Distributed Node Selection for Threshold Key Management with Intrusion Detection in Mobile Ad Hoc Networks

In mobile ad hoc networks (MANETs), identity (ID)-based cryptography with threshold secret sharing is a popular approach for the key management design. Most previous work for key management in MANETs concentrates on the protocols and structures. How to optimally conduct node selection in ID-based cryptography with threshold secret sharing merits further investigation. In this paper, we propose a distributed scheme to dynamically select nodes with master key shares to provide the private key generation service. The proposed scheme considers the node security and energy states in the process of selecting best nodes to construct a private key generator (PKG). Intrusion detection systems are modeled as noisy sensors to monitor the system security situations. The node selection process is formulated as a stochastic optimization problem. Simulation results are presented to illustrate the effectiveness of the proposed scheme.

[1]  Wenke Lee,et al.  Intrusion detection in wireless ad-hoc networks , 2000, MobiCom '00.

[2]  Haiyun Luo,et al.  URSA: ubiquitous and robust access control for mobile ad hoc networks , 2004, IEEE/ACM Transactions on Networking.

[3]  Bo Wahlberg,et al.  Partially Observed Markov Decision Process Multiarmed Bandits - Structural Results , 2009, Math. Oper. Res..

[4]  V. Veeravalli,et al.  Capacity of noncoherent time-selective block Rayleigh flat-fading channel , 2002, Proceedings IEEE International Symposium on Information Theory,.

[5]  Sandeep Kumar,et al.  Continuous Verification Using Multimodal Biometrics , 2007, IEEE Trans. Pattern Anal. Mach. Intell..

[6]  Adi Shamir,et al.  How to share a secret , 1979, CACM.

[7]  Jeong Hyun Yi,et al.  Identity-Based Access Control for Ad Hoc Groups , 2004, ICISC.

[8]  Yvo Desmedt,et al.  Threshold Cryptosystems , 1989, CRYPTO.

[9]  Vikram Krishnamurthy,et al.  A Value Iteration Algorithm for Partially Observed Markov Decision Process Multi-armed Bandits , 2004 .

[10]  Robin Kravets,et al.  MOCA : MObile Certificate Authority for Wireless Ad Hoc Networks , 2004 .

[11]  Christian M. Ernst,et al.  Multi-armed Bandit Allocation Indices , 1989 .

[12]  Zygmunt J. Haas,et al.  Securing ad hoc networks , 1999, IEEE Netw..

[13]  Yuguang Fang,et al.  Securing Mobile Ad Hoc Networks with Certificateless Public Keys , 2006, IEEE Transactions on Dependable and Secure Computing.

[14]  Ahmed Helmy,et al.  Towards mobility-rich analysis in ad hoc networks: using contraction, expansion and hybrid models , 2004, 2004 IEEE International Conference on Communications (IEEE Cat. No.04CH37577).

[15]  P. Whittle Multi‐Armed Bandits and the Gittins Index , 1980 .

[16]  J. Bather,et al.  Multi‐Armed Bandit Allocation Indices , 1990 .

[17]  Dharma P. Agrawal,et al.  Threshold and identity-based key management and authentication for wireless ad hoc networks , 2004, International Conference on Information Technology: Coding and Computing, 2004. Proceedings. ITCC 2004..

[18]  Adi Shamir,et al.  Identity-Based Cryptosystems and Signature Schemes , 1984, CRYPTO.

[19]  Song Guo,et al.  Localized Operations for Distributed Minimum Energy Multicast Algorithm in Mobile Ad Hoc Networks , 2007, IEEE Transactions on Parallel and Distributed Systems.

[20]  A. Cassandra,et al.  Exact and approximate algorithms for partially observable markov decision processes , 1998 .

[21]  Jean-Pierre Hubaux,et al.  The quest for security in mobile ad hoc networks , 2001, MobiHoc '01.

[22]  Wenke Lee,et al.  Intrusion Detection Techniques for Mobile Wireless Networks , 2003, Wirel. Networks.