A survey of key management in ad hoc networks

The wireless and dynamic nature of mobile ad hoc networks (MANETs) leaves them more vulnerable to security attacks than their wired counterparts. The nodes act both as routers and as communication end points. This makes the network layer more prone to security attacks. A main challenge is to judge whether or not a routing message originates from a trustworthy node. The solution thus far is cryptographically signed messages. The general assumption is that nodes in possession of a valid secret key can be trusted. Consequently, a secure and efficient key-management scheme is crucial. Keys are also required for protection of application data. However, the focus here is on network-layer management information. Whereas keymanagement schemes for the upper layers can assume an already running network service, schemes for the protection of the network layer cannot. Keys are a prerequisite to bootstrap a protected network service. This article surveys the state of the art within key management for ad hoc networks, and analyzes their applicability for network-layer security. The analysis puts some emphasis on their applicability in scenarios such as emergency and rescue operations, as this work was initiated by a study of security in MANETs for emergency and rescue operations.

[1]  Yunghsiang Sam Han,et al.  A pairwise key pre-distribution scheme for wireless sensor networks , 2003, CCS '03.

[2]  John S. Baras,et al.  An Information Theoretic Analysis of Rooted-Tree Based Secure Multicast Key Distribution Schemes , 1999, CRYPTO.

[3]  Mohamed G. Gouda,et al.  Secure group communications using key graphs , 1998, SIGCOMM '98.

[4]  Srdjan Capkun,et al.  Self-Organized Public-Key Management for Mobile Ad Hoc Networks , 2003, IEEE Trans. Mob. Comput..

[5]  Stefano Basagni,et al.  Secure pebblenets , 2001, MobiHoc '01.

[6]  Yunghsiang Sam Han,et al.  A pairwise key predistribution scheme for wireless sensor networks , 2005, TSEC.

[7]  Robin Kravets,et al.  Composite key management for ad hoc networks , 2004, The First Annual International Conference on Mobile and Ubiquitous Systems: Networking and Services, 2004. MOBIQUITOUS 2004..

[8]  Srdjan Capkun,et al.  Mobility helps peer-to-peer security , 2006, IEEE Transactions on Mobile Computing.

[9]  Robin Kravets,et al.  Key management for heterogeneous ad hoc wireless networks , 2002, 10th IEEE International Conference on Network Protocols, 2002. Proceedings..

[10]  Jukka Valkonen Key Management in Ad-Hoc Networks , 2007 .

[11]  Dan Boneh,et al.  Hierarchical Identity Based Encryption with Constant Size Ciphertext , 2005, EUROCRYPT.

[12]  Bülent Yener,et al.  Key distribution mechanisms for wireless sensor networks : a survey , 2005 .

[13]  John R. Douceur,et al.  The Sybil Attack , 2002, IPTPS.

[14]  William A. Arbaugh,et al.  Toward secure key distribution in truly ad-hoc networks , 2003, 2003 Symposium on Applications and the Internet Workshops, 2003. Proceedings..

[15]  Chak-Kuen Wong,et al.  A conference key distribution system , 1982, IEEE Trans. Inf. Theory.

[16]  Yunghsiang Sam Han,et al.  A key management scheme for wireless sensor networks using deployment knowledge , 2004, IEEE INFOCOM 2004.

[17]  Yee Wei Law Key management and link-layer security of wireless sensor networks: Energy-efficient attack and defense , 2005 .

[18]  Christopher McCubbin,et al.  Probabilistic Optimization of LKH-based Multicast Key Distribution Schemes , 2001 .

[19]  Whitfield Diffie,et al.  New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.

[20]  Mohan S. Kankanhalli,et al.  Efficient and robust key management for large mobile ad hoc networks , 2005, Comput. Networks.

[21]  Yvo Desmedt,et al.  Threshold cryptography , 1994, Eur. Trans. Telecommun..

[22]  Ben Lynn,et al.  Authenticated Identity-Based Encryption , 2002, IACR Cryptol. ePrint Arch..

