Upload
renata
View
44
Download
0
Embed Size (px)
DESCRIPTION
An efficient secure distributed anonymous routing protocol for mobile and wireless ad hoc networks. Authors: A. Boukerche, K. El-Khatib, L. Xu, L. Korba Sources: Computer Communications, 28(2), pp. 1193-1203, 2005 Reporter: Chun-Ta Li ( 李俊達 ). Outline. Introduction - PowerPoint PPT Presentation
Citation preview
An efficient secure distributed anonymous routing protocol for mobile
and wireless ad hoc networks
Authors: A. Boukerche, K. El-Khatib, L. Xu, L. Korba
Sources: Computer Communications, 28(2), pp. 1193-1203, 2005
Reporter: Chun-Ta Li (李俊達 )
2
Outline Introduction Security issues in ad hoc routing Trust management system A secure distributed anonymous routing
protocol (SDAR) Security analysis Conclusions Comments
3
Introduction Mobile ad hoc networks (MANET)
Network functions are carried out by all available nodes Packet forwarding Routing Network management
Wireless radios and a peer-to-peer network model Visualized for crisis solutions or civilian applicati
ons
4
Introduction (cont.) Constraints in mobile devices
Low power microprocessor Small memory Limited bandwidth Short battery life Frequent network topology changes
Anonymous routing Hide the location and relationships of the
communication nodes
5
Security issues in ad hoc routing Passive attacks
eavesdropping discover some valuable information disclose the relationship between nodes
Active attacks replaying, modifying or deleting routing packets malicious updates the routing table routing loops and network congestion external attacks and internal attacks
6
Security issues in ad hoc routing (cont.) Security requirements of this paper
SDAR (Secure Distributed Anonymous Routing ) protocol is secured against passive and active attacks, but not against Denial-of-Service attacks
SDAR maintains the anonymity of the sender and receiver
SDAR is able to identify malicious nodes and avoid using them to establish routes
7
Trust management system Purpose of trust management system
relaying data traffic identify the malicious nodes avoid using malicious nodes during the route
establishment take malicious nodes out of the network
Define the trust level in a node as a cumulative value computed by each of its direct neighboring nodes community: the evaluated node and neighboring nodes
8
Trust management system (cont.) community management
central nodes
neighboring nodes
community
track and listenneighboring central:
. HELLO message {public key of neighboring node}
(broadcasting periodically)
. stores the public key
. removes nodes if it does not receive the HELLO message for some time
leave node
9
Trust management system (cont.) community key management
Three trust levels for neighboring nodes lowest trust level: trust values is δ1 medium trust level: trust value is δ2 (MTLCK) high trust level: trust value is ψ (MTLCK, HTLCK)
updates the community key when a node’s trust level goes up or down or a node leaves the community
community key will be encrypted with the public key of intended neighboring node during distribution
// MTLCK: Medium Trust Level Community Key
// HTLCK: High Trust Level Community Key
10
Trust management system (cont.) Identification of nodes’ malicious behavior
by overhearing the message from next node to next-next node Malicious Dropping Malicious Modification
Trust-based distributed route selection mechanism specifies the trust level requirement in initial message intermediate node will propagate the message only to
selected neighboring nodes depending on the source node requested trust level
11
A secure distributed anonymous routing protocol (SDAR)
Three phases: Path discovery phase Path reverse phase Data transfer phase
Assumptions Bi-directional links Enough computation power A trusted CA Each node holds only one IP
address for its communication
Some malicious nodes
Notations
12
A secure distributed anonymous routing protocol (cont.)
Path discovery phase Sending node S and receiving node R None of intermediate nodes can discover the identity of S and R S triggers this phase by sending path discovery message to all
nodes within its wireless transmission range Path discovery message open part
Encrypted with community key
13
A secure distributed anonymous routing protocol (cont.) Path discovery phase
Each node keeps an internal table for mapping the session TPK, random number, session key and ancestor node
Step 1: check if the message has already been received from other nodes within its wireless transmission range using the TPK as the unique identifier for the message
Step 2: check if the node is the sender’s intended next hop by finding the corresponding community key in its community key lists. If key is found then decrypt the message
14
A secure distributed anonymous routing protocol (cont.) Path discovery phase
Step 3: try to decrypt EPKR(IDR, KS, PLS)
Step 4: if the node is NOT the destined receiver Encrypted (IDi, Session key Ki, SNPath_IDi and signature of receive
d message) with encrypted key TPK and forward to neighbors whose trusted levels meets the trust requirement
15
A secure distributed anonymous routing protocol (cont.)
Path discovery phase Step 5: if the node is
the destined receiver Use the length of
padding PLS to find out the offset of the forth part and get session keys of all nodes along the path
Put all ids, session keys in one message
Send the message to the first node in the reverse path
16
A secure distributed anonymous routing protocol (cont.) Path reverse phase
Use SNSession_IDi to retrieve the key for session, removes one encryption layer and forwards the message to the next node on the reverse path
Add the ID of the successor node into the mapping table When S receives the message, it decrypts the message and passes the
information about all intermediate nodes (i.e. the route) to the higher application
Data transfer phase Use the shared session keys of the intermediate nodes to make the lay
er encryption for the data and each intermediate node just decrypts one encryption layer and forwards the message to the next node according to the ID of the next node
17
A secure distributed anonymous routing protocol (cont.) Finding malicious dropping behavior
Path discovery phase overhear the message with the same TPK from the nei
ghboring node
Path reverse and data transfer phase SNSession_IDi
and SNSession_IDi-2 instead of the TPK
Overhear the message carrying the session key ID of the node’s next hop from the node
node IDi node IDi-1 node IDi-2
overhear
18
A secure distributed anonymous routing protocol (cont.)
Finding malicious modification behavior (path reverse phase) Nodei-1 as an example1. Decrypt message to get two SNs
2. Separate Ni-1 from Mi-1 and check HKi-1(Ni-1) is equal or not, if it is not, Node i must have done malicious modification on Mi-1
3. Get rid of SNSession_IDi and H(Mi-3) from Ni-1 and store H(Mi-3) locally, then decrypt the rest of Ni-1 with K
i-1 and send the result Mi-2 to Node
i-2
4. Overhear Mi-3 from Nodei-2 by checking H(Mi-3) is equal or not
19
Security analysis Theorem 1. SDAR is secured against passive and
active attacks, but not against Denial-of-Service attacks
Theorem 2. SDAR maintains the anonymity of the sender and receiver
Theorem 3. SDAR is able to identify malicious nodes and avoid using them to establish routes
Theorem 4. SDAR is able to establish a route matching certain trust requirements if enough nodes with qualifying trust value exist between the source and destination
20
Conclusions In this paper, authors present a secure
distributed anonymous routing protocol for MANET, called SDAR.
Some advantages can be summarized as follow Non-source-based routing Flexible and reliable route selection Resilience against path hijacking
21
Comments Misrecognize malicious dropping behavior
tamper TPK or SNSession_ID (open part) Solution: mutual authentication or encryption
It can’t prevent malicious modification behavior in path discovery phase (malicious dropping the message)
All neighboring nodes of the sender in collusion would find the sender and they can try to guess the session key KS for attacks