Secure Public Key Protocol for Ad-Hoc Wireless Networks
shahana tanveer2012
Sign up for access to the world's latest research
checkGet notified about relevant papers
checkSave papers to use in your research
checkJoin the discussion with peers
checkTrack your impact
Abstract
As part of the security within distributed systems, various services and resources need protection from unauthorized use. Remote authentication is the most commonly used method to determine the identity of a remote client. This paper investigates a systematic approach for authenticating clients by three factors, namely password, smart card, and biometrics. A generic and secure framework is proposed to upgrade two-factor authentication to three-factor authentication. In multi hop wireless networks, selfish nodes do not relay other nodes’ packets and make use of the cooperative nodes to relay their packets, which has negative impact on the network fairness and performance. Incentive protocols use credits to stimulate the selfish nodes’ cooperation, but the existing protocols usually rely on the heavyweight public-key operations to secure the payment. In this paper, we propose secure cooperation incentive protocol that uses the public-key operations only for the first packet in a serie...
Figures (7)
![Content owners (such as authors and _ authorized drawback of Lee et al.’s scheme. [1]](https://figures.academia-assets.com/91280941/table_001.jpg)
![time and point of authentication (cf. conniving users denying having shared the password). [3] It is difficult to forge biometrics (it requires more time,](https://figures.academia-assets.com/91280941/figure_001.jpg)
Related papers
ESIP: Secure Incentive Protocol with Limited Use of Public-Key Cryptography for Multihop Wireless Networks
IEEE Transactions on Mobile Computing, 2011
In multi-hop wireless networks, selfish nodes do not relay other nodes' packets and make use of the cooperative nodes to relay their packets, which has negative impact on the network fairness and performance. Incentive protocols use credits to stimulate the selfish nodes' cooperation, but the existing protocols usually rely on the heavyweight public-key operations to secure the payment. In this paper, we propose secure cooperation incentive protocol that uses the public-key operations only for the first packet in a series and uses the lightweight hashing operations in the next packets, so that the overhead of the packet series converges to that of the hashing operations. Hash chains and keyed hash values are used to achieve payment nonrepudiation and thwart free riding attacks. Security analysis and performance evaluation demonstrate that the proposed protocol is secure and the overhead is incomparable to the publickey based incentive protocols because the efficient hashing operations dominate the nodes' operations. Moreover, the average packet overhead is less than that of the public-key based protocols with very high probability due to truncating the keyed hash values.
Secure and trustworthy incentives cooperation mechanism for multi-hop wireless networks
In Multi-Hop Wireless Networks (MWN), the mobile nodes usually relay their packets using cooperative nodes. But there are several negative effect in cooperation of nodes and degrade the network performance due to selfish node behavior which will also degrade the connectivity of node, throughput and power consumption. In this paper proposes a secure and trustworthy incentives cooperation mechanism for multi-hop Wireless networks for secure cooperation among trusted nodes and to thwart the selfishness attack, collision attack and Denial of service attacks. To prevent the selfishness node behavior we using incentive mechanisms which will charge nodes efficiently. Hashing operation is used to provides the communication between nodes more securely improves integrity and confidentiality. Token based cheque submission scheme is used to reduce the collusion attacks. The nodes credits are updated and stored by Accounting Center (AC) efficiently which will classify the cheques and verify the certificates from nodes during eviction process. Instead of submitting cheques by all the intermediate node, Source node that will select any one intermediate node based on their credits and trusted node in network to reducing the overhead of payment cheques. Trustworthy Checker components in AC, which will monitor all the node performance in the network and remove the selfishness node from the networks. Trustworthy checker can precisely differentiate between the honest nodes and irrational packet droppers. Extensive analysis and simulation demonstrate that our mechanism can significantly reduce the cheques and allow secure trusted node for communications.
A public key-based authentication framework for multi-hop ad hoc networks
Proceedings of the 12th IEEE Mediterranean Electrotechnical Conference, MELECON 2004, 2004
Ad hoc networks are characterized by the lack of a fixed infrastructure and the dynamic nature which affects several security properties. This paper adapts the concept of PKI so that it fits with the requirements of wireless ad hoc networks. Furthermore, a protocol for authenticating nodes in multi hop ad hoc networks is discussed. http://ieeexplore.ieee.org/xpls/abs_all.jsp?arnumber=1347046&tag=1
A Two-Step Authentication Framework in Mobile Ad-Hoc Networks
researchgate.net
The lack of fixed infrastructure in ad hoc networks causes nodes to rely more heavily on peer nodes for communication. Nevertheless, establishing trust in such a distributed environment is very difficult, since it is not straightforward for a node to determine if its peer nodes can be trusted. An additional concern in such an environment is with whether a peer node is merely relaying a message or if it is the originator of the message. In this paper, we propose an authentication approach for protecting nodes in mobile ad hoc networks. The security requirements for protecting data link and network layers are identified and the design criteria for creating secure ad hoc networks using several authentication protocols are analyzed. Protocols based on zero knowledge and challenge response techniques are presented and their performance is evaluated through analysis and simulation.
