an optimal certificate dispersal algorithm for mobile ad hoc networks
DESCRIPTION
An Optimal Certificate Dispersal Algorithm for Mobile Ad Hoc Networks. Nagoya Institute of Technology Hua Zheng Shingo Omura Jiro Uchida Koichi Wada. Outline. Mobile ad hoc network Certificate Dispersal Problem Previous Work Our New Algorithms Some new lower bounds for the problem - PowerPoint PPT PresentationTRANSCRIPT
An Optimal Certificate Dispersal An Optimal Certificate Dispersal Algorithm for Mobile Ad Hoc Algorithm for Mobile Ad Hoc NetworksNetworks
Nagoya Institute of TechnologyNagoya Institute of TechnologyHua ZhengHua Zheng
Shingo OmuraShingo OmuraJiro UchidaJiro Uchida
Koichi WadaKoichi Wada
OutlineOutline
Mobile ad hoc networkMobile ad hoc network Certificate Dispersal ProblemCertificate Dispersal Problem Previous WorkPrevious Work Our New AlgorithmsOur New Algorithms Some new lower bounds for the Some new lower bounds for the
problemproblem ConclusionsConclusions Future WorkFuture Work
Mobile Ad Hoc Mobile Ad Hoc NetworkNetwork An Ad hoc network is a dynamically An Ad hoc network is a dynamically
changing wireless network that is changing wireless network that is created by mobile users. created by mobile users. (such as PDA, Cell phone)(such as PDA, Cell phone)
In an ad hoc network mobile users In an ad hoc network mobile users can come and go as their wishes. can come and go as their wishes.
Certificate Dispersal System is Certificate Dispersal System is considered to communicate considered to communicate securely.securely.
Public-key & Private-Public-key & Private-keykey Each tank holds its public-key and Each tank holds its public-key and
private-key pair for their own.private-key pair for their own.
private-key public-key private-key public-key
How to encrypt a How to encrypt a messagemessage
A message is encrypted by the public-key.A message is encrypted by the public-key. The encrypted message can only be The encrypted message can only be
decrypted by its private-key.decrypted by its private-key.
Public-key dispersal is Public-key dispersal is dangerousdangerous
public-key
This is Mickey’spublic-key
Certificates are needed Certificates are needed to obtain the other’s to obtain the other’s public-keypublic-key
CertificateCertificate
When user u trusts in user v, When user u trusts in user v,
The certificate from u to v can be issued. The certificate from u to v can be issued.
vu
private.u < u, v, public.v >private.u < u, v, public.v >
Certificate Certificate AuthenticationAuthentication
Certificate GraphCertificate Graph
NodesNodes :: Mobile usersMobile users Directed EdgesDirected Edges :: For any nodes u and v, For any nodes u and v,
if there is an issued certificate from u to if there is an issued certificate from u to v, then there is an edge from u to v.v, then there is an edge from u to v.
vu
Certificate Dispersal Certificate Dispersal ProblemProblem
InputInput :: Certificate Graph GCertificate Graph G OutputOutput :: For each node v in G, the set For each node v in G, the set
of certificates stored in it s.t. of certificates stored in it s.t. satisfying the following two conditionssatisfying the following two conditions
ConditionsConditions ::– ConnectivityConnectivity– CompletenessCompleteness
ConnectivityConnectivity
For any reachable pair u and v, For any reachable pair u and v, the certificates on a path which the certificates on a path which connects them are stored in u connects them are stored in u and v.and v.
1
2
3
5
4
(2,4)
(1,2) (4,5)
,
CompletenessCompleteness
All of the certificates are stored in All of the certificates are stored in some node.some node.
1
2
3
5
4
(2,4)
(1,2) (4,5)
,
(2,3)(3,4)
(3,1),
Certificate Dispersal Certificate Dispersal CostCost The Cost of Certificate Dispersal Algorithm F:The Cost of Certificate Dispersal Algorithm F:
The average number of certificates assigned The average number of certificates assigned by F to a node in G.by F to a node in G.
Certificate Dispersability Cost of a graph G:Certificate Dispersability Cost of a graph G:The minimum value of the cost of Certificate The minimum value of the cost of Certificate Dispersal Algorithm on G.Dispersal Algorithm on G.
