly gave some the same period of last year.highlights of the efforts made during Membership status and new International Activities:the year in different areas, especially in membership: Mr Satish Babu, Hon IFIP : CSI bid to host Worldimproving the infrastructure, focussed Secretary and Chairman, Membership Computer Congress-2010: Ms Prasoona,to enhance the visibility and image Committee, informed that the new Manager, Conf. Mgmt. Services gaveof a resurgent CSI. He mentioned software for membership database is in a presentation on CSI’s bid to IFIP tothat the situation has significantly place and the problems faced earlier host the World Computer Congress-changed in the country during the have been overcome to quite an extent. 2010 in India and mentioned that alast few years and the Society need Further improvements are expected two-member Site Inspection Committeebe fully geared to face the present and barring unforeseen problems. He gave of IFIP will be coming on a two-dayemerging challenges and expectations the figures of membership as on 22nd visit to India during 3rd week of Mayof the membership and that he was March 2007, which indicated that the 2007 to see the sites offered by CSI andquite confident that Prof K K Aggarwal total membership including students other infrastructure available. The finaland his new team will accept the have increased at the end of 31st outcome of CSI’s bid will be knownresponsibilities with greater vigour. March, 2006. only after the committee completes its President referred to the minutes Mr. Satish Babu also read out the visits to all the bidding countries andof the last meeting of the ExecCom membership status of those chapters IFIP takes a final decision.held on 8th January, 2007 at Hyderabad whose membership had fallen below 75 SEARCC : President apprisedand invited comments if any from when the ExecCom decided that: the ExecCom efforts made by CSI tomembers. There being no comments Ujjain Chapter should be revoked. continue SEARCC in the back drop offrom any member ExecCom approved Hosur Chapter should be attached suggestions made by some SEARCCand confirmed the minutes and took to Bangalore Chapter and efforts made members like Australia and Newthem on record. to reactivate the Chapter. Progress Zealand to dissolve the organisation. As CSI-2007 update : Prof Swarnalatha should be reviewed after a year. a result of our efforts the whole focusRao gave a power point presentation MOU with Institution of Engineers has now turned to continue SEARCCon the CSI-2007 Annual National (IEI) : Members were informed of the and conduct its activities. A finalConvention proposed to be held at MOU signed with IEI the gist of which decision on these issues will be taken atBangalore. was read out by Mr Bipin Mehta and the next SEARCC Annual Convention HQ Budget Update: Mr. Satish explained to them. scheduled in Bangkok in August 2007.Doshi, Hon Treasurer, apprised members MOU with Microsoft : Mr. Bipin Status of AIC : President mentionedthe actual income and expenditure Mehta gave a gist of the MOU and that as proposed by CSI it has beenfigures of various items for the period explained the benefits arising out of decided to dissolve AIC and disburse its1st April 2006 to 28th February 2007 the MOU to CSI, especially to the CSI funds to its members who will continuevis-à-vis the budget and mentioned Student Members. with SEARCC as both AIC and SEARCCthat though there were some items ExecCom decided that Director are having similar objectives.of concern, overall there has been (Education), the Chairman, Division- CSI Education Directorate :considerable improvement in the V (Education & Research) and theperformance and achievement compared National Student Co-ordinator will be Status of CSI’s Chennai Buildingto the same period of last year. responsible for acting on the MOU and Mr S Sudharssanam informed that (Contd. on pg.60)
  2. 2.    Executive Committee 2007-08/09President Vice-President C o n t e n t s Vol. 31 August 2007 No. 5Prof. K K Aggarwal Mr. S Mahalingampresident@csi-india.org vp@csi-india.orgHon. Secretary Hon. Treasurer Special Theme Issue : Information SecurityMr. Satish Babu Mr. Ajit Kumar Sahoo Information Security – Transcending Technology…...................................................... 4secretary@csi-india.org treasurer@csi-india.org Dr. Rama K SubramaniamImmd. Past President Establishing Secured HMAC Protocol toMr. Lalit Sawhney Enhance Broadcast Authentication in Wireless Sensor Networks ................................. 6lalit.sawhney@gmail.com Mr. B Paramasivan, Dr. S RadhaKrishnan & Ms. S AthilakshmiRegional Vice-Presidents Cryptography-based Secure Authentication Watermarking for Binary Images . ............. 13Mr. M P Goel (Region I) Mr. M Venkatesan, Mrs. P MeenakshiDevi, Dr. K.Duraiswamy & Dr. K Thyagarajahrvp1@csi-india.org Teganography – Art of Hiding Information. ............................................................... 16 .Mr. Rabindra Nath Lahiri (Region II)rvp2@csi-india.org Kuldeep SinghProf. S G Shah (Region III) Information Security Issues in Wireless Networks .................................................... 18rvp3@csi-india.org Kaleem A. Usmani & Dr. Nupur PrakashDr. Himansu K Mohanty (Region IV) Towards More Effective Virus Detectors................................................................... 21rvp4@csi-india.org Raghunathan Srinivasan & Partha DasguptaMs. Sudha Raju (Region V)rvp5@csi-india.org Captcha – A Case for Accessible Design of Information Security Systems. .................. 24 .Mr. Milind Kshirsagar (Region VI) Sambhavi Chandrashekar & Harish Kumar Kotianrvp6@csi-india.org Information Security Auditing................................................................................. 29 .Dr. S Arumugam (Region VII) R Anusooya, S A V Satya Murty, S Athinarayanan, P Swaminathanrvp7@csi-india.org Information Assurance Markup Language – IAML. .................................................... 34 .Ms. Lynette Saldanha (Region VIII) Vicente Aceituno Canalrvp8@csi-india.org Information Security- Normalized Risk Assessment and treatment methodology. ......... 36 .Division Chairpersons S Velmourougan & Dr. S MuttanProf. Swarnalatha Rao Division-I (Hardware) Implementing Information Security Policies – the people perspective.......................... 40div1@csi-india.org P PrasannavadananMr. H R Mohan Division-II (Software) Information and Network Security Aspects in e-Governance Framework...................... 42div2@csi-india.org Dr. Durgesh Pant & M K SharmaMr. Deepak Shikarpur Division-III (Sc. Appln.) Managed Security Services – A Perspective............................................................ 47div3@csi-india.org M P BadrinathDr. C R Chakravarthy Division-IV Incident handling and Management........................................................................ 50div4@csi-india.org (Communications) Brian HonanProf. H R Vishwakarma Division-V Cyber Crime : A Criminological and Victimological Paradigm...................................... 56 .div5@csi-india.org (Edu. & Research) Dr. R Thilagaraj & Dr. S LathaNominations CommitteeDr. R K Datta Chairman DEPARTMENTSrkdatta_in@yahoo.comMr. H S Sonawala Member Community Talk...................................................................................................... 2hss@hinditron.com President’s Desk. ................................................................................................... 3 .Mr. Suresh Chandra Bhatia Memberdrscbhatia@sify.comChairman Publications Committee CSI TOPICSMr. S Srinivasan, ss@srasys.co.in Extracts of the Minutes of Fifth ExecCom (2006-’07). .................................. 2nd Cover .Dr. T V Gopal - Chief Editor, gopal@annauniv.edu Revised Schedule for Young Talent Search .............................................................. 41Adviser, Education DirectorateMr S Sudharssanam, diredu@csi-india.org CSI Calendar 2007............................................................................................... 55Executive Secretary Extracts of the Minutes of First ExecCom (2007-’08). ............................................. 60 .Ms. Priyalata Pal, csi@bom2.vsnl.net.in CSI Chapter News. ............................................................................................... 63 .Published byMs. Priyalata PalFor Computer Society of India C S I   C o m m u n ic a t i o n s • AU G U S T   2 0 0 7