[23]  Hugo Krawczyk,et al.  Proactive Secret Sharing Or: How to Cope With Perpetual Leakage , 1995, CRYPTO.

[24]  Sushil Jajodia,et al.  Efficient and secure keys management for wireless mobile communications , 2002, POMC '02.

[25]  Gene Tsudik,et al.  Key Agreement in Dynamic Peer Groups , 2000, IEEE Trans. Parallel Distributed Syst..

[26]  Srdjan Capkun,et al.  Key Agreement in Peer-to-Peer Wireless Networks , 2006, Proceedings of the IEEE.

[27]  Gene Tsudik,et al.  CLIQUES: a new approach to group key agreement , 1998, Proceedings. 18th International Conference on Distributed Computing Systems (Cat. No.98CB36183).

[28]  Brent Waters,et al.  Efficient Identity-Based Encryption Without Random Oracles , 2005, EUROCRYPT.

[29]  Alan T. Sherman,et al.  Key Establishment in Large Dynamic Groups Using One-Way Function Trees , 2003, IEEE Trans. Software Eng..

[30]  Hugo Krawczyk,et al.  Secure Distributed Key Generation for Discrete-Log Based Cryptosystems , 1999, Journal of Cryptology.

[31]  Virgil D. Gligor,et al.  A key-management scheme for distributed sensor networks , 2002, CCS '02.

[32]  Sushil Jajodia,et al.  LEAP+: Efficient security mechanisms for large-scale distributed sensor networks , 2006, TOSN.

[33]  David Hutchison,et al.  A survey of key management for secure group communication , 2003, CSUR.

[34]  Robin Kravets,et al.  MOCA : MObile Certificate Authority for Wireless Ad Hoc Networks , 2004 .

[35]  Sasikanth Avancha,et al.  Security for Sensor Networks , 2004 .

[36]  Matthew K. Franklin,et al.  Identity-Based Encryption from the Weil Pairing , 2001, CRYPTO.

[37]  Donggang Liu,et al.  Establishing pairwise keys in distributed sensor networks , 2005, TSEC.

[38]  Jung Hee Cheon,et al.  An Identity-Based Signature from Gap Diffie-Hellman Groups , 2003, Public Key Cryptography.

[39]  Zygmunt J. Haas,et al.  Securing ad hoc networks , 1999, IEEE Netw..

[40]  Yves Roudier,et al.  SKiMPy: A Simple Key Management Protocol for MANETs in Emergency and Rescue Operations , 2005, ESAS.

[41]  Dawn Xiaodong Song,et al.  ELK, a new protocol for efficient large-group key distribution , 2001, Proceedings 2001 IEEE Symposium on Security and Privacy. S&P 2001.

[42]  Uta Wille,et al.  Communication complexity of group key distribution , 1998, CCS '98.

[43]  Xavier Boyen,et al.  Multipurpose Identity-Based Signcryption (A Swiss Army Knife for Identity-Based Cryptography) , 2003, CRYPTO.

[44]  Jiejun Kong,et al.  Providing robust and ubiquitous security support for mobile ad-hoc networks , 2001, Proceedings Ninth International Conference on Network Protocols. ICNP 2001.

[45]  Ross J. Anderson,et al.  Key infection: smart trust for smart dust , 2004, Proceedings of the 12th IEEE International Conference on Network Protocols, 2004. ICNP 2004..

[46]  Stephen McDonald,et al.  A Survey on Peer-to-Peer Key Management for Military Type Mobile Ad Hoc Networks , 2005 .

[47]  Yee Wei Law,et al.  Key management and link-layer security of wireless sensor networks : Energy-efficient attack and defense , 2005 .

[48]  Ran Canetti,et al.  Efficient authentication and signing of multicast streams over lossy channels , 2000, Proceeding 2000 IEEE Symposium on Security and Privacy. S&P 2000.