Vv
|v)F.(G,|n1
G)c.(F,
G) c.(F,minc.GF
Full Tree AlgorithmFull Tree Algorithm– Cost: not more than n-1 Cost: not more than n-1
Half Tree Algorithm (improved version)Half Tree Algorithm (improved version)– No evaluation in detail No evaluation in detail
Certificate Dispersability Cost Certificate Dispersability Cost
– For a directed graph G, c.G For a directed graph G, c.G e/n e/n – For a ring G, c.G = n-1For a ring G, c.G = n-1– For a hourglass G, c.G = e/nFor a hourglass G, c.G = e/n– For a star graph G, c.G = 2(n-1)/nFor a star graph G, c.G = 2(n-1)/n
Eunjin Jung [Certificate Dispersal in Eunjin Jung [Certificate Dispersal in Ad hoc Networks]Ad hoc Networks]
(n: the number of nodes, e: the number of (n: the number of nodes, e: the number of edges)edges)
Graphs we consideredGraphs we considered
Strongly connected graph:Strongly connected graph:– A graph in which for any two distinct A graph in which for any two distinct
nodes, there exists a path between nodes, there exists a path between them, is said to be strongly connected.them, is said to be strongly connected.
DG=5
–Diameter is the maximum length Diameter is the maximum length of a longest distance between any of a longest distance between any of two nodes. of two nodes.
Graphs we consideredGraphs we considered
Bi-directional graph:Bi-directional graph:– If there is an edge from node u to If there is an edge from node u to
node v then there exists an edge node v then there exists an edge from v to u, and vice versafrom v to u, and vice versa
u
v
RG=2
–Radius is the minimum value of the Radius is the minimum value of the longest length of the shortest path longest length of the shortest path from v to any other nodes, for any from v to any other nodes, for any node v.node v.
Our ResultsOur Results
GraphGraph Dispersability CostDispersability Cost
Upper Upper boundbound
Strongly Strongly ConnectedConnected
O(DO(DGG+e/n)+e/n)
Bi-directionalBi-directional O(RO(RGG+e/n)+e/n)DirectedDirected O(pdO(pdmaxmax+e/n)+e/n)
Lower Lower boundbound
Cube, Mesh, de-BruijCube, Mesh, de-Bruijn, k-ary treen, k-ary tree (D(DGG+e/n)+e/n)
DDGG: diameter of G, R: diameter of G, RGG: radius of G, p: the number of stro: radius of G, p: the number of strongly connected components, dngly connected components, dmaxmax: the maximum diamet: the maximum diameter of the strongly connected componentser of the strongly connected components
PivotPivot
InputInput : : A strongly connected graphA strongly connected graph OutputOutput :: The set of certificates stored The set of certificates stored
in each nodein each node OutlineOutline ::
– Decide a pivot node,Decide a pivot node,– For each node, compute the shortest paths For each node, compute the shortest paths
in both directions from the pivot node,in both directions from the pivot node,– Store all of the certificates on the shortest Store all of the certificates on the shortest
paths in each direction to that node.paths in each direction to that node.
1. Select an arbitrary 1. Select an arbitrary node as pivot node pnode as pivot node p
1
2
3
4
5
6
p
2. Compute two shortest 2. Compute two shortest paths between p and each paths between p and each node in both directions, and node in both directions, and store them.store them.
1
2
3
4
5
6
p(1,2)
(2,3)
,
(3,1)
,
2. Compute two shortest 2. Compute two shortest paths between p and each paths between p and each node in both directions, and node in both directions, and store them.store them.
1
2
3
4
5
6
p(2,3)
,
(3,2)
PivotPivot
1
2
3
4
5
6
p
(1,2),(2,3),(3,1)
(2,3),(3,2)
(4,3),(3,4)
(5,4),(4,3),(3,6),(6,5)
(6,5),(5,4),(4,3),(3,6)
PivotPivot
Pivot satisfies ConnectivityPivot satisfies Connectivity– For any two distinct nodes, there For any two distinct nodes, there
must exist paths via pivot node must exist paths via pivot node between them, and we stored all of between them, and we stored all of the certificates on the path to them.the certificates on the path to them.
Pivot nodePivot node
CPivotCPivot
To satisfy Completeness, we store all rTo satisfy Completeness, we store all remaining certificates to pivot node.emaining certificates to pivot node.
Pivot is changed to be a Certificate DisPivot is changed to be a Certificate Dispersal Algorithm, which satisfying both persal Algorithm, which satisfying both of two conditions.of two conditions.
