A heterogeneous‐network aided public‐key management scheme for mobile ad hoc networks

A mobile ad hoc network does not require fixed infrastructure to construct connections among nodes. Due to the particular characteristics of mobile ad hoc networks, most existing secure protocols in wired networks do not meet the security requirements for mobile ad hoc networks. Most secure protocols in mobile ad hoc networks, such as secure routing, key agreement and secure group communication protocols, assume that all nodes must have pre‐shared a secret, or pre‐obtained public‐key certificates before joining the network. However, this assumption has a practical weakness for some emergency applications, because some nodes without pre‐obtained certificates will be unable to join the network. In this paper, a heterogeneous‐network aided public‐key management scheme for mobile ad hoc networks is proposed to remedy this weakness. Several heterogeneous networks (such as satellite, unmanned aerial vehicle, or cellular networks) provide wider service areas and ubiquitous connectivity. We adopt these wide‐covered heterogeneous networks to design a secure certificate distribution scheme that allows a mobile node without a pre‐obtained certificate to instantly get a certificate using the communication channel constructed by these wide‐covered heterogeneous networks. Therefore, this scheme enhances the security infrastructure of public key management for mobile ad hoc networks. Copyright © 2006 John Wiley & Sons, Ltd.     

Efficient identity-based security schemes for ad hoc network routing protocols

Wireless ad hoc networks consist of nodes with no central administration and rely on the participating nodes to share network responsibilities. Such networks are more vulnerable to security attacks than conventional wireless networks. We propose two efficient security schemes for these networks that use pairwise symmetric keys computed non-interactively by the nodes which reduces communication overhead. We allow nodes to generate their broadcast keys for different groups and propose a collision-free method for computing such keys. We use identity-based keys that do not require certificates which simplifies key management. Our key escrow free scheme also uses identity-based keys but eliminates inherent key escrow in identity-based keys. Our system requires a minimum number of keys to be generated by the third party as compared to conventional pairwise schemes. We also propose an authenticated broadcast scheme based on symmetric keys and a corresponding signature scheme.     

Ariadne: A Secure On-Demand Routing Protocol for Ad Hoc Networks

An ad hoc network is a group of wireless mobile computers (or nodes), in which individual nodes cooperate by forwarding packets for each other to allow nodes to communicate beyond direct wireless transmission range. Prior research in ad hoc networking has generally studied the routing problem in a non-adversarial setting, assuming a trusted environment. In this paper, we present attacks against routing in ad hoc networks, and we present the design and performance evaluation of a new secure on-demand ad hoc network routing protocol, called Ariadne. Ariadne prevents attackers or compromised nodes from tampering with uncompromised routes consisting of uncompromised nodes, and also prevents many types of Denial-of-Service attacks. In addition, Ariadne is efficient, using only highly efficient symmetric cryptographic primitives.     

An efficient identity-based secret key management scheme for MANETs

This paper put forward an identity-based key management scheme for mobile ad hoc networks (MANETs), it provids an efficient secret key management mechanism for security schemes, which be implemented over any cyclic group in that the strong Diffie-Hellman problem is supposed to be hard. By employing identity-based and threshold cryptography, the proposed scheme eliminates the burden of certificates management and can be high level tolerance to node compromise. The scheme is based on threshold Schnorr signature (TSch), for higher efficiency, we transform TSch to a simpler form, donated by SimpleTSch, and prove that SimpleTSch is unforgeable under passive attacks in the random oracle model. However, to cope with active attacks, we enforce the security by introducing Fiore et al's key agreement. We can say that the proposed key management scheme gives lots of help for design of security protocols in MANETs.     

