[ieee 2012 26th ieee international parallel and distributed processing symposium workshops (ipdpsw)...
TRANSCRIPT
Identity Based Schemes for Securing Mobile AdHoc Networks
Uttam Ghosh*
Department of Electronics and Electrical Communication Engineering
Indian Institute of Technology, Kharagpur, India, Kharagpur-721 302
Email: [email protected]
Abstract— Attacks can be launched at any layer of theprotocol stack in mobile ad hoc network. In my PhD research,only attacks on Network and Transport layers have beenstudied and some secure mechanisms for preventing thoseattacks are formalized. The overall work can be viewed asa combination of four problems and our goal is to solvethese problems: (a) Secure distribution of IP addresses in adistributed and dynamic way; (b) Providing security in AODV;(c) Providing security in TCP; and (d) Providing QoS andsecure TCP for mobile ad networks.
I. INTRODUCTION
Mobile Ad hoc Network (MANET) is a collection of two
or more devices equipped with wireless communications and
networking capability. The devices within the radio range
can immediately communicate with each other. The nodes
that are not within each other‘s radio range can communicate
with the help of intermediate nodes where the packets are
relayed from source to destination. Each node should be
configured with a unique identity to ensure the packets cor-
rectly routed with the help of routing protocol (e.g., AODV,
DSDV, DSR) in the MANET. Therefore, a node requires
authentication at the time of bootstrap to avoid security
threats that can be seen in each layer of the protocol stack.
However, establishing secure communication in a MANET
is particularly challenging task because: (a) shared wireless
medium; (b) no clear line of defense; (c) self-organizing and
dynamic network; (d) most of the messages are broadcasted;
(e) messages travel in a hop-by-hop manner; (f) nodes are
constrained in terms of computation and battery power.
In IP based networks, IP address uniqueness is one of
the most important requirements, since the node cannot
participate in unicast communications or routing. Often
nodes are assumed to have unique IP addresses configured
a prior, however this is not the case and cannot be achieved
easily in MANETs. Manual or static address configuration
in most cases is inapplicable to MANETs. Centralized
Dynamic Host Configuration Protocol (DHCP) is also not
a suitable solution in MANET, because it has to maintain
the configuration information of all hosts in the network.
Recently, a number of dynamic address configuration pro-
tocols have been proposed for MANET as discussed in the
literature [1]–[8]. However, most of the protocols (a) rely
*My dissertation work undertaken at IIT Kharagpur under the guidanceof Prof. Raja Datta since December 29, 2009
on passive duplicate address detection (DAD) mechanism
[9] to resolve the address conflicts (b) lack a mechanism
for authentication and (c) can not efficiently handle the
network partitions and mergers. In passive DAD, nodes use
periodic link state routing information to notify other nodes
about their neighbors, which in turn causes broadcast storm
problem [10]. The major security threats [5] associated with
dynamic IP address configuration in MANET are AddressSpoofing, Address Exhaustion, False Address Conflict and
False Deny Message attacks.
Hence, for assigning an IP address in MANET, a standard
IP addressing protocol should have the following objectives:
• Distributed Dynamic IP Address Configuration: As
MANET is infrastructureless and dynamic in nature, the
addressing protocol should be distributed among network
nodes to provide IP addresses to the new nodes dynamically.
• Uniqueness: The protocol should assign unique IP ad-
dresses in the MANET for correct routing and unicast
communication.
• Robustness: The chance of address conflicts of the nodes
due to network partitions and mergers should be as low as
possible.
• Scalability: As number of nodes increased in the network,
the time taken to obtain an IP address (i.e., addressinglatency) or number of packet exchanges (i.e., communicationoverhead) during address allocation should not be high.
• Security: A prime concern is to avoid security threats
associated with the address allocation protocol of a MANET.
Therefore, our first objective is to investigate and propose
secure dynamic host configuration protocols that can handle
network events efficiently with low communication overhead
and addressing latency. In this regard, we propose three
dynamic IP configuration schemes [7], [8], [11] that can
securely allocate IP addresses to the individual nodes of a
MANET.
In routing protocols like AODV, malicious node may
advertise a route with a smaller distance than the actual
distance, or advertise a routing update with a large sequence
number and invalidate all routing updates from other nodes.
