Revocation and update of trust in autonomous delay tolerant networks

We model a decentralised security credential revocation and replacement scheme.We utilise leverage of common friends trust concepts for trust transferral on keys.We propose a revocation scheme to provide entity confidence and trust transferral.We compare similar schemes on key and certificate removal and replacement metrics.Proposal distributes credentials 35% faster, slowed spoofed credentials by 50%. A Delay Tolerant Network (DTN) is a dynamic, fragmented, and ephemeral network formed by a large number of highly mobile nodes. DTNs are ephemeral networks with highly mobile autonomous nodes. This requires distributed and self-organised approaches to trust management. Revocation and replacement of security credentials under adversarial influence by preserving the trust on the entity is still an open problem. Existing methods are mostly limited to detection and removal of malicious nodes. This paper makes use of the mobility property to provide a distributed, self-organising, and scalable revocation and replacement scheme. The proposed scheme effectively utilises the Leverage of Common Friends (LCF) trust system concepts to revoke compromised security credentials, replace them with new ones, whilst preserving the trust on them. The level of achieved entity confidence is thereby preserved. Security and performance of the proposed scheme is evaluated using an experimental data set in comparison with other schemes based around the LCF concept. Our extensive experimental results show that the proposed scheme distributes replacement credentials up to 35% faster and spreads spoofed credentials of strong collaborating adversaries up to 50% slower without causing any significant increase on the communication and storage overheads, when compared to other LCF based schemes.

[1]  Anandarup Mukherjee,et al.  Design and implementation analysis of a public key infrastructure-enabled security framework for ZigBee sensor networks , 2016, Int. J. Commun. Syst..

[2]  Yacine Challal,et al.  Reliable and fully distributed trust model for mobile ad hoc networks , 2009, Comput. Secur..

[3]  Turgay Korkmaz,et al.  HEAP: hop-by-hop efficient authentication protocol for Mobile Ad-hoc Networks , 2007, SpringSim '07.

[4]  Philip R. Zimmermann,et al.  The official PGP user's guide , 1996 .

[5]  Danny Dolev,et al.  On the security of public key protocols , 1981, 22nd Annual Symposium on Foundations of Computer Science (sfcs 1981).

[6]  Peter I. Corke,et al.  Establishing initial trust in autonomous Delay Tolerant Networks without centralised PKI , 2013, Comput. Secur..

[7]  Muthucumaru Maheswaran,et al.  A localized certificate revocation scheme for mobile ad hoc networks , 2008, Ad Hoc Networks.

[8]  Adrian Perrig,et al.  Distributed detection of node replication attacks in sensor networks , 2005, 2005 IEEE Symposium on Security and Privacy (S&P'05).

[9]  Matthew K. Franklin,et al.  Identity-Based Encryption from the Weil Pairing , 2001, CRYPTO.

[10]  Panagiotis Papadimitratos,et al.  Eviction of Misbehaving and Faulty Nodes in Vehicular Networks , 2007, IEEE Journal on Selected Areas in Communications.

[11]  Panagiotis Papadimitratos,et al.  On Data-Centric Trust Establishment in Ephemeral Ad Hoc Networks , 2008, IEEE INFOCOM 2008 - The 27th Conference on Computer Communications.

[12]  David A. Maltz,et al.  Dynamic Source Routing in Ad Hoc Wireless Networks , 1994, Mobidata.

[13]  Guang Gong,et al.  Bootstrapping Security in Mobile Ad Hoc Networks Using Identity-Based Schemes with Key Revocation , 2006 .

[14]  Jiang Li,et al.  HoP-DTN: Modeling and Evaluation of , 2010 .

[15]  Victor S. Miller,et al.  Use of Elliptic Curves in Cryptography , 1985, CRYPTO.

[16]  Jose L. Muñoz,et al.  A model for revocation forecasting in public-key infrastructures , 2014, Knowledge and Information Systems.

[17]  Patrick Th. Eugster,et al.  DICTATE: DIstributed CerTification Authority with probabilisTic frEshness for ad hoc networks , 2005, IEEE Transactions on Dependable and Secure Computing.

[18]  Adriano Galati Delay Tolerant Network , 2010 .

[19]  Xiao Li,et al.  Information-centric delay-tolerant mobile ad-hoc networks , 2014, 2014 IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS).

[20]  Jiejun Kong,et al.  Providing robust and ubiquitous security support for mobile ad-hoc networks , 2001, Proceedings Ninth International Conference on Network Protocols. ICNP 2001.

[21]  Guang Gong,et al.  Monitoring-Based Key Revocation Schemes for Mobile Ad Hoc Networks: Design and Security Analysis , 2009 .

[22]  Haiyun Luo,et al.  URSA: ubiquitous and robust access control for mobile ad hoc networks , 2004, IEEE/ACM Transactions on Networking.

[23]  Al-Sakib Khan Pathan,et al.  SECRET: A secure and efficient certificate revocation scheme for Mobile Ad hoc Networks , 2014, 2014 International Symposium on Biometrics and Security Technologies (ISBAST).

[24]  Jolyon Clulow,et al.  New Strategies for Revocation in Ad-Hoc Networks , 2007, ESAS.

[25]  Sudip Misra,et al.  Security in Vehicular Ad Hoc Networks , 2016 .

[26]  Choong Seon Hong,et al.  Security in wireless sensor networks: issues and challenges , 2006, 2006 8th International Conference Advanced Communication Technology.

[27]  John Burgess,et al.  Surviving attacks on disruption-tolerant networks without authentication , 2007, MobiHoc '07.

[28]  Timothy W. Finin,et al.  A Data Intensive Reputation Management Scheme for Vehicular Ad Hoc Networks , 2006, 2006 Third Annual International Conference on Mobile and Ubiquitous Systems: Networking & Services.

[29]  Leslie Lamport,et al.  The Byzantine Generals Problem , 1982, TOPL.

[30]  Maxim Raya,et al.  Certificate Revocation in Vehicular Networks , 2006 .

[31]  Joel J. P. C. Rodrigues,et al.  An intelligent approach for building a secure decentralized public key infrastructure in VANET , 2015, J. Comput. Syst. Sci..

[32]  Xiaodong Lin,et al.  Public key distribution scheme for delay tolerant networks based on two-channel cryptography , 2012, J. Netw. Comput. Appl..

[33]  E. Mohammed,et al.  Elliptic curve cryptosystems on smart cards , 2002, Proceedings IEEE 35th Annual 2001 International Carnahan Conference on Security Technology (Cat. No.01CH37186).

[34]  Kevin R. Fall,et al.  A delay-tolerant network architecture for challenged internets , 2003, SIGCOMM '03.

[35]  Jie Zhang,et al.  A Survey on Trust Management for VANETs , 2011, 2011 IEEE International Conference on Advanced Information Networking and Applications.

[36]  David Cooper,et al.  Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile , 2008, RFC.

[37]  Giannis F. Marias,et al.  ADOPT. A Distributed OCSP for Trust Establishment in MANETs , 2005 .

[38]  Adi Shamir,et al.  How to share a secret , 1979, CACM.

[39]  Peter I. Corke,et al.  secFleck: A Public Key Technology Platform for Wireless Sensor Networks , 2009, EWSN.