无人机自组网技术研究

在无人机系统中,编组和协同作战能力对提高无人机作站效能和生存能力具有重要意义。无线自组网是一种特殊结构的无线通信网络,其通信依靠节点之间的相互协作,以无线多跳方式完成,因此网络不依赖于任何固定设施,具有自组织和自管理的特性,这种特殊的组网方式使得无线自组网非常适用于无人机系统。介绍了无线自组网的原理,分析了无线自组网应用于无人机系统主要面临的关键技术:路由技术和安全问题。介绍了无线自组网的发展情况和在无人机领域的研究情况。     

ITBES：一种基于门限与身份的WSN加密签名方法

为了提高基于身份的加密签名（IBES）系统中密钥生成中心（PKG）的可信性,采用门限密码学中的（t,n）秘密共享方法,对Xavier IBES算法进行了改进,将主密钥s共享于n个对等的可信第三方PKG之间,并且将改进后的新的基于门限与身份的加密签名一体化方法（ITBES）应用于无线传感器网络,从方法的复杂性、存储需求、安全性方面进行了分析,结果表明我们的方法能够提高PKG可信性,加强无线传感器网络的安全。     

Power-aware routing protocols in ad hoc wireless networks

An ad hoc wireless network has no fixed networking infrastructure. It consists of multiple, possibly mobile, nodes that maintain network connectivity through wireless communications. Such a network has practical applications in areas where it may not be economically practical or physically possible to provide a conventional networking infrastructure. The nodes in an ad hoc wireless network are typically powered by batteries with a limited energy supply. One of the most important and challenging issues in ad hoc wireless networks is how to conserve energy, maximizing the lifetime of its nodes and thus of the network itself. Since routing is an essential function in these networks, developing power-aware routing protocols for ad hoc wireless networks has been an intensive research area in recent years. As a result, many power-aware routing protocols have been proposed from a variety of perspectives. This article surveys the current state of power-aware routing protocols in ad hoc wireless networks.     

Security in wireless sensor networks

With sensor networks on the verge of deployment, security issues pertaining to the sensor networks are in the limelight. Though the security in sensor networks share many characteristics with wireless ad hoc networks, the two fields are rapidly diverging due to the fundamental differences between the make‐up and goals of the two types of networks. Perhaps the greatest dividing difference is the energy and computational abilities. Sensor nodes are typically smaller, less powerful, and more prone to failure than nodes in an ad hoc network. These differences indicate that protocols that are valid in the context of ad‐hoc networks may not be directly applicable for sensor networks. In this paper, we survey the state of art in securing wireless sensor networks. We review several protocols that provide security in sensor networks, with an emphasis on authentication, key management and distribution, secure routing, and methods for intrusion detection. Copyright © 2006 John Wiley & Sons, Ltd.     

无可信中心的门限追踪ad hoc网络匿名认证

为解决ad hoc网络中的匿名认证问题,将民主签名与无中心的秘密分享方案相结合,提出一种无可信中心的门限追踪ad hoc网络匿名认证方案。方案的无中心性、自组织性很好地满足了ad hoc网络的特征,从而解决了传统网络中匿名认证方案由于需要可信中心而不适合ad hoc网络的问题;方案中认证者的匿名性、可追踪性和完备性(不可冒充性)满足了匿名认证的安全需求。     

Safari: A self-organizing, hierarchical architecture for scalable ad hoc networking

As wireless devices become more pervasive, mobile ad hoc networks are gaining importance, motivating the development of highly scalable ad hoc networking techniques. In this paper, we give an overview of the Safari architecture for highly scalable ad hoc network routing, and we present the design and evaluation of a specific realization of the Safari architecture, which we call Masai. We focus in this work on the scalability of learning and maintaining the routing state necessary for a large ad hoc network. The Safari architecture provides scalable ad hoc network routing, the seamless integration of infrastructure networks when and where they are available, and the support of self-organizing, decentralized network applications. Safari’s architecture is based on (1) a self-organizing network hierarchy that recursively groups participating nodes into an adaptive, locality-based hierarchy of cells; (2) a routing protocol that uses a hybrid of proactive and reactive routing information in the cells and scales to much larger numbers of nodes than previous ad hoc network routing protocols; and (3) a distributed hash table grounded in the network hierarchy, which supports decentralized network services on top of Safari. We evaluate the Masai realization of the Safari architecture through analysis and simulations, under varying network sizes, fraction of mobile nodes, and offered traffic loads. Compared to both the DSR and the L+ routing protocols, our results show that the Masai realization of the Safari architecture is significantly more scalable, with much higher packet delivery ratio and lower overhead.     