Therefore, our second objective is to investigate and pro-
pose secure routing protocols so that the above mentioned
activities of malicious nodes can be nullified. In this regard,
an ID based secure AODV protocol is proposed in [12].
2012 IEEE 26th International Parallel and Distributed Processing Symposium Workshops
978-0-7695-4676-6/12 $26.00 © 2012 IEEE
DOI 10.1109/IPDPSW.2012.315
2508
2012 IEEE 26th International Parallel and Distributed Processing Symposium Workshops & PhD Forum
978-0-7695-4676-6/12 $26.00 © 2012 IEEE
DOI 10.1109/IPDPSW.2012.315
2508
2012 IEEE 26th International Parallel and Distributed Processing Symposium Workshops & PhD Forum
978-0-7695-4676-6/12 $26.00 © 2012 IEEE
DOI 10.1109/IPDPSW.2012.315
2514
The main functions of TCP-like Transport layer protocols
are (a) setting up of end-to-end connection, (b) end-to-
end reliable delivery of packets, (c) flow control, (d) con-
gestion control and (c) clearing of end-to-end connection.
However, TCP is vulnerable to SYN flooding attack or
session hijacking attacks which affects the above functions.
Thus, we intend to propose techniques to include security
mechanisms in transport layer protocol for MANET. To
fulfill this objective, an ID based secure TCP protocol is
proposed in [12].
TCP performs well in wired environment where packet
may loss mainly due to congestion in the network. However,
TCP performs badly and adversely affect the Quality of
Services (QoS) of the MANET where packet losses are
largely due to errors or link failure between the nodes.
TCP also assumes that the established path remains until the
session is over. This assumption may not be true in mobile
ad hoc scenario due to mobility of nodes and therefore QoS
is degraded. In addition, QoS become poor due to malicious
packet drops by the misbehaved nodes. Hence, our final ob-
jective is to propose secure TCP that dynamically adjust its
parameters according to network environment of MANET.
In this ongoing work, we are trying to develop bilinear
pairing based secure TCP that predicts its parameters (e.g.,
congestion window, round trip timeout) from their previous
state values.
II. MOTIVATION
Security is one of the important aspects of any network.
Providing security to MANET is a difficult task due to lack
of pre-existing infrastructure. Protocols are being developed
to secure various aspects of MANET. However, in most
of the existing works complex cryptographic techniques
are used to prevent attacks. Generally, mobile nodes have
limited computational resources, thus these works are not
suitable. Further, most of the existing Intrusion Detection
Systems (IDS) proposed in the literature are in Applicationor in Network layer of the protocol stack. There is a brilliant
scope of research in the field of secure addressing, routing
and data transmission in MANET. This has motivated us
to investigate further the security issues in these layers of
mobile ad hoc networks and to try and develop algorithms
for a secure MANET.
A. IDDIP: An ID based Secure Dynamic IP ConfigurationScheme
In this work, we propose an ID based secure distributed
dynamic IP (IPv4) configuration scheme, namely IDDIP, for
address allocation which eliminates the need for broadcast-
ing messages over the entire MANET during the address
allocation process. Following the proposed scheme, each
host in a MANET can generate K number of new unique
IP addresses for the new authorized hosts. The proposed
scheme provides authentication for address configuration
without the help of a trusted third party while taking care of
the security threats associated with dynamic IP configura-
tion. It also generates node ID (node id) as a node identifier,
which is derived from its IP address and a public key for au-
thentication purpose. Moreover, for message authentication
we have used public key digital signature. Thus, a node can
be identified by the unique tuple 〈node id, IPaddress〉.After the network partition occurs, the split networks can
grow independently. Now if the partitions are merged at any
later stage, even if there is a chance of IP address conflicts,
the chances of tuple conflicts are very less. This shows that
the robustness of IDDIP scheme is medium. However, the
scheme is inefficient to handle the address leak problem
and also false reply attack. The details of the scheme can
be found in [7].
