A Survey of Secure Wireless Ad Hoc Routing - PowerPoint PPT Presentation

About This Presentation
Title:

A Survey of Secure Wireless Ad Hoc Routing

Description:

... route discovery and maintenance Record next hop and when unavailable it initiate route maintenance Secure AODV SAODV Add signature extensions to AODV ... – PowerPoint PPT presentation

Number of Views:114
Avg rating:3.0/5.0
Slides: 29
Provided by: ucf4
Learn more at: http://www.cs.ucf.edu
Category:

less

Transcript and Presenter's Notes

Title: A Survey of Secure Wireless Ad Hoc Routing


1
A Survey of Secure WirelessAd Hoc Routing
  • Authors Yih-Chun Hu and Adrian Perrig
  • Publish IEEE Security and Privacy special
    issue on Making Wireless Work, 2(3)28-39, 2004
  • Presenter Danzhou Liu

2
Contents
  • Introduction
  • Attacks on Ad Hoc Network
  • Secure Routing in Ad Hoc Network
  • Discussions

3
Introduction
  • This paper is a survey of research in secure ad
    hoc routing protocols and the challenges faced.
  • Ad hoc network
  • Collection of mobile nodes forming a network
  • Do not have a pre-established network
    infrastructure such as base access points
  • Each node moves dynamically and arbitrarily
  • All nodes typically operate on a common frequency
    band
  • Routing protocols are needed if network span
    exceeds radio range (multi-hop)
  • Applications
  • Search and Rescue
  • Disaster Recovery
  • Automated Battlefields

4
Introduction
  • Challenges in ad hoc networks
  • Limited physical security
  • Lack of infrastructure and authorization
    facilities
  • Security protocols for wired networks cannot work
    for ad hoc networks
  • Volatile network topology makes it hard to detect
    malicious nodes
  • Intrinsic mutual trust vulnerable to attacks

5
MANET Routing Protocols Classification
6
DSR
  • The Dynamic Source Routing (DSR) is a reactive
    topology-based routing protocol.
  • Route discovery
  • When the source node S wants to send a packet to
    the destination node D, it first consults its
    route cache. If an unexpired route is found, use
    this route. Otherwise, S initiates route
    discovery by broadcasting a route request (RREQ)
    packet (SID, DID, seq_no).
  • Each node appends its own identifier when
    forwarding RREQ
  • Limited flooding the node only forwards the RREQ
    to its neighbors if the RREQ has not yet been
    seen by the node and if the nodes address does
    not already appear in the route record.
  • After receiving RREQ, node D or an intermediate
    node containing unexpired route to node D
    generates a route reply (RREP) to node S.
  • Route maintenance
  • Route error packets and acknowledgments

7
DSR Route Discovery
N2
N1-N2
Destination
N1-N2-N5
N5
N8
N1
Source
N1
N1-N3-N4-N7
N1-N2-N5
N1-N3-N4
N4
N7
N1
N1-N3-N4
N1-N3
N1-N3-N4-N6
N3
N6
N1-N3-N4
8
DSR Route Reply
N2
N1-N2-N5-N8
Destination
N1-N2-N5-N8
N5
N8
N1-N2-N5-N8
Source
N1
N4
N7
N3
N6
9
DSDV
  • The Destination-Sequenced Distance-Vector (DSDV)
    is a proactive topology-based routing protocol.
  • Each node maintains a routing table which stores
  • next hop towards each destination
  • a cost metric for the path to each destination
  • a destination sequence number that is created by
    the destination itself
  • Sequence numbers used to avoid formation of loops
  • Each node periodically and triggeredly forwards
    the routing table to its neighbors
  • Route Selection
  • Select route with higher destination sequence
    number (This ensure to use always newest
    information from destination)
  • Select the route with better metric when sequence
    numbers are equal.

