Secure Ad-Hoc Network Eunjin Jung
[email protected]
1
What is Ad-Hoc Network? • Networks with no fixed infrastructure • Mobile nodes : communicate within radio-range directly or through routers • Node mobility implies frequent change in network topology. • Rapidly deployed networks • Relatively low cost 2
Challenges in Ad-Hoc Network • Mobility – Restricted computing resource – Restricted power resource – Unreliable communication
• Ad-Hoc – Transient states – No trustworthy third party – Often security protocol integrated with others 3
Security in Ad-Hoc Network • Availability – Sleep Deprivation Torture • Power consumption is worse than computing or network resource consumption, because the device cannot recover as soon as the attack finishes
– Jamming • Spectrum Spread Frequency Hopping
4
Security in Ad-Hoc Network • Confidentiality – Easier to passively eavesdrop – Cannot rely on expensive cryptosystem – Symmetric key cryptography is used – Small key, frequent update vs. large key, intermittent update
5
Security in Ad-Hoc Network • Authorization – Network resource • Inherently vulnerable to bandwidth stealing • Should reject routing unauthorized packet
– Transient states • Security associations between principals are transient • Static authorization policy is unfeasible 6
Security in Ad-Hoc Network • Authentication – Cannot rely on central server – Neither on public key cryptography – Should be adaptive to transient authorization policy – Should be swift to renew symmetric key – Pre-computed certificate – Threshold cryptography 7
Security in Ad-Hoc Network • Integrity – Similar to any communication – Use traditional solution based on symmetric key
• Non-Repudiation – Based on public/private key cryptography – Hard to achieve with limited computing resource – Content with certificates 8
Challenges Use of wireless links leads ad hoc networks susceptible to link attacks Relatively poor protection, as in battlefields So for high survivability, distributed architecture needed. Dynamic network topology : ROUTING
Scalable security mechanisms 9
Secure Routing • Basic Assumptions – The underlying data link layer provides reliable transmission on a link basis – Links are bidirectional – A one-to-one mapping between Medium Access Control and IP address exists – each transmission is received by all neighbors, which are assumed to operate in promiscuous (random) mode. 10
Key Management Service • Primary tier of servers • Service has one private/public key pair • Each server has its own private/public key pair • Each server giving one share of service private key • The private key can also be changed periodically 11
Public key distribution for Self-Organizing Systems • Certificates stored and distributed by users – If A believes that given public key is indeed B’s, A issues public key certificate to B
• Construction of Trust Graphs • Merging graphs to find path from C to D, if C wants certificate of D • Efficient Shortcut Hunter algorithm 12
Future scope • Use of smart cards for tamperresistant information storage • Dynamic routing information storage still a problem • Only node contributing to the benefit of community allowed to use network
13
Conclusions • Ad Hoc networks pose an interesting problem in networking with dynamic routing and highly insecure working environment • Need of Secure, Scalable, Reliable and Efficient algorithms for Key management and Routing 14
References •
Securing Ad Hoc Networks, Lidong Zhou (Department of Computer Science)Zygmunt J. Haas (School of Electrical Engineering), Cornell University Ithaca
15
16