  3. 3. Community Talk What is information?Community  Talk This is one of the big questions computer scientists are asking. The researchers worldwide are studying several fundamental aspects of information such as its analysis and dynamics, semantics, intelligence, nature and values. Representing, transmitting and receiving information are proving to be relatively simpler problems. Philosophy of Information is a new specialization that is examining the notion of information in its entirety. The disappearance of network boundaries is adding a new dimension to the way the information economy evolves. The socio-cultural aspects of information are becoming crucial in the global village. The strange facet of security is that everything appears secure until there is a breach. Information Security is thus a very intriguing theme. Information security is simply defined as the process of protecting data from unauthorized access, use, disclosure, destruction, modification, or disruption. It is obviously connected to Computer Security and Network Security. Accessibility, Affordability and Assurance form the three major pillars of the process providing Information Security. The accessibility of information factors issues related to authentication, confidentiality and integrity. Risk management is an integral part of the Information Security process. The ISO-17799:2005 Code of practice for information security management recommends the following be examined during a risk assesment: security policy, organization of information security, asset management, human resources security, physical and environmental security, communications and operations management, access control, information systems acquisition, development and maintenance, information security incident management, business continuity management, and regulatory compliance. Almost all businesses keep sensitive information in their files on their computers. A sound information security plan is built on five key principles: • Take Stock: Know what information is stored in the files of your computers • Scale Down : Categorize the information based on its importance • Lock it : Protect the important information • Pitch it : Dispose information that is not needed • Plan Ahead: Anticipate information security breaches and prevent them from occuring It is of little wonder therefore that the field of information security has grown and evolved significantly in recent years. It has become a career choice with many ways of gaining entry into the field. Universities all over the world are offering specialised programmes in this area. National and International standards are evolving. However, it is always useful to have an appropriate Information Security Oversight process defined to take care of incorrect classification of information. The Information Security Breaches Survey 2006, managed by Pricewaterhouse Coopers on behalf of the UK Department of Trade and Industry (DTI) reveals that 62% of UK companies had a security incident during the year 2006. Three fifths of these companies do not have a security policy. The scenario is not likely to be different in other countries. In India, it may be worse. There are many independent consultants and professional bodies that are extending help and advice to individuals and businesses. Information Security Forum [http://www. securityforum.org/html/frameset.htm] is one of the worlds leading independent forums on information security. Dr. Rama K Subramanian is one of the leading professionals in this area. I wish to place on record my sincere thanks to him for devoting quality time to compile the content for the theme section. Gopal T V Chief Editor gopal@annauniv.edu C S I   C o m m u n ic a t i o n s • AU G U S T   2 0 0 7
  4. 4.     From the President’s Desk From the President’s Desk From : aggarwal_krishan@hotmail.com Subject : President’s Desk Date : 1st August, 2007Dear Members,Through this issue of CSI Communications, I would like to compliment one and all IT enthusiasts who are associated with ComputerSociety of India which is a premier body of IT Professionals. Their dedicated efforts towards the fulfillment of CSI Vision: IT for Massesis very appreciable. As you are aware, the promotion of Information Technology as a profession is our top priority, our efforts towardsthis objective for conducting and organizing conventions, conferences, lectures, talks/tutorials, training programmes and workshops andvarious competitions etc. for the benefit of young IT Professionals, academicians and student members of CSI, must be reinforced fromtime to time.There is an urgent need to create a robust and continuous pipeline of talent for the IT Sector. There is also a need for transformation ofa trainable workforce into an employable workforce for this growing sector. Taking into consideration the recent and rapid technologicaladvances and innovative applications of the Internet, the ICT has impacted our daily life. As per the forecast (from NASSCOM, Wikipediaand other courses), sales of wireless multimedia enabled devices including personal computers, home networking gears, is expected togrow from 2.5 million units in 2006 to 5.2 million units by the year 2010. The Indian IT BPO Sector may also clock $60 billion in exportrevenue and $13-15 billion in domestic revenue by 2010. Consequently a large trained workforce of IT Professionals is required to meetthe IT Industry challenges in India. CSI has a very vital role to play to meet this challenge.Over the period of several decades, CSI has grown to a formidable society, spreading its activities all over India with 65 chapters andnumber of student branches in all leading engineering colleges, besides an increasing organizational membership base. Our five divisionsi.e. Hardware, Software, Applications, Communications, and Education Research in association with CSI chapters, student branchesand number of Special Information Groups (SIGs) and in collaboration with other engineering institutions / organizations and societies arecoordinating various technical activities. Some of the Divisions, Regions, Chapters and the students branches are doing extremely well inorganizing the national as well as regional level conventions, seminars, workshops and competitions with the active participation of largenumber of young IT professionals and student members. I am happily tracking the activities planned by various student branches, CSIchapters, CSI divisions in various regions and the SIGs.However, there is more felt need for collaborative and team activities involving several stake holders concurrently. More workshops maybe planned, designed and organized by other Divisions / Regions for the benefit of IT professionals, practitioners and student memberspreferably conducted jointly in associations with other engineering societies / institutions. This will definitely help in understanding thecurrent and urgent need of the IT professionals, academicians and IT / ITES industry to enable them to address some of the importantproblems related to Software Engineering, Hardware Engineering, Database, Enterprise System and Networking, Internet and WebTechnologies, IT Security, VLSI design / embedded and real time systems etc.For the forthcoming National Regional level conventions / conferences / workshops / seminars / technical talks on various themes whichhave already been planned and tutorials at the