Securing ad hoc networks

Ad hoc networks are a new wireless networking paradigm for mobile hosts. Unlike traditional mobile wireless networks, ad hoc networks do not rely on any fixed infrastructure. Instead, hosts rely on each other to keep the network connected. Military tactical and other security-sensitive operations are still the main applications of ad hoc networks, although there is a trend to adopt ad hoc networks for commercial uses due to their unique properties. One main challenge in the design of these networks is their vulnerability to security attacks. In this article, we study the threats on ad hoc network faces and the security goals to be achieved. We identify the new challenges and opportunities posed by this new networking environment and explore new approaches to secure its communication. In particular, we take advantage of the inherent redundancy in ad hoc networks-multiple routes between nodes-to defend routing against denial-of-service attacks. We also use replication and new cryptographic schemes, such as threshold cryptography, to build a highly secure and highly available key management service, which terms the core of our security framework.

[1]  Laurence B. Milstein,et al.  Spread-Spectrum Communications , 1983 .

[2]  Nancy A. Lynch,et al.  Impossibility of distributed consensus with one faulty process , 1983, PODS '83.

[3]  Nancy A. Lynch,et al.  Impossibility of distributed consensus with one faulty process , 1985, JACM.

[4]  A. Ephremides,et al.  A design concept for reliable mobile radio networks with frequency hopping signaling , 1987, Proceedings of the IEEE.

[5]  N. Shacham,et al.  Future directions in packet radio architectures and protocols , 1987, Proceedings of the IEEE.

[6]  Paul Feldman,et al.  A practical scheme for non-interactive verifiable secret sharing , 1987, 28th Annual Symposium on Foundations of Computer Science (sfcs 1987).

[7]  Radia J. Perlman,et al.  Network layer protocols with Byzantine robustness , 1988 .

[8]  Yvo Desmedt,et al.  Threshold Cryptosystems , 1989, CRYPTO.

[9]  Morrie Gasser,et al.  The Digital Distributed System Security Architecture , 1989 .

[10]  Fred B. Schneider,et al.  Implementing fault-tolerant services using the state machine approach: a tutorial , 1990, CSUR.

[11]  Torben P. Pedersen Non-Interactive and Information-Theoretic Secure Verifiable Secret Sharing , 1991, CRYPTO.

[12]  Gerald Q. Maguire,et al.  IP-based protocols for mobile internetworking , 1991, SIGCOMM 1991.

[13]  J.J. Tardo,et al.  SPX: global authentication using public key certificates , 1991, Proceedings. 1991 IEEE Computer Society Symposium on Research in Security and Privacy.

[14]  Rafail Ostrovsky,et al.  How To Withstand Mobile Virus Attacks , 1991, PODC 1991.

[15]  Fumio Teraoka,et al.  A network architecture providing host migration transparency , 1991, SIGCOMM 1991.

[16]  Rafail Ostrovsky,et al.  How to withstand mobile virus attacks (extended abstract) , 1991, PODC '91.

[17]  Morrie Gasser,et al.  DASS: Distributed Authentication Security Service , 1992, IFIP Congress.

[18]  Michael B. Pursley,et al.  Routing in frequency-hop packet radio networks with partial-band jamming , 1993, IEEE Trans. Commun..

[19]  Richard D. Gitlin,et al.  Diversity coding for transparent self-healing and fault-tolerant communication networks , 1993, IEEE Trans. Commun..

[20]  Li Gong,et al.  Increasing Availability and Security of an Authentication Service , 1993, IEEE J. Sel. Areas Commun..

[21]  Wayne E. Stark,et al.  Frequency-hopped spread spectrum in the presence of a follower partial-band jammer , 1993, IEEE Trans. Commun..

[22]  Brijesh Kumar,et al.  Integration of security in network routing protocols , 1993, SGSC.

[23]  Michael K. Reiter,et al.  The Rampart Toolkit for Building High-Integrity Services , 1994, Dagstuhl Seminar on Distributed Systems.