A two‐step authentication framework for Mobile ad hoc networks
2007
The lack of fixed infrastructure in ad hoc networks causes nodes to rely more heavily on peer nodes for communication. Nevertheless, establishing trust in such a distributed environment is very difficult, since it is not straightforward for a node to determine if its peer nodes can be trusted. An additional concern in such an environment is with whether a peer node is merely relaying a message or if it is the originator of the message. In this paper, we propose an authentication approach for protecting nodes in mobile ad hoc networks. The security requirements for protecting data link and network layers are identified and the design criteria for creating secure ad hoc networks using several authentication protocols are analyzed. Protocols based on zero knowledge and challenge response techniques are presented and their performance is evaluated through analysis and simulation.
Authenticated and efficient key management for wireless ad hoc networks
2003
In this paper we present a key management protocol for wireless ad hoc multi-hop networks. Two objectives were crucial in our design: (1) distributed trust to ensure robustness, and (2) strong authentication to prevent the battery drain attack. We achieve distributed trust by presenting a hierarchical and distributed public key infrastructure for ad hoc networks. Our PKI has been designed to map onto hierarchical ad hoc networks, while maintaining global connectivity and flexibility. If a misbehavior detection scheme is present on the network, then the security of our PKI can be improved through collaboration with this scheme. Next to this PKI we propose a mechanism to securely establish and maintain link keys between the different nodes in the network.
A new authentication protocol for revocable anonymity in ad-hoc networks
2005
This paper describes a new protocol for authentication in ad-hoc networks. The protocol has been designed to meet specialized requirements of ad-hoc networks, such as lack of direct communication between nodes or need for revocable anonymity. At the same time, an ad-hoc authentication protocol must be resistant to spoofing, eavesdropping and playback, and man-in-the-middle attacks. The article analyzes existing authentication methods based on the Public Key Infrastructure, and finds that they have several drawbacks in ad-hoc networks. Therefore, a new authentication protocol, basing on established cryptographic primitives (Merkle's puzzles and zero-knowledge proofs) is proposed. The protocol is studied for a model ad-hoc chat application that provides private conversations.
A three round authenticated group key agreement protocol for ad hoc networks
Pervasive and Mobile Computing, 2007
Group Key Agreement (GKA) protocols enable the participants to derive a key based on each one's contribution over a public network without any central authority. They also provide efficient ways to change the key when the participants change. While some of the proposed GKA protocols are too resource consuming for the constraint devices often present in ad hoc networks, others lack a formal security analysis. In this paper, we propose a simple, efficient and secure GKA protocol well-suited to ad hoc networks and present results of our implementation of the same in a prototype application.
An Anonymous Authentication and Secure Communication Protocol in Ad-Hoc Networks
International Journal for Research in Applied Science & Engineering Technology (IJRASET), 2023
The one-time pad (OTP) stable transmission is based at the random keys to acquire best secrecy, whilst the unpredictable wi-fi channel is proven to be an awesome random source. There is only a few paintings of the joint layout of OTP and key era from wi-fi channels. This paper presents a complete and quantitative research on stable transmission accomplished with the use of using OTP and wi-fi channel randomness. We recommend OTP stable transmission schemes, i.e., Identical Keyprimarily based totally Physical Layer Secure Transmission (IK-PST) and Un-Same Key-primarily based totally Physical-layer Secure Transmission (UK-PST). We quantitatively examine the overall performance of each schemes and show that UKPST outperforms IK-PST. We enlarge the pairwise techniques to a collection of customers in networks with super mega celebrity and chain topologies. We put in force prototypes of each schemes and examine the proposed schemes thru each simulations and experiments. The consequences confirm that UK-PST has a better powerful mystery transmission charge than that of IK-PST for situations with each pairwise and organization customers.
