Efficient and Secure Self-Organized Public Key Management for Mobile Ad Hoc Networks

This paper presents a fully self-organized key management scheme for mobile ad hoc networks. Unlike most previous schemes, there is no priori shared secret or no priori trust relationship in the proposed scheme; every node plays the same role and carries out the same function of key management. The proposed scheme consists of (1) Handshaking (HS) and (2) Certificate request/reply (CRR) procedures. In HS, a node acquires the public key of the approaching node via a secure side channel. In CRR, a node requests certificates of a remote node via a radio channel to the nodes that it has HSed. If the number of received valid certificates that contain the same public key exceeds a given threshold, the node accepts the remote node's public key as valid. Security is rigorously analyzed against various known attacks and network costs are intensively analyzed mathematically. Using this analysis, we provide parameter selection guideline to optimize performance and to maintain security for diverse cases. Simulation results show that every node acquires the public keys of all other nodes at least 5 times faster than in a previous scheme.

[1]  Tracy Camp,et al.  A survey of mobility models for ad hoc network research , 2002, Wirel. Commun. Mob. Comput..

[2]  John R. Douceur,et al.  The Sybil Attack , 2002, IPTPS.

[3]  Paul Feldman,et al.  A practical scheme for non-interactive verifiable secret sharing , 1987, 28th Annual Symposium on Foundations of Computer Science (sfcs 1987).

[4]  Panagiotis Papadimitratos,et al.  Secure Routing for Mobile Ad Hoc Networks , 2002 .

[5]  Yih-Chun Hu,et al.  A survey of secure wireless ad hoc routing , 2004, IEEE Security & Privacy Magazine.

[6]  Levente Buttyán,et al.  Modelling adversaries and security objectives for routing protocols in wireless sensor networks , 2006, SASN '06.

[7]  Yih-Chun Hu,et al.  Ariadne: A Secure On-Demand Routing Protocol for Ad Hoc Networks , 2002, MobiCom '02.

[8]  K. Lauter,et al.  The advantages of elliptic curve cryptography for wireless security , 2004, IEEE Wireless Communications.

[9]  Mary Baker,et al.  Mitigating routing misbehavior in mobile ad hoc networks , 2000, MobiCom '00.

[10]  Gabriel Montenegro,et al.  Statistically Unique and Cryptographically Verifiable (SUCV) Identifiers and Addresses , 2002, NDSS.

[11]  Srdjan Capkun,et al.  Mobility helps peer-to-peer security , 2006, IEEE Transactions on Mobile Computing.

[12]  Donggang Liu,et al.  Establishing pairwise keys in distributed sensor networks , 2005, ACM Trans. Inf. Syst. Secur..

[13]  William A. Arbaugh,et al.  Toward secure key distribution in truly ad-hoc networks , 2003, 2003 Symposium on Applications and the Internet Workshops, 2003. Proceedings..

[14]  Haiyun Luo,et al.  URSA: ubiquitous and robust access control for mobile ad hoc networks , 2004, IEEE/ACM Transactions on Networking.

[15]  Zygmunt J. Haas,et al.  Securing ad hoc networks , 1999, IEEE Netw..

[16]  Michael Roe,et al.  Child-proof authentication for MIPv6 (CAM) , 2001, CCRV.

[17]  Torben P. Pedersen Non-Interactive and Information-Theoretic Secure Verifiable Secret Sharing , 1991, CRYPTO.

[18]  Mohan S. Kankanhalli,et al.  Efficient and robust key management for large mobile ad hoc networks , 2005, Comput. Networks.

[19]  Steven Tuecke,et al.  Internet X.509 Public Key Infrastructure (PKI) Proxy Certificate Profile , 2004, RFC.

[20]  Jeong Hyun Yi,et al.  On the utility of distributed cryptography in P2P and MANETs: the case of membership control , 2003, 11th IEEE International Conference on Network Protocols, 2003. Proceedings..

[21]  Yunghsiang Sam Han,et al.  A pairwise key predistribution scheme for wireless sensor networks , 2005, TSEC.

[22]  Dawn Xiaodong Song,et al.  Random key predistribution schemes for sensor networks , 2003, 2003 Symposium on Security and Privacy, 2003..

[23]  Levente Buttyán,et al.  Provably Secure On-Demand Source Routing in Mobile Ad Hoc Networks , 2006, IEEE Transactions on Mobile Computing.

[24]  Srdjan Capkun,et al.  Self-Organized Public-Key Management for Mobile Ad Hoc Networks , 2003, IEEE Trans. Mob. Comput..

[25]  Jeong Hyun Yi,et al.  An attack on the proactive RSA signature scheme in the URSA ad hoc network access control protocol , 2004, SASN '04.

[26]  Gicheol Wang,et al.  Compromise-resistant pairwise key establishments for mobile ad hoc networks , 2006 .

[27]  Charles E. Perkins,et al.  Ad-hoc on-demand distance vector routing , 1999, Proceedings WMCSA'99. Second IEEE Workshop on Mobile Computing Systems and Applications.

[28]  D. O'Mahony,et al.  Shared RSA key generation in a mobile ad hoc network , 2003, IEEE Military Communications Conference, 2003. MILCOM 2003..

[29]  Virgil D. Gligor,et al.  A key-management scheme for distributed sensor networks , 2002, CCS '02.