An efficient heterogeneous key management approach for secure multicast communications in ad hoc networks

In a mobile wireless ad hoc network, mobile nodes cooperate to form a network without using any infrastructure such as access points or base stations. Instead, the mobile nodes forward packets for each other, allowing communication among nodes outside wireless transmission range. As the use of wireless networks increases, security in this domain becomes a very real concern. One fundamental aspect of providing confidentiality and authentication is key distribution. While public-key encryption has provided these properties historically, ad hoc networks are resource constrained and benefit from symmetric key encryption. In this paper, we propose a new key management mechanism to support secure group multicast communications in ad hoc networks. The scheme proposes a dynamic construction of hierarchical clusters based on a novel density function adapted to frequent topology changes. The presented mechanism ensures a fast and efficient key management with respect to the sequential 1 to n multicast service.     

SMORT: Scalable multipath on-demand routing for mobile ad hoc networks

Increasing popularity and availability of portable wireless devices, which constitute mobile ad hoc networks, calls for scalable ad hoc routing protocols. On-demand routing protocols adapt well with dynamic topologies of ad hoc networks, because of their lower control overhead and quick response to route breaks. But, as the size of the network increases, these protocols cease to perform due to large routing overhead generated while repairing route breaks. We propose a multipath on-demand routing protocol (SMORT), which reduces the routing overhead incurred in recovering from route breaks, by using secondary paths. SMORT computes fail-safe multiple paths, which provide all the intermediate nodes on the primary path with multiple routes (if exists) to destination. Exhaustive simulations using GloMoSim with large networks (2000 nodes) confirm that SMORT is scalable, and performs better even at higher mobility and traffic loads, when compared to the disjoint multipath routing protocol (DMRP) and ad hoc on-demand distance vector (AODV) routing protocol.     

A Routing Algorithm for Wireless Ad Hoc Networks with Unidirectional Links

Most of the routing algorithms for ad hoc networks assume that all wireless links are bidirectional. In reality, some links may be unidirectional. In this paper we show that the presence of such links can jeopardize the performance of the existing distance vector routing algorithms. We also present modifications to distance vector based routing algorithms to make them work in ad hoc networks with unidirectional links. For a network of n nodes, neighbors exchange n×n matrices to propagate routing information. This results in loop-free routes.     

Quality of service challenges for wireless mobile ad hoc networks

Wireless mobile ad hoc networks consist of mobile nodes interconnected by wireless multi‐hop communication paths. Unlike conventional wireless networks, ad hoc networks have no fixed network infrastructure or administrative support. The topology of such networks changes dynamically as mobile nodes join or depart the network or radio links between nodes become unusable. Supporting appropriate quality of service for mobile ad hoc networks is a complex and difficult issue because of the dynamic nature of the network topology and generally imprecise network state information, and has become an intensely active area of research in the last few years. This paper

1 This article, except for some minor changes, is essentially the same as one that appears in 103 . The latter is a revised and updated version of 51

presents the basic concepts of quality of service support in ad hoc networks for unicast communication, reviews the major areas of current research and results, and addresses some new issues. The principal focus is on routing and security issues associated with quality of service support. The paper concludes with some observations on the open areas for further investigation. Copyright © 2004 John Wiley & Sons, Ltd.     

A Secure Path Selection Scheme for Mobile Ad Hoc Network

Mobile ad hoc network is open medium, infrastructure-less and easy to install. Despite these features, mobile ad hoc network is vulnerable to various security attacks. Black hole and gray hole security attacks outrank among all security attacks. This paper proposes a distributed delegation-based scheme, namely, a secure path selection scheme. The proposed scheme identifies and allows only trusted nodes to become part of active path. The simulation results revealed that proposed scheme improved the packet delivery ratio, packet loss rate, throughput by 8% and routing overhead by 5% as compared to other system.