level of CSI student branches on various technical topics, I would suggest that ‘DivisionalChairpersons, Regional Vice Presidents, Chapter Chairmen and Student Coordinators to interact with Directors / Principals of variousengineering colleges and senior representatives from the IT industry in the respective Region for the active and whole hearted support andparticipation of the members in these events. This will ensure participation of senior IT professionals / practitioners, computer scienceengineers, young IT professionals from industry, Govt institutions, academicians and student members of CSI as well as members of localsocieties / institutions to the full capacity.CSI Divisions / Regions, chapters and student branches, which have yet to plan the activities in their respective region, may accord toppriority to this aspect. I feel some of the technical events on various themes already organized by other Divisions / Regions, Chapters andStudent branches of CSI can even be repeated and organized by other chapters / student branches of CSI, depending upon the present andfuture needs of IT industry. By organizing such activities regularly and ensuring maximum active participation / audience in all the events,we can translate the vision of CSI : “IT for Masses” to Reality.Though, a lot has been discussed / debated and presented in the past National / Regional level conferences / seminars / conventions /workshops on the e-governance and IT security / Cyber security we may repeat these topics at other locations for the benefit of otherIT professionals / members of CSI, who could not make it to attend and participate in the lectures / discussion by the experts on thesubjects.With warm regards,Prof. K K Aggarwal C S I   C o m m u n ic a t i o n s • AU G U S T   2 0 0 7
  5. 5.     Guest EditorialInformation Security –Transcending Technology…Dr. Rama K Subramaniam personally think not.Chief Executive Officer, Valiant Technologies Security today is a combinationrama@valiant-technologies.com of a number of attributes– products, processes, technology, people and attitudes. When famous bot-herds like 0x-80 say that they do not feel bad about When I was honored with the shared their perceptions of information attacking people who have no rightprivilege of being the Guest Editor security in this issue. to be on the Internet when they dontof this issue devoted to information Early 2000. I came back to India know how to put in basic defenses, wesecurity, I set for myself one simple armed with a CISSP credential after are talking of attitudes. A large numberobjective. It was to make the contents writing my examination in Washington of security surveys including the oneof this issue demonstrative of the fact DC. My friends in the profession asked by FBI/CSI now in its eleventh year ofthat information security is not just me why I wasted time and money publication talk of security infractionstechnology; that it is a combination on something that was management due to a variety of reasons; these clearlyof a number of factors including, and not technology and volunteered show us that security transcendsof course, technology. The various their genuine advice that I should not technology.contributors to this issue have more have traveled to the US but should The authors who have graciouslythan made me feel that the objective is have spent time on understanding contributed papers for publication inwell met. Thank you, all contributors security technology by learning to this issue have brought out the factto this issue, for bringing out a strong configure firewalls and AV systems. that you cannot secure an informationmessage that information security is Many then believed that security was system unless you take a holistic viewmulti-dimensional and has multiple uni-dimensional and it was all about of the need and the process coveringperspectives. technology. what has come to be broadly referred Almost ten years ago, a consular Even today, a very small percentage to as security. Papers by Paramasivanofficial of a EU nation was interviewing in the profession insists on seeing et al and by Venkatesan et al bring outme to determine whether or not to give the non-existent difference between the hard technological dimensionsme a visa to visit his country and started technology and management when it of security. Both these papers haveby asking the customary ice breaker comes to information security. These recommended harnessing the power– What do you do? I told him that I was people are certain that you cannot of security technology to address somean information security professional. manage security unless you know the key issues that is attracting the attentionUnable to hide his amusement, he syntax for, let us say, configuring a given of many researchers and practitionershowever demonstrated his knowledge of router in a particular way. I often get in this area. Papers by Kuldeep Singh,the subject and asked “Oh! You are the amused when I meet people, who insist Usmani and Prakash, and by Srinivasanguys who do firewalls?” I responded that security is directly proportional to and Dasgupta provide an excellentrather hastily that firewalls were one the amount of investment in security insight into some of the oft-discussedof the things that we looked at. It products placed on different points areas in the realm of informationlooked very inappropriate to me to be in their information network. They security. The contents of these paperstold that security is all about a security also ask me to recommend candidates clearly present the threat that surroundsproduct even though it was almost who are strong technically and not to our data and points to directions fora decade ago when products clearly worry about sending them people who relief.dominated the scene. That intrigued know more of the management part of Chandrasekar and Kotian, whohim and he wanted to know what security! When I ask them what does have provided an eye-opener to many“exactly” I was doing beyond firewalls. the management part of security mean, of us who have hardly considered theThat was a time when anything to do most dont know how to articulate, security implications when informationwith information security had to be being victims of pedagogues who technology is to be used by personstechnology driven and security was no themselves perhaps did not know how with visual impairment, bring out aexception to that. Have we gone beyond to see beyond technology; especially unique and new dimension to securitythat? Let us see as we go along and read when it came to security. of information systems. Anusooyathe contributions of experts who have Does such a dichotomy exist? I et al provide an insight into the process C S I   C o m m u n ic a t i o n s • AU G U S T   2 0 0 7