SIP: a secure incentive protocol against selfishness in mobile ad hoc networks
2004 IEEE Wireless Communications and Networking Conference (IEEE Cat. No.04TH8733)
Security in mobile ad hoc networks (MANETs) has received intensive attention recently, whereas the issue of selfish nodes, which may refuse to forward packets for others to save their own resources, is not well addressed yet. This kind of noncooperative action would cause a severe problem that is more likely in MANETs compared to their wired counterpart. To cope with this problem, we propose SIP: a Secure Incentive Protocol to stimulate cooperation among those possible selfish nodes. The most attractive feature of SIP is that it does not rely on any predeployed infrastructure and provides highly secure incentives for selfish nodes to be cooperative in packet forwarding with low overhead and implementation complexity.
Related papers
A secure incentive protocol for mobile ad hoc networks
Wireless Networks, 2006
The proper functioning of mobile ad hoc networks depends on the hypothesis that each individual node is ready to forward packets for others. This common assumption, however, might be undermined by the existence of selfish users who are reluctant to act as packet relays in order to save their own resources. Such non-cooperative behavior would cause the sharp degradation of network throughput. To address this problem, we propose a credit-based Secure Incentive Protocol (SIP) to stimulate cooperation among mobile nodes with individual interests. SIP can be implemented in a fully distributed way and does not require any pre-deployed infrastructure. In addition, SIP is immune to a wide range of attacks and is of low communication overhead by using a Bloom filter. Detailed simulation studies have confirmed the efficacy and efficiency of SIP.
SORI: a secure and objective reputation-based incentive scheme for ad-hoc networks
2004
In an ad-hoc network, intermediate nodes on a communication path are expected to forward packets of other nodes so that the mobile nodes can communicate beyond their wireless transmission range. However, because wireless mobile nodes are usually constrained by limited power and computation resources, a selfish node may be unwilling to spend its resources in forwarding packets which are not of its direct interest, even though it expects other nodes to forward its packets to the destination. It has been shown that the presence of such selfish nodes degrades the overall performance of a non-cooperative ad hoc network. To address this problem, we propose a secure and objective reputation-based incentive (SORI) scheme to encourage packet forwarding and discipline selfish behavior. Different from the existing schemes, under our approach, the reputation of a node is quantified by objective measures, and the propagation of reputation is efficiently secured by a one-way-hash-chain-based authentication scheme. Armed with the reputation-based mechanism, we design a punishment scheme to penalize selfish nodes. The experimental results show that the proposed scheme can successfully identify selfish nodes and punish them accordingly.
Secured Data Handling for Wireless Sensor Networks
2014
As part of the security within distributed systems, various services and resources need protection from unauthorized use. Remote authentication is the most commonly used method to determine the identity of a remote client. This paper investigates a systematic approach for authenticating clients by three factors, namely password, smart card, and biometrics. A generic and secure framework is proposed to upgrade two-factor authentication to three-factor authentication. In multihop wireless networks, selfish nodes do not relay other nodes' packets and make use of the cooperative nodes to relay their packets, which has negative impact on the network fairness and performance. Incentive protocols use credits to stimulate the selfish nodes' cooperation, but the existing protocols usually rely on the heavyweight public-key operations to secure the payment. In this paper, we propose secure cooperation incentive protocol that uses the public-key operations only for the first packet in ...
A Trustful Authentication and Key Exchange Scheme (TAKES) for Ad Hoc Networks
This paper presents a new public key distribution scheme adapted to ad hoc networks called TAKES for Trustful Authentication and Key Exchange Scheme. Its originality lies in performing authentication and key distribution with no need for a trusted authority or access to any infrastructure-based network, thanks to the use of Cryptographically Generated Addresses. Moreover the solution is very convenient having a simple operational mode at no extra hardware cost. TAKES aims to build a trust association between a person, his/her communicating device, the IP address of the device, and his/her public key. As a direct result, new security functions like associating a misbehaving node to its owner, securing end-toend communications through tunnels, or even implementing a light naming system can be enabled on top of ad hoc networks. TAKES is formally proven using BAN logic and a proof-ofconcept implementation demonstrates its feasibility within ad hoc networks.
A Three-Way Authentication Protocol for Public Access Wireless Networks
Several schemes have been proposed for authenticating both the network and the mobile stations to one another in public access wireless networks. In this paper, we look at the weaknesses of such schemes and enumerate a set of four constraints for authentication in public access wireless networks. We then propose two authentication protocols that can overcome these weaknesses while satisfying the constraints. The first proposed protocol provides additional direct authentication to wireless clients to validate the network access point to prevent or to detect malicious attacks as early as possible. This adds additional burden to wireless devices whose resources are often limited. The second proposed protocol reduces the burden by providing indirect authentication with the help of a trusted server. In this paper, we also evaluate the performance of the existing schemes and the proposed schemes in terms of the size and number of messages, delay, energy consumption and security features.
