manet (mobile ad hoc networks)

8/4/2019 Manet (Mobile Ad Hoc Networks)

1/25

RELIABLE AND FULLY

DISTRIBUTED TRUSTMODEL FOR MANET

By-

Anirudh Bhardwaj

1110/06

IT-1


2/25

CONTENTS

MANET Introduction.

Two main approaches.

Threshold Cryptography. Our Approach.

Notations Used.

Overview of the system.

Initialization Phase.


3/25

Joining Phase.

Partial certificate creation and exchange.

Conclusion.


4/25


5/25

TWO MAIN APPROACHES

Models based on TTP (Trusted Third Party).

Through full self-organization.


6/25

THRESHOLD CRYPTOGRAPHY

Based on polynomial interpolation.

A (t, n) threshold scheme (t


7/25

FULLY DISTRIBUTED MODEL - OUR

APPROAC

H Originally in PGP and in several other trust

models, an efficient theory of trust relationship

is produced which is based on: if A trustsB

andB trusts C, then A can trust C.

The sensitive point of the trust chain is the

principal B, in which ifB will be compromised,

all chains of trust that pass through B will be

considered incorrect.


8/25


9/25

Robust trust relationship concept: if A trusts B

and B trusts C, then A can trust C if some other

(k-1) trusted entities trust C.

In order to provide the trust sharing we employ

a (k, n) threshold cryptography scheme, where

n is the number of entities in the system and

k < n is the trust threshold.


10/25


11/25

NOTATIONS USED


12/25

OVERVIEW OF THE SYSTEM

Users public/private keys are created by users

themselves.

Certificate is checked via chains of public key. Certificates are stored and distributed by nodes

themselves.

Threshold cryptography scheme is included toresist against any false public key certificate

issued by any malicious node.


13/25

During network initialization, each node i holds

a share Si of the private key K(-1)system which

is kept secret at a special node system dealer.

Instead of using private keys to sign

certificates, nodes will use their private shares.

Partial certificates chains in the system are

represented by a directed graph G(V, E ).


14/25


15/25

INITIALIZATION PHASE

System dealer is introduced.

Each node gets its private shares from systemdealer.

Private key of the system is kept secret with thesystem dealer.

Each member generates a partial certificate to

each other member it trusts in the system. Thisallows creating a particular trust graphcomposed of partial certificates.


16/25


17/25

JOINING THE SYSTEM STEP 1

A new node request current neighbor member

node to request joining.

This member node is called delegate node. First new node create its public/private keys.

Then it sends its key as a trust evidence to get

a certificate for systems private key.


18/25

Delegate node broadcast the request to other

member nodes.

This process is repeated till delegate node getsatleast k partial certificates (pc) and combine

them to form a complete certificate for new

node.


19/25

JOINING THE SYSTEM STEP 2

To complete the process the new member node

must get its own private share to participate in

trust establishment.

Here (k, n) scheme is changed to (k, n+1).

No delegate member is needed.

Member i broadcast its request signed with its

private key in the network.


20/25

Once member node j receives the request, it

verifies the signature in order to authenticate

the request, and then computes for it a partial

private share

Each member .partial private share to the new

member which computes its own private share.


21/25


22/25

PARTIALCERTIFICATE CREATION AND

EXCHANGE

If user i believes that a given public key Kj

belongs to a given user j, then user i creates a

public key partial certificate in which Kj is

bound to user j, and signs it using its private

share.

MANET allows nodes to recover knowledge

about other nodes by exchanging the partialtrust graph.


23/25


24/25

CONCLUSION

Fully distributed system for MANET do not

provide any special characteristic to any node.

All type of networking is done in collaborationwith other nodes.


25/25

THANKS

manet (mobile ad hoc networks)

Documents