     

A shared secret-based algorithm for securing the OLSR routing protocol

The strongest feature of ad hoc networks is its capability to be rapidly deployed anywhere and anytime without relying on a pre-existing infrastructure. From there, ad hoc networks offer the advantages to be auto-organized, ubiquitous, dynamic and completely autonomous. As a counter part, securing them becomes a more difficult task, especially because of the absence of centralized entities in the network. Inevitably, the security problem presents currently a hot topic raising more and more challenges within industrials and researchers, and many interesting securing solutions were meanwhile proposed, omitting however to suit to ad hoc networks characteristics and therefore disadvantaging them. In this paper, we propose a securing scheme for the OLSR routing protocol based on the secret sharing idea. We initially expose the general characteristics and the security problems related to ad hoc routing protocols. We then address the security requirements of ad hoc routing protocols and the security requirements we focus on. Finally, we define our completely and distributed securing algorithm based on threshold cryptography. A primary main conception objective being to suit as much as possible to ad hoc networks characteristics by avoiding as much as possible assumptions contradictory with the auto-organized and dynamic nature of ad hoc networks. Simulation results depict the additional delay due to security enhancements. Results show that this delay stills suitable to OLSR routing specifications.     

Compromise‐Resistant Pairwise Key Establishments for Mobile Ad hoc Networks

This letter presents a pairwise key establishment scheme that is robust against the compromise of nodes in mobile ad hoc networks. Each node establishes local keys with its neighbor nodes that are at most three hops away at network boot‐up time. When any two nodes establish a pairwise key, they receive the secret information from the nodes on the route between them, and construct the pairwise key using the secret information. Here, the local keys are utilized by the nodes on the route to send the secret information securely. The simulation results have proven that the proposed scheme provides better security than the key pre‐distribution‐based scheme.     

SEAD: secure efficient distance vector routing for mobile wireless ad hoc networks

An ad hoc network is a collection of wireless computers (nodes), communicating among themselves over possibly multihop paths, without the help of any infrastructure such as base stations or access points. Although many previous ad hoc network routing protocols have been based in part on distance vector approaches, they have generally assumed a trusted environment. In this paper, we design and evaluate the Secure Efficient Ad hoc Distance vector routing protocol (SEAD), a secure ad hoc network routing protocol based on the design of the Destination-Sequenced Distance-Vector routing protocol. In order to support use with nodes of limited CPU processing capability, and to guard against Denial-of-Service attacks in which an attacker attempts to cause other nodes to consume excess network bandwidth or processing time, we use efficient one-way hash functions and do not use asymmetric cryptographic operations in the protocol. SEAD performs well over the range of scenarios we tested, and is robust against multiple uncoordinated attackers creating incorrect routing state in any other node, even in spite of any active attackers or compromised nodes in the network.     

Routing security in wireless ad hoc networks

A mobile ad hoc network consists of a collection of wireless mobile nodes that are capable of communicating with each other without the use of a network infrastructure or any centralized administration. MANET is an emerging research area with practical applications. However, wireless MANET is particularly vulnerable due to its fundamental characteristics, such as open medium, dynamic topology, distributed cooperation, and constrained capability. Routing plays an important role in the security of the entire network. In general, routing security in wireless MANETs appears to be a problem that is not trivial to solve. In this article we study the routing security issues of MANETs, and analyze in detail one type of attack-the "black hole" problem-that can easily be employed against the MANETs. We also propose a solution for the black hole problem for ad hoc on-demand distance vector routing protocol.     

Distributed node selection for threshold key management with intrusion detection in mobile ad hoc networks

In mobile ad hoc networks (MANETs), identity (ID)-based cryptography with threshold secret sharing is a popular approach for the security design. Most previous work for key management in this framework concentrates on the protocols and structures. Consequently, how to optimally conduct node selection in ID-based cryptography with threshold secret sharing is largely ignored. In this paper, we propose a distributed scheme to dynamically select nodes with master key shares to do the private key generation service. The proposed scheme can minimize the overall threat posed to the MANET while simultaneously taking into account of the cost (e.g., energy consumption) of using these nodes. Intrusion detection systems are modeled as noisy sensors to derive the system security situations. We use stochastic system to formulate the MANET to obtain the optimal policy. Simulation results are presented to illustrate the effectiveness of the proposed scheme.