We name this algorithm as CPivot.We name this algorithm as CPivot.
Evaluation of CPivotEvaluation of CPivot
Upper bound of the CostUpper bound of the Cost (in the worst case)(in the worst case)
– Strongly connected graph: 2DStrongly connected graph: 2DGG+e/n +e/n
(D(DGG: diameter): diameter)
Computation timeComputation time– O(e)O(e)
Evaluation of CPivotEvaluation of CPivot
More clever choice of pivot node results More clever choice of pivot node results a better cost.a better cost.
Upper bound of the Cost Upper bound of the Cost (in the worst case)(in the worst case)– Bi-directional graph: 2RBi-directional graph: 2RGG+e/n+e/n (R(RGG: radius): radius)
Computation timeComputation time– O(ne)O(ne)
GPivotGPivot
InputInput :: A directed graphA directed graph OutputOutput : : The set of certificates The set of certificates
stored in each nodestored in each node NoteNote : : A directed graph can be A directed graph can be
partitioned into strongly partitioned into strongly connected components, and this connected components, and this partition is unique. partition is unique.
1. Partition G into strongly 1. Partition G into strongly connected componentsconnected components
3
1
2
6
7
4 5
8
9
2. Perform Pivot for each 2. Perform Pivot for each componentcomponent
3
1
2
6
7
4 5
8
9
(1,2),(2,3),(3,2)
(2,3),(3,1),(1,2)
(7,9),(9,7)
(6,5),(5,8),(8,6)
(8,6),(6,5),(5,8)
p
3. Construct a graph in which 3. Construct a graph in which each node corresponds to each each node corresponds to each componentcomponent
3
1
2
6
7
4 5
8
9
3. Construct a graph in which 3. Construct a graph in which each node corresponds to each each node corresponds to each componentcomponent
3
1
2
6
7
4 5
8
9
3
4
7
5
C1
C2
C4
C3
4. Compute trees rooted at 4. Compute trees rooted at each componenteach component
3
4
7
5
C1
C2
C4
C3
5. Store all of the certificates on the 5. Store all of the certificates on the shortest paths between two pivot shortest paths between two pivot nodesnodes
3
4
7
5
C1
C2
C4
C3
Store to all of the nodes in C1
5. Store all of the certificates on the 5. Store all of the certificates on the shortest paths between two pivot shortest paths between two pivot nodesnodes
For all of the other components, do the For all of the other components, do the same operation. same operation.
Finally, all unused certificate are stored Finally, all unused certificate are stored to an arbitrary node.to an arbitrary node.
This GPivot satisfies Connectivity and This GPivot satisfies Connectivity and Completeness.Completeness.
GPivot (Connectivity)GPivot (Connectivity)
3
4
7
5
C1
C2
C4
C3
1
9
Certificates stored by PivotCertificates stored in step 5
Evaluation of GPivotEvaluation of GPivot
Upper bound of the Cost (in the worst case) Upper bound of the Cost (in the worst case) – 2d2dmaxmax+(p-1)(2d+(p-1)(2dmaxmax+1)+e/n+1)+e/n
2pd2pdmaxmax+p-1+e/n+p-1+e/n
p:the number of strongly connected components p:the number of strongly connected components ddmaxmax:the maximum diameter of the strongly conne:the maximum diameter of the strongly conne
cted componentscted components
Computation timeComputation time– O(p(n+e))O(p(n+e))
Proof of lower bound Proof of lower bound
G=(V, E), VG=(V, E), V11,V,V22V, VV, V11VV22== Injective Function f: VInjective Function f: V11 V V22
P={p(u, f(u)) | uP={p(u, f(u)) | uVV11, u and f(u) are reacha, u and f(u) are reachable and p(u, f(u)) is a shortest path from ble and p(u, f(u)) is a shortest path from u to f(u)}u to f(u)}
V1 V2
f: V1V2
Proof of lower boundProof of lower bound
Because VBecause V11 and V and V2 2 are disjoint, for are disjoint, for
satisfying Connectivity, we have to store satisfying Connectivity, we have to store all of the certificates on the paths in P to all of the certificates on the paths in P to the end nodes of each concerned path.the end nodes of each concerned path.
