Image Processing Reference
In-Depth Information
Phenomenon
x
1
x
2
x
n
S
1
S
2
S
n
...
b
1
b
2
b
n
Witness 1
Witness 1
Data fusion node
MAC
1
MAC
2
u
0
Base station
FIGURE .
Overview of the witness-based approach [DDHVb].
•
Concerningtheveriicationatthebasestation,Duetal.proposetwovariants.heirst
one is an
m
voting scheme and works as follows:
. Data fusion node
F
computes its MAC:
+
outof
m
+
MAC
F
∶=
h
(
SF
,
F
,
k
F
,
MAC
⊕
MAC
⊕⋯⊕
MAC
m
)
.
.
F
sends to base station:
(
SF
,
F
,
w
, ...,
w
m
,
MAC
F
)
.
. Base station computes all
MAC
′
i
=
h
(
SF
,
w
i
,
k
i
)
and the authentication code to be
expected from
F
:
MAC
′
F
SF
,
F
,
k
F
,
MAC
′
MAC
′
MAC
′
m
∶=
h
(
⊕
⊕⋯⊕
)
.
The base station then checks if
MAC
′
F
=
MAC
F
and otherwise discards the message.
remains unchanged, the identifiers of the
w
i
need only to be trans-
mitted with the first
MAC
F
to save transmission bandwidth. There is, however, one
major drawback with this scheme: If one witness deliberately sends a wrong
MAC
i
,the
aggregated data gets refused by the base station (representing a DoS vulnerability).
•
In order to overcome the DoS vulnerability of the first scheme, Du et al. also propose an
n
out of
m
If the set
(
w
, ...,
w
m
)
voting scheme:
.
F
sends to the base station:
+
(
SF
,
F
,
MAC
F
,
w
,
MAC
, ...,
w
m
,
MAC
m
)
.
. Basestationchecksifatleast
n
out of
m
+
MACsmatch,thatisatleast
n
−
MAC
i
match
MAC
F
.
This scheme is more robust against erroneous or malicious witness nodes, but requires a
higher communication overhead as
m
MACsmustbesenttothebasestation
In Ref. [DDHVb], Du et al. analyze the minimum length of the MACs to ensure a certain tolerance
probability
−δ
that an invalid result is accepted by a base station. For this, they assume that each
MAC has the length
k
,thereare
m
witnesses, no witness colludes with
F
and
F
needs to guess the