Towards reliable network services in Ad Hoc Networks : Protecting the routing protocols

With the wireless media and ad hoc nodes operating both as routers and communication end-terminals, the ad hoc routing protocols are more prone to attacks than the network layer of fixed networks. Authenticated routing messages are a primary concern in the provisioning of a reliable network service. The scope of this dissertation has been network layer security in ad hoc networks intended for the operational scenario of emergency and rescue operations. The main objectives have been to investigate the applicability of existing security schemes for ad hoc networks, and to contribute to the development of resource efficient, yet robust and appropriate protection schemes. The majority of secure ad hoc routing protocols proposed so far, tend to focus on the protection techniques, rather than the computational cost and bandwidth consumption. Our work highlights the importance of taking these factors into consideration in the design of secure routing protocols. In addition, attention must be paid to the nature of routing control traffic and its discrepancies from ordinary application data. The thesis is based on our research published in four articles. Our contributions include a comprehensive survey of key management methods proposed for ad hoc networks and an evaluation of the applicability for initialization and maintenance of a protected network service. The applicability of identity-based public key schemes for protection of ad hoc routing information is also analyzed. Scalability remains an issue even with ID-based schemes that remove the need for bandwidth consuming certificate exchanges. A hybrid protection scheme is therefore proposed for the Optimized Link-State Routing protocol (OLSR). The protection scheme reduces both computational cost and bandwidth consumption by combining identity-based signatures with values from a hash chain. And last, a simple and robust, yet scalable, method is introduced for the distribution of revocation information in ad hoc networks