10
DSDV Route Update
  • B increases Seq. No from 100 gt 102
  • B sends routing update to A and C

(A, 1, A-500) (B, 0, B-102) (C, 1, C-588)
(A, 1, A-500) (B, 0, B-102) (C, 1, C-588)
A
B
C
Dest. Next Metric Seq.
A A 1 A-550
B B 0 B-100
C C 2 C-588
Dest. Next Metric Seq.
A A 0 A-550
B B 1 B-100
C B 2 C-586
Dest. Next Metric Seq.
A B 1 A-550
B B 2 B-100
C C 0 C-588
B-102
B-102
B-102
2
1
1
C-588
11
Contents
  • Introduction
  • Attacks on Ad Hoc Network
  • Secure Routing in Ad Hoc Network
  • Discussions

12
Two Attack Categories (DoS)
  • Routing-disruption attacks drive packets onto
    dysfunctional routes
  • Routing loop send forged routing packets to
    create a routing loop
  • Black hole drop all packets
  • Gray hole drop some packets, e.g., just forward
    routing packets but not data packets
  • Gratuitous detour claim falsely longer route by
    adding virtual nodes
  • Wormhole use a pair of attacker nodes linked via
    a private network connection, prevent other nodes
    to discover routes.
  • Rushing fire ROUTE REQUESTS in advance to
    suppress any later legitimate ROUTE REQUESTS
    against on-demand routing protocols
  • Resource-consumption attacks inject packets into
    the network
  • Consume network resources such as bandwidth,
    nodes memory and computation power

13
Attacker Model
  • Passive Attacker not inject packets, just
    eavesdrop
  • Just threat against communication privacy or
    anonymity
  • Not against the networks function or routing
    protocol
  • Not be discussed further
  • Active Attacker eavesdrop and inject packets
  • Assume that the attacker owns all the
    cryptographic key information of compromised
    nodes and distributes it among all its nodes.
  • Active-n-m, where n is the number of nodes it has
    compromised and m is the number of nodes it owns
  • Active-0-1
  • Active-0-x
  • Active-1-x
  • Active-y-x
  • ActiveVC controls all traffic between nodes

Increasing strength
14
Contents
  • Introduction
  • Attacks on Ad Hoc Network
  • Secure Routing in Ad Hoc Network
  • Discussions

15
Key Setup in Ad Hoc Network
  • How to spread key for authentication.
  • Secrete Key a shared key to encode and decode
    (DEC).
  • Public Key a shared public key to encode and a
    private key to decode (RSA).
  • Common set of authorities
  • Protect private key distribution from eavesdrop
  • Protect legal nodes list distribution from active
    attack by side channel

16
Protect Key Distribution
  • SUCV Addresses
  • Each node generates a public- and private-key
    pair
  • Choose its address based on a cryptographic hash
    function of the public key
  • Certificate Authority (CA).
  • Node has a certificate containing its address,
    public key and a signature from CA.
  • CA is vulnerable to compromise. This is overcome
    by requiring a node to have certificates from
    several CAs.
  • Transitive Trust and PGP Trust Graph
  • Each node signs certificates for other nodes
  • If A trusts B, and B trusts C, then A trusts C
  • Public Key Revocation
  • Revoke the certificate for a compromised nodes
    public key
  • Sign Negative certificates
  • Blacklisting or flooding other revocation
    information

17
Ariadne A Secure On-Demand Routing Protocol for
Ad Hoc Network
  • Ariadne is a secure on-demand routing protocol
  • Based on Dynamic Source Routing (DSR) Protocol
  • Withstand node compromise, avoid routing
    misbehavior by monitoring nodes prior
    performance
  • Rely only on highly efficient symmetric
    cryptography
  • Use one way hashing to overcome node removal from
    the node list
  • Route request authenticity Route reply
    authentication
  • Ariadne can authenticate routing messages using
    one of three schemes
  • Shared secrets between each pair of nodes
  • Shared secrets between communicating nodes
    combined with broadcast authentication
  • Digital Signatures

18
Route Discovery
  • Route Request
  • ltRoute Request, initiator, target, id, time
    interval, hash chain, node list, MAC listgt
    (Note MAC Message Authentication Code)
  • Initiator initializes hash chain to
    MACKSD(initiator, target, id, time interval)
  • Non-target node A which receives the request
    checks ltinitiator, idgt and checks time interval
  • Time interval must not be too far in the future
    and key corresponding to it must not be disclosed
    yet
  • If any condition fails, discard the request
  • If all conditions hold, A appends its address to
    node list, replaces hash chain with HA, hash
    chain, appends MAC of entire Request with TESLA
    key KAi to MAC list

