Security and Cooperation
in Wireless Networks
http://secowinet.epfl.ch/
Chapter 12: Secure protocols for behavior
enforcement
© 2007 Levente Buttyán and Jean-Pierre Hubaux
Motivation
Packet forwarding consumes resources
– Nodes are rational => Maximize their payoff
– Nodes avoid forwarding
Provide incentive to cooperate
within Routing and Forwarding protocols
using a game theoretic approach
Security and Cooperation in Wireless Networks
Chapter 12:Secure protocols for behavior enforcement
2/22
Outline
•
Introduction
– Incentives
– System Model
•
Model
– Dominant action/subaction
– Cooperation optimal protocol
•
Protocols
– VCG payments with correct link cost establishment
– Forwarding protocol with block confirmation
•
Conclusion
Security and Cooperation in Wireless Networks
Chapter 12:Secure protocols for behavior enforcement
3/22
Introduction
 Routing protocol
– Discover efficient routing paths: global welfare
– Deal with selfish nodes: local welfare
 Packet forwarding protocol
– address the fair exchange problem
=> Joint Incentive
Security and Cooperation in Wireless Networks
Chapter 12:Secure protocols for behavior enforcement
4/22
Possible incentives
 Possible incentive strategies:
– Punish: Reputation, Jamming, Isolation
– Reward: Virtual currency
 Possible incentives:
– Internally: With intrinsic mechanisms (e.g., deny communication, jam)
– Externally: by dedicated protocols
Incentive
Punish
Internal
Security and Cooperation in Wireless Networks
Chapter 12:Secure protocols for behavior enforcement
External
Reward
Internal
External
5/22
System Model
 Ad-hoc networks as non-cooperative strategic games
• Called “Ad Hoc Games”
 Channel model:
• Packet successfully transmitted if Ptransmission >= Pmin
– Pmin = minimum power to reach receiver
• No errors (BER = 0)
 Nodes can withhold, replace or send a message
 Nodes can transmit at any power level
 We define the payoff of a node as:
ui  bi  ci
– bi = benefit (reward, by micro-payment)
– ci = cost of forwarding (energy, overhead,…)
Security and Cooperation in Wireless Networks
Chapter 12:Secure protocols for behavior enforcement
6/22
Formal Model
 Dominant Action:
– A dominant action is one that maximizes player i payoff,
no matter what actions other players choose
ui ai , ai   ui ai, ai 
Example: Joint packet forwarding game
– Imperfect information
– Message from S to D
– Two players: p1 and p2
• p1 has no dominant action
• p2’s dominant action is F
Security and Cooperation in Wireless Networks
Chapter 12:Secure protocols for behavior enforcement
S
P1
P2
D
p1\p2
F
D
F
(1-c,1-c)
(-c,0)
D
(0,0)
(0,0)
7/22
Formal Model

r   f 
a

a
 Each node action is comprised of two parts: i
i , ai
r
ai  is node i’s subaction in the routing stage
(what it is supposed to do in the routing stage)
f
ai  is node i’s subaction in the forwarding stage
(what it really does in the forwarding stage)
• Routing decision R: determined by the routing subactions of all nodes
• Prospective routing payoff:

ui  ui R, a r 
Security and Cooperation in Wireless Networks
Chapter 12:Secure protocols for behavior enforcement

a
r

8/22
Routing stage
 Dominant subaction:
– In a routing stage, a dominant subaction is one that
maximizes its routing payoff no matter what subactions
other players choose.



