Clogging attack Sample Clauses

Clogging attack. It is a subclass of DoS attacks wherein the adversary clogs the receiver and wastes its communication and computation sources in an attempt to paralyze the receiver [8]. In ▇▇ et al.’s protocol, the adversary runs the clogging attack as follows: Step 1. Adversary 𝒜 captures the first message < 𝐼𝐷𝑖 , 𝑅𝑖 , 𝜏𝑖 > in key agreement phase. 𝒜 then selects a random nonce 𝑥𝐴 𝜖 𝑍∗ and calculates 𝜏𝐴 = 𝑥𝐴𝐺, and transmits the message < 𝐼𝐷 , 𝑅 , ��𝐴 > to 𝑉 . 𝑝 𝑖 𝑖 𝑗 𝑗 Step 2. Upon receiving the message, ▇▇ selects a random nonce 𝑦 and calculates 𝜏𝑗 = 𝑦𝐺, public key 𝑄𝑖 = 𝑅𝑖 + ℎ1(𝐼𝐷𝑖 ∥ 𝑅𝑖)𝐾𝑝𝑢𝑏, and session key 𝑆𝐾𝐴 = ℎ3(𝐼𝐷𝑖 ∥ 𝐼𝐷𝑗 ∥ 𝐾𝑗 ∥ 𝑦𝑄𝑖 ∥ ��𝑗 𝜏𝐴). Then, it transmits the message < 𝐼𝐷𝑗 , ▇▇, 𝜏𝑗 > to 𝒜. Step 3. Adversary 𝒜 transmits the message < 𝐼𝐷𝑗 , ▇▇ , 𝜏𝐴 > to 𝑉𝑖 with only calculating 𝜏𝐴 = 𝑥𝐺. Step 4. 𝑉𝑖 receives the message and calculates 𝑄𝑗 = ▇▇ + ℎ1(𝐼𝐷𝑗 ∥ ▇▇)𝐾𝑝𝑢𝑏, 𝐾𝑖 = ℎ2(𝑑𝑖𝑄𝑗)𝑥𝜏𝐴, and session key 𝑖 𝑆𝐾𝐴 = ℎ3(𝐼𝐷𝑖 ∥ 𝐼𝐷𝑗 ∥ 𝐾𝑖 ∥ 𝑥𝑄𝑗 ∥ 𝑑𝑖 𝜏𝐴). This attack desynchronizes the agreed session key between the agents, i.e., 𝑆𝐾𝐴 ≠ 𝑆𝐾𝐴. Adversary 𝒜 performs 𝑗 𝑖 a multiplication operation of ECC and makes the two agents 𝑉𝑖 and ▇▇ run 11 scalar multiplication, 2 point addition, and 6 hash function. This causes a huge loss of time and costs that is only recognized by desynchronized session key after transmission of encrypted data.

Clogging attack. ▇▇▇▇▇▇▇▇ et al.’s protocol is insecure against clogging attack as shown below. Step 1. The adversary captures the message < , , 1, , , > that consists the current timestamp 1, = , and = + , is transmitted by in which ∗. Then, generates random nonce and calculates = , ′′ = + , and = + = ( + + ). After that, the adversary transmits the fake message < , , , , ′′ , > to . Step 2. Upon reception of the message, checks its freshness ? = ′′ + + ℎ( ∥ ) + to ensure: = ( + + ) = + + = + + + ℎ( ∥ )( + ) + = + + + ℎ( ∥ )( + ) + = ′′ + + ℎ( ∥ ) + (1) The condition is met and the adversary can deceive and breach message integration. This waste resources because it will perform 4 ECC multiplication operations and 2 hash functions to transmit the message < , , 2, , , , > to . Then, will do some more calculations and realize that the session key is different, implying that clogging attack has been successful.

Clogging attack. ▇▇▇▇▇▇▇▇ et al.’s protocol is insecure against clogging attack as shown below. Step 1. The adversary 𝒜 captures the message < 𝐼𝐷𝑖 , 𝐴𝑖 , 𝑡1, 𝑍𝑖, 𝜏𝑖 , 𝑄𝑖 > that consists the current timestamp 𝑡1, 𝑝 𝜏𝑖 = 𝑥𝐺, and 𝑍𝑖 = 𝑥 + 𝐶𝑖, is transmitted by 𝐷𝑖 in which 𝑥 𝜖 𝑍∗. Then, 𝒜 generates random nonce 𝑥𝐴 and calculates 𝜏𝐴 = 𝑥𝐴𝐺, 𝜏𝐴𝘍𝘍 = 𝜏𝐴 + 𝜏 , and 𝑍𝐴 = 𝑍 + 𝑥𝐴 = (𝑥 + 𝐶 + 𝑥𝐴). After that, the adversary transmits the 𝑖 𝑖 𝑖 𝑖 𝑖 fake message < 𝐼𝐷 , 𝐴 , 𝑡 , 𝑍𝐴, 𝜏𝐴𝘍𝘍 , 𝑄 > to 𝐷 . 𝑖 𝑖 1 𝑖 𝑖 𝑖 𝑗 Step 2. Upon reception of the message, 𝐷 checks its freshness 𝑍𝐴𝐺 ? = 𝜏 𝐴𝘍𝘍 + 𝐾 + ℎ(𝐼𝐷 ∥ 𝐴 )𝐴 + 𝑄 to ensure:

Clogging attack. It is a subclass of DoS attacks wherein the adversary clogs the receiver and wastes its communication and computation sources in an attempt to paralyze the receiver [8]. In ▇▇ et al.’s protocol, the adversary runs the clogging attack as follows: Step 1. Adversary captures the first message < , , > in key agreement phase. then selects a random nonce ∗ and calculates = , and transmits the message < , , > to . Step 2. Upon receiving the message, selects a random nonce and calculates = , public key = + ℎ1( ∥ ), and session key = ℎ3( ∥ ∥ ∥ ∥ ). Then, it transmits the message < , , > to . Step 3. Adversary transmits the message < , , > to with only calculating = . Step 4. receives the message and calculates = + ℎ1( ∥ ), = ℎ2(), and session key = ℎ3( ∥ ∥ ∥ ∥ ). This attack desynchronizes the agreed session key between the agents, i.e., ≠ . Adversary performs a multiplication operation of ECC and makes the two agents and run 11 scalar multiplication, 2 point addition, and 6 hash function. This causes a huge loss of time and costs that is only recognized by desynchronized session key after transmission of encrypted data.