30-03-2012, 12:42 PM
SECURE ROUTING FOR MOBILE AD HOC NETWORKS
adhoc1.pdf (Size: 253.78 KB / Downloads: 87)
INTRODUCTION
The provision of security services in the MANET context
faces a set of challenges specific to this new technology.
The insecurity of the wireless links, energy constraints,
relatively poor physical protection of nodes in a hostile
environment, and the vulnerability of statically configured
security schemes have been identified [4,5] in literature as
such challenges.
RELATED WORK
Outside the MANET community, secure routing in the
Internet has, of course, received increased attention [2]. The
proposed solutions rely mainly on the existence of a line of
defense, separating the fixed routing infrastructure from all
other network entities. This is achieved by distributing a set
of public keys/certificates, which signify the authority of the
router to act within the limits of the employed protocol (e.g.,
advertise certain routes), and allow all routing data
exchanges to be authenticated, non-repudiated and protected
from tampering. However, such approaches cannot combat a
single malicious router disseminating incorrect topological
information. More importantly, they are not applicable in
the MANET context, because of impediments such as the
absence of a fixed infrastructure and a central entity.
THE PROPOSED SCHEME
C.1. Basic Assumptions
We focus on bi-directional communication between a
pair of nodes. A security association (SA) between the
source node S and the destination node T is assumed. The
trust relationship could be instantiated, for example, by the
knowledge of the public key of the other communicating
end. The two nodes can negotiate a shared secret key, e.g.,
via the Elliptic Curve Diffie-Hellman algorithm [7,12], and
then, using the SA, verify that the principal that participated
in the exchange was indeed the trusted node.
DETAILED PROTOCOL DESCRIPTION
The Secure Routing Protocol (SRP) introduces a set of
new features that can be incorporated in the context of the
underlying basis protocol with low overhead. In principle, it
can retain mechanisms, such as the control of the query
propagation, the rate of query generation, and the neighbor
discovery protocol, if present.
CONCLUSIONS
In this paper, we proposed an efficient secure routing
protocol for mobile ad hoc networks that guarantees the
discovery of correct connectivity information over an
unknown network, in the presence of malicious nodes. The
protocol introduces a set of features, such as the requirement
that the query verifiably arrives at the destination, the
explicit binding of network and routing layer functionality,
the consequent verifiable return of the query response over
the reverse of the query propagation route, the acceptance of
route error messages only when generated by nodes on the
actual route
adhoc1.pdf (Size: 253.78 KB / Downloads: 87)
INTRODUCTION
The provision of security services in the MANET context
faces a set of challenges specific to this new technology.
The insecurity of the wireless links, energy constraints,
relatively poor physical protection of nodes in a hostile
environment, and the vulnerability of statically configured
security schemes have been identified [4,5] in literature as
such challenges.
RELATED WORK
Outside the MANET community, secure routing in the
Internet has, of course, received increased attention [2]. The
proposed solutions rely mainly on the existence of a line of
defense, separating the fixed routing infrastructure from all
other network entities. This is achieved by distributing a set
of public keys/certificates, which signify the authority of the
router to act within the limits of the employed protocol (e.g.,
advertise certain routes), and allow all routing data
exchanges to be authenticated, non-repudiated and protected
from tampering. However, such approaches cannot combat a
single malicious router disseminating incorrect topological
information. More importantly, they are not applicable in
the MANET context, because of impediments such as the
absence of a fixed infrastructure and a central entity.
THE PROPOSED SCHEME
C.1. Basic Assumptions
We focus on bi-directional communication between a
pair of nodes. A security association (SA) between the
source node S and the destination node T is assumed. The
trust relationship could be instantiated, for example, by the
knowledge of the public key of the other communicating
end. The two nodes can negotiate a shared secret key, e.g.,
via the Elliptic Curve Diffie-Hellman algorithm [7,12], and
then, using the SA, verify that the principal that participated
in the exchange was indeed the trusted node.
DETAILED PROTOCOL DESCRIPTION
The Secure Routing Protocol (SRP) introduces a set of
new features that can be incorporated in the context of the
underlying basis protocol with low overhead. In principle, it
can retain mechanisms, such as the control of the query
propagation, the rate of query generation, and the neighbor
discovery protocol, if present.
CONCLUSIONS
In this paper, we proposed an efficient secure routing
protocol for mobile ad hoc networks that guarantees the
discovery of correct connectivity information over an
unknown network, in the presence of malicious nodes. The
protocol introduces a set of features, such as the requirement
that the query verifiably arrives at the destination, the
explicit binding of network and routing layer functionality,
the consequent verifiable return of the query response over
the reverse of the query propagation route, the acceptance of
route error messages only when generated by nodes on the
actual route