Secure Protocols for Behavior Enforcement

1
Secure Protocols for Behavior Enforcement
Security and Cooperationin Wireless Networks
Slides elaborated by Julien Freudiger and adapted
by Jean-Pierre Hubaux http//secowinet.epfl.ch
Note this chapter (and therefore this slide
show) is derived from the paper by S. Zhong, L.
Erran Li, Y. Liu, and Y. R. Yang, On Designing
Incentive-Compatible Routing and Forwarding
Protocols in Wireless Ad Hoc Networks, Mobicom
2005
2
Motivation

• Packet forwarding consumes resources
• Nodes are rational Maximize their payoff
• Nodes avoid forwarding

Provide incentive to cooperate within Routing
and Forwarding protocols using a Game Theoretic
approach
3
Outline

• Introduction
• Incentives
• System Model
• Formal Model
• Dominant action/subaction
• Cooperation optimal protocol
• The Corsac Protocol
• VCG payments with correct link cost establishment
• Forwarding protocol with block confirmation
• Evaluation
• Conclusion

4
1. Introduction

• Routing protocol
• Discover efficient routing paths global welfare
• Deal with selfish nodes local welfare
• Packet forwarding protocol
• address the fair exchange problem
• Joint Incentive

5
Incentives

• Incentive strategy
• Punish Reputation, Jamming, Isolation
• Reward Virtual currency
• Incentive is achieved
• Internally With 802.11 primitives
• Externally Dedicated protocols

Incentive
Punish
Reward
Internal
External
Internal
External
6
System Model

• Ad-hoc networks as uncooperative strategic games
• Called Ad Hoc Games
• Channel model
• Packet successfully transmitted if Ptransmission
  Pmin
• Pmin minimum power to reach destination
• No errors (BER 0)
• Nodes can withhold, replace or send a message
• Node can transmit at any power level
• We define the payoff of a node as
• bi benefice (reward)
• ci cost of forwarding

7
2. Formal Model

• Dominant Action
• A dominant action is one that maximizes player i
  payoff no matter what actions other players
  choose
• Example Joint packet forwarding game
• Imperfect information
• Message from S to D
• Two players p1 and p2
• P1 has no dominant action
• P2 dominant action is F

S
P1
P2
D
8
Forwarding Dominant

• A forwarding protocol is said forwarding dominant
  protocol if following the protocol is a dominant
  action
• We need incentives to enforce cooperation

Theorem 1 There does not exist a
forwarding-dominant protocol for ad-hoc games.
9
Formal Model for Divided Solution

• Each node actions is divided into two parts
• Routing subaction A routing decision specifies
  what node is supposed to do in the forwarding
  stage
• Forwarding subaction Specifies what the node
  actually does
• The total payoff comprises both subactions

10
Routing stage

• Routing payoff of a node is the payoff that it
  will achieve under the routing decision
• Dominant subaction
• In a routing stage, a dominant subaction is one
  that maximizes its routing payoff no matter what
  subactions other players choose.
• A routing protocol is a routing-dominant protocol
  to the routing stage if following the protocol is
  a dominant subaction of each potential forwarding
  node in the routing stage

11
Forwarding stage

• Consider an extensive game model with imperfect
  information
• A forwarding protocol is a forwarding-optimal
  protocol to the forwarding stage under routing
  decision R if
• All packets are forwarded to their destinations
• Following the protocol is a subgame perfect
  equilibrium
• A path is said to be a subgame perfect
  equilibrium if it is a Nash equilibrium for every
  subgame

Node 1
drop
forward
Node 2
drop
forward
Last node
drop
forward
12
Cooperation-Optimal Protocol

• A protocol is a cooperation-optimal protocol to
  an ad-hoc game if
• Its routing protocol is a routing-dominant
  protocol to the routing stage
• For a routing decision R, its forwarding protocol
  is a forwarding optimal protocol to the
  forwarding stage

13
3. The Corsac Protocol

• Corsac is a cooperation optimal protocol
• Routing
• VCG
• Forwarding
• Reverse Hash chains

14
VCG for routing protocols

• Nodes independently compute and declare their
  packet transmission cost to destination
• Destination computes Lowest Cost Path (LCP)
• Source rewards the nodes
• declared cost added value
• The added value is the difference between LCP
  with the node and without it
• Incentive to declare the true price Truthful

