Identifying trustable devices and establishing secure tunnels between them in ad hoc network environments is a difficult task because it has to be quick, inexpensive and secure. Certificate-based authentication mechanisms are too expensive for small devices. The use of such mechanisms must be controlled and reserved for special situations, (e.g. banking applications) but not for everyday transactions. In addition, indiscriminate use of asymmetric ciphering and certificate-based authentication is a shortcut to battery exhaustion attacks. This paper describes a lightweight distributed group authentication mechanism suitable for ad hoc network devices requirements. We introduce the concept of group authentication, which target is not the individual identification of devices, but to verify if a device belongs or does not belong to a trusted group. The proposed mechanism verifies if devices have a pre-shared secret and sets new cipher keys each time it runs. This mechanism requires loose synchronization among the devices real time clocks to thwart replay attacks. It also mitigates the effects of battery exhaustion attacks due to its lightness
[1]
Frank Stajano,et al.
The Resurrecting Duckling: Security Issues for Ad-hoc Wireless Networks
,
1999,
Security Protocols Workshop.
[2]
Hugo Krawczyk,et al.
HMAC: Keyed-Hashing for Message Authentication
,
1997,
RFC.
[3]
Martin Nilsson,et al.
Investigating the energy consumption of a wireless network interface in an ad hoc networking environment
,
2001,
Proceedings IEEE INFOCOM 2001. Conference on Computer Communications. Twentieth Annual Joint Conference of the IEEE Computer and Communications Society (Cat. No.01CH37213).
[4]
Srdjan Capkun,et al.
Mobility helps security in ad hoc networks
,
2003,
MobiHoc '03.
[5]
Dan Harkins,et al.
The Internet Key Exchange (IKE)
,
1998,
RFC.
[6]
David A. Wagner,et al.
Intercepting mobile communications: the insecurity of 802.11
,
2001,
MobiCom '01.