Establishing pairwise keys for secure communication in ad hoc networks: a probabilistic approach

A prerequisite for a secure communication between two nodes in an ad hoc network is that the nodes share a key to bootstrap their trust relationship. In this paper, we present a scalable and distributed protocol that enables two nodes to establish a pairwise shared key on the fly, without requiring the use of any on-line key distribution center. The design of our protocol is based on a novel combination of two techniques - probabilistic key sharing and threshold secret sharing. Our protocol is scalable since every node only needs to possess a small number of keys, independent of the network size, and it is computationally efficient because it only relies on symmetric key cryptography based operations. We show that a pairwise key established between two nodes using our protocol is secure against a collusion attack by up to a certain number of compromised nodes. We also show through a set of simulations that our protocol can be parameterized to meet the desired levels of performance, security and storage for the application under consideration.

[1]  Roger M. Needham,et al.  Using encryption for authentication in large networks of computers , 1978, CACM.

[2]  Adi Shamir,et al.  How to share a secret , 1979, CACM.

[3]  Danny Dolev,et al.  The Byzantine Generals Strike Again , 1981, J. Algorithms.

[4]  Suresh C. Kothari,et al.  Generalized Linear Threshold Scheme , 1985, CRYPTO.

[5]  P. Erdös,et al.  Families of finite sets in which no set is covered by the union ofr others , 1985 .

[6]  Silvio Micali,et al.  How to construct random functions , 1986, JACM.

[7]  Owen Rees,et al.  Efficient and timely mutual authentication , 1987, OPSR.

[8]  Chris J. Mitchell,et al.  Key storage in secure networks , 1988, Discret. Appl. Math..

[9]  Moti Yung,et al.  Perfectly secure message transmission , 1990, Proceedings [1990] 31st Annual Symposium on Foundations of Computer Science.

[10]  Li Gong,et al.  Increasing Availability and Security of an Authentication Service , 1993, IEEE J. Sel. Areas Commun..

[11]  John T. Kohl,et al.  The Kerberos Network Authentication Service (V5 , 2004 .

[12]  J. Broach,et al.  The dynamic source routing protocol for mobile ad-hoc networks , 1998 .

[13]  M. S. Corson,et al.  A performance comparison of the temporally-ordered routing algorithm and ideal link-state routing , 1998, Proceedings Third IEEE Symposium on Computers and Communications. ISCC'98. (Cat. No.98EX166).

[14]  Frank Stajano,et al.  The Resurrecting Duckling: Security Issues for Ad-hoc Wireless Networks , 1999, Security Protocols Workshop.

[15]  Moni Naor,et al.  Multicast security: a taxonomy and some efficient constructions , 1999, IEEE INFOCOM '99. Conference on Computer Communications. Proceedings. Eighteenth Annual Joint Conference of the IEEE Computer and Communications Societies. The Future is Now (Cat. No.99CH36320).

[16]  Alfred Menezes,et al.  PGP in Constrained Wireless Devices , 2000, USENIX Security Symposium.

[17]  Lie Zhu,et al.  Some New Bounds for Cover-Free Families , 2000, J. Comb. Theory, Ser. A.

[18]  Matthew K. Franklin,et al.  Secure Communication in Minimal Connectivity Models , 1998, Journal of Cryptology.

[19]  Mary Baker,et al.  Mitigating routing misbehavior in mobile ad hoc networks , 2000, MobiCom '00.

[20]  Baochun Li,et al.  MP-DSR: a QoS-aware multi-path dynamic source routing protocol for wireless ad-hoc networks , 2001, Proceedings LCN 2001. 26th Annual IEEE Conference on Local Computer Networks.

[21]  Sung-Ju Lee,et al.  Split multipath routing with maximally disjoint paths in ad hoc networks , 2001, ICC 2001. IEEE International Conference on Communications. Conference Record (Cat. No.01CH37240).

[22]  Virgil D. Gligor,et al.  A key-management scheme for distributed sensor networks , 2002, CCS '02.

[23]  Baruch Awerbuch,et al.  An on-demand secure routing protocol resilient to byzantine failures , 2002, WiSE '02.

[24]  Shouhuai Xu,et al.  Constructing Disjoint Paths for Secure Communication , 2003, DISC.

[25]  Dawn Xiaodong Song,et al.  Random key predistribution schemes for sensor networks , 2003, 2003 Symposium on Security and Privacy, 2003..

[26]  Charles E. Perkins,et al.  Ad hoc On-Demand Distance Vector (AODV) Routing , 2001, RFC.

[27]  Anupam Joshi,et al.  Security in Sensor Networks , 2020, Texts in Computer Science.