ui R  ai r  , a ri   ui R  ai r  , a ri 

 A routing protocol is a routing-dominant protocol to the
routing stage if following the protocol is a dominant
subaction of each potential forwarding node in the routing
stage
Security and Cooperation in Wireless Networks
Chapter 12:Secure protocols for behavior enforcement
9/22
Forwarding stage
A forwarding protocol is a forwarding-optimal protocol to the
forwarding stage under routing decision R if
– All packets are forwarded to their destinations
– Following the protocol is a subgame perfect equilibrium
 A path is said to be a subgame
perfect equilibrium if it is a Nash
equilibrium for every subgame
Node 1
drop
forward
Node 2
drop
p1\p2
F
D
F
(1-c,1-c)
(-c,0)
D
(0,0)
(0,0)
Security and Cooperation in Wireless Networks
Chapter 12:Secure protocols for behavior enforcement
forward
Last node
drop
forward
10/22
Cooperation-Optimal Protocol
 A protocol is a cooperation-optimal protocol to
an ad-hoc game if
– Its routing protocol is a routing-dominant protocol to
the routing stage
– For a routing decision R, its forwarding protocol is a
forwarding optimal protocol to the forwarding stage
Security and Cooperation in Wireless Networks
Chapter 12:Secure protocols for behavior enforcement
11/22
VCG for routing protocols
 VCG: Vickrey, Clarke, and Groves – second-best
sealed auction
 Nodes independently compute and declare their
packet transmission cost to destination
 Destination computes Lowest Cost Path (LCP)
 Source rewards the nodes
– declared cost + added value
 The added value is the difference between LCP with
the node and without it
– Incentive to declare the true price => Truthful
Security and Cooperation in Wireless Networks
Chapter 12:Secure protocols for behavior enforcement
12/22
Example of VCG
Least cost path from S to D:
LCP(S,D) = S, v2, v3, D
with cost(LCP(S,D)) = 5 + 2 + 3 = 10
Least cost path without node v2:
LCP(S,D;−v2) = S, v1, v4, D
with cost(LCP(S,D);−v2) = 7 + 3 + 4 = 14
Least cost path without node v3:
LCP(S,D;−v3) = S, v2, v4, D with cost(LCP(S,D);−v3) = 5 + 3 + 4 = 12.
VCG payments:
b2 = 14 − 10 + 2 = 6
b3 = 12 − 10 + 3 = 5
These values represent the unit payment (the payment for one forwarded
data packet) to nodes v2 and v3, respectively.
Security and Cooperation in Wireless Networks
Chapter 12:Secure protocols for behavior enforcement
13/22
Cheating about the power level
 Assume mutual computation of link cost
 Consider a node i and its neighbor j
1. Node i cheats by making Pi,j larger:
Pi,j
i
j
– Node j is less likely to be on LCP
– Node j’ s payment will decrease.
2. Node j can respond by cheating and making Pi,j smaller:
– Node j more likely to be on LCP
– Node j increases its payment
 VCG is thus not truthful in this case
Security and Cooperation in Wireless Networks
Chapter 12:Secure protocols for behavior enforcement
14/22
Cryptographic protection
 Assume private computation of link cost
[cost4]K¦HMAC
i
[cost3]K¦HMAC
[cost4]K¦HMAC
j
[cost3]K¦HMAC
D
[cost2]K¦HMAC
[cost1]K¦HMAC
(the details of the security mechanisms are in the book)
 Protocol for link cost establishment:
– Nodes share a symmetric key with D
– Nodes send an encrypted and signed test signal
at increasing power levels containing cost information
– Messages are protected from forging with HMAC
– Complexity (computation at the destination): O(N^3)
Security and Cooperation in Wireless Networks
Chapter 12:Secure protocols for behavior enforcement
15/22
Conclusion on the routing stage
Theorem 12.1:
If the destination is able to collect all involved link
costs as described above, then the described
protocol is a routing dominant protocol to the
routing stage.
Security and Cooperation in Wireless Networks
Chapter 12:Secure protocols for behavior enforcement
16/22
Forwarding Protocol
 Messages bundled in blocks
m1
m2
b1
m3
m4
m5
b2
m6
b3
m7
m8
m9
b4
b5
 Block confirmation with a Reverse Hash Chain
r0
H
r1
H
r2
H
H
r=r5
– r is made public by source in an authenticated way
– Confirmation of block 2 is done by sending r5-2=r3
2
H
r3  r
– Nodes verify
 
Security and Cooperation in Wireless Networks
Chapter 12:Secure protocols for behavior enforcement
17/22
Fair Exchange Problem
 Source and intermediate nodes can disagree about
successful transmission of a block
 Mutual decision = contract between source an intermediate
nodes
– Confirmation is sent with the last packet of each block to destination
– Destination forwards confirmation to intermediate nodes if block
correctly received
– Intermediate nodes stop forwarding if they do not get confirmation
 Eliminates incentive to cheat
– Not respecting the protocol blocks the protocol
Security and Cooperation in Wireless Networks
Chapter 12:Secure protocols for behavior enforcement
18/22
Theorems
Theorem 12.2:
Given a routing decision R, assuming that the
computed payment is greater than the cost, the
reverse hash chain based forwarding protocol is a
forwarding optimal protocol.
Theorem 12.3:
The complete protocol (routing protocol and packet
forwarding protocol) is a cooperation-optimal
protocol to AdHocGames.
Security and Cooperation in Wireless Networks
Chapter 12:Secure protocols for behavior enforcement
19/22
Discussion
 Modeling
– Interference and mobility
• unreliable links make use of incentives more difficult
 Game theoretic model assumes
– Tamper proof hardware to compute best path at destination
– Payment center to resolve payment issues
 Performance vs. incentive compatibility
– Control channel overhead
– Throughput
– Complexity
Security and Cooperation in Wireless Networks
Chapter 12:Secure protocols for behavior enforcement
20/22
Summary
 Cooperation optimal protocol
– Routing dominant + Forwarding optimal
– Routing based on VCG
– Forwarding based on Reverse Hash Chain
 Corsac provides incentives for cooperation
– Protocol is fair
– The topology determines payment
– The incentive protocol reduces the network traffic
Security and Cooperation in Wireless Networks
Chapter 12:Secure protocols for behavior enforcement
21/22
References
 On Designing Incentive-Compatible Routing and Forwarding
Protocols in Wireless Ad-Hoc Networks
Sheng Zhong, Li Erran Li, Yanbin Grace Liu and Yang Richard Yang.
ACM Springer Wireless Networks (WINET), Special Issue of Selected
Papers of Mobicom 2005
 Punishement in Selfish Wireless Networks: A Game Theoretic
Analysis
Dave Levin. NetEcon 2006
 On Selfish Behavior in CSMA/CA Networks
Mario Cagalj, Saurabh Ganeriwal, Imad Aad and Jean-Pierre Hubaux.
Infocom 2005
 Ad hoc-VCG: A Truthful and Cost-Efficient Routing Protocol
for Mobile Ad hoc Networks with Selfish Agents
Luzi Anderegg and Stephan Eidenbenz.
Mobicom 2003
Security and Cooperation in Wireless Networks
Chapter 12:Secure protocols for behavior enforcement
22/22