B. IDSDDIP: An ID based Secure Distributed Dynamic IPConfiguration Scheme
In this work, we present an ID based distributed dy-
namic IP (IPv6) configuration scheme, namely IDSDDIP,
that securely allocates IP addresses to the authorized nodes
for a MANET. The scheme is distributed among MANET
nodes. Therefore, each node has capability of generating
unique IP addresses from its own IP address and can assign
those addresses to the new nodes. The proposed scheme
eliminates the need of duplicate address detection procedure,
thus saves the considerable network bandwidth. The scheme
also eliminates the help of a trusted third party for providing
authentication. It also solves the problem (such as address
leak, false reply attack) of IDDIP scheme. Performance
analysis shows that the proposed addressing scheme has low
communication overhead and fairly low addressing latency
with added security mechanisms compared to the similar
existing dynamic address allocation schemes. However, ro-
bustness of the IDSDDIP scheme is low as the chances of
address conflictions due to network partitions and mergers
are high. More detailed of this work can be found in [8].
C. A Novel Signature Scheme to Secure Distributed Dy-namic IP Configuration Scheme
In this work, we propose an ID based distributed dynamic
IP (IPv6) configuration scheme to securely allocate IP
addresses to the authorized hosts for a MANET without
broadcasting over the entire network. The scheme is per-
fectly robust with low overhead and fairly low addressing
latency, and capable of handling the problems that may
arise due to host failures, message losses, mobility of the
hosts and network partitioning or merging. In addition, we
propose a novel bilinear pairing based signature scheme
that authenticates and lessens the security threats associated
with dynamic IP configuration. Proof of correctness of the
proposed signature scheme verifies that the scheme is secure
against any forgery attack. Also, it does not allow keyescrow, as the key generation and distribution is based on
threshold instead of one public key generator. The proposed
scheme is identity based, therefore it does not require any
250925092515
TABLE ICOMPARISON OF DYNAMIC ADDRESSING APPROACHES
Metrics MANETconf [13] Prophet [2] Prime DHCP [14] Wang [5] ADIP [6] IDDIP IDSDDIP WCNC [11]Uniqueness Yes No Yes No Yes Yes Yes Yes
Latency O(2td) O(2t) O(2t) O(2td) O(2t+m) O(2t+ s) O(2t+ s+ c) O(2t+ s+ c)Overhead O(n2) O(n/2) O(n/2) O(n2) O(n/2) O(n/2) O(n/2) O(n/2)
Complexity High High Low Medium Low Low Low LowRobustness Low Low Medium Low Medium High Medium HighestScalability Low High Medium Low Medium Medium Highest Highest
P.Msg Yes No Yes No No Yes Yes NoSecurity No No No Yes Yes Yes Yes Yes
(a) Communication Overhead (b) Addressing Latency
Fig. 1. Communication Overhead and Addressing Latency [11]
certificate. This work has been accepted in IEEE WCNC
[11].
D. Performance Analysis
Table I presents the comparison of our proposed schemes
with the existing dynamic addressing approaches. Here, n is
the number of mobile hosts in the network and the number
of link is l, the network diameter is d and the average 1-hop
latency is t. Detail description of the table can be found in
[7], [8].
E. Simulation
a) Communication Overhead: Figure 1(a) shows the effect
of mobility on the average communication overhead per
node for ADIP [6], Wang et al. scheme [5] and propose
IDDIP [7] and [11] schemes in a network of 50 mobile
nodes. As the mobility increases the average communica-
tion overhead per node increases in IDDIP, ADIP and our
proposed scheme. It can be seen that the IDDIP, ADIP and
our proposed scheme have lower communication overhead
per node because each node sends only one-hop broadcast
messages. Whereas, the Wang et al. scheme has higher
communication overhead due to duplicate address detection
process that floods messages throughout the network.
b) Addressing Latency: Effect of mobility on the av-
erage addressing latency per node for all the approaches
under consideration is shown in Figure 1(b). ADIP and
our proposed schemes IDDIP and [11] have lower average
addressing latency per node because a node can acquire an
address from its neighbors. Therefore, the addressing latency
is only the round trip delay for ADIP and our proposed
schemes. It can be seen that the scheme proposed by Wang
et al. has a higher average addressing latency than ADIP
and our proposed schemes. This is because it uses duplicate
address detection mechanism where message is flooded in
the entire network. Depending on the network diameter a
timer is set by the scheme and only after timeout a new
node is able to configure itself. From the figure, we can
see that the addressing latency increases as the mobility of
the nodes increase. Details of simulation results in different
network environments can be seen in [7], [11].
