UGSP: Authentication based secure protocol for AD-HOC networks

1999

In the near future, many personal electronic devices will be able to communicate with each other over a short range wireless channel. We investigate the principal security issues for such an environment. Our discussion is based on the concrete example of a thermometer that makes its readings available to other nodes over the air. Some lessons learned from this example appear to be quite general to ad-hoc networks, and rather different from what we have come to expect in more conventional systems: denial of service, the goals of authentication, and the problems of naming all need re-examination. We present the resurrecting duckling security policy model, which describes secure transient association of a device with multiple serialised owners.

In mobile ad hoc networks (MANETs), it is easy to launch wormhole, man-in-the-middle and denial of service (DoS) attacks, or to impersonate another node. Our studies show that there are performance and security problems with the existing authentication and keying mechanisms which are currently employed by wireless ad hoc networks. We propose a secure authentication scheme, namely BLS signature. This scheme eliminates the correlation among packets and thus provides the perfect resilience to packet loss, and it is also efficient in terms of latency, computation, and communication overhead due to an efficient cryptographic primitive called batch signature, which supports the authentication of any number of packets simultaneously. In addition to the actual authentication, a new pair wise session is generated as a result of this mechanism. We also point out that without any central authority, e.g., a central server (which is the nature of ad hoc networks); our authentication scheme can be carried out securely by any node at any time.

Our studies show that there are performance and security problems with the existing authentication and keying mechanisms which are currently employed by wireless ad hoc networks. We propose a new authentication protocol, which solves those problems using a combination of well known cryptographic tools in RSA and Diffie-Hellman. In addition to the actual authentication, a new pairwise session is generated as a result of this mechanism. We also point out that without any central authority, e.g., a central server (which is the nature of ad hoc networks), our authentication scheme can be carried out securely by any node at any time.

2000

Ad hoc Networks are a new generation of networks offering unrestricted mobility without any underlying infrastructure. In these kinds of networks, all the nodes share the responsibility of network formation and management. As their principle application is in catastrophic environments, security is critical. Authentication, integrity and encryption are key issues pertaining to network security. Traditional authentication schemes cannot be effectively used in such decentralized networks. In this paper, we present an end-to-end data authentication scheme that relies on mutual trust between nodes. The basic strategy is to take advantage of the hierarchical architecture that is implemented for routing purposes. We have proposed an authentication scheme that uses TCP at transport layer and a hierarchical architecture at the IP layer so that the number of encryptions needed is minimized, thereby reducing the computational overheads. This also results in substantial savings as each node has to maintain keys for fewer nodes.

2007

Mobile ad-hoc network (MANET) is a kind of wireless ad-hoc network. It is a self-configuring network of mobile nodes connected by wireless links, without the aid of any fixed infrastructure or centralized administration. Nodes within their wireless transmitter ranges can communicate with each other directly, while nodes outside the range rely on other nodes to relay messages resulting in a multi-hop scenario. As the low transmission power of each node limits its communication range, the nodes must assist and trust each other before getting involved into a real communication. However, this implied trust relationship can be threatened by malicious nodes. So far the majority of research work has been done to achieve a secure routing infrastructure, assuming the existence of an efficient node authentication mechanism which in turn is part of a key management scheme. This paper will analyze previous wo rk and then present a new node authentication mechanism which is fully distributed and has the ability to self-organize with out the requirement of any online trusted third party.

International Journal of Research in Engineering and Technology, 2013

This paper analyzes security challenges in ad hoc networks and summarizes key issues that should be solved for achieving the ad hoc security. It also gives an overview of the current state of solutions on such key issues as intrusion detection, secure routing and key management service. Based on our study, we present using external CA (Certificate Authority) and tamperresistant chip to support ubiquitous security in the ad hoc environment. In our proposal, the external CA is involved into the ad hoc networks when necessary. It can also be used to broadcast blacklist and shared-password to normal nodes by deploying broadcast encryption. The tamper-resistant chip can be embedded into the ad hoc node device to support secure storage, high secure session key generation, secure communication and secure data processing based on usage and access control information embedded by the data source. They can also support or cooperate with other existed ad hoc security mechanisms.

Security in Ad Hoc and Sensor Networks, 2009

The security services of authentication and confidentiality are of significant importance to ensure secure communication in any network. The decentralized nature and the broadcast medium of communication of wireless ad hoc networks results in unique challenges in realizing the services of authentication and data confidentiality. In this chapter, We first highlight the issues relating to authentication and confidentiality in wireless ad hoc networks and identify the characteristics of these services. Subsequently, we discuss the security mechanisms proposed for authentication and confidentiality in wireless ad hoc networks. The chapter also includes a detailed discussion about the standards IEEE 802.1X (Authentication) and IEEE 802.11i (Confidentiality).

Proceedings of the 1st ACM international workshop on Quality of service & security in wireless and mobile networks - Q2SWinet '05, 2005

Ad hoc networks, such as sensor and mobile ad hoc networks, must overcome a myriad of security challenges to realize their potential in both civil and military applications. Typically, ad hoc networks are deployed in un-trusted environments. Consequently, authentication is a precursor to any secure interactions in these networks. Recently, numerous authentication protocols have been proposed for ad hoc networks. To date, there is no common framework to evaluate these protocols. Towards developing such a framework, this paper proposes a generic authentication process and a new taxonomy that clarifies similarities and differences among authentication protocols reported in the literature. The taxonomy is based upon the role of nodes in the authentication function, establishment of credentials, and type of credentials. We also motivate the need for an authentication management architecture and discuss some open research issues.

IFIP Advances in Information and Communication Technology, 2009

There are various network-enabled and embedded computers deployed around us. Although we can get enormous conveniences by connecting them together, it is difficult to securely associate them in an ad-hoc manner. The difficulties originate from authentication and key distribution problems among devices that are strangers to each other. In this paper, we review the existing ways of initiating secure communication for ad-hoc network devices, and propose another solution. Exploiting Pairing-based cryptography and the notion of location-limited channel, the proposed solution bootstraps security conveniently and efficiently. Further, it supports ownership enforcement and key-escrow.

2003

Abstract Most ad hoc networks do not implement any network access control, leaving these networks vulnerable to resource consumption attacks where a malicious node injects packets into the network with the goal of depleting the resources Of the nodes relaying the packets. To thwart or prevent such attacks, it is necessary to employ authentication mechanisms that ensure that only authorized nodes can inject traffic into the network.