a secure on-demand routing protocol for ad hoc networks

GZ06 : Mobile and Adaptive Systems

A Secure On-Demand Routing Protocol for Ad Hoc Networks

Allan HUNTWandao PUNYAPORN

Yong CHENGTingting OUYANG


Agenda

Introduction

Design

Evaluation & Analysis

Related work

Critical Appraisal of the work


Motivation

On demand Ad hoc routing protocol

Security in Ad hoc protocols.Attack models

General protocol

Mobility


Motivation (cont.)

Resource constrained devices (palm)


Ariadne

Ariadne ProtocolThey have based there protocol on the basic

operators of DSRs, on demand source routing protocol.

Basic operations of DSR are:

Route discovery

Route maintenance


Overview of TESLA

Basic Operation of Tesla:Uses a MAC

Picks an initial key at random Kn.Generates a set of keys Ko – Kn using a one way

Hash chain.

Delayed key discloserFor each K there is a release time.

Time synchronizationYou have to pick delta to be the maximum delay error

between any 2 nodes. All nodes must know this.


Network Assumptions

They ignore the physical layer

Networks are bidirectional

Attacks on medium access control are disregarded.

Normal network (drop, corrupt, re-order)

Ariadne inherits all assumptions of the broadcast authentication protocol used such as (TESLA).


Node Assumptions

Resource constrained Nodes.

No asymmetric cryptography.

Loosely synchronized clocks.

No trusted hardware used such as tamperproof modules.


Security Assumptions

Ariadne relies on the following keys to be set up, depending on which authentication mechanism is used:

1. Pairwise shared secret key.

2. Digital signatures.

3. If TESLA is used, we assume a mechanism to set up shared secret keys between communicating nodes, and to distribute one authentic public TESLA key for each node.


Agenda

Introduction

Design


Related work



Attack Model

PassiveActive

An attacker injects packets into the network An attack which has compromised nodes is

called an Active-VC attacker if it owns all nodes on a vertex cut through the network that partitions the good nodes into multiple sets.

Active-n-m• Active-0-1• Active-1-x• Active-y-x


General Attacks on Ad Hoc Network Routing Protocols

Routing disruption attacks Routing loop Black hole Wormhole Rushing Attack

Resource consumption attacks Inject extra data packets Inject extra control packets


Basic Ariadne Route Discovery

Stage 1 – Target verifies Route Requests

Stage 2 - Target authenticates the data in Route Requests and the sender can authenticate the Route Replies

Stage 3 - Provides a way to verify that no node is missing from the node list.

Assume initiator S performs a Route Discovery for target D.

S and D share the secret keys KSD and KDS for message authentication in each direction


Ariadne Route Discovery Using TESLA

A ROUTE REQUEST packet contains eight fields(ROUTE REQUEST, initiator , target , id , time interval , hash chain,no

de list , MAC list)

The initiator of the REQUEST then initializes the hash chain to

MACKSD(initiator, target id, time interval)

The hash chain for the target nodeH[n,H[n-1 ,H[1,MACKSD(initiator, target id, time interval)]..]]]

A ROUTE REPLY packet also contains eight fields( ROUTE REPLY, target , initiator , time interval , node list,

MAC list , target MAC , key list)


Ariadne Route Maintenance Using TESLA

To prevent unauthorized Route Error Messages, we authenticate a sender.

A ROUTE ERROR packet in Ariadne contains six fields

(ROUTE ERROR,sending address, receiving address, time interval, error MAC,recent TESLA key)

It should handle the possible memory consumption attack.


Agenda

Introduction

Design


Related work



Evaluation

Modified Simulation Model Increased packet size to reflect the additional

fields necessary for authenticating Modified Route Discovery and Maintenance Adjusted re-transmission timeouts for Route

Requests to compensate for the delay Disallowed the use of prefixes of routes in the

Route Cache


Evaluation - Packet Delivery Ratio

4.66% less PDR than DSR-NoOpt in maximumAriadne outperforms DSR-NoOpt at lower level of mobility


Evaluation - Packet Overhead

Ariadne has 41.7% lower packet overhead than DSR-NoOpt


Evaluation - Byte Overhead

Ariadne has 26.19% higher byte overhead than DSR-NoOpt


Evaluation – Path Optimality

DSR-NoOpt performs slightly better than Ariadne


Evaluation – Average Latency

Ariadne always has consistently lower latency than DSR-NoOpt


Security Analysis

Active-0-x Bogus messages Wormhole and rushing attacks

Active-1-x Prevent two nodes from communicating Replace MAC or keys in the Route Request

Active-y-x Attempt to force the initiator to repeatedly initiate

Route Discoveries Resist Active-VC?

No solution provided


Agenda

Introduction

Design


Related work



Related Work

Periodic protocols Much overhead introduced (storage,

bandwidth, control and delay) Protocols that use asymmetric crypto.

Computationally expensive to sign and verify• Possible DoS attacks

High network bandwidth usageProtocols that use network-wide

symmetric keys Single-node compromise


Agenda

Introduction

Design


Related work



Conclusions

Achievements Security against various types of attacks Efficient symmetric cryptography General

• trusted hardware, powerful processors not needed

Overall Performance Compared to optimized DSR: less efficient Compared to unoptimized DSR: better in

some metrics (e.g. packet overhead)


Critical Appraisal

Key Setup Methods: Pre-deployed, KDC, CA Fixed nodes. Circular dependency. Centralized.

Clock synchronization. Circular dependency Resource constrained. Insecure

Maximum end-to-end delay How to choose adaptively


Critical Appraisal (cont.)

Delay and Buffer Size Slow responsiveness Resource constrained

Intermediate nodes authentication Authentication on demand

Remaining Security Issues Passive eavesdropper Inserting data packets attack Non-participating attacker Single layer security scheme


Thanks for your attention!Any

questions?

a secure on-demand routing protocol for ad hoc networks

Documents