[24]  David A. Maltz,et al.  Dynamic Source Routing in Ad Hoc Wireless Networks , 1994, Mobidata.

[25]  Hugo Krawczyk,et al.  Proactive Secret Sharing Or: How to Cope With Perpetual Leakage , 1995, CRYPTO.

[26]  Stanisław Jarecki,et al.  Proactive secret sharing and public key cryptosystems , 1995 .

[27]  Matthew K. Franklin,et al.  The Omega Key Management Service , 1996, J. Comput. Secur..

[28]  Hugo Krawczyk,et al.  Robust Threshold DSS Signatures , 1996, EUROCRYPT.

[29]  Charles E. Perkins,et al.  IP Mobility Support , 1996, RFC.

[30]  Mihir Bellare,et al.  Advances in Cryptology — CRYPTO '97 , 1996, Lecture Notes in Computer Science.

[31]  Moti Yung,et al.  Proactive RSA , 1997, CRYPTO.

[32]  Michael K. Reiter,et al.  Distributing trust with the Rampart toolkit , 1996, CACM.

[33]  J. Sharony A mobile radio network architecture with dynamically changing topology using virtual subnets , 1996, Proceedings of ICC/SUPERCOMM '96 - International Conference on Communications.

[34]  M. S. Corson,et al.  A highly adaptive distributed routing algorithm for mobile wireless networks , 1997, Proceedings of INFOCOM '97.

[35]  Moti Yung,et al.  Optimal-resilience proactive public-key cryptosystems , 1997, Proceedings 38th Annual Symposium on Foundations of Computer Science.

[36]  J. J. Garcia-Luna-Aceves,et al.  Securing distance-vector routing protocols , 1997, Proceedings of SNDSS '97: Internet Society 1997 Symposium on Network and Distributed System Security.

[37]  Stephen T. Kent,et al.  Securing the Nimrod routing architecture , 1997, Proceedings of SNDSS '97: Internet Society 1997 Symposium on Network and Distributed System Security.

[38]  Chai-Keong Toh,et al.  Associativity-Based Routing for Ad Hoc Mobile Networks , 1997, Wirel. Pers. Commun..

[39]  Sushil Jajodia,et al.  Redistributing Secret Shares to New Access Structures and Its Applications , 1997 .

[40]  Michael K. Reiter,et al.  Byzantine quorum systems , 1997, STOC '97.

[41]  Michael K. Reiter,et al.  Secure and scalable replication in Phalanx , 1998, Proceedings Seventeenth IEEE Symposium on Reliable Distributed Systems (Cat. No.98CB36281).

[42]  Zygmunt J. Haas,et al.  The performance of query control schemes for the zone routing protocol , 1998, SIGCOMM '98.

[43]  Charles E. Perkins,et al.  Ad-hoc on-demand distance vector routing , 1999, Proceedings WMCSA'99. Second IEEE Workshop on Mobile Computing Systems and Applications.

[44]  Gene Tsudik,et al.  Lowering security overhead in link state routing , 1999, Comput. Networks.

[45]  Miguel Oom Temudo de Castro,et al.  Practical Byzantine fault tolerance , 1999, OSDI '99.

[46]  Zygmunt J. Haas,et al.  Ad Hoc mobility management with uniform quorum systems , 1999, TNET.

[47]  Chai-Keong Toh,et al.  ABAM: on-demand associativity-based multicast routing for ad hoc mobile networks , 2000, Vehicular Technology Conference Fall 2000. IEEE VTS Fall VTC2000. 52nd Vehicular Technology Conference (Cat. No.00CH37152).

[48]  Gregory A. Hansen,et al.  The Optimized Link State Routing Protocol , 2003 .

[49]  Hugo Krawczyk,et al.  Robust and Efficient Sharing of RSA Functions , 2000, Journal of Cryptology.