1 / 21

Secure and Efficient Key Management in Mobile Ad Hoc Networks

Secure and Efficient Key Management in Mobile Ad Hoc Networks. Bing Wu, Jie Wu, Eduardo B. Fernandez, Mohammad Ilyas, Spyros Magliveras Department of Computer Science and Engineering, Florida Atlantic University, Boca Raton, FL 33431, USA

brian
Download Presentation

Secure and Efficient Key Management in Mobile Ad Hoc Networks

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Secure and Efficient Key Management in Mobile Ad Hoc Networks Bing Wu, Jie Wu, Eduardo B. Fernandez, Mohammad Ilyas, Spyros Magliveras Department of Computer Science and Engineering, Florida Atlantic University, Boca Raton, FL 33431, USA Department of Mathematics, Florida Atlantic University, Boca Raton, FL 33431, USA Journal of Network and Computer Application Present: Jhoong-Wei Chen

  2. Introduction • The ad hoc networks security • Introduce a secure and efficient key management scheme(SEKM) • The basic idea is that server nodes form an underlying service group

  3. Key Management in Ad Hoc Networks • Trust models

  4. Secure and Efficient Key Management (SEKM) Scheme • Notation and assumption • that every node carries a valid certificate from off-line configuration before entering the network

  5. Secure and Efficient Key Management (SEKM) Scheme • The overview of SEKM • Kca-1 is distributed to m shareholders (server) • A quorum of k(1<k≤m) servers (server group) can produce a valid certificate • SEKM • group maintenance phases • share updating phases • certificate renew/revocation phases • handling new server nodes phases

  6. Secure and Efficient Key Management (SEKM) Scheme • Secure server group formation and maintenance • Use mesh structure • only server nodes initiate the group formation and become members of the group • A subset of non-server nodes could be forwarding nodes • the tree-based structure is easy to break in a high dynamic situation and incurs excessive control traffic • Soft state

  7. Secure and Efficient Key Management (SEKM) Scheme • Group Creation • When a secret shareholder enters the network, it broadcasts a JoinServeReq: {IDi, SEQi, TTL} {[h(IDi, SEQi)]Ki-1|(TTL)Ki-1} • When a node • receives a non-duplicate JoinServerReq packet, it needs to verify that the packet is from the authenticated source • The TTL value decreases by 1 as the packet leaves intermediate node. The change of TTL is signed by intermediate nodes

  8. Secure and Efficient Key Management (SEKM) Scheme • If the server node receive JoinServerReq it will send a JoinServerReplypacket as well as forwarding the request packet. • JoinServerReply packet is also protected by the replier’s signature

  9. Secure and Efficient Key Management (SEKM) Scheme • Group maintenance • for a mesh structure, there are multiple possible paths between pairs of servers • the periodical message JoinServerRequest and JoinServerReply are sent out

  10. Secure and Efficient Key Management (SEKM) Scheme • Secret share updating • k servers within the server group initiate the share update phase • At every round every server i generates a random number βi between 0 and 1 and a threshold value τi. τi is defined as

  11. Secure and Efficient Key Management (SEKM) Scheme • Secret share updating

  12. Secure and Efficient Key Management (SEKM) Scheme • Handling new servers • server group updates shares periodically, a new joining node could carry an outdated share from off-line configuration • A message could be • A message sent out to notify requesting node r by checking the version field in the certificate

  13. Secure and Efficient Key Management (SEKM) Scheme • Certificate updating

  14. Secure and Efficient Key Management (SEKM) Scheme • Certificate updating

  15. Secure and Efficient Key Management (SEKM) Scheme • Handling certificate expiration and revocation • A certificate will expire after a predetermined period of time • In this paper, for simplicity, a • node with an expired certificate needs some off-line or in-person reconfiguration • A node’s certificate could be revoked by the server group within its validity period for several reasons

  16. Performance evaluation • Assumption • 100 X100 2-D free-space • from 40 to 100 nodes • transmission range r =25 • 1024-bit RSA cryptographic key pairs • The coefficients of the polynomial are 512 bits long. • hashed using MD5 • implemented in Matlab.

  17. Performance evaluation

  18. Performance evaluation

  19. Performance evaluation

  20. Conclusion • In this paper we propose a key management scheme, SEKM, which creates a PKI structure for this type of Ad Hoc Networks • SEKM is that it is easier for a node to request service from a well maintained group rather than from multiple ‘‘independent’’ service providers which may be spread in a large area.

  21. Appendix • Key agreement protocol: A key agreement protocol or mechanism is a key establishment technique in which a shared secret is derived by two (or more) parties as a function of information contributed by, or associated with, each of these, (ideally) such that no party can predetermine the resulting value. • Key management protocol:

More Related