A two‐step authentication framework for Mobile ad hoc networks

The lack of fixed infrastructure in ad hoc networks causes nodes to rely more heavily on peer nodes for communication. Nevertheless, establishing trust in such a distributed environment is very difficult, since it is not straightforward for a node to determine if its peer nodes can be trusted. An additional concern in such an environment is with whether a peer node is merely relaying a message or if it is the originator of the message. In this paper, we propose an authentication approach for protecting nodes in mobile ad hoc networks. The security requirements for protecting data link and network layers are identified and the design criteria for creating secure ad hoc networks using several authentication protocols are analyzed. Protocols based on zero knowledge and challenge response techniques are presented and their performance is evaluated through analysis and simulation

Resilient networking in wireless sensor networks

This report deals with security in wireless sensor networks (WSNs), especially in network layer. Multiple secure routing protocols have been proposed in the literature. However, they often use the cryptography to secure routing functionalities. The cryptography alone is not enough to defend against multiple attacks due to the node compromise. Therefore, we need more algorithmic solutions. In this report, we focus on the behavior of routing protocols to determine which properties make them more resilient to attacks. Our aim is to find some answers to the following questions. Are there any existing protocols, not designed initially for security, but which already contain some inherently resilient properties against attacks under which some portion of the network nodes is compromised? If yes, which specific behaviors are making these protocols more resilient? We propose in this report an overview of security strategies for WSNs in general, including existing attacks and defensive measures. In this report we focus at the network layer in particular, and an analysis of the behavior of four particular routing protocols is provided to determine their inherent resiliency to insider attacks. The protocols considered are: Dynamic Source Routing (DSR), Gradient-Based Routing (GBR), Greedy Forwarding (GF) and Random Walk Routing (RWR)

EFFICIENT AND SCALABLE NETWORK SECURITY PROTOCOLS BASED ON LFSR SEQUENCES

The gap between abstract, mathematics-oriented research in cryptography and the engineering approach of designing practical, network security protocols is widening. Network researchers experiment with well-known cryptographic protocols suitable for different network models. On the other hand, researchers inclined toward theory often design cryptographic schemes without considering the practical network constraints. The goal of this dissertation is to address problems in these two challenging areas: building bridges between practical network security protocols and theoretical cryptography. This dissertation presents techniques for building performance sensitive security protocols, using primitives from linear feedback register sequences (LFSR) sequences, for a variety of challenging networking applications. The significant contributions of this thesis are: 1. A common problem faced by large-scale multicast applications, like real-time news feeds, is collecting authenticated feedback from the intended recipients. We design an efficient, scalable, and fault-tolerant technique for combining multiple signed acknowledgments into a single compact one and observe that most signatures (based on the discrete logarithm problem) used in previous protocols do not result in a scalable solution to the problem. 2. We propose a technique to authenticate on-demand source routing protocols in resource-constrained wireless mobile ad-hoc networks. We develop a single-round multisignature that requires no prior cooperation among nodes to construct the multisignature and supports authentication of cached routes. 3. We propose an efficient and scalable aggregate signature, tailored for applications like building efficient certificate chains, authenticating distributed and adaptive content management systems and securing path-vector routing protocols. 4. We observe that blind signatures could form critical building blocks of privacypreserving accountability systems, where an authority needs to vouch for the legitimacy of a message but the ownership of the message should be kept secret from the authority. We propose an efficient blind signature that can serve as a protocol building block for performance sensitive, accountability systems. All special forms digital signatures—aggregate, multi-, and blind signatures—proposed in this dissertation are the first to be constructed using LFSR sequences. Our detailed cost analysis shows that for a desired level of security, the proposed signatures outperformed existing protocols in computation cost, number of communication rounds and storage overhead

A Lightweight and Attack Resistant Authenticated Routing Protocol for Mobile Adhoc Networks

In mobile ad hoc networks, by attacking the corresponding routing protocol, an attacker can easily disturb the operations of the network. For ad hoc networks, till now many secured routing protocols have been proposed which contains some disadvantages. Therefore security in ad hoc networks is a controversial area till now. In this paper, we proposed a Lightweight and Attack Resistant Authenticated Routing Protocol (LARARP) for mobile ad hoc networks. For the route discovery attacks in MANET routing protocols, our protocol gives an effective security. It supports the node to drop the invalid packets earlier by detecting the malicious nodes quickly by verifying the digital signatures of all the intermediate nodes. It punishes the misbehaving nodes by decrementing a credit counter and rewards the well behaving nodes by incrementing the credit counter. Thus it prevents uncompromised nodes from attacking the routes with malicious or compromised nodes. It is also used to prevent the denial-of-service (DoS) attacks. The efficiency and effectiveness of LARARP are verified through the detailed simulation studies.Comment: 14 Pages, IJWM

Multifold node authentication in mobile ad hoc networks

An ad hoc network is a collection of nodes that do not need to rely on a predefined infrastructure to keep the network connected. Nodes communicate amongst each other using wireless radios and operate by following a peer-to-peer network model. In this article we propose a multifold node authentication approach for protecting mobile ad hoc networks. The security requirements for protecting data link and network layers are identified and the design criteria for creating secure ad hoc networks using multiple authentication protocols are analysed. Such protocols, which are based on zero knowledge and challenge response techniques, are presented through proofs and simulation results

Two‐Step Authentication in Mobile Ad Hoc Networks

The lack of fixed infrastructure in ad hoc networks causes nodes to rely more heavily on peer nodes for communication. Nevertheless, establishing trust in such a distributed environment is very difficult, since it is not straightforward for a node to determine if its peer nodes can be trusted. An additional concern in such an environment is with whether a peer node is merely relaying a message or if it is the originator of the message. In this paper, we propose an authentication approach for protecting nodes in mobile ad hoc networks. The security requirements for protecting data link and network layers are identified and the design criteria for creating secure ad hoc networks using several authentication protocols are analyzed. Protocols based on zero knowledge and challenge response techniques are presented and their performance is evaluated through analysis and simulation

Security and Privacy Issues in Wireless Mesh Networks: A Survey

This book chapter identifies various security threats in wireless mesh network (WMN). Keeping in mind the critical requirement of security and user privacy in WMNs, this chapter provides a comprehensive overview of various possible attacks on different layers of the communication protocol stack for WMNs and their corresponding defense mechanisms. First, it identifies the security vulnerabilities in the physical, link, network, transport, application layers. Furthermore, various possible attacks on the key management protocols, user authentication and access control protocols, and user privacy preservation protocols are presented. After enumerating various possible attacks, the chapter provides a detailed discussion on various existing security mechanisms and protocols to defend against and wherever possible prevent the possible attacks. Comparative analyses are also presented on the security schemes with regards to the cryptographic schemes used, key management strategies deployed, use of any trusted third party, computation and communication overhead involved etc. The chapter then presents a brief discussion on various trust management approaches for WMNs since trust and reputation-based schemes are increasingly becoming popular for enforcing security in wireless networks. A number of open problems in security and privacy issues for WMNs are subsequently discussed before the chapter is finally concluded.Comment: 62 pages, 12 figures, 6 tables. This chapter is an extension of the author's previous submission in arXiv submission: arXiv:1102.1226. There are some text overlaps with the previous submissio