III. IDENTITY BASED SECURE AODV AND TCPIn this work, we propose an ID based secure AODV protocol
that takes care of the security issues in route discovery and
maintenance phases. In our work we have assumed two
levels of security: high and low. By high level of security
we mean that, when a path is set up, both the source and
the destination node verifies the authenticity of all the other
nodes in the route. In addition to this, the authenticity of a
node is also verified by its immediate downstream node.
In case of low level of security, when a path is set up
the source and destination node verifies the authenticity of
each other (end-to-end) and each intermediate node on the
route verifies the authenticity of the downstream node. The
scheme uses sequential aggregate signatures (SAS) based on
RSA [15]. In addition, we propose an ID based secure TCP
that securely transmits data using the Diffie-Hellman [16]
session key for the MANET nodes. In the proposed scheme,
each node have an ID which is evaluated from its public key
for authentication purpose. Following the proposed scheme
a node cannot change its ID throughout the lifetime of the
MANET. Therefore, the scheme is secure against the above
attacks that are associated with AODV and TCP in MANET.
More details of this work can be found in [12].
A. Security and Performance Analysis
In the proposed scheme, IDI of a node I is generated
from its public key ((NI , eI)) using a secure one way hash
function (H). In addition, public keys ((Ni, ei) and PKi)
along with node IDs are distributed before the deployment
of the MANET. As a result, a node cannot change its ID
within the lifetime of the MANET. Therefore, impersonation
attacks or unauthorized participation is not possible.
As the source/ destination node signs the RREQ/ RREPpacket using their private key, a malicious node cannot be
251025102516
able to modify the route sequence number. Also, RREQ/RREP packets are signed by the each intermediate node.
Therefore, a malicious node cannot change the value of the
hop count field. Due to similar reason, a malicious node
cannot change the source/ destination address of a packet.
In the first scenario, node IDs are cached and the routing
messages are signed by them. The source/ destination node
verifies the authenticity of each node on the route. In the
second scenario, authentication is done in hop-by-hop and
end-to-end manner. Therefore, two or more malicious nodes
cannot collaborate to make the tunnel. In the proposed
scheme, messages are signed by the nodes on the route at
the time of route maintenance. Therefore, a malicious node
cannot falsely inject route error message to the source.
For providing security at transport layer or TCP, the
proposed scheme uses message authentication code (MAC).
A node cannot hide and change its ID or cannot spoofed IDof another nodes. In addition, the segments are sent along
the authentication tag. Therefore, the SYN flooding attack
is difficult for an attacker. Initial sequence number (ISN )
is generated by the source and destination nodes from a
monotonically increasing random number (R) and a hash
function of source port, destination port, IDS , IDD and
session secret key K. Therefore, a malicious node may not
be able to guess the ISN and cannot hijack the session or
launch ACK storm in the MANET.
The scheme does not need certificate for authentication
because it uses identity-based cryptography. Also, public
keys along with IDs of the nodes are distributed before
the deployment of the MANET. Therefore, it eliminates the
need of sending the public key with the packet. Since the
SAS-based scheme is based on plain RSA, its per-signer
signature generation cost is equivalent to that of a plain
RSA signature. However, following are the overheads of the
proposed protocol:
• Each node has to maintain the list of public keys along
with IDs of other nodes in the network.
• In the first scenario, it has to cache IDs and signatures
of all the nodes on the route. However, the signature
expands by one bit per signers that is if the number of
signers are t, then the signature expands by t-bits.
• Each node has to verify its predecessor and sign the
messages. Source/ destination node has to verify all
the nodes on the route in case of the first scenario.
• To generate the session key for a session, each time
encryption and decryption has to be done by the source
and destination node respectively.
IV. SIGNIFICANCE OF THE RESEARCH
The proposed schemes mainly focus on the attacks of
Network and Transport layers and provides security at
bootstrap, network formation, route discovery and mainte-
nance, and end-to-end data transmission with good QoS of
MANET.