19
Route Discovery
  • Target checks validity of Request
  • By determining that the keys are not disclosed
    yet and that the hash chain is equal to
  • If Request is valid, target returns a Route Reply
  • Route Reply
  • ltRoute Reply, target, initiator, time interval,
    node list, MAC list, target MAC, key listgt
  • Sent to initiator along the route in node list
  • Forwarding node waits and appends its key
  • Initiator verifies each key in key list, target
    MAC, each MAC in MAC list

Hnn, Hnn-1, H,Hn1, MACKSD(initiator, target,
id, interval)
20
Route Discovery
RS ltM, h0, (), ()gt RA ltM, h1, (A),
(MA)gt RB ltM, h2, (A, B), (MA, MB)gt RE ltM,
h2, (A, E), (MA, ME)gt
  • Route Request
  • Route to be found S ? A ? B ? C ? D
  • M ?Request, S, D, id, ti?
  • S h0 MACKSD(M)
  • S ? ? ?M, h0, (), ()?
  • A h1 H (A, h0)
  • MA MACKAti ?M, h1, (A), ()?
  • A ? ? ?M, h1, (A), (MA)?
  • B h2 H (B, h1)
  • MB MACKBti ?M, h1, (A, B), (MA)?
  • B ? ? ?M, h2, (A, B), (MA, MB)?
  • C h3 H (C, h2)
  • MC MACKCti ?M, h3, (A, B, C), (MA, MB)?
  • C ? ? ?M, h3, (A, B, C), (MA, MB, MC)?

Finally, D checks validity of request by checking
whether keys are disclosed, and hash chain
consistent
RC ltM, h3, (A, B, C), (MA, MB, MC)gt RF ltM,
h3, (A, B, F), (MA, MB, MF)gt RG ltM, h4, (A,
B, C, G), (MA, MB, MC, MG)gt
21
Route Discovery
Route Reply M ?Reply, D, S, ti , (A, B, C),
(MA, MB, MC) ? D MD MACKDS (M) D ? C ?M,
MD, ()? C ? B ?M, MD, (KCti)? B ? A ?M, MD,
(KCti, KBti)? A ? S ?M, MD, (KCti, KBti,
KAti)?
RDC ltM, MD, ()gt RCB ltM, MD, (KCti)gt RBA ltM,
MD, (KCti, KBti)gt RAS ltM, MD, (KCti, KBti,
KAti)gt
RAS
RBA
RCB
Finally, S verifies each key in key list, target
MAC, each MAC in MAC list
RDC
22
SEAD Secure Efficient Ad Hoc Distance Vector
  • Based on DSDV (Destination-Sequenced
    Distance-Vector) ad hoc routing protocol
  • Overcomes attackers creating incorrect routing
    state
  • Using one-way hashing chain and sequence number
  • Authenticating Routing Updates

23
Secure AODV (Ad Hoc On-demand Distance Vector)
Routing Protocol
  • ARAN Authenticated Routing for Ad Hoc Networks
  • Each node has a certificate signed by a trusted
    authority
  • On-Demand Routing with route discovery and
    maintenance
  • Record next hop and when unavailable it initiate
    route maintenance

24
Secure AODV
  • SAODV
  • Add signature extensions to AODV
  • Use hash chain to confirm each hop
  • Allow a route reply double signature extension
    (RREP-DSE) from intermediate node.

25
Secure Link-State Routing
  • Digital signatures and one way hash chains
  • Updates through the Neighbor Lookup Protocol
    (NLP)
  • Hash chains used to authenticate hop count
  • Limited hops when LS update
  • Lightweight flooding prevention

26
Reputation Based Systems
  • Require underlying secure routing protocol
  • Four components of Confidant monitor, trust
    monitor, reputation system, and path manager.
  • Using Weight list
  • List of links with cost metric associated with
    each link
  • Protect route from existing attacker

27
Discussions
  • Strengths of the paper
  • Discuss possible attacks
  • Presents an attacker model
  • Presents state-of-art secure wireless ad hoc
    routing techniques
  • Weaknesses of the paper
  • A more complete model of possible attacks would
    let the protocol designers evaluate the security
    of their routing protocols.
  • Not discuss how to improve performance efficiency
  • Future work
  • Model secure routing problems
  • Design routing protocols that have strong
    security as well as good performance

28
Thank You QA
Write a Comment
User Comments (0)
About PowerShow.com