05-02-2013, 11:55 AM
SECURED CERIFICATE THROUGH ZKP PROTOCOL aIN WIRELESS ADHOC NETWORKS
1SECURED CERIFICATE.pdf (Size: 616.89 KB / Downloads: 37)
ABSTRACT:
The wireless links in an adhoc network are sensible to attacks and the nodal mobility renders the network to
have a highly dynamic topology, the major attacks against the routing protocols of adhoc networks are critical to detect and
resolve to overcome the QoS of network traffic. In this paper, I present a new secure routing protocol (SRP) with quality of
service (QoS) support using certificate repository (Self-organized packet transmission), which includes secure route
discovery; secure route setup, and trustworthiness-based QoS routing metrics. This paper secures both public and shared
keys routing control, which can be generated on-demand and maintained dynamically. The message exchanging mechanism
also provides a way to detect attacks against routing protocols, particularly the most difficult internal attacks. The routing
metrics are obtained by combing the requirements on the trustworthiness of the nodes in the network and the QoS of the
links along a route.
INTRODUCTION:
Advances in technology have made it possible to
develop sensor nodes which are compact and inexpensive.
They are mounted with a variety of sensors and are wireless
enabled. Once sensor nodes have been deployed, there will be
minimal manual intervention and monitoring. But, when
nodes are deployed in a hostile environment and there is no
manual monitoring, it creates a security concern. Nodes may
be subjected to various physical attacks. The network must be
able to autonomously detect, tolerate, and/or avoid these
attacks. One important physical attack is the introduction of
cloned nodes into the network. When commodity hardware
and operating systems are used, it is easy for an adversary to
capture legitimate nodes, make clones by copying the
cryptographic information, and deploying these clones back
into the network.
These clones may even be selectively reprogrammed
to subvert the network. Individual sensor node contains a light
weight processor, cheap hardware components, less memory.
Because of these constraints, general-purpose security
protocols are hardly appropriate. Public key cryptography is
based on RSA approach. The energy consumption and
computational latency makes RSA inappropriate for sensor
network applications.
EXISTING SYSTEM:
Existing Wireless sensor networks once sensor nodes
have been deployed, there will be minimal manual
intervention and monitoring. But, when nodes are deployed in
a hostile environment and there is no manual monitoring.
PROPOSED SYSTEM:
Nodes are divided into three categories; base station,
cluster head and member nodes. Some arbitrary nodes are
selected as cluster heads and generation of cluster heads is left
to the clustering mechanism (not dealt in this work). Each
cluster head knows about its member nodes, while every
member node knows its cluster head. Base station stores
information of all sensor nodes (including cluster heads). The
base station maintains complete topological information about
cluster heads and their respective members.
BASIC MECHANISM OF ZERO KNOWLEDGE
PROTOCOL:
The use and implementation of ZKP in systems and
devices that have restricted computational resource are
described in [15].The prover P and the verifier V may use
some numeric value, referred as the secret number of the
prover P. Conventionally, the prover will offer a
computational intensive mathematical problem, and the
verifier will ask for one of the many possible solutions to the
problem. If the prover knows critical information relating to
the solution, it provides any one of the requested available
solutions on demand. If the prover does not know the critical
information, it is computationally infeasible for it to always
provide the requested solution to the verifier. Usually, ZKP
rely on some hard mathematical problems such as the
factorization of integers or the discrete logarithm problem
POST-DEPLOYMENT PHASE:
After deployment, a public key N (which is a
multiplication of large prime numbers) is generated by the
base station which will be shared among any two nodes that
will be communicating at a given time. During the
communication the sender node acts as the prover while the
receiver node Acts as the verifier. The base station acts as the
trusted third party. Each node is assigned a fingerprint which
is used as a private key (secret key). The public key N is
shared among the sender (prover) and the receiver (verifier).
Verifier will request for the secret key of the prover from the
base station. The base station will generate a secret code v =
s2modN (where s is finger print of the prover and N is the
public key). The value of v is given to the verifier on its
request. During the entire communication process the secret
i.e. fingerprint is never revealed or transmitted in the network
directly. As explained, in the earlier section, the entire process
of authentication is carried out between the prover and the
verifier until the receiver node is sure about the authenticity of
the sender node. The verifier will continue the process of
authentication involving a series of verification rounds using
ZKP for k times/communications. The value of k depends on
the verifier. If the prover fails to authenticate itself in any one
of the k rounds, then it is considered to be a compromised
node. This scheme will be very helpful in dealing with the
cloning attacks [6], [7], [8]. Fig. 3.4.2 Implementation of ZKP
in our Proposed Scheme to be effective.
GENERATION OF UNIQUE FINGERPRINT FOR
EACH NODE:
The base station is assumed to be aware of the topology
of the network and all neighborhood information. Before
deployment, the base station computes the finger print for
each node in the network. For every node u, base station finds
its neighborhood information. In our approach, the
neighborhood Ngh(u) should satisfy ng<s, where ng is the
number of sensor nodes in Ngh(u), s is the strength of the
superimposed code X. Finger print for sensor node u is
computed by considering the code words of all node v which
are in the Ngh(u).
CONCLUSION:
In this paper, we proposed a new security
model to address three important active attacks namely
cloning attack, MITM attack and Replay attack. We used the
concept of zero knowledge protocol which ensures nontransmission
of crucial information between the prover and
verifier. The proposed model uses social finger print based on
disjunction code together with ZKP to detect clone attacks and
avoid MITM and replay attack. We analyzed various attack
scenarios, cryptographic strength and performance of the
proposed model.