  6. 6.    of auditing information security while concerns and benefits of outsourcing place and the security cycle extendsVicente presents IAML as an alternative security processes; a hotly debated to collection of digital evidence andto conventional control framework topic today. Well; our best efforts carrying out of a digital forensicassessment process. These two papers, have failed and a security infraction investigation on any attempt to violatealong with a paper on risk assessment has occurred. What is the response? security. The need to make multi-by Velmourougan and Muttan complete Honan has presented a detailed step- perspective studies on cyber crime anthe E and C segments of the ECA by-step guide to what needs to be done integral part of information security[Evaluation-Certification-Accreditation] when an incident has occurred and the study is a strong plea that I would likeprocess. Prasannavadanan who has paper by Thilagaraj and Latha examine to make. I also want to use this forum toclearly argued for the people dimension security infraction from a refreshingly point to the absence of a comprehensivein information security policies presents different angle – criminological and and verifiable national level surveynon-technology factors comprised in victimological. on information security infractionsthe A of the ECA process. The ECA Most of us in the security business in India; something on the lines ofprocess has supported successful today are convinced that the cycle of annual surveys carried out in the UK,implementation of many e-commerce security operations and management the US, Australia and Scandinavianmodels and the need to focus on trust does not end with an assurance report countries. If the contents of this themewhile accrediting a system, especially that a good ISMS is in place; it is issue will motivate one or more peoplewhen it involves e-governance, is adequately supported by best of breed to structure a study to determinearticulated by Pant and Sharma technology, well trained staff and the nature and extent of information Should we get into this complex validated processes. Despite the best security infractions in the country, thisthing called security or do we outsource combination of people, process and theme issue would have done a yeomenit? Badrinath has addressed the technology, cyber infractions do take service to the information security segment of the IT industry.About the Guest Editor Dr. Rama Subramaniam is Chief Executive Officer of Valiant Technologies Pvt Ltd, an information security and cyber forensics consulting and educational services company. He holds a Masters Degree in Information Technology Management from University of Lincoln, UK and a doctorate in Cyber Crime Management from the University of Madras, India. He also has the FCA, CISSP CISA, CISM, , CSQP CEH, CHFI, Security+ and MCSE credentials. He was former Global Chair of Education and Awareness Expert Group of GAISP , a US based initiative and is currently Global Chair of Accreditation process of OISSG, UK. He is Indias country representative to TC-11 of International Federation of Information Processing. He is Chairman of ISCCRF, a not-for-profit trust devoted to research in the areas of information security and cyber crimes and Vice Chairman of Indian Society of Criminology. “I believe in our free Society, as you seek rights and privileges in that Society, then we have to know who you are. We’re going to need to establish the identity of who you are as an individual. And then, for the greater good of Society, be able to determine whether or not you should be extended that right or privilege.” – Derek Smith, ChoicePoint CEO C S I   C o m m u n ic a t i o n s • AU G U S T   2 0 0 7
  7. 7.    Establishing Secured HMAC without any infrastructure support [1]. These features lead to many attractive applications like military and civilianProtocol to Enhance Broadcast operations. But these deployment natures are more prone to malicious attacks. So, security issues becomeAuthentication in Wireless one of the major concerns. Broadcast authentication enables a sender to broadcast critical data and/or commandsSensor Networks to sensor nodes in an authenticated way such that an attacker is unable to forge any message from the sender. However, due to the resource constraints on sensor nodes, traditional broadcastMr. B Paramasivan, M.E1, Dr. S RadhaKrishnan2, authentication techniques such asMs. S Athilakshmi, M.E 3 public key based digital signatures are not desirable. Through compromised nodes, an adversary may launch security attacks against the sensor1, 3 Dept of CSE, National Engineering College, Kovilpatti, Tamilnadu. network ranging from the physical1 Email id: bparamasivan@yahoo.co.in, 3risath_02@yahoo.co.in layer to the application layer. Due to the2 Dept of CSE, Arulmigu Kalasalingam College of Engineering, Srivilliputhur vast variety and novelty of attacks, weEmail: radhakrishnan@akce.ac.in believe no single solution can address all the attacks. In our previous work With the progression of computer networks extending boundaries [13] we developed an H-MAC protocol and joining distant locations, wireless sensor networks (WSN) to address the security vulnerabilities of emerge as the new frontier in developing opportunities to collect a denial of sleep attack against leading and process data from remote locations. Due to this deployment energy-efficient Medium Access Control (MAC) protocols, which uses the Hash- nature of Wireless Sensor Networks are more vulnerable to based cluster Head selection scheme malicious attacks. The Security offered by the current software rather than using a passive method and hardware implementations of MAC protocols are insufficient of determining the next gateway by to protect a WSN from a Denial of Service attack and against calculating an election contention broadcast messages. Our current work focuses on enhancing backoff period based upon a nodes security in broadcast messages using broadcast authentication as available resources. Though it has been well makes use of hash-based scheme for cluster head selection. proven in terms of resilience towards A revocation tree based scheme and a proactive distribution denial of sleep attack, an issue like based scheme, are used to revoke the broadcast authentication broadcast authentication is not properly addressed. We proposed a scheme capability from compromised senders. Simulation results prove Secured HMAC based on mTESLA that that these techniques are efficient and achieve better Information overcomes the difficulties arises in security in Wireless Sensor Networks. Broadcast Authentication. Our scheme has two parts (i) a Index terms – Broadcast Authentication, Denial of Service, MAC, revocation tree based scheme and (ii) Revocation Tree. a proactive distribution scheme. The former constructs a Merkle hash tree to revoke compromised senders, while the latter proactively controls the1. Introduction distribution of broadcast authentication A Wireless Sensor Networks (WSN) sensed data and communicates with capability of each sender to allow thetypically consists of a large number of base stations as well as other nodes revocation of compromised senders.resource constrained sensor nodes and through its immediate neighbor nodes. Simulation results indicate that thepossibly a few powerful control nodes The control nodes may further process proposed techniques are efficient(base stations). A sensor node usually the data collected from sensor nodes, and practical, and can achieve betterhas one or few sensing components, disseminate control commands to sensor security.which sense physical phenomenon nodes, and connect the network to a The remainder of this paper is(e.g., temperature) from its immediate traditional wired network. Sensor nodes organized as follows. In Section 2surroundings, and a processing and are expected to be deployed densely in we discuss related works. In Sectioncommunication component, which a large scale and communicate with 3 we introduce the techniques forperforms simple computation on the each other through wireless links the establishment of broadcast C S I   C o m m u n ic a t i o n s • AU G U S T   2 0 0 7
