Securing mobile ad hoc network routing protocols

Master'sMASTER OF ENGINEERIN

Security protocols for mobile ad hoc networks

Mobile ad hoc networks (MANETs) are generating much interest both in academia and the telecommunication industries. The principal attractions of MANETs are related to the ease with which they can be deployed due to their infrastructure-less and decentralized nature. For example, unlike other wireless networks, MANETs do not require centralized infrastructures such as base stations, and they are arguably more robust due to their avoidance of single point of failures. Interestingly, the attributes that make MANETs attractive as a network paradigm are the same phenomena that compound the challenge of designing adequate security schemes for these innovative networks.One of the challenging security problems is the issue of certificate revocation in MANETs where there are no on-line access to trusted authorities. In wired network environments, when certificates are to be revoked, certificate authorities (CAs) add the information regarding the certificates in question to certificate revocation lists (CRLs) and post the CRLs on accessible repositories or distribute them to relevant entities. In purely ad hoc networks, there are typically no access to centralized repositories or trusted authorities; therefore the conventional method of certificate revocation is not applicable.Another challenging MANET security problem is the issue of secure routing in the presence of selfish or adversarial entities which selectively drop packets they agreed to forward; and in so doing these selfish or adversarial entities can disrupt the network traffic and cause various communication problems.In this thesis, we present two security protocols we developed for addressing the above-mentioned MANET security needs. The first protocol is a decentralized certificate revocation scheme which allows the nodes within a MANET to have full control over the process of certificate revocation. The scheme is fully contained and it does not rely on any input from centralized or external entities such as trusted CAs. The second protocol is a secure MANET routing scheme we named Robust Source Routing (RSR). In addition to providing data origin authentication services and integrity checks, RSR is able to mitigate against intelligent, colluding malicious agents which selectively drop or modify packets they are required to forward

Certificate management in ad hoc networks

Various types of certificates are basic tools of modern cryptography and networks security. They are used in various protocols, in the form of public key identity certificates, binding a key to its owner or in the form of attribute certificates, being a proof of rights and capabilities of their owner. Management of certificates (creation, distribution, verification, and revocation) is dependent on a certification infrastructure comprising various certification authorities, protocols, and policies. In this paper we consider usage and management of certificates in open, ad hoc networks. Ad hoc networks differ from fixed, wired networks in several important aspects, one of them being that access to the Internet is not always available. This significantly influences certificate management protocols since online access to various certificate system resources (CA certificates, CRL, etc) is not always available. In this paper we specify security requirements and constraints in such environments and outline some potential solutions for adaptation of certificate management protocols to these new network environments. 1