17-11-2012, 05:13 PM
A Hybrid Cryptography Model for Managing Security in Dynamic Topology of MANET
1A Hybrid Cryptography.pdf (Size: 407.95 KB / Downloads: 66)
Abstract
Despite its superiority to its conventional counterpart, modern telecommunication is beset with newer problems. For instance, MANET is riddled by issues like unreliability of wireless media, uncertain connectivity, host mobility and lack of infrastructure. However, perhaps, a most important aspect of such networks is the problem of security. The computational load and complexity involved in this environment are strongly subject to the dynamic nature of network topology, especially the restriction by the node’s available resources. Therefore, key management and authentication are a central aspect for security in MANET and thus they should not be weak. For such small-scale networks, we propose here a security architecture utilizing a seniority-based trust model and PGP type certification service by building a specific PKI. Related algorithms are also presented. The performance of this new model is evaluated through simulation.
INTRODUCTION
In spite of its superiority to its conventional counterpart, modern telecommunication is beset with so many new problems. To give an example, mobile ad-hoc networks (MANET) is riddled by issues like unreliability of wireless media, uncertain connectivity, host mobility and absence of infrastructure. However, perhaps, a most important aspect of such networks is the problem of security. The nature of ad-hoc networks makes them vulnerable to security attacks, and implementation of public key infrastructure in ad-hoc network is also a difficult task due to lack of centralized control (Infra structured Wireless Network Environment) and fixed infrastructure (Infrastructure less Wireless Network Environment). Therefore, a centralized or hierarchical network security solution does not work well.
Key Management in ad-Hoc Wireless Networks
MANET poses certain specific challenges in key management due to the lack of infrastructure in such networks. The key management generally utilizes three types of infrastructure. One is the network infrastructure, such as dedicated routers and stable links, which ensure communication with all nodes. Another one is services such as name resolution, directory, and TTP (Trusted Third Party). The third one is the administrative support of certifying authorities. The absence of such infrastructures in MANET calls for an implementation of key management or, rather, PKI in MANET. The implementation of PKI in small-scale MANET could be based on threshold cryptography as well as PGP implementation. In this paper, we construct a new security model basing this on PGP type approach. The merits of this construction will be discussed below.
LITERATURE REVIEW
Security in ad-Hoc Networks
There are a number of proposed solutions for security authentication and key management in MANET. Ref. [2] proposes authentication architecture for MANET, describing the formats of messages, together with protocols which achieve authentication as in “[3], [7], [8] and [12]". The architecture can accommodate different authentication schemes. One quite useful approach to the problem comprises PGP-based schemes.
PGP-Based Solutions
The ‘Public Key Infrastructure’ (PKI) is the most scaleable form of key management. Several different PKI techniques exist, such as SPKI, PGP and X.509. Various forms of these PKI techniques have been proposed for use in ad-hoc networks. Ref. [3] on security architecture proposes the use of a group-oriented PKI for large group formation. The leader of the group acts as a ‘Certificate Authority’ (CA), which issues group membership certificates. These are said to be SPKI-style certificates. They certify that the public key in the certificate belongs to a group member. However, this is not useful for two-party communications or non group-oriented tasks.
The SB-Trust Model
In PGP’s “web-of-trust” model [8], each entity manages its own trust based on direct recommendation. Ref. [9],[10] seek to further quantify the notions of trust and recommendation. Ref. [11] uses a seniority-based (SB) trust model which is as follows. Trust management and maintenance are distributed in both space (k) and time (T) domains in the SB-model. Thus SB-model describes a seniors-securing approach to node authentication in MANET. In other words, the parameter T characterizes the time-varying feature of a trust relationship, while k signifies the number of senior nodes required to work as CA . An entity is trusted if any k trusted available senior entities claim so within a certain time period T. Once a node is trusted by its senior group, it is globally accepted as a trusted node. Otherwise, if the seniors distrusted an entity then it is regarded as untrustworthy in the entire network. If a node cannot find k senior nodes in certain network, it may roam to meet more nodes or wait for new senior nodes to move in.
CONSTRUCTION OF SB-PGP MODEL
In this work, we apply the SB-model for issuing PGP type certificate. Let us consider a MANET, to be established, for instance, in a conference where people having mobile nodes communicate with one another having insecure wireless channel. I assume N mobile nodes, and N may be dynamically changing as mobile nodes join, leave, or fail over time. Among them, some of the nodes that joined in the beginning are considered as senior nodes and later joining nodes are considered junior nodes but the size of senior nodes group may increase dynamically and sequentially according to the size of network. Besides, N is constrained if there may be a large device population otherwise not.