  8. 8.    authentication and for revocation ofcompromised nodes. In Section 4 weperform implementation and evaluationwith leading sensor networks MACprotocols. In Section 5 we make ourconclusions and future work.2. Related Work Confidentiality protects againstthe improper disclosure of information;data integrity protects the informationagainst improper modifications; andservice availability prevents denial ofsystem services. Perrig et al. proposedto use an earlier key chain to distributethe next key chain commitment [3].Several multi-level mTESLA schemes Fig. 1 : Example of a parameter distribution treewere proposed in [3, 4] to distribute thekey chain commitments. However, these attacks that target at disrupting parameters {S1, ...,Sm} .Figure 1 showstechniques suffer from DOS attacks the distribution of initial mTESLA a parameter distribution tree for eightduring the commitment distribution. parameters to the gateway node in the mTESLA instances, where K1 = H(S1),A number of key pre-distribution HMAC protocol to the functioning K12 = H(K1|| K2), K14 = H(K12||techniques have been proposed to of broadcast authentication. And the K34), etc.establish pair-wise keys in sensor gateway node is itself responsible to The gateway node also constructs anetworks [5, 6, 7, 8, 9]. Wood and distribute parameters to its cluster parameter certificate for each mTESLAStankovic identified a number of DOS nodes. In this section, we propose instance. The certificate for the mTESLAattacks in sensor networks [10]. Karlof to authenticate and distribute these instance consists of the set Si ofand Wagner analyzed the vulnerabilities mTESLA parameters using a Merkle parameters and the values correspondingas well as the countermeasures for a hash tree [12]. This method removes to the siblings of the nodes on the pathnumber of existing routing protocols the authentication delay as well as the from the i-th leaf node to the root in[11]. Hu et al. use Merkle tree to vulnerability to Denial of Service attacks the parameter distribution tree. Forauthenticate multiple key chains for during the distribution of mTESLA example, the parameter certificate forauthentication in routing protocols parameters because the packets are only the 3rd mTESLA instance in Figure[12]. sent to gateway node of HMAC. 1 is ParaCert3 = {S3, K4, K12, K58}. Assume a sensor network For each sender that will use a given3. Proposed Work mTESLA instance, the gateway node application requires m mTESLA In this section, we develop a series instances, which may be used by distributes the mTESLA key chain andof techniques to revoke broadcast different senders during different the corresponding parameter certificateauthentication capabilities from periods of time. For convenience, to the node.compromised senders. The proposed assume m = 2k, where k is an integer. The gateway node also pre-technique uses the mTESLA broadcast Before deployment, the gateway node distributes the root of the parameterauthentication protocol [2] as building pre-computes m mTESLA instances, distribution tree e.g., K18 in Figureblocks with the clocks of the sensor each of which is assigned a unique, 1) to regular sensor nodes, whichnodes loosely synchronized. integer-valued ID between 1 and m. are potentially receivers of broadcast3.1 The Basic Approach For the sake of presentation, denote messages. When a sender needs to The multi-level mTESLA technique the parameters (i.e., the key chain establish an authenticated broadcastuses higher-level mTESLA instances to commitment, starting time, duration channel using the i-th mTESLA instanceauthenticate the parameters and thus of each mTESLA interval, etc.) of the (during a predetermined period of time),inherits the authentication delay. The i-th mTESLA instance as Si. Suppose it broadcasts a message containing theconsequence of such authentication the central server has a hash function parameter certificate ParaCerti. Eachdelay is that an attacker can launch H. The central server then computes receiver can immediately authenticateDenial of Service attacks to disrupt Ki = H(Si) for all i ? {1, ...,m}, and it with the predistributed root ofthe distribution of initial mTESLA constructs a Merkle tree using {K1, the parameter distribution tree. Forparameters. Moreover, they cannot ...,Km} as leaf nodes. Specifically, K1, example, if ParaCert3 = {S3, K4, K12,handle a large number of senders and ..., Km are arranged as leaf nodes of K58} is used, a receiver can immediatelydue to the low bandwidth in sensor a full binary tree, and each non-leaf authenticate it by verifying whethernetworks, the number of data packets node is computed by applying H to H(H(K12||H(H(S3)|| K4))|| K58)buffered during d time intervals is the concatenation of its two children equals the pre-distributed root valueusually small. Thus, in this paper, we nodes. We refer to such a Merkle tree K18. As a result, all the receivers canonly focus on the Denial of Service as a parameter distribution tree of get the authenticated parameters of this C S I   C o m m u n ic a t i o n s • AU G U S T   2 0 0 7
  9. 9.    mTESLA instance, and the sender mayuse it for broadcast authentication.3.2 Security According to the analysis anattacker is not able to forge any messagefrom any sender without compromisingthe sender itself. However, the attackermay launch Denial of Service attacksagainst the distribution of parametersfor mTESLA instances. Fortunately, theparameter certificates in our techniquecan be authenticated immediately Fig. 2 : Example of Fragmentationand are immune to the Denial ofservice attacks. When more senders are the DOS attacks if each parameter This process will continue untilcompromised, additional techniques are certificate is delivered in one packet, the sensor node receives all authenticrequired to remove these compromised since a receiver can authenticate fragments. For example, in Figuresenders. such a certificate immediately upon 1, ParaCert3 consists of 4 values, receiving it. However, due to the low {K58,K12,K4,S3}. Assume each3.3 Overhead bandwidth and small packet size in fragment can carry 3 hash values and In this approach, each sensor sensor networks, a certificate may be S3 consists of 1 key chain commitment.node (as a receiver) only needs to store too large to be transmitted in a single Using the above technique, the firstone hash value, and remember the packet. As a result, it is often necessary packet includes { K58, K12, K34}, andparameters for those senders that it may to fragment each certificate and deliver the second packet includes K4,S3. If acommunicate with. This is particularly it in multiple packets. A straightforward sensor node receives the first fragment,helpful for those applications where approach is to simply split those values it can authenticate the fragment bya node only needs to communicate in a certificate into multiple packets. verifying whether H(H(K12| K34)| K58)with a few senders or there are only a However, this simple idea suffers from equals the pre-distributed root value.few senders staying in the network at Denial of Service attacks, where an Once the first fragment is authenticatedone time. Each sender needs to store attacker sends a large number of forged successfully, the second fragment can bea parameter certificate, the key chain, certificates and forces a sensor node to authenticated by verifying if H(H(S3)|and other parameters (e.g., starting perform a lot of computations to identify K4) equals the hash value K34, which istime) for each instance it has. To the right one from those fragments. To contained in the first fragment.establish an authenticated broadcast deal with this problem, we fragmentchannel with nodes using an instance 3.6 Revocation a parameter certificate in such a wayj, a sender only needs to broadcast the In hostile environments, not only that a sensor node can authenticatecorresponding pre-distributed parameter sensor nodes but also broadcast senders each fragment independently instead ofcertificate, which consists of +logm+ may be captured and compromised trying every combination.hash values and the parameter set Sj . by adversaries. Once a sender is Assume a parameter certificateThis is practical, since such distribution compromised, the attacker can forge then consists of L values {h1, h2, …,only needs to be done once for each any broadcast message using the hL}, and each packet can carry b values.instance. After receiving this parameter secrets stored on this sender and As shown in Figure 2, in the first stepcertificate, a sensor node only needs convince other sensor nodes to perform of fragmentation, we put the first b-11++logm+ hash functions to verify the unnecessary or malicious operations. values