V. CONCLUSION AND FUTURE RESEARCH
In our work to date, we have proposed three ID based
secure distributed dynamic IP address allocation schemes
for mobile ad hoc networks. The IDDIP scheme [7] has
been accepted in Elsevier Ad Hoc Networks journal. We
have designed a testbed namely MANTest at our lab in
IIT Kharagpur and implemented the IDDIP scheme. The
IDSDDIP scheme [8] has been accepted in ICDCN, 2012
and the third scheme [11] for secure address allocation is
accepted in IEEE WCNC, 2012. These schemes for secure
address allocation will also be implemented in MANTest.The extended version of IDSDDIP scheme is under review
in Elsevier Ad Hoc Networks journal. Now, we are ex-
tending the [11] scheme to provide secure routing and data
transmission. The IDSAODV for securing AODV and the
IDSTCP for securing TCP have been accepted in ACWR,
2011. The remaining work for the dissertation is to propose
and develop bilinear pairing based secure routing protocols.
We also plan to propose and develop bilinear pairing based
secure transmission control protocol which will be predic-
tion based and provides good QoS to the MANET.
REFERENCES
[1] M. Fazio, M. Villari, and A. Puliafito, “Aipac: Automatic ip addressconfiguration in mobile ad hoc networks,” Performance Evaluationof Wireless Networks and Communications, vol. Computer Commu-nications 29, Issue 8, pp. 1189–1200, 15 May 2006.
[2] H. Zhou, L. M. Ni, and M. W. Mutka, “Prophet address allocationfor large scale manets,” INFOCOM, pp. 1304–1311, 2003.
[3] M. Tajamolian, M. Taghiloo, and M. Tajamolian, “Lightweight secureip address auto-configuration based on vasm,” 2009 InternationalConference on Advanced Information Networking and ApplicationsWorkshops, pp. 176–180, Waina 2009.
[4] A. Cavalli and J. Orset, “Secure hosts auto-configuration in mobilead hoc networks,” Data Communication and Topology Control in AdHoc Networks, vol. Ad Hoc Networks 3, Issue 5, pp. 656–667, 2005.
[5] P. Wang, D. S. Reeves, and P. Ning, “Secure address auto-configuration for mobile ad hoc networks,” in Proceedings of 2ndAnnual International Conference MobiQuitous, pp. 519–522, 2005.
[6] U. Ghosh and R. Datta, “Adip: an improved authenticated dynamicip configuration scheme for mobile ad hoc networks,” Int. J. UltraWideband Communications and Systems, vol. 1, pp. 102–117, 2009.
[7] U. Ghosh and R. Datta, “A secure dynamic ip configuration schemefor mobile ad hoc networks,” Ad Hoc Networks, vol. 9, no. 7, pp. 1327– 1342, 2011.
[8] U. Ghosh and R. Datta, “An id based secure distributed dynamic ipconfiguration scheme for mobile ad hoc networks,” in DistributedComputing and Networking, vol. 7129 of LNCS, pp. 295–308, 2012.
[9] K. Weniger, “Passive duplicate address detection in mobile ad hocnetworks,” in IEEE WCNC, (Florence, Italy), February 2003.
[10] S. Ni, Y. Tseng, Y. Chen, and J. Sheu, “The broadcast storm problemin a mobile ad hoc network,” in Proceedings of the ACM/IEEEMOBICOM, pp. 151–162, 1999.
[11] U. Ghosh and R. Datta, “A novel signature scheme to secure dis-tributed dynamic address configuration protocol in mobile ad hocnetworks,” in IEEE WCNC, (Paris, France), 2012 (Accepted).
[12] U. Ghosh and R. Datta, “Identity based secure aodv and tcp for mobilead hoc networks,” in ACWR2011, (India), December 18-21, 2011.
[13] S. Nesargi and R. Prakash, “Manetconf: Configuration of hosts in amobile ad hoc network,” INFOCOM, pp. 1059–1068, 2002.
[14] Y. Hsu and C. Tseng, “Prime dhcp: A prime numbering addressallocation mechanism for manets,” in IEEE Communicatons, 2005.
[15] H. Shacham, “Sequential aggregate signatures from trapdoor homo-morphic permutations,” 2003.
[16] W. Diffie and M. E. Hellman, “New directions in cryptography,” inIEEE Trans. Inf. Theory, vol. IT-22, pp. 644–654, November 2006.
251125112517