300 likes | 421 Views
A Secure On-Demand Routing Protocol for Ad Hoc Networks. Allan HUNT Wandao PUNYAPORN Yong CHENG Tingting OUYANG. Introduction. Design. Evaluation & Analysis. Related work. Critical Appraisal of the work. Agenda. Motivation. On demand Ad hoc routing protocol
E N D
A Secure On-Demand Routing Protocol for Ad Hoc Networks Allan HUNT Wandao PUNYAPORN Yong CHENG Tingting OUYANG
Introduction Design Evaluation & Analysis Related work Critical Appraisal of the work Agenda GZ06 : Mobile and Adaptive Systems
Motivation • On demand Ad hoc routing protocol • Security in Ad hoc protocols. • Attack models • General protocol • Mobility GZ06 : Mobile and Adaptive Systems
Motivation (cont.) • Resource constrained devices (palm) GZ06 : Mobile and Adaptive Systems
Ariadne • Ariadne Protocol • They have based there protocol on the basic operators of DSRs, on demand source routing protocol. • Basic operations of DSR are: • Route discovery • Route maintenance GZ06 : Mobile and Adaptive Systems
Overview of TESLA Basic Operation of Tesla: • Uses a MAC • Picks an initial key at random Kn. • Generates a set of keys Ko – Kn using a one way Hash chain. • Delayed key discloser • For each K there is a release time. • Time synchronization • You have to pick delta to be the maximum delay error between any 2 nodes. All nodes must know this. GZ06 : Mobile and Adaptive Systems
Network Assumptions • They ignore the physical layer • Networks are bidirectional • Attacks on medium access control are disregarded. • Normal network (drop, corrupt, re-order) • Ariadne inherits all assumptions of the broadcast authentication protocol used such as (TESLA). GZ06 : Mobile and Adaptive Systems
Node Assumptions • Resource constrained Nodes. • No asymmetric cryptography. • Loosely synchronized clocks. • No trusted hardware used such as tamperproof modules. GZ06 : Mobile and Adaptive Systems
Security Assumptions • Ariadne relies on the following keys to be set up, depending on which authentication mechanism is used: • Pairwise shared secret key. • Digital signatures. • IfTESLA is used, we assume a mechanism to set up shared secret keys between communicating nodes, and to distribute one authentic public TESLA key for each node. GZ06 : Mobile and Adaptive Systems
Introduction Design Evaluation & Analysis Related work Critical Appraisal of the work Agenda GZ06 : Mobile and Adaptive Systems
Attack Model • Passive • Active • An attacker injects packets into the network • An attack which has compromised nodes is called an Active-VC attacker if it owns all nodes on a vertex cut through the network that partitions the good nodes into multiple sets. • Active-n-m • Active-0-1 • Active-1-x • Active-y-x GZ06 : Mobile and Adaptive Systems
General Attacks on Ad Hoc Network Routing Protocols • Routing disruption attacks • Routing loop • Black hole • Wormhole • Rushing Attack • Resource consumption attacks • Inject extra data packets • Inject extra control packets GZ06 : Mobile and Adaptive Systems
Basic Ariadne Route Discovery • Stage 1 – Target verifies Route Requests • Stage 2 - Target authenticates the data in Route Requests and the sender can authenticate the Route Replies • Stage 3 - Provides a way to verify that no node is missing from the node list. • Assume initiator S performs a Route Discovery for target D. • S and D share the secret keys KSD and KDS for message authentication in each direction GZ06 : Mobile and Adaptive Systems
Ariadne Route Discovery Using TESLA • A ROUTE REQUEST packet contains eight fields (ROUTE REQUEST, initiator, target, id, time interval, hash chain,node list, MAC list) • The initiator of the REQUEST then initializes the hash chain to MACKSD(initiator, target id, time interval) • The hash chain for the target node H[n,H[n-1 ,H[1,MACKSD(initiator, target id, time interval)]..]]] • A ROUTE REPLY packet also contains eight fields (ROUTE REPLY, target, initiator, time interval, node list, MAC list, target MAC, key list) GZ06 : Mobile and Adaptive Systems
Ariadne Route Maintenance Using TESLA • To prevent unauthorized Route Error Messages, we authenticate a sender. • A ROUTE ERROR packet in Ariadne contains six fields (ROUTE ERROR,sending address, receiving address, time interval, error MAC,recent TESLA key) • It should handle the possible memory consumption attack. GZ06 : Mobile and Adaptive Systems
Introduction Design Evaluation & Analysis Related work Critical Appraisal of the work Agenda GZ06 : Mobile and Adaptive Systems
Evaluation • Modified Simulation Model • Increased packet size to reflect the additional fields necessary for authenticating • Modified Route Discovery and Maintenance • Adjusted re-transmission timeouts for Route Requests to compensate for the delay • Disallowed the use of prefixes of routes in the Route Cache GZ06 : Mobile and Adaptive Systems
Evaluation - Packet Delivery Ratio 4.66% less PDR than DSR-NoOpt in maximum Ariadne outperforms DSR-NoOpt at lower level of mobility GZ06 : Mobile and Adaptive Systems
Evaluation - Packet Overhead Ariadne has 41.7% lower packet overhead than DSR-NoOpt GZ06 : Mobile and Adaptive Systems
Evaluation - Byte Overhead Ariadne has 26.19% higher byte overhead than DSR-NoOpt GZ06 : Mobile and Adaptive Systems
Evaluation – Path Optimality DSR-NoOpt performs slightly better than Ariadne GZ06 : Mobile and Adaptive Systems
Evaluation – Average Latency Ariadne always has consistently lower latency than DSR-NoOpt GZ06 : Mobile and Adaptive Systems
Security Analysis • Active-0-x • Bogus messages • Wormhole and rushing attacks • Active-1-x • Prevent two nodes from communicating • Replace MAC or keys in the Route Request • Active-y-x • Attempt to force the initiator to repeatedly initiate Route Discoveries • Resist Active-VC? • No solution provided GZ06 : Mobile and Adaptive Systems
Introduction Design Evaluation & Analysis Related work Critical Appraisal of the work Agenda GZ06 : Mobile and Adaptive Systems
Related Work • Periodic protocols • Much overhead introduced (storage, bandwidth, control and delay) • Protocols that use asymmetric crypto. • Computationally expensive to sign and verify • Possible DoS attacks • High network bandwidth usage • Protocols that use network-wide symmetric keys • Single-node compromise GZ06 : Mobile and Adaptive Systems
Introduction Design Evaluation & Analysis Related work Critical Appraisal of the work Agenda GZ06 : Mobile and Adaptive Systems
Conclusions • Achievements • Security against various types of attacks • Efficient symmetric cryptography • General • trusted hardware, powerful processors not needed • Overall Performance • Compared to optimized DSR: less efficient • Compared to unoptimized DSR: better in some metrics (e.g. packet overhead) GZ06 : Mobile and Adaptive Systems
Critical Appraisal • Key Setup • Methods: Pre-deployed, KDC, CA • Fixed nodes. Circular dependency. Centralized. • Clock synchronization. • Circular dependency • Resource constrained. Insecure • Maximum end-to-end delay • How to choose adaptively GZ06 : Mobile and Adaptive Systems
Critical Appraisal (cont.) • Delay and Buffer Size • Slow responsiveness • Resource constrained • Intermediate nodes authentication • Authentication on demand • Remaining Security Issues • Passive eavesdropper • Inserting data packets attack • Non-participating attacker • Single layer security scheme GZ06 : Mobile and Adaptive Systems
Thanks for your attention! Any questions?