Title: Integrating Quality of Protection into Ad Hoc Routing Protocols
1Integrating Quality of Protection into Ad Hoc
Routing Protocols
- Seung Yi, Prasad Naldurg, Robin Kravets
- University of Illinois at Urbana-Champaign
2Traditional ad hoc routing protocols
- Cooperative by nature
- Rely on implicit trust-your-neighbor
relationships - Focus on convergence time and routing
performance, rather than security
3Motivation
4Security-Aware ad hoc Routing (SAR)
- SAR is an approach to routing that incorporates
security levels of nodes into traditional routing
metrics - SAR is typically added on top of existing routing
algorithms
5Goals
- Applications can specify the quality of
protection on their ad hoc route with respect to
security attributes relevant to them - SAR aims to protect routing control messages
- For example, disclose routing information to
trusted nodes only
6Routing Protocol
- Assume the base protocol is on-demand, such as
DSR - Source broadcasts a Route Request (RREQ) with
desired quality of protection - Neighbors propagate RREQ only if they could
support the specified quality of protection - RREQ sets up reverse path as it propagates
- Destination sends Route Reply (RREP) once it
receives RREQ
7Path Establishment
RREQ
S
D
RREP
8Security Attributes (1)
Attributes Techniques Attacks
Timeliness Time stamps Replay
Ordering Sequence numbers Replay
Authenticity Passwords, certificates Impersonation
Authorization Credentials
9Security Attributes (2)
Attributes Techniques Attacks
Integrity Digests, digital signatures Modification, fabrication
Non-repudiation Chaining of digital signatures Repudiation
Confidentiality Encryption Eavedropping
10Quality of Protection
- We have seen how quality of protection is used in
path establishment - How to specify quality of protection?
- Trust hierarchy
- Bit vector
- One bit for each security attribute
11Trust Hierarchy
- Each level has predefined quality of protection
- These levels represent the security capability of
the mobile nodes and also of the paths - Associate a number with each level
- Trust level or protection should be immutable
- Keys of each level are distributed to nodes on
that level. - Encrypt the portion of the RREQ and RREP headers
that contain the trust level
12Simulation Set-up
- ns2 network simulator
- 50 mobile nodes and 3 trust levels
- 15 (H), 15 (M), 20 (L)
- 2 different traffic patterns with 20 flows
- 10 (H), 20 (M), 70 (L)
- 33 (H), 33 (M), 34 (L)
- SAR is implemented on top of AODV
13Path Discovery
Traffic 1
Traffic 2
- SAR discovered fewer paths
- Paths guaranteed to obey the security requirement
14Routing Traffic
Traffic 1
Traffic 2
- SAR has lower routing traffic overhead
- nodes drop routing messages if they can not
satisfy the security requirement
15Simulation Time
Traffic 1
Traffic 2
- SAR takes more time to finish
- Data packets may follow longer but more secure
paths - Control packets experience processing overhead
16Strong Points
- Exposes security levels to applications so that
applications can adapt its behavior - Concept is simple and effective
17Weak Points
- Overhead Encryption, hashes,
- If the ad hoc network does not have a path with
nodes that meet RREQs security requirements, SAR
may fail to find a route even if the network is
connected
18Open Questions
- How does SAR perform in real-world experiments?
- Which base protocols are most suitable for SAR?
19Any Questions?