in the first packet, the secondrelated parameters. Thus, it is necessary to revoke the b-1 values in the second packet, and so broadcast authentication capability3.4 Comparison on, until there are no more values left. If from compromised senders. We use In our Secured HMAC scheme, the last packet only includes one value, a revocation tree to take back theunlike multi-level mTESLA schemes, we move it to the previous packet and broadcast authentication capabilitya sender does not have to compete remove the last packet. The previous from compromised senders, and awith malicious attackers, since it can packet then becomes the last packet, proactive refreshment to control theimmediately authenticate the parameter containing b values. In the second step, broadcast authentication capability ofdistribution message instead of keeping we append in every packet other than each sender.it in the buffer for future authentication. the last one the sibling (in the parameterIn other words, with the proposed distribution tree) of the last value in this (i) Revocation Tree :approach, it is sufficient for a receiver packet. By doing this, the first fragment When a sender is detected to haveto receive one copy of each parameter can be authenticated immediately once been compromised, the central serverdistribution message. the sensor node receives an authentic broadcasts a revocation message with fragment. After authenticating the first the IDs of the sender. This message3.5 Distributing Parameter Certificates fragment, the second fragment can be has to be authenticated; otherwise, an As we mentioned earlier, the also authenticated immediately using attacker may forge such messages toproposed technique is resistant to the values in the first fragment. C S I   C o m m u n ic a t i o n s • AU G U S T   2 0 0 7
  10. 10.    revoke non-compromised senders. The a non-compromised sender will not be they will be revoked from the networkmain idea of this method is to construct revoked. This is because the revocation after a certain period of time. Thea Merkle tree[12] similar to parameter of a sender requires a revocation authentication keys for each sender cana distribution tree, which is called a certificate, which is only known to the be distributed in a proactive way, sincerevocation tree, since its purpose is central server. we can predetermine the time when ato revoke broadcast authentication An attacker cannot forge any key will be used. Specifically, duringcapabilities from compromised senders. revocation certificate without access the pre-distribution phase, the gatewayThe revocation tree is built from sender to the random numbers kept in the node in HMAC protocol distributes theIDs and random numbers. If the sender leaves of the revocation tree, due to parameter certificates to each sender.ID j and the corresponding random one-way function used to generate the Before the current mTESLAnumber is disclosed in an authenticated revocation tree [6]. In this approach, instance expires, the gateway nodeway, sender j is revoked. each sensor node needs to store an in HMAC distributes the key used Assume there are potentially m additional hash value, the root of the to derive the next mTESLA keysenders. For simplicity, we assume revocation tree. To revoke a sender, the chain to the sender through a keym = 2k for an integer k. The central central server distributes a revocation distribution message encrypted withserver generates a random number r certificate, which consists of 1++logm+ a key shared between the gatewayj for each sender with ID j, where 1 values. To authenticate the revocation node and the sender, provided that= j = m. The central server then certificate, a sensor node needs to the sender has not been detected toconstructs a Merkle tree where the j- perform 1++logm+ hash functions. have been compromised. The senderth leaf node is the concatenation of ID The revocation tree approach has may then generate the next mTESLAj and r j. We refer to this Merkle tree several limitations. First, due to the key chain accordingly. To increase theas the revocation tree. The central unreliable wireless communication and probability of successful distributionserver finally distributes the root possible malicious attacks (e.g., channel of authentication keys in presence ofof the revocation tree to all sensor jamming); the revocation messages communication failures, the gatewaynodes. We assume the central server are not guaranteed to reach every node may send each key distributionis physically secure. Protection of sensor node. As a result, an attacker message multiple times.the central server is an important but can convince those sensor nodes that As mentioned earlier, the revocationseparate issue; we do not address it in missed the revocation messages to do of a compromised sender is guaranteedthis paper. When a sender j is detected unnecessary or malicious operations (with certain delay) in the proactiveto have been compromised, the central using the revoked mTESLA instances. refreshment approach when it isserver broadcasts the ID j and the Second, each sensor node needs to detected to have been compromised.random number r j . To authenticate store a revocation list, which introduces However, the broadcast authenticationthese values, the central server has to additional storage overhead, especially capability of a sender is not guaranteedbroadcast the sibling of each node on when a large number of senders are if there are message losses. A senderthe path from “ j|| r j” (i.e., the leaf revoked. Note that the above approach may miss all key distribution messagesnode for j in the revocation tree) to the can also be used to tell sensor nodes that carry new authentication keys dueroot. This is exactly the same as the that the corresponding sender has to unreliable wireless communicationparameter certificate technique used to stopped broadcast so that they can erase and malicious attacks. Thus, a senderauthenticate mTESLA parameters. its parameters to save memory space for may have no keys to authenticate new To distinguish from parameter other senders. data packets. Moreover, there may be acertificate, we refer to the above set (ii) Proactive Refreshment of long delay between the detection andof values as a revocation certificate, Authentication Keys the revocation of a compromised sender,denoted RevoCert j. With RevoCert j, To deal with the limitations of and the compromised sender may stillany sensor node can recompute the root the revocation tree approach, we have keys that can be used to forgehash value, and verify it by checking present an alternative method to revoke broadcast messages.if it leads to the predistributed root the authentication capability from In the proactive refreshmentvalue. If a sensor node gets a positive compromised senders. The basic idea is approach, instead of storing nj mTESLAresult from this verification, it puts the to distribute a fraction of authentication instances, a sender j only needs tocorresponding sender into a revocation keys to each sender and have the store a few of them. Thus, the storagelist, and stops accepting broadcast gateway node to update the keys for overhead is reduced. However, themessages from the sender. To deal each sender when it is necessary. communication overhead betweenwith message loss, the distribution A clear benefit is that if a sender the gateway node and the senders isof a revocation certificate may be is compromised, the gateway node increased, since the central serverrepeated multiple times. The revocation only needs to stop distributing new has to distribute keys to each sendertree approach cannot guarantee authentication keys to this sender; there individually. There are no additionalthe revocation of all compromised is no need to broadcast a revocation communication and computationsenders in presence of communication message and maintain a revocation overheads for sensor nodes.failures, though traditional fault list at each sensor node. In addition, In practice, these two optionstolerant techniques can provide high this approach guarantees that once may be combined together to provideconfidence. However, it guarantees that compromised senders are detected, better performance and security. The C S I   C o m m u n ic a t i o n s • AU G U S T   2 0 0 7
