Securing Ad hoc Routing Protocols

1
Securing Ad hoc Routing Protocols

• WiSe02, September 28, 2002, Atlanta, Georgia,
  USA.
• Manel Guerrero Zapata
• N. Asokan
• ???

2
Contents

• Motivation
• Related work
• Security requirements in MANET
• Security approach
• Problems in AODV
• Solution
• Analysis
• Other Issues

3
Motivation

• Different environment of ad hoc network
• All nodes act as a router in ad hoc network
• Less work done on security issues in ad hoc
  network routing protocols
• Security needs for ad hoc networks cannot be
  satisfied by previous works.

4
Related work (1/2)

• Security for fixed networks
• Perlman - Fault tolerant broadcast of routing
  information
• Secure BGP using IPSec PKI
• Secure routing
• Zhou Hass nodes can protect route info in
  the same way they protect data traffic
• Using misbehavior detection schemes
• Problem 1. hard to distinguish misbehavior
  failures
• Problem 2. no way to guarantee integrity
  authentication

5
Related work (2/2)

• ARAN
• Every nodes have to sign route messages
• SRP
• Source destination must have a security
  association
• Cannot protect route error messages
• Ariadne
• It requires clock synchronization

6
Security requirements in MANET(1/3)

• Authorization
• Two types of authorization decision of routers

Export authorization
Routing update received from the outside
Receives a routing update request
router
Import authorization
7
Security requirements in MANET(2/3)

• Authorization my require authentication and
  integrity
• Digital signature
• Message Authentication Codes (MAC)
• confidentiality non-repudiation are not
  necessary
• Ignore compromised nodes (not critical in non
  military scenarios)

8
Security requirements in MANET(3/3)

• Import authorization
• route update auth
• Source authentication
• Verify the nodes identity
• Integrity
• Verify route messages (altered or not)
• Data authentication
• Source auth integrity -gt data authentication

9
Security approach

• Ad hoc network messages
• Routers view

messages
Point-to-point security system (c.f. IPSec)
Intermediate nodes have to authenticate
Routing message
Data message
mutable
non-mutable
10
Problems in AODV (1/2)

• Malicious nodes can perform many attacks just by
  not following the protocol
• 1. Impersonate a node S by forging a RREQ
• 2. While forwarding a RREQ, reduce the hop count
  field
• 3. Impersonate a node D by forging a RREP

11
Problems in AODV (2/2)

• 4. Use a big sequence number 3.
• 5. Dont forward certain RREQs and RREPs, not
  reply certain RREQs and data messages
• 6. Forge a RERR message high destination
  sequence number
• 7. RREQ high destination sequence number

12
Solution (1/7)

• Two mechanism used to secure AODV
• Digital signatures authenticate the non-mutable
  fields
• Hash chains secure mutable fields
• Hop count of RREQ and RREP

13
Solution (2/7) - SAODV hash chains
-

• When a node generates a RREQ or an RREP
• 1. Generates a random number (seed)

Max_Hop_Count
Hash
Hash_Function
Top_Hash
TimeToLive
hMax_Hop_Count(seed)
h
seed
14
Solution (3/7) - SAODV hash chains
-

• When a node receives a RREQ or a RREP
• Applies the hash function h
• hMax_Hop_Count-Hop_Count(Hash)

Max_Hop_Count
Hash
Hash_Function
Top_Hash
TimeToLive
seed
h
hMax_Hop_Count(seed)

• Before rebroadcasting - Hash h(Hash)

15
Solution (4/7) - SAODV digital signature -

• Used to protect the integrity of the non-mutable
  data in RREQ and RREP
• Problem intermediate nodes can reply RREQ
• Intermediate nodes should sign on behalf of the
  destination
• Two different approach
• Intermediate nodes dont know the signature of
  the destination
• Intermediate nodes know the signature of the
  destination

16
Solution (5/7) - SAODV digital signature -

• Intermediate nodes dont know the signature of
  the dest
• Act as if it didnt have the route
• Nodes in the path store the destinations
  signature
• Intermediate nodes know the signature of the dest
• Sign the changed lifetime value
• Append two signature
• dests signature own signature on changed
  lifetime

17
Solution (6/7) - SAODV error messages -

• Have no mutable fields
• Not relevant between generator forwarder
• Every node should use digital signature
• Nodes will never update DSN
• Since it is not signed by the destination

18
Solution (7/7) - SAODV DSN -

• Originator of RREQ can set the sequence of the
  dest
• Solution
• ignore RREQ with bigger sequence than its

19
Analysis

• Digital signature
• Prevent attack 1, 3, 4, 6
• Hash chain
• Prevent attack 2
• Has limitations
• SAODV DNS
• Prevent attack 7
• Cannot prevent tunneling attacks

20
Other Issues

• DSR
• SRP doesnt protect error messages
• Ariadne requires clock synchronization
• Applying the scheme to DSR
• Sign after adding its own IP
• Verify the signature
• Sign the routing message
• Verify the signature when sending a packet