02-02-2010, 12:49 PM
[attachment=1660]
A Novel Secure Communication Protocol for Ad Hoc networks [SCP]
Abstract
An ad hoc network is a self organized entity with a number of mobile nodes without any centralized access point and also there is a topology control problem which leads to high power consumption and no security, while routing the packets between mobile hosts. Authentication is one of the important security requirements of a communication network. The common authentication schemes are not applicable in Ad hoc networks.
In this paper, we propose a secure communication protocol for communication between two nodes in ad hoc networks. This is achieved by using clustering techniques. We present a novel secure communication framework for ad hoc networks (SCP); which describes authentication and confidentiality when packets are distributed between hosts with in the cluster and between the clusters. These cluster head nodes execute administrative functions and network key used for certification. The cluster head nodes (CHs) perform the major operations to achieve our SCP framework with help of Kerberos authentication application and symmetric key cryptography technique, which will be secure, reliable, transparent and scalable and will have less overhead.
I-Introduction:
Ad hoc network is a collection of nodes that do not need to rely on a predefined infrastructure to keep the network connected. Ad hoc network can be formed, merged together or partitioned into separate networks, without necessarily relying on a fixed infrastructure to manage the operation [3]. There are no dedicated routers or network management nodes, but the participating nodes work in peer-to-peer fashion and act as both servers and routers. Nodes are not assumed to be static, but they are allowed to move freely inside a network, as well as leave the network at any time. Thus the network by definition needs to be wireless [5].
In this paper, we are using symmetric key management technique, so the number of keys that need to be managed reduces from n*(n-1)/2 to n, where n is the total number of nodes in the cluster [8]. Ad hoc network is not to rely on any centralized entities, because such entities would be easy to attack, and their reachability could not be guaranteed at all times for all the participants of the network [1].
In the following section we first give a brief overview of security goals, applications of ad hoc network, security issues and challenges, and a survey about existing security scheme analysis of ad hoc networks. In section-III, our proposed scheme and its concept is described in detail. Finally, section-IV concludes the paper and gives an outlook to future research.
II-Literature Survey
Problem Definition Our main aim is to establish a secure communication by providing authenticity and confidentiality of nodes and message, by using Kerberos authentication application and Symmetric key cryptographic technique.
Security Goals The major security goals [2, 12] are as follows
Availability ensures the survivability of network services despite denial of service attacks. A denial of service attack could be launched at any layer of an ad hoc network.
Confidentiality ensures that certain information is never disclosed to unauthorized entities. Network transmission of sensitive information, such as strategic or tactical military information, requires confidentiality.
Integrity guarantees that a message being transferred is never corrupted or altered.
Authentication enables a node to ensure the identity of the peer node it is communicating with. Without authentication, an adversary could masquerade a node, thus gaining unauthorized access to resource and sensitive information and interfering with the operation and other nodes.
Non-repudiation ensures that the origin of a message cannot deny having sent the message; non-repudiation is useful for detection and isolation of compromised nodes.
Ad Hoc networks find their applications [8, 11, and 13] in many fields as listed below
Military Battlefield ad hoc networking would allow the military to take advantage of common place network technology to maintain an information network between the soldiers, vehicles, and military information head quarters. The basic techniques of ad hoc network came from this field.
Commercial Sector ad hoc network can be used in emergency or rescue operation for disaster relief efforts e.g. in fire, flood, and earthquake etc. Other commercial scenarios include e.g. ship-to-ship ad hoc mobile communication, law enforcement, etc [13].
Local Level ad hoc networks can autonomously page link an instant and temporary multimedia network using notebook computers or palmtop computers to spread and share information among participants at a e.g. conference or classroom. Similarly in other civilian environments like taxicab, sports stadium, boat and small aircraft, etc.
Personal Area Network (PAN) intercommunication between various mobile devices such as PDA, laptop, cellular phone, etc.
There are many issues and challenges concerning Ad hoc networks some major challenges are
Routing since the topology of the network is constantly changing; the issue of routing packets between any pair of nodes becomes a challenging task. Most protocols should be based on reactive routing instead of proactive. Multicast routing is another challenge because the multicast tree is no longer static due to the random movement of nodes. Routes between nodes may potentially contain multiple hops, which is more complex than the single hop communication.
Security and Reliability some common vulnerability of ad hoc wireless connections is Sinkhole attack, Sybil attacks, and Acknowledge Spoofing, etc [14]. Also an ad hoc network has its particular security problems due to e.g. nasty neighbor relaying packets. Further, wireless page link characteristics introduce reliability problem [13].
Quality of Service providing different quality of service level in a constantly changing environment will be a challenge.
Internetworking internetworking between mobile ad hoc networks and fixed networks is often expected in many cases, which leads to a challenging task.
