Secure publish/subscribe-based certificate status validations in mobile ad hoc networks

Freshness of certificate status information is very important in validating public key certificates. However, existing certificate validation schemes suffer from high inconsistency, which makes network vulnerable to various security attacks. In this paper, we propose a new publish/subscribe-based certificate validation scheme that provides fresh certificate status information in the mobile ad hoc networks. This scheme increases the security of public key infrastructure-based security systems and improves the scalability of certificate validation systems. Also, according to the simulation results, our solution effectively decreases the processing overheads on responder nodes and reduces the messaging overhead of certificate status validations in mobile ad hoc networks. Copyright © 2014 John Wiley & Sons, Ltd.

[1]  D. Berbecaru,et al.  MBS-OCSP: an OCSP based certificate revocation system for wireless environments , 2004, Proceedings of the Fourth IEEE International Symposium on Signal Processing and Information Technology, 2004..

[2]  Roberto Di Pietro,et al.  "Who Counterfeited My Viagra?" Probabilistic Item Removal Detection via RFID Tag Cooperation , 2011, EURASIP J. Wirel. Commun. Netw..

[3]  Ahmad Khademzadeh,et al.  A survey and taxonomy of distributed certificate authorities in mobile ad hoc networks , 2011, EURASIP J. Wirel. Commun. Netw..

[4]  Nei Kato,et al.  Cluster-Based Certificate Revocation with Vindication Capability for Mobile Ad Hoc Networks , 2013, IEEE Transactions on Parallel and Distributed Systems.

[5]  Giannis F. Marias,et al.  Revising centralized certificate validation standards for mobile and wireless communications , 2010, Comput. Stand. Interfaces.

[6]  K.Radhika D.Jamuna M.Srividya Review On Certificate Revocation Of Mobile Ad Hoc Networks , 2012 .

[7]  Pramod Kumar Soni,et al.  A Survey of Mobile Ad Hoc Network Attacks , 2013 .

[8]  Ajit Singh,et al.  A Literature Review of Security Attack in Mobile Ad-hoc Networks , 2010 .

[9]  Jose L. Muñoz,et al.  COACH: COllaborative certificate stAtus CHecking mechanism for VANETs , 2013, J. Netw. Comput. Appl..

[10]  Carlisle M. Adams,et al.  X.509 Internet Public Key Infrastructure Online Certificate Status Protocol - OCSP , 1999, RFC.

[11]  P. Georgiadis,et al.  Caching alternatives for a MANET-oriented OCSP scheme , 2005, Workshop of the 1st International Conference on Security and Privacy for Emerging Areas in Communication Networks, 2005..

[12]  İnan Güler,et al.  A Survey of Wormhole-based Attacks and their Countermeasures in Wireless Sensor Networks , 2011 .

[13]  G.F. Marias,et al.  Performance evaluation of a distributed OCSP protocol over MANETs , 2006, CCNC 2006. 2006 3rd IEEE Consumer Communications and Networking Conference, 2006..

[14]  Yi Mu,et al.  Securing DSR against wormhole attacks in multirate ad hoc networks , 2013, J. Netw. Comput. Appl..

[15]  Jose L. Muñoz,et al.  Evaluation of certificate revocation policies: OCSP vs. Overissued-CRL , 2002, Proceedings. 13th International Workshop on Database and Expert Systems Applications.

[16]  Anders Fongen,et al.  The effect of a MANET proxy overlay for certificate validation services , 2009, MILCOM 2009 - 2009 IEEE Military Communications Conference.

[17]  Nei Kato,et al.  Certificate Revocation to Cope with False Accusations in Mobile Ad Hoc Networks , 2010, 2010 IEEE 71st Vehicular Technology Conference.

[18]  Nei Kato,et al.  A Study on Certificate Revocation in Mobile Ad Hoc Networks , 2011, 2011 IEEE International Conference on Communications (ICC).

[19]  Xu Zhao,et al.  New Certificate Status Verification Scheme Based on OCSP for Wireless Environment , 2009, 2009 International Forum on Computer Science-Technology and Applications.

[20]  G.F. Marias,et al.  A Certificate Validation Protocol for VANETs , 2007, 2007 IEEE Globecom Workshops.

[21]  Mohammad Masdari,et al.  Towards Scalable Certificate Status Validation in Mobile Ad Hoc Networks , 2013, Int. J. Mob. Comput. Multim. Commun..

[22]  Silke Holtmanns,et al.  Evaluation of certificate validation mechanisms , 2006, Comput. Commun..

[23]  Jose L. Muñoz,et al.  PKIX Certificate Status in Hybrid MANETs , 2009, WISTP.

[24]  Jose L. Muñoz,et al.  Certificate status validation in mobile ad hoc networks , 2009, IEEE Wireless Communications.

[25]  Giannis F. Marias,et al.  ADOPT. A Distributed OCSP for Trust Establishment in MANETs , 2005 .

[26]  M. K. Raja,et al.  Digital certificate management: Optimal pricing and CRL releasing strategies , 2014, Decis. Support Syst..

[27]  Jolyon Clulow,et al.  New Strategies for Revocation in Ad-Hoc Networks , 2007, ESAS.

[28]  Jose L. Muñoz,et al.  PREON: An efficient cascade revocation mechanism for delegation paths , 2010, Comput. Secur..