31-07-2012, 04:27 PM
SHARED INFORMATION BASED SECURITY SOLUTION FOR MOBILE AD HOC NETWORKS
paper3.pdf (Size: 155.39 KB / Downloads: 32)
ABSTRACT
The mobile ad hoc networks get subjected to security threats like other wireless networks. But due to their
peer to peer approach and absence of infrastructural resources the mobile ad hoc networks can not use
strong cryptographic mechanisms as used by their other wireless counterparts. This led to the
development of trust based methods as security solutions wherein a trusted node is relaxed from security
checks when the trust value reaches to a particular limit. The trust methods are prone to security risks but
have found their acceptance due to efficiency over computationally expensive and time consuming
cryptographic methods. The major problem with the trust methods is the period during which trust is
growing and is yet to reach the requisite threshold. This paper proposes security mechanism dependent
upon Random Electronic Code Book (RECB) combined with permutation functions. The proposed
mechanism has low time complexity, is easier to implement.
INTRODUCTION
The term Mobile Ad hoc Networks (MANETs) is used for the ad hoc wireless local area
networks (Ad hoc WLAN) by the Internet Engineering Task Force (IETF) wherein the mobile
nodes can communicate with each other directly without the requirement of support station [1].
Due to their non dependence on the central communication point they can be quickly installed.
MANETs can work either in isolation or as extension to a pre installed wired network [2]. The
MANETs can be used in the disaster situations such as earthquakes or hurricanes where infra
structure facilities such as power and communication lines have been destroyed. They can also
be used in planned military operations or in the battle field [3]. Since, MANETs do not have
centralized router that helps them in communication, therefore, each node has to act as a router,
transmitter and receiver.
The communication between the various nodes in MANETs, which are not lying within the
radio range of each other, is through intermediate nodes. Also the nodes are mobile leading to
the change in the topology of the network, making the design of routing protocol a challenging
task. Any routing protocol designed for MANETs should ensure the following characteristics
[1]: distributed operation, freedom from routing loops, on demand operations, proactive
operation, security, inactive period operation and unidirectional link support.
Cryptography Based Protocols
The cryptography based protocols can be classified into two categories: Symmetric Key Based
protocols and Asymmetric key based.
Symmetric key
These routing protocols use symmetric key cryptography and hash chains to secure the network.
The example protocols in this category are SEAD [13], Ariadne[14], SRP[15 ]. The designers of
these protocols have assumed a central authority who will distribute secret key to encrypt and
decrypt the data packets to be exchanged between the nodes of the network. SEAD uses
symmetric keys for authentic distribution of the hash chain seed. It incorporates one-way hash
chains to provide authentication of routing messages. Ariadne is based on symmetric keys for
pair wise key distribution between all nodes, and on hash chains for node authentication and so
on.
Trust based security mechanism
The trust based security mechanisms have been found to be quite computationally inexpensive
as the trust computational overhead is quite small compared to cryptography based solutions.
The literature contains a lot of protocols based on trust mechanism. For example Watch Dog
and Pathrater mechanism [18] has been designed over DSR protocol. The Watchdog is
responsible for detecting selfish nodes and the Pathrater assigns the different rating to the nodes
depending upon the feed back received from Watchdog. The CONFIDANT [19] protocol
contains a trust manager and a reputation system The trust manager evaluates the reports
submitted by the monitor (a kind of watchdog) and issues alarms to the other nodes to warn
them against a malicious node. The CORE [20] protocol employs a reputation evaluation
mechanism based upon three kinds of reputations: Reputation based upon personnel observation
(subjective reputation), Reputation based upon the positive reports received from other nodes
(indirect reputation), and the Reputation based upon the behaviour of a node during a specific
task (functional reputation). These reputations combine to create an overall reputation index
about a particular node which can be recommended for inclusion in the network or for isolation.
The other protocols in this category are SORI [21], OCEAN [22].
PROPOSED SECURITY SOLUTION
The heart of the proposed security mechanism is the random electronic code book (RECB). This
code book is used for converting the plaintext to the cipher text. The RECB contains 16 bit
unique random cipher code for each 16 bits of plaintext information. There is no mathematical
or logical relationship between the intermediate cipher text and plaintext and the mapping
between the two is one to one. The only way one can get the cipher text corresponding to a
plaintext is through the matching process in RECB. Figure 2 shows the basic structure of the
RECB. The codebook can be generated through a simple algorithm. It may however be pointed
out that most of the computers generate the random numbers in the pseudo manner and the
success of this mechanism is likely to increase with the truthfulness of the random number
generation process. The literature contains many strategies to accomplish this[28, 29]. These
strategies, though not perfect, yet give quite good result.
CONCLUSIONS
An Ad hoc network is formed by a number of wireless nodes with limited energy, transmission
power and the computational power and their capability to operate without any fixed
infrastructure. Every node in the network helps others by forwarding packets for them. If every
node performs its duty well there is no problem. However in the lack of fixed infrastructure and
stringent rule for membership it is quite possible that malicious nodes also get a chance to
participate in the network. These nodes can carry out a variety of attacks on the network and
hamper its operation. To counter these nodes cryptography based schemes can be applied which
are quite secure but these schemes put a number of prerequisites on the network both during the
installation phase and operational phase. Also there is a deviation from the ad hoc concept in
which the network is established in a spontaneous and impromptu manner. To overcome this
drawback of the cryptographic technique trust based methods have been proposed wherein the
behaviour of each node is observed by the other nodes in the network and the collected
information is used to develop a trust index about the node.