  11. 11.    revocation certificates from the gateway 4. Simulation and Evaluation key disclosure delay is 2 mTESLAnode can mitigate the problem of We have simulated the proposed time intervals, the zduration of eachthe delay between the detection and techniques on Network Simulator mTESLA time interval is 100 ms, andthe revocation of a compromised 2, to evaluate the performance. Our each mTESLA key chain consists ofsender, while the proactive refreshment evaluation is focused on the broadcast 600 keys. Thus, the duration of eachtechnique guarantees the future of data packets and the distribution mTESLA instance is 60 seconds, withrevocation of a compromised sender if of mTESLA parameters. We adopt 200 mTESLA instances, which cover upthe compromise is detected. a setting similar to [5] the mTESLA to 200 minutes in time. Fig. 3(a) : Successive Authentication Rate Fig. 3(b) : Rate of distribution of packets per minute Fig. 4(a) : Average Failure Recovery Delay. Fig. 4(b) : Storage Overhead Fig. 5 : Communication Overhead Fig. 6 : Throughput 10 C S I   C o m m u n ic a t i o n s • AU G U S T   2 0 0 7
  12. 12.     Each parameter set Sj,i only authenticating CDM messages. immune to the Denial of servicecont a i n s a m T E S LA ke y c h a i n Fig. 4(a) shows the average failure attacks to enhance H-MAC protocolcommitment. This means that each recovery delay for both schemes. Result in terms of secured broadcastparameter certificate contains 9 shows that the average failure recovery authentication. Several practicalhash values. And each hash value, delay of the Secured HMAC Scheme broadcast authentication techniquescryptographic key or MAC value is 8 increases with the channel loss rate. were developed to distribute parametersbytes long. The parameter certificate However, the recovery delay of the for mTESLA instances, and revoke thecan be delivered with 4 packets, each multilevel mTESLA scheme increases broadcast authentication capabilities ofof which contains a sender ID (2 bytes), rapidly when there are severe Denial of compromised senders in wireless sensora key chain index (2 bytes), a fragment service attacks. In contrast, our secured networks. Our analysis and experimentindex (1 byte), and three hash values (24 HMAC scheme is not affected by Denial show that the proposed techniquesbytes). As a result, the packet payload of Service attacks if the attacker does are efficient and practical, and havesize is 29 bytes. not jam the channel completely. Since better performance than previous To investigate the authentication the channel loss rate is usually a small approaches.rate and the distribution rate value, the tree-based scheme has shorter Referencesunder Denial f Service attacks and recovery delay than the multi-levelcommunication failures, we assume mTESLA scheme in most cases. [1] I . F. A k y i l d i z , W. S u , Y.the attacker sends 200 forged parameter Fig. 4(b) shows the impact of storage S a n ka r a s u b r a m a n i a m , E .distribution packets per minute and overhead on the average failure recovery Cayirci,(2002).Wireless sensorthe channel loss rate is 0.2. Figure delay. The average failure recovery networks: A survey, Computer3(a) illustrates the authentication rate delay of the multilevel mTESLA scheme Networks, vol. 38, no. 4, pp. 393–for both schemes as the frequency increase quickly when the number 422.of parameter distribution packets of buffers for parameter distribution [2] A. Perrig, R. Szewczyk, V. Wen,increases. packets decreases, while the Secured D. Culler, and D. Tygar,(2001), With 20 CDM buffers at each HMAC scheme has shorter delay and is “SPINS: Security protocols forreceiver end, we can see that our not affected by the number of buffers for sensor networks,” in ProceedingsSecured HMAC scheme always has parameter distribution packets. Figure5 of Seventh Annual Internationala higher authentication rate than the illustrates the rate of communication Conference on Mobile Computingmulti-level DOS-tolerant mTESLA overhead for those three schemes as and Networks,.scheme. The reason is that in the the frequency of number of packets [3] D . L i u a n d P. N i n g , ( 2 0 0 3 ) ,Secured HMAC scheme a sensor increases. Figure 6 shows the impact “Efficient distribution of keynode is able to authenticate any of throughput on the end-to-end packet chain commitments for broadcastbuffered message once it receives a delay. Figure 7 shows the comparison authentication in distributedlater disclosed key, since different key of the Lifetime of the Networks, which sensor networks,” in Proceedingschains are linked together. Though in adopts different protocols. H-MAC with of the 10th Annual Network andthe multi-level DOS-tolerant scheme, the broadcast authentication (Secured Distributed System Securitylower-level key chains instances are HMAC Scheme) proves that it has Symposium (NDSS03), pp. 263–also linked to the higher-level ones, a increased network lifetime than G-MAC 276.sensor node may have to wait for a long H-MAC. [4] D . L i u a n d P. N i n g , ( 2 0 0 4 ) ,time to recover an authentication key “Multi-level mTESLA: Broadcastfrom the higher-level key chain when 5. Conclusion authentication for distributed sensorthe corresponding lower-level key chain In this paper we have introduced networks,” ACM Transactions incommitment is lost due to severe Denial the efficient techniques that are Embedded Computing Systemsof service attacks. During this timeperiod, most of previous buffered datapackets are already dropped. Figure 3(b)shows the authentication rate for bothschemes. We can see that the multi-level DOS-tolerant mTESLA scheme 800 G-MAChas to allocate a large buffer to achievecertain authentication rate when there 600 H-MACare severe Denial of service attacks, 400while our Secured HMAC can achieve H-MAC with broadcasthigher authentication rate without any authentication 200additional buffer. The reason is that inour scheme, a sensor node can verify 0a parameter certificate immediately Broadcast Authentication attackand thus there is no need to buffercertificates, while in the multi-levelDOS-tolerant mTESLA scheme, a sensor Fig. 7 : Performance of Secured HMAC Protocolnode has to wait for a while before C S I   C o m m u n ic a t i o n s • AU G U S T   2 0 0 7 11
  13. 13.     (TECS), vol. 3. networks,” in Proceedings of the Johnson,(2003), “Efficient security[5] H. Chan, A. Perrig, and D. 9th ACMConference on Computer mechanisms for routing protocols,” S o n g ( 2 0 0 3 ) , “ R a n d o m ke y and Communications Security, pp. in Proceedings of the 10th Annual predistribution schemes for sensor 41–47. Network and Distributed System networks,” in IEEE Symposium on [9] D. Liu and P. Ning (2003), Security Symposium, pp. 57–73. Research in Security and Privacy, , “Establishing pairwise keys in [13] Paramasivan.B, Athilakshmi. pp. 197–213. distributed Sensor networks,” S, and Radhakrishnan.S,(2006)[6] W. Du, J. Deng, Y. S. Han, S. Chen, in Proceedings of 10th ACM “Energy Efficient H-MAC Protocol and P. Varshney,(2004), “A key Conference on Computer and to enhance Security Lifetime management scheme for wireless Communications Security (CCS03), of Wireless Sensor Networks” sensor networks using deployment pp. 52–61. in proceedings of the second knowledge,” in Proceedings of IEEE [10] A. D. Wood and J. A. Stankovic International Conference on INFOCOM 04. (2002), “Denial of service in sensor WCSN06, published by Macmillan[7] W. Du, J. Deng, Y. S. Han, and P. networks,” IEEE Computer, vol. 35, India