Power Consumption for most of the light weight mobile terminals, the communication related functions should be optimized for lean power consumption. Conservation of power and power-aware routing must be taken into consideration.
Existing Scheme Analysis shows the techniques which have been proposed already, here we going to see the merits and demerits of the existing technique which leads to proposal of our scheme.
Threshold cryptography is one of the secret sharing techniques. A trusted dealer divides a secret D into n parts so that the knowledge of k parts (k = n) allows the reconstruction of the secret, which is not possible with the knowledge of k-1 or fewer parts. This is called a (k, n) threshold scheme [9, 1].
In proactive secret sharing scheme, secret shares are changed periodically without changing the secret itself, so an attacker cannot use a secret whole lifetime to compromise k participants. All information an attacker collected about the secret becomes worthless after refreshing the shares [10, 2].
The key distribution center (KDC), the central entity is responsible for the key management in a secret key infrastructure. In this, a group of servers jointly act as a KDC with each server sharing a unique secret key with each client [2].
The certificate revocation scheme for wireless ad hoc network was proposed by C.Crépeau and C.R. Davis in [15]. The author explains the advantage and disadvantage of symmetric and asymmetric cryptography technique. In [15], the author articulates that, network security scheme based solely on symmetric key cryptography is limited in the security they provide, owing to the increased probability of shared key being compromised. These schemes, also do not afford scalable solution in light of the problematic nature of the key management issues, such as key renewal. If a key is shared among a group of nodes it needs to be changed periodically. If it™s a small network then it can be changed easily, but it is tedious for large networks, which leads to scalability problem. This can be rectified by our architecture, by using clustering technique.
Ad hoc network security scheme utilizing threshold cryptography, potentially provides greater flexibility and security. However the computational cost, particularly for low-powered wireless nodes, might be too prohibitive. In addition, these schemes require unselfish cooperation of the communicating peers, which cannot be guaranteed in certain networks environments.
When we compare symmetric key cryptography with asymmetric key cryptography, asymmetric has a weaker requirement for communication channel over which the key distribution is performed, and also require much more computational resources than the symmetric key cryptography, also it has a weaker performance and is used to encrypt small amount of data [8]. Common authentication schemes are not applicable in ad hoc networks because public key infrastructure with a centralized certification authority is hard to deploy [1]. Also using asymmetric key encryption could make the network vulnerable to denial of service attack since public key should be issued by a central certification authority (CA) [5].
TESLA Broadcast Authentication Protocol was proposed by A. Perrig, R. Canetti, J.D. Tygar, and D. Song. TESLA uses one way chain, here the sender splits up time into time interval, and generates one key per time interval, so any value of a time interval can be used to derive values of previous time intervals, and also the sender attaches the massage authentication code to each packet. This TESLA scheme makes use of symmetric key technique by using one-way chaining. TESLA achieves low computation and communication overhead, limited buffering, robustness to packet loss, and low cost [4].
Charon (Fox and Gribble 1996) provides indirect authentication and secure communication between a lightweight PDA client and a Kerberos Server using an intermediary system called the proxy. Charon uses the Proxy to communicate with the Kerberos Key Distribution Center and the Kerberos Ticket Granting Server to save the computation resources of the client. It operates using two distinct phases. In the first phase known as the Handshake, the client authenticates itself to the proxy and establishes a secure channel with it. In the second phase called the Service Access, the proxy accesses the Kerberos servers on the clientâ„¢s behalf for authentication services. The scheme, although very effective for low resource clients, cannot be used for ad hoc networks where simultaneous access to three servers (Proxy Server, Authentication Server and Ticket Granting Server) may not be possible in every scenario. This scheme is also subject to latency delays in the authentication mechanism.
M-PKINIT (Harbitter and Menasce 2001) is an amalgamation of the Public Key based Kerberos PKINIT (Tung, Neuman and Wray 2001) and Charon for use in mobile networks. It adds Public Key cryptography to the Kerberos protocol to simplify the key management (from the Kerberos perspective) and the ability to use the existing public key certification infrastructures. It aims to enhance the security of the Kerberos protocol by using a minimal number of public key operations along with a proxy for load distribution. This scheme incorporates asymmetric cryptography which in turn slows the overall authentication mechanism. It also requires simultaneous access to three servers for initial authentication, which we have already deemed limiting in such an improvised environment.
Based upon the analysis of existing schemes, to provide secure communication we are using Kerberos authentication application with clustering technique with symmetric key cryptography which will be secure, reliable, and scalable and will have less overhead.
