gz06 : mobile and adaptive systems a secure on-demand routing protocol for ad hoc networks allan...
TRANSCRIPT
GZ06 : Mobile and Adaptive Systems
A Secure On-Demand Routing Protocol for Ad Hoc Networks
Allan HUNTWandao PUNYAPORN
Yong CHENGTingting OUYANG
GZ06 : Mobile and Adaptive Systems
Agenda
Introduction
Design
Evaluation & Analysis
Related work
Critical Appraisal of the work
GZ06 : Mobile and Adaptive Systems
Motivation
On demand Ad hoc routing protocol
Security in Ad hoc protocols.Attack models
General protocol
Mobility
GZ06 : Mobile and Adaptive Systems
Ariadne
Ariadne ProtocolThey have based there protocol on the basic
operators of DSRs, on demand source routing protocol.
Basic operations of DSR are:
Route discovery
Route maintenance
GZ06 : Mobile and Adaptive Systems
Overview of TESLA
Basic Operation of Tesla:Uses a MAC
Picks an initial key at random Kn.Generates a set of keys Ko – Kn using a one way
Hash chain.
Delayed key discloserFor each K there is a release time.
Time synchronizationYou have to pick delta to be the maximum delay error
between any 2 nodes. All nodes must know this.
GZ06 : Mobile and Adaptive Systems
Network Assumptions
They ignore the physical layer
Networks are bidirectional
Attacks on medium access control are disregarded.
Normal network (drop, corrupt, re-order)
Ariadne inherits all assumptions of the broadcast authentication protocol used such as (TESLA).
GZ06 : Mobile and Adaptive Systems
Node Assumptions
Resource constrained Nodes.
No asymmetric cryptography.
Loosely synchronized clocks.
No trusted hardware used such as tamperproof modules.
GZ06 : Mobile and Adaptive Systems
Security Assumptions
Ariadne relies on the following keys to be set up, depending on which authentication mechanism is used:
1. Pairwise shared secret key.
2. Digital signatures.
3. If TESLA is used, we assume a mechanism to set up shared secret keys between communicating nodes, and to distribute one authentic public TESLA key for each node.
GZ06 : Mobile and Adaptive Systems
Agenda
Introduction
Design
Evaluation & Analysis
Related work
Critical Appraisal of the work
GZ06 : Mobile and Adaptive Systems
Attack Model
PassiveActive
An attacker injects packets into the network An attack which has compromised nodes is
called an Active-VC attacker if it owns all nodes on a vertex cut through the network that partitions the good nodes into multiple sets.
Active-n-m• Active-0-1• Active-1-x• Active-y-x
GZ06 : Mobile and Adaptive Systems
General Attacks on Ad Hoc Network Routing Protocols
Routing disruption attacks Routing loop Black hole Wormhole Rushing Attack
Resource consumption attacks Inject extra data packets Inject extra control packets
GZ06 : Mobile and Adaptive Systems
Basic Ariadne Route Discovery
Stage 1 – Target verifies Route Requests
Stage 2 - Target authenticates the data in Route Requests and the sender can authenticate the Route Replies
Stage 3 - Provides a way to verify that no node is missing from the node list.
Assume initiator S performs a Route Discovery for target D.
S and D share the secret keys KSD and KDS for message authentication in each direction
GZ06 : Mobile and Adaptive Systems
Ariadne Route Discovery Using TESLA
A ROUTE REQUEST packet contains eight fields(ROUTE REQUEST, initiator , target , id , time interval , hash chain,no
de list , MAC list)
The initiator of the REQUEST then initializes the hash chain to
MACKSD(initiator, target id, time interval)
The hash chain for the target nodeH[n,H[n-1 ,H[1,MACKSD(initiator, target id, time interval)]..]]]
A ROUTE REPLY packet also contains eight fields( ROUTE REPLY, target , initiator , time interval , node list,
MAC list , target MAC , key list)
GZ06 : Mobile and Adaptive Systems
Ariadne Route Maintenance Using TESLA
To prevent unauthorized Route Error Messages, we authenticate a sender.
A ROUTE ERROR packet in Ariadne contains six fields
(ROUTE ERROR,sending address, receiving address, time interval, error MAC,recent TESLA key)
It should handle the possible memory consumption attack.
GZ06 : Mobile and Adaptive Systems
Agenda
Introduction
Design
Evaluation & Analysis
Related work
Critical Appraisal of the work
GZ06 : Mobile and Adaptive Systems
Evaluation
Modified Simulation Model Increased packet size to reflect the additional
fields necessary for authenticating Modified Route Discovery and Maintenance Adjusted re-transmission timeouts for Route
Requests to compensate for the delay Disallowed the use of prefixes of routes in the
Route Cache
GZ06 : Mobile and Adaptive Systems
Evaluation - Packet Delivery Ratio
4.66% less PDR than DSR-NoOpt in maximumAriadne outperforms DSR-NoOpt at lower level of mobility
GZ06 : Mobile and Adaptive Systems
Evaluation - Packet Overhead
Ariadne has 41.7% lower packet overhead than DSR-NoOpt
GZ06 : Mobile and Adaptive Systems
Evaluation - Byte Overhead
Ariadne has 26.19% higher byte overhead than DSR-NoOpt
GZ06 : Mobile and Adaptive Systems
Evaluation – Path Optimality
DSR-NoOpt performs slightly better than Ariadne
GZ06 : Mobile and Adaptive Systems
Evaluation – Average Latency
Ariadne always has consistently lower latency than DSR-NoOpt
GZ06 : Mobile and Adaptive Systems
Security Analysis
Active-0-x Bogus messages Wormhole and rushing attacks
Active-1-x Prevent two nodes from communicating Replace MAC or keys in the Route Request
Active-y-x Attempt to force the initiator to repeatedly initiate
Route Discoveries Resist Active-VC?
No solution provided
GZ06 : Mobile and Adaptive Systems
Agenda
Introduction
Design
Evaluation & Analysis
Related work
Critical Appraisal of the work
GZ06 : Mobile and Adaptive Systems
Related Work
Periodic protocols Much overhead introduced (storage,
bandwidth, control and delay) Protocols that use asymmetric crypto.
Computationally expensive to sign and verify• Possible DoS attacks
High network bandwidth usageProtocols that use network-wide
symmetric keys Single-node compromise
GZ06 : Mobile and Adaptive Systems
Agenda
Introduction
Design
Evaluation & Analysis
Related work
Critical Appraisal of the work
GZ06 : Mobile and Adaptive Systems
Conclusions
Achievements Security against various types of attacks Efficient symmetric cryptography General
• trusted hardware, powerful processors not needed
Overall Performance Compared to optimized DSR: less efficient Compared to unoptimized DSR: better in
some metrics (e.g. packet overhead)
GZ06 : Mobile and Adaptive Systems
Critical Appraisal
Key Setup Methods: Pre-deployed, KDC, CA Fixed nodes. Circular dependency. Centralized.
Clock synchronization. Circular dependency Resource constrained. Insecure
Maximum end-to-end delay How to choose adaptively
GZ06 : Mobile and Adaptive Systems
Critical Appraisal (cont.)
Delay and Buffer Size Slow responsiveness Resource constrained
Intermediate nodes authentication Authentication on demand
Remaining Security Issues Passive eavesdropper Inserting data packets attack Non-participating attacker Single layer security scheme