Ltd, pp 71-78 Varshney,(2003) “A pairwise key no. 10, pp. 54–62. [14] Paramasivan.B, Radhakrishnan. pre-distribution scheme for wireless [11] C. Karlof and D.Wagner,(2003) S,(2006) “An Enhanced Reliability sensor networks,” in Proceedings of “Secure routing in wireless scheme for WSN using PSFQ”, 10th ACM Conference on Computer sensor networks: Attacks and in proceedings of International and Communications Security countermeasures,” in Proceedings S y m p o s i u m o n Ad h o c a n d (CCS03), pp. 42– 51. of 1st IEEE International Workshop Ubiquitous Computing, Published[8] L . E s c h e n a u e r a n d V. D . on Sensor Network Protocols and by IEEE Press, pp: 106-111. Gligor,(2002) “A key-management Applications. scheme for distributed sensor [12] Y. Hu, A. Perrig, and D. V. oooAbout Authors Prof. B. Paramasivan is working as Assistant Professor, Department of Computer Science Engineering, National Engineering College, TamilNadu. He is currently pursuing his Ph.D in the area of Wireless Sensor Networks. He has published several research papers in various International and National Conferences. His area of interest and research includes the Security, Routing, Energy Efficiency issues in Wireless sensor Networks. He is an active member of CSI. Dr. S RadhaKrishnan is working as Professor Head of department of Computer Science Engineering, Arulmigu Kalasalingam College of Engineering, Srivilliputhur. He is guiding several Ph.D scholars. His area of interest includes Network Engineering, and Adhoc Networks. He has published several research papers in International Journals. He is an active member of CSI. Ms. S. Athilakshmi is working as a Lecturer in Department of Computer Science Engineering, National Engineering College, TamilNadu. She is currently working towards, to constantly update the issues trends in the area of Sensor Networks. Her research focuses on wireless networks, especially on the security issues in Wireless Sensor Networks and wireless Adhoc Networks. IFIP TC-8 meeting IFIP TC-8 meeting held during June 18th – 19th, 2007 at BCS, London was attended by Steve Elliot (Australia), Josef Basl (Czeeh Republic), Jan Pries-Heje (Denmark), Juhani Livari (Finland), David Avison (France), Maria Raffai (Hungary), Barbara Pernici (Italy), Tetsuya Uchiki (Japan), Maria-Ribera Sancho (Spain), Dewald Roode (South Africa), Marcus (Switzerland), Bill Olle (United Kindom), George M. Kasper (USA – ACM), Erich Neuhold (USA – IEEE), Lida Xu (WG 8.9 Chair USA), Nancy Russo (USA), Patrick Humphreys (UK) and Ashok Agarwal (India) 1. Barbara Pernici was elected as chair from July 2007 onwards and George M. Kasper as Vice Chair. 2. Proposals for possible funding for speakers / participants from developing countries to conferences ; contact Prof. D Y Kim dykim@ajou.ac.in 3. Next meeting scheduled on September 5th June 2008 at Milan. Dr. Ashok Agarwal CSI IFIP TC-8 Rep. 12 C S I   C o m m u n ic a t i o n s • AU G U S T   2 0 0 7
  14. 14.    Cryptography-based Secure An AS contains information about the host image content that may be checked to verify its integrity. However,Authentication Watermarking inserting the MAC/DS alters the image and consequently alters its MAC/DS, invalidating the watermarking. Tofor Binary Images avoid this problem, for continuous-tone images, many authentication techniques compute the AS from the image clearing the least significant bits (LSBs) andMr. M Venkatesan1, Mrs. P MeenakshiDevi2, Dr. K.Duraiswamy3 insert the AS in LSBs. In other words,Dr. K Thyagarajah4 those bits where the watermark is to be inserted are not taken into account when computing MAC/DS. A possible use of this technique1 Asst. Prof., Dept. of Computer Applns., K S Rangasamy College of Tech., is to send faxes and documents overE-mail : venkatesh.muthusamy@gmail.com networks and the Internet. In this case,2 Asst. Prof., Dept of Information Tech., K S Rangasamy College of Tech., the receiver of a document can verify itsE-mail : div_pri@yahoo.com integrity for a given originator.3 Dean (Academic), K S Rangasamy College of Technology,Tiruchengode,E-mail : ksrctt@yahoo.com 2. Data Hiding and Authentication4 Principal, PSNA College of Engg. Technology, Dindical, E-mail : principal@psnacet.org Watermarking In the literature, there are many In image authentication watermarking, hidden data is inserted authentication-watermarking techniques into an image to detect any accidental or malicious image for continuous-tone images [1-5]. Also, there are many techniques for data alteration. In the literature, quite a small number of cryptography hiding in binary and halftone images based secure authentication methods are available for binary [6-10]. However, quite a small number images. In a cryptography based authentication watermarking, of secure authentication watermarking a message authentication code (or digital signature) of the whole techniques are available for binary and image is computed and the resulting code is inserted into the halftone images. image itself. However, inserting the code alters the image and The proposed paper is consequently its authentication code, invalidating the watermark. cryptography-based secure This paper proposes a new authentication watermarking method authentication watermarking technique for binary images. It can detect any alteration while maintaining (CSAWT) to insert MAC/DS of a binary image. The original image is good visual quality for all types of binary images. The security of partitioned into m x n sub blocks. The AS is generated for the whole image1. Introduction represented as F. But, before calculating Data hiding represents a class of the hash value (AS) of the image, the purposes. They cannot be easilyprocesses used to embed data, such sub blocks used for inserting the AS removed and should resist commonas copyright information into various are made to be zeros. The hash value image-manipulation procedures. Onforms of media such as image, audio, is calculated for the new image. In the the other hand, fragile watermarks (oror text with a minimum amount of original image, the AS is not inserted authentication watermarks) are easilyperceivable degradation to the “host” consecutively in one area. Instead, corrupted by any image processingsignal; its goal is not to restrict or The AS is divided into segments and is procedure. However, watermarks forregulate access to the host signal, but stored in a scattered way. A secret key checking the image integrity andrather to ensure that embedded data shared by the two parties identifies the authenticity can be fragile because if theremains inviolate and recoverable. positions of each segment. watermark is removed, the watermark A watermarking technique makes detection algorithm will correctly report 3. The CSAWTuse of a data-hiding scheme to insert the corruption of the image. In secure authenticationsome information in the host image, in In a cryptography based watermarking using some data hidingorder to make an assertion about the authentication watermarking, an technique for binary image, one mustimage later. In this paper, data hiding authentication signature (AS) is compute a hashing function of thescheme simply means the technique to computed from the whole image binary image F, obtaining the hashembed a sequence of bits in a still image and inserted into the image itself. In value H = H(F). After encryption, itand to extract it afterwards. cryptography, an AS is called message becomes MAC/DS. This MAC/DS must Watermarking techniques can be authentication code (MAC) using a be inserted into F itself, obtaining theclassified as either “robust” or “fragile.” secret-key cipher or digital signature marked image F2 . The problem is that,Robust watermarks are useful for (DS) using a public/private-key cipher. with the insertion of watermark, thecopyright and ownership assertion C S I   C o m m u n ic a t i o n s • AU G U S T   2 0 0 7 13

×