15
Example of VCG
Least cost path from S to D LCP(S,D) S, v2,
v3,D with cost(LCP(S,D)) 5 2 3 10 Least
cost path without node v2 LCP(S,D-v2) S, v1,
v4,D with cost(LCP(S,D)-v2) 7 3 4
14 Least cost path without node v3 LCP(S,D-v3)
S, v2, v4,D with cost(LCP(S,D)-v3) 5 3 4
12. VCG payments p2 14 - 10 2 6 p3 12
- 10 3 5 These values represent the unit
payment (the payment for one forwarded data
packet) to nodes v2 and v3, respectively.
16
VCG flaw

• Assume mutual computation of link cost
• Consider a node i and its neighbor j
• Node i cheats by making Pi,j greater
• Node j is less likely to be on LCP
• Node j payment will decrease.
• Node j responds by cheating and making Pi,j
  smaller
• Node j more likely to be on LCP
• Node j increases its payment
• VCG is not truthful in this case
• Possible to cheat in determining link cost

Pi,j
i
j
17
Truthful VCG

• Assume private computation of link cost
• Protocol for VCG link cost establishment
• Nodes share a symmetric key with D
• Nodes send an encrypted and signed test signal
• at increasing power levels containing cost
  information
• Messages are protected from forging with HMAC
• O(N3)

cost4KHMAC
cost4KHMAC
cost3KHMAC
cost3KHMAC
i
j
D
cost2KHMAC
cost1KHMAC
18
VCG conclusion
Theorem 2 If the destination is able to collect
all involved link costs as described above, then
the VCG protocol is a routing dominant protocol
to the routing stage.
19
Forwarding Protocol

• Messages bundled in blocks
• Block confirmation with a Reverse Hash Chain
• r is made public by source in an authenticated
  way
• Confirmation of block 2 is done by sending
  r(5-2)r3
• Nodes verify

m1
m2
m3
m4
m5
m6
m7
m8
m9
b1
b2
b3
b4
b5
r1
r2
rr5
H
H
H
H
r0
20
Fair Exchange Problem

• Source and intermediate nodes can disagree about
  successful transmission of a block
• Mutual decision contract between source an
  intermediate nodes
• Confirmation is sent with the last packet of each
  block to destination
• Destination forwards confirmation to intermediate
  nodes if block correctly received
• Intermediate nodes stop forwarding if do not get
  confirmation
• Eliminates incentive to cheat
• Disregarding the protocol blocks the protocol

21
Cooperation Optimal
Theorem 3 Given a routing decision R, assuming
that the computed payment is greater than the
cost, the reverse hash chain based forwarding
protocol is a forwarding optimal protocol.
Theorem 4 The Corsac protocol is a
cooperation-optimal protocol to ad-hoc games.
22
4. Evaluation (1)

• Nodes that accumulate more credits spend more
  energy in forwarding others traffic
• The protocol is fair

23
Evaluation (2)
Consider the following topology
24
Evaluation (3)
Node 19 as session source
Reach destination directly
payment X cost
25
Evaluation (4)
Node 28 as session source
Node 3 is critical point
payment X cost
Mainly the topology that determines payment
26
Future challenges

• Modeling
• Interference and mobility
• unreliable link harden use of incentive
• Game theoretic model assumes
• Tamper proof Hardware to compute best path at
  destination
• Payment center to resolve payment issues
• Performance vs. incentive compatibility
• Control channel overhead
• Throughput
• Complexity

27
5. Conclusions

• Cooperation optimal protocol
• Routing dominant Forwarding optimal
• Routing based on VCG
• Forwarding based on Reverse Hash Chain
• Corsac provides incentives for cooperation
• Protocol is fair
• The topology determines payment
• The incentive protocol reduces the network
  traffic

28
References

• 1  On Designing Incentive-Compatible Routing
  and Forwarding Protocols in Wireless Ad-Hoc
  Networks . Sheng Zhong, Li Erran Li, Yanbin
  Grace Liu and Yang Richard Yang. Mobicom 2005
• 2  Security and Cooperation in Wireless
  Networks . Levente Buttyan and Jean-Pierre
  Hubaux. Book Cambridge University Press, Chapter
  12
• 3  Punishement in Selfish Wireless Networks
  A Game Theoretic Analysis . Dave Levin.
  NetEcon 2006
• 4  On Selfish Behavior in CSMA/CA Networks .
  Mario Cagalj, Saurabh Ganeriwal, Imad Aad and
  Jean-Pierre Hubaux. Infocom 2005
• 5  Ad hoc-VCG A Truthful and Cost-Efficient
  Routing Protocol for Mobile Ad hoc Networks with
  Selfish Agents . Luzi Anderegg and Stephan
  Eidenbenz. Mobicom 2003