[49]  David Hutchison,et al.  EHBT: An Efficient Protocol for Group Key Management , 2001, Networked Group Communication.

[50]  Shouhuai Xu,et al.  Establishing pairwise keys for secure communication in ad hoc networks: a probabilistic approach , 2003, 11th IEEE International Conference on Network Protocols, 2003. Proceedings..

[51]  Dawn Xiaodong Song,et al.  Random key predistribution schemes for sensor networks , 2003, 2003 Symposium on Security and Privacy, 2003..

[52]  Quan Yuan,et al.  A New Efficient ID-Based Authenticated Key Agreement Protocol , 2005, IACR Cryptol. ePrint Arch..

[53]  Amos Fiat,et al.  How to Prove Yourself: Practical Solutions to Identification and Signature Problems , 1986, CRYPTO.

[54]  Adi Shamir,et al.  Identity-Based Cryptosystems and Signature Schemes , 1984, CRYPTO.

[55]  O. Kure,et al.  A performance evaluation of security schemes proposed for the OLSR protocol , 2005, MILCOM 2005 - 2005 IEEE Military Communications Conference.

[56]  Srdjan Capkun,et al.  Mobility helps security in ad hoc networks , 2003, MobiHoc '03.

[57]  Alan T. Sherman,et al.  Key Management for Large Dynamic Groups: One-Way Function Trees and Amortized Initialization , 2000 .

[58]  Torben P. Pedersen Non-Interactive and Information-Theoretic Secure Verifiable Secret Sharing , 1991, CRYPTO.

[59]  Adi Shamir,et al.  How to share a secret , 1979, CACM.

[60]  S. Zhu,et al.  GKMPAN: an efficient group rekeying scheme for secure multicast in ad-hoc networks , 2004, The First Annual International Conference on Mobile and Ubiquitous Systems: Networking and Services, 2004. MOBIQUITOUS 2004..

[61]  Dan Boneh,et al.  Secure Identity Based Encryption Without Random Oracles , 2004, CRYPTO.

[62]  Gene Tsudik,et al.  A Group Key Management Architecture for Mobile Ad-hoc Wireless Networks , 2005, J. Inf. Sci. Eng..

[63]  Kamesh Namuduri,et al.  Secure, Redundant, and Fully Distributed Key Management Scheme for Mobile Ad Hoc Networks: An Analysis , 2005, EURASIP J. Wirel. Commun. Netw..

[64]  Moni Naor,et al.  Multicast security: a taxonomy and some efficient constructions , 1999, IEEE INFOCOM '99. Conference on Computer Communications. Proceedings. Eighteenth Annual Joint Conference of the IEEE Computer and Communications Societies. The Future is Now (Cat. No.99CH36320).

[65]  Matthew K. Franklin,et al.  Self-healing key distribution with revocation , 2002, Proceedings 2002 IEEE Symposium on Security and Privacy.

[66]  David E. Culler,et al.  SPINS: security protocols for sensor networks , 2001, MobiCom '01.

[67]  Djamel Djenouri,et al.  A survey of security issues in mobile ad hoc and sensor networks , 2005, IEEE Communications Surveys & Tutorials.

[68]  Gene Tsudik,et al.  An architecture for key management in hierarchical mobile ad-hoc networks , 2004, Journal of Communications and Networks.

[69]  Eric J. Harder,et al.  Key Management for Multicast: Issues and Architectures , 1999, RFC.

[70]  Malibu Canyon RdMalibu Keystone: a Group Key Management Service , 2000 .

[71]  Liqun Chen,et al.  Identity based authenticated key agreement protocols from pairings , 2003, 16th IEEE Computer Security Foundations Workshop, 2003. Proceedings..

[72]  Jie Wu,et al.  Secure and efficient key management in mobile ad hoc networks , 2005, 19th IEEE International Parallel and Distributed Processing Symposium.

[73]  N. Asokan,et al.  Key agreement in ad hoc networks , 2000, Comput. Commun..