32
1 6
5
4
VV11VV22
Proof of lower boundProof of lower bound
A lower bound depends on one kind of A lower bound depends on one kind of partition pattern and injective function.partition pattern and injective function.
P={p(u, f(u)) | uP={p(u, f(u)) | uVV11, u and f(u) are reac, u and f(u) are reachable and p(u, f(u)) is a shortest path frhable and p(u, f(u)) is a shortest path from u to f(u)}om u to f(u)}
Lower bound of the CostLower bound of the Cost
Pf(u))p(u,
f(u))d(u,n1
,ne
max
Proof of lower boundProof of lower bound
In the case of G is a Bi-directional In the case of G is a Bi-directional graphgraph
Lower bound of the CostLower bound of the Cost
Pf(u))p(u,
f(u))d(u,n2
,ne
max
CPivot in Optimal CaseCPivot in Optimal Case
Lower bound of the Cost for Lower bound of the Cost for – HypercubesHypercubes– MeshesMeshes– Complete k-ary TreesComplete k-ary Trees– de-Bruijn graphsde-Bruijn graphs
The Cost of CPivot equals to these lower bThe Cost of CPivot equals to these lower bounds.ounds.CPivot is optimal in these cases.
(m,k)-Mesh(m,k)-Mesh
MMkkm m ::
– V(V(MMkkmm)) == {0, 1, …, k-1}{0, 1, …, k-1}mm
– E(E(MMkkmm)) == {(x,y) | x=(a{(x,y) | x=(a11,a,a22,…,a,…,amm), y=(b), y=(b11,b,b22,,
…,b…,bmm))V, V, i, i, jji, ai, ajj=b=bjj, a, aii=b=bii1}1}00
01
02
03
10
11
12
13
20
21
22
23
30
31
32
33
n = kn = kmm
e = 2m(ke = 2m(kmm -- kkm-1m-1))MM44
22
|V|V11|=|V|=|V22|=n/2|=n/2 Lower bound of Dispersability Cost isLower bound of Dispersability Cost is
4km
2n
2km
n1
f(u))d(u,n1
,ne
maxPf(u))p(u,
00
01
02
03
10
11
12
13
20
21
22
23
30
31
32
33
k/2
k/2k/2
k/2
(2,4)-Mesh(2,4)-Mesh
VV11VV22
Lower bound of the Dispersability Cost is km/4Lower bound of the Dispersability Cost is km/4
Cost of CPivot:Cost of CPivot: 2R2RGG+e/n +e/n km+2m km+2m– e/n=2m-2m/k e/n=2m-2m/k 2m, R 2m, RGG=km/2=km/2
CPivot is an optimal algorithm.CPivot is an optimal algorithm.
(m,k)-Mesh(m,k)-Mesh
ConclusionsConclusions
We proposed two efficient certificates diWe proposed two efficient certificates dispersal algorithms.spersal algorithms.
New upper bounds of the certificate dispNew upper bounds of the certificate dispersability cost for strongly connected graersability cost for strongly connected graphs and general directed graphs are prophs and general directed graphs are proved. ved.
Furthermore, our algorithms are optimal Furthermore, our algorithms are optimal for several graph classes.for several graph classes.
Our ResultsOur Results
GraphGraph Dispersability CostDispersability Cost
Upper Upper boundbound
Strongly Strongly ConnectedConnected
O(DO(DGG+e/n)+e/n)
Bi-directionalBi-directional O(RO(RGG+e/n)+e/n)DirectedDirected O(pdO(pdmaxmax+e/n)+e/n)
Lower Lower boundbound
Cube, Mesh, de-BruijCube, Mesh, de-Bruijn, k-ary treen, k-ary tree (D(DGG+e/n)+e/n)
DDGG: diameter of G, R: diameter of G, RGG: radius of G, p: the number of stro: radius of G, p: the number of strongly connected components, dngly connected components, dmaxmax: the maximum diamet: the maximum diameter of the strongly connected componentser of the strongly connected components
Future WorkFuture Work
The problem that what kind of certificate The problem that what kind of certificate graphs have lower dispersability cost.graphs have lower dispersability cost.
To construct some other certificate dispTo construct some other certificate dispersal algorithms with lower cost for geneersal algorithms with lower cost for general directed graphs.ral directed graphs.
Lower bounds of certificate dispersability Lower bounds of certificate dispersability cost for other graphs.cost for other graphs.