A novel authentication scheme for ad hoc networks
2000
Ad hoc Networks are a new generation of networks offering unrestricted mobility without any underlying infrastructure. In these kinds of networks, all the nodes share the responsibility of network formation and management. As their principle application is in catastrophic environments, security is critical. Authentication, integrity and encryption are key issues pertaining to network security. Traditional authentication schemes cannot be effectively used in such decentralized networks. In this paper, we present an end-to-end data authentication scheme that relies on mutual trust between nodes. The basic strategy is to take advantage of the hierarchical architecture that is implemented for routing purposes. We have proposed an authentication scheme that uses TCP at transport layer and a hierarchical architecture at the IP layer so that the number of encryptions needed is minimized, thereby reducing the computational overheads. This also results in substantial savings as each node has to maintain keys for fewer nodes.
Mobile Ad-hoc Network - A Novel Node Authentication Mechanism
2007
Mobile ad-hoc network (MANET) is a kind of wireless ad-hoc network. It is a self-configuring network of mobile nodes connected by wireless links, without the aid of any fixed infrastructure or centralized administration. Nodes within their wireless transmitter ranges can communicate with each other directly, while nodes outside the range rely on other nodes to relay messages resulting in a multi-hop scenario. As the low transmission power of each node limits its communication range, the nodes must assist and trust each other before getting involved into a real communication. However, this implied trust relationship can be threatened by malicious nodes. So far the majority of research work has been done to achieve a secure routing infrastructure, assuming the existence of an efficient node authentication mechanism which in turn is part of a key management scheme. This paper will analyze previous wo rk and then present a new node authentication mechanism which is fully distributed and has the ability to self-organize with out the requirement of any online trusted third party.
Secure Authentication Scheme for Mobile Ad Hoc Networks
In mobile ad hoc networks (MANETs), it is easy to launch wormhole, man-in-the-middle and denial of service (DoS) attacks, or to impersonate another node. Our studies show that there are performance and security problems with the existing authentication and keying mechanisms which are currently employed by wireless ad hoc networks. We propose a secure authentication scheme, namely BLS signature. This scheme eliminates the correlation among packets and thus provides the perfect resilience to packet loss, and it is also efficient in terms of latency, computation, and communication overhead due to an efficient cryptographic primitive called batch signature, which supports the authentication of any number of packets simultaneously. In addition to the actual authentication, a new pair wise session is generated as a result of this mechanism. We also point out that without any central authority, e.g., a central server (which is the nature of ad hoc networks); our authentication scheme can be carried out securely by any node at any time.
Authentication in Mobile Ad Hoc Networks
Our studies show that there are performance and security problems with the existing authentication and keying mechanisms which are currently employed by wireless ad hoc networks. We propose a new authentication protocol, which solves those problems using a combination of well known cryptographic tools in RSA and Diffie-Hellman. In addition to the actual authentication, a new pairwise session is generated as a result of this mechanism. We also point out that without any central authority, e.g., a central server (which is the nature of ad hoc networks), our authentication scheme can be carried out securely by any node at any time.
ANAP: Anonymous authentication protocol in mobile ad hoc networks
2006
The pervasiveness of wireless communication recently gave mobile ad hoc networks (MANET) a significant researcher's attention, due to its innate capabilities of instant communication in many time and mission critical applications. However, its natural advantages of networking in civilian and military environments make them vulnerable to security threats. Support for an anonymity in MANET is an orthogonal to security critical challenge we faced in this paper. We propose a new anonymous authentication protocol for mobile ad hoc networks enhanced with a distributed reputation system. The main its objective is to provide mechanisms concealing a real identity of communicating nodes with an ability of resist to known attacks. The distributed reputation system is incorporated for a trust management and malicious behavior detection in the network. The end-to-end anonymous authentication is conducted in three-pass handshake based on an asymmetric and symmetric key cryptography. After successfully finished authentication phase secure and multiple anonymous data channels are established. The anonymity is guarantied by randomly chosen pseudonyms owned by a user. Nodes of the network are publicly identified and are independent of users' pseudonyms. In this paper we presented an example of the protocol implementation.
Loading Preview
Sorry, preview is currently unavailable. You can download the paper by clicking the button above.