Securing Ad Hoc Networks
Content
Secure Ad-Hoc Network
Eunjin Jung [email protected]
1
What is Ad-Hoc Network?
• Networks with no fixed infrastructure • Mobile nodes : communicate within radio-range directly or through routers • Node mobility implies frequent change in network topology. • Rapidly deployed networks • Relatively low cost
2
Challenges in Ad-Hoc Network
• Mobility
– Restricted computing resource – Restricted power resource – Unreliable communication
• Ad-Hoc
– Transient states – No trustworthy third party – Often security protocol integrated with others
3
Security in Ad-Hoc Network
• Availability
– Sleep Deprivation Torture
• Power consumption is worse than computing or network resource consumption, because the device cannot recover as soon as the attack finishes
– Jamming
• Spectrum Spread Frequency Hopping
4
Security in Ad-Hoc Network
• Confidentiality
– Easier to passively eavesdrop – Cannot rely on expensive cryptosystem – Symmetric key cryptography is used – Small key, frequent update vs. large key, intermittent update
5
Security in Ad-Hoc Network
• Authorization
– Network resource
• Inherently vulnerable to bandwidth stealing • Should reject routing unauthorized packet
– Transient states
• Security associations between principals are transient • Static authorization policy is unfeasible
6
Security in Ad-Hoc Network
• Authentication
– Cannot rely on central server – Neither on public key cryptography – Should be adaptive to transient authorization policy – Should be swift to renew symmetric key – Pre-computed certificate – Threshold cryptography
7
Security in Ad-Hoc Network
• Integrity
– Similar to any communication – Use traditional solution based on symmetric key
• Non-Repudiation
– Based on public/private key cryptography – Hard to achieve with limited computing resource – Content with certificates
8
Challenges
Use of wireless links leads ad hoc networks susceptible to link attacks Relatively poor protection, as in battlefields So for high survivability, distributed architecture needed. Dynamic network topology :
ROUTING
Scalable security mechanisms
9
Secure Routing
• Basic Assumptions
– The underlying data link layer provides reliable transmission on a link basis – Links are bidirectional – A one-to-one mapping between Medium Access Control and IP address exists – each transmission is received by all neighbors, which are assumed to operate in promiscuous (random) mode. 10
Key Management Service
• Primary tier of servers • Service has one private/public key pair • Each server has its own private/public key pair • Each server giving one share of service private key • The private key can also be changed periodically
11
Public key distribution for Self-Organizing Systems
• Certificates stored and distributed by users
– If A believes that given public key is indeed B’s, A issues public key certificate to B
• Construction of Trust Graphs • Merging graphs to find path from C to D, if C wants certificate of D • Efficient Shortcut Hunter algorithm
12
Future scope
• Use of smart cards for tamperresistant information storage • Dynamic routing information storage still a problem • Only node contributing to the benefit of community allowed to use network
13
Conclusions
• Ad Hoc networks pose an interesting problem in networking with dynamic routing and highly insecure working environment • Need of Secure, Scalable, Reliable and Efficient algorithms for Key management and Routing
14
References
• Securing Ad Hoc Networks, Lidong Zhou (Department of Computer Science)Zygmunt J. Haas (School of Electrical Engineering), Cornell University Ithaca
15
16
Eunjin Jung [email protected]
1
What is Ad-Hoc Network?
• Networks with no fixed infrastructure • Mobile nodes : communicate within radio-range directly or through routers • Node mobility implies frequent change in network topology. • Rapidly deployed networks • Relatively low cost
2
Challenges in Ad-Hoc Network
• Mobility
– Restricted computing resource – Restricted power resource – Unreliable communication
• Ad-Hoc
– Transient states – No trustworthy third party – Often security protocol integrated with others
3
Security in Ad-Hoc Network
• Availability
– Sleep Deprivation Torture
• Power consumption is worse than computing or network resource consumption, because the device cannot recover as soon as the attack finishes
– Jamming
• Spectrum Spread Frequency Hopping
4
Security in Ad-Hoc Network
• Confidentiality
– Easier to passively eavesdrop – Cannot rely on expensive cryptosystem – Symmetric key cryptography is used – Small key, frequent update vs. large key, intermittent update
5
Security in Ad-Hoc Network
• Authorization
– Network resource
• Inherently vulnerable to bandwidth stealing • Should reject routing unauthorized packet
– Transient states
• Security associations between principals are transient • Static authorization policy is unfeasible
6
Security in Ad-Hoc Network
• Authentication
– Cannot rely on central server – Neither on public key cryptography – Should be adaptive to transient authorization policy – Should be swift to renew symmetric key – Pre-computed certificate – Threshold cryptography
7
Security in Ad-Hoc Network
• Integrity
– Similar to any communication – Use traditional solution based on symmetric key
• Non-Repudiation
– Based on public/private key cryptography – Hard to achieve with limited computing resource – Content with certificates
8
Challenges
Use of wireless links leads ad hoc networks susceptible to link attacks Relatively poor protection, as in battlefields So for high survivability, distributed architecture needed. Dynamic network topology :
ROUTING
Scalable security mechanisms
9
Secure Routing
• Basic Assumptions
– The underlying data link layer provides reliable transmission on a link basis – Links are bidirectional – A one-to-one mapping between Medium Access Control and IP address exists – each transmission is received by all neighbors, which are assumed to operate in promiscuous (random) mode. 10
Key Management Service
• Primary tier of servers • Service has one private/public key pair • Each server has its own private/public key pair • Each server giving one share of service private key • The private key can also be changed periodically
11
Public key distribution for Self-Organizing Systems
• Certificates stored and distributed by users
– If A believes that given public key is indeed B’s, A issues public key certificate to B
• Construction of Trust Graphs • Merging graphs to find path from C to D, if C wants certificate of D • Efficient Shortcut Hunter algorithm
12
Future scope
• Use of smart cards for tamperresistant information storage • Dynamic routing information storage still a problem • Only node contributing to the benefit of community allowed to use network
13
Conclusions
• Ad Hoc networks pose an interesting problem in networking with dynamic routing and highly insecure working environment • Need of Secure, Scalable, Reliable and Efficient algorithms for Key management and Routing
14
References
• Securing Ad Hoc Networks, Lidong Zhou (Department of Computer Science)Zygmunt J. Haas (School of Electrical Engineering), Cornell University Ithaca
15
16
