Security in Ad hoc Networks

1
Security in Ad hoc Networks

• Refik Molva and Pietro Michiardi
• Personal Wireless Communication, September 2003
• Presented by Song Jumin

2
Contents

• Introduction
• Security Exposures in MANET
• Secure Routing Proposals
• Cooperation Enforcement
• Key Management
• Conclusion

3
Introduction

• Mobile ad hoc network (MANET)
• A set of mobile hosts that carry out basic
  networking functions
• Packet forwarding, routing, network management
• Characteristics
• Without the help of an established infrastructure
• Carried out by not dedicated nodes but all
  available nodes
• Different environment based on the organizational
  links
• Managed environments
• Controlled by an organization and priori trust
  relationship
• A few special scenarios military networks
• Open environments
• Cannot rely on any existing trust relationship
  among the nodes
• For correct operation of network
• Correct execution of critical network functions
  by each node
• A fair share of the functions between each nodes

4
Security Exposures in MANET

• Active attacks
• By malicious nodes
• Disrupt the correct functioning of a routing
  protocol
• Modifying, fabricating, impersonating, wormhole
  attack
• Passive attacks
• By selfish nodes
• Degrade network performances and partition the
  network
• Selfishness can cause serious damage in terms of
  global network throughput and delay MM 02

5
Secure Routing Proposals (1/5)

• Proposals
• Secure Routing Protocol PH 02
• ARIADNE PJ 02
• ARAN DLRS 02
• A secure Routing protocol for Ad hoc Networks
• Notes on the wormhole attack
• Overview
• Oriented to on-demand routing protocols
• Does not consider the selfishness problem
• Needs to a managed environment

6
Secure Routing Proposals (2/5)

• Secure Routing Protocol PH 02
• Assumption
• Exist a secret symmetric key between source node
  and destination node
• Operation
• Source node Message Authentication Code (MAC)
• Destination node Verifying the integrity and
  authenticity of the RREQ
• Intermediate node Priority ranking
• Pros
• Non-colluding malicious nodes that modify, replay
  and fabricate routing packets
• Cons
• Wormhole attack
• Route cache poisoning attack
• Lack of a validation for route maintenance message

7
Secure Routing Proposals (3/5)

• ARIADNE PJ 02
• Assumption
• A shared secret key (KS,D) between source and
  destination
• An authentic key (KAi) for each node in network
• Operation
• ltROUTE REQUEST, initiator, target, id, time
  interval, hash chain, node list, MAC listgt
• Source node MACKS,D(initiator, target, id, time
  interval)
• Intermediate node Hnode address, hash chain,
  MACKAi(entire REQUEST)
• Destination node Verifying the RREQ
• Pros
• Target node of a route discovery process can
  authenticate initiator
• Initiator can authenticate each intermediate node
  in RREP
• No intermediate node can remove a previous node
  in the node list in RREQ or RREP
• Cons
• It does not take into account selfish node

8
Secure Routing Proposals (4/5)

• ARAN DLRS 02
• Assumption
• A trusted certificate server (T)
• Each node has a certificate signed by T
• IP, public key, timestamp
• Operation
• Source verifies that the intended destination was
  reached
• Source trusts destination to choose the return
  path
• Source node (A) RDP IPx certA NA tKA
• Intermediate node (B) RDP IPx certA NA
  tKAKB certB
• Intermediate node (C) RDP IPx certA NA
  tKAKC certC
• Destination node (X) REP IPA certX NA tKX
  
• Pros
• Modification, fabrication, impersonation
• Cons
• Cost problem in terms of CPU and energy usage
• Not immune to the wormhole attack

9
Secure Routing Proposals (5/5)

• Notes on the wormhole attack
• Packet leashes PG 01
• Temporal leashes
• Extremely precise time synchronization and
  timestamps in each packet
• Geographical leashes
• Location information and loosely synchronized
  clocks
• Modifying the routing protocol
• Path discovery mechanism
• Handle multiple routes
• Verification mechanism
• Detect anomalies when comparing the metrics

10
Cooperation Enforcement (1/3)

• Selfishness can cause serious damage in terms of
  global network throughput and delay MM 02
• Cooperation enforcement
• Currency-based solutions
• Some form of digital cash is used as an incentive
• Monitoring solutions
• Misbehaving nodes will be detected through the
  shared observations of legitimate nodes

11
Cooperation Enforcement (2/3)

• Nuglets BH 01
• Nuglet virtual currency used in every
  transaction
• Two models
• Packet purse model source pays
• Packet trade model destination pays
• CONFIDANT BB 02
• Aiming at detecting selfish nodes
• Components
• A network monitor, reputation records, sending an
  ALARM message
• Trust records
• A path manager
• Limitation
• Assumptions for detection-based reputation systems

12
Cooperation Enforcement (3/3)

• CORE MM 02
• Collaborative monitoring technique Reputation
  mechanism
• No negative ratings are spread between the nodes
• Gradually isolate selfish nodes
• It suffers from the spoofing attack
• Token-based cooperation enforcement YML 02
• Token
• Required in order to participate in the network
  operation
• Constructed using a group signature
• Components
• Neighbor verification, Neighbor monitoring,
  Intrusion reaction, Security enhanced routing
  protocol
• Limitation
• Low node mobility, Spoofing attack

13
Key Management (1/4)

• Key management
• Symmetric key based scheme
• Pair-wise secret keys to establish session keys
  used for authentication and message integrity
• Example SRP
• Public key based scheme
• Each node possesses a pair of public and private
  keys based on an asymmetric algorithm
• Example ARAN

14
Key Management (2/4)

• Self-organized public key management based on
  PGPCBH 02
• Certificate
• Based on users personal acquaintances
• Stored in a local certificate repository
• Stored and distributed by the users themselves
• cfgt PGP by on-line servers
• How to communicate each other
• Merge their local certificate repositories
• Try to find appropriate certificate chains within
  merged repository
• Verify the public keys of each other

15
Key Management (3/4)

• Self-organized public key management based on PGP
  (contd)
• Success of this approach depends on
• Construction of the local certificate
  repositories
• Characteristics of the certificate graph
• propose maximum degree algorithm
• Consideration
• Public key in the certificate indeed belongs to
  the node identification named in the certificate?
• Initializing each nodes local repository is a
  complex operation

16
Key Management (4/4)

• Authentication based on polynomial secret sharing
  LL 00
• Conception
• Certificate
• Cooperatively generated by a set of neighbors
• Using a group signature
• Secret sharing
• Secret signature key is distributed among several
  nodes
• Localized trust model
• An entity is trusted if any k trusted entities
  claim so
• A locally trusted entity is globally accepted
• Drawback
• Requirement for a trusted dealer that initializes
  the very first k nodes of a coalition
• Every node has at least k trusted neighbors

17
Conclusion

• Problems of the existing security solutions
• Only cover a subset of all threats
• Lack of cooperation enforcement mechanisms
• Make unrealistic assumptions
• Availability of key management infrastructures
• In contrast with the very nature of ad hoc
  networks
• Comprehensive security solutions are expected to
  appear
• Based on realistic trust models
• Addressing all prevalent issues
• routing , cooperation enforcement, key management