III-Proposed Scheme:
Kerberos provides a centralized authentication server whose function is to authenticate user to server and server to user. Kerberos relies exclusively on symmetric encryption. In ad hoc network central entity is easy to attack. In our architecture we using clustering technique, where each cluster has is own cluster head (CH) nodes. These CH act as a Kerberos server for a set of nodes. Due to periodic change of CH in a cluster we can prevent the networks from attack. By using Kerberos authentication application we can achieve Secure, Reliable, Transparent, Scalable, and less overhead [12].
Assumptions In our proposed scheme we have made the following assumptions:
1. All CH and GW share a key with each other.
2. All CH and GW are honest nodes.
3. The CH and GW are static nodes.
In order to make our concept scalable, to avoid expensive long-range traffic, and to enhance availability by providing service locally, we partition an ad hoc network into a number of clusters. In each cluster, exactly one distinguished node “ the cluster head (CH) “ is responsible for establishing and organizing the cluster. Gateways (GW), manage communication with adjacent clusters. The GWs may or may not be CHs. The CHs are responsible for sending CH beacons in their clusters, containing administrative information for the cluster members, e.g., lists of nodes and GWs in the cluster. Also, GWs periodically transmit GW beacons to inform their respective clusters about adjacent clusters. Clustering is also used in some routing protocols for ad hoc networks. Routing is then typically divided into two parts: routing within a cluster (intra-cluster) and routing between different clusters (inter-cluster). One solution for such a scenario is the zone routing protocol, a combination of proactive intra-cluster and reactive inter-cluster routing; communication between two clusters is always routed via GWs [11]. The cluster generation, cluster head selection, and periodic change of cluster head was already proposed and explained in [8].
In our approach, two keys are used one key used for communication between cluster heads and gateway, another key is used by the nodes in the clusters. When a cluster head moves or become unreachable, the high priority node in the cluster becomes the cluster head. The new CH gets the shared key of old CH from the neighboring CH. Also we need to make sure that the key needs to be renewed or changed after a certain period of time in order to make it hard for a moving attacker to compromise a number of k CHs over time [1].
Fig.1. General Model of SCP
When a new node enters into a particular cluster, the CHs generate identification number (ID) and password. This ID and password are used when two nodes communicates. The communication takes place via CHs; CHs use the node ID and password to check the authenticity of the particular node which requests. CHs maintain a table of information about the nodes in the network. When new node enters in one cluster it stores necessary information in the CHs and also intimate to other clusters. By using the ID and network address of the node we can say that the message comes from a authenticated node. By using the symmetric key encryption we can say that message is not altered and provide confidentiality. Thus by using our proposed scheme we can achieve authentication and confidentiality for the communication between nodes.
Advantage of using symmetric key cryptographic technique:
Scalable since we are dividing network into cluster.
Less overhead.
Reliable.
Only n keys are used not n*(n-1).
Advantage of using Kerberos Authentication Application:
Single server needs to be accessed
Faster authentication
Reduced client side processing.
Advantage of using Clustering Technique:
Spatial reuse of resources, which can significantly improve the system capacity.
Reduce the amount of routing information in the network.
Reduce the amount of routing delay in the network.
Reduce the amount of topology update messages broadcast in the network.
Format of information stored in CH database are as follows
CHid Nid Pn NAn
The same above format is used by GW but it will not store information about password (Pn).
Log on process for a new node When new node receives the beacon signal from a cluster, if it want to join in that cluster it send its information, which consists of network address Nan and public key of the new node Kun and the message is encrypted by using public key of corresponding cluster head. The CH receives the message and decrypts it using its private key and checks the information is correct. If they are correct CH generates node id Nid and secret master key Knch which is known to new node and CH. The message is encrypted using public key of new node and sends it to new node. The new node decrypts the message and store the node id and master key. Further communications between nodes are established by using the master key. Fig 4.3 shows the Operation of joining process of new node.
1) N CH : Ekuch [ Nan || Kun ]
2) CH N : EKun [Nid || Knch]
NAn Network Address of a node.
Nid Node Identifier.
kuch Public key of CH
Kun Public key of ode N.
Secure Communication between two nodes within cluster When two nodes want to communicate, consider for example N1 wants to communicate with N2. N1 generates the message to CH with N1id and N2id by encrypting the message using the secret key known to N1 and CH only. CH decrypts the message and check whether the destination N2 is with in the cluster. If so CH generates a packet which consists of session key Ks, N1id, N2id and Ekn2ch [ks || N1id]. The packet is encrypted by using the master key and sends it to N1. N1 decrypts the packet and send N1id and Ekn2ch [ks || N1id] to the destination node N2. N2 decrypts the packet and compare the encrypted N1id with unencrypted N1id if they are correct N2 identifies that N1 is an authenticated node and sends acknowledgement to N1. Then further communication is established using the session key. Fig 4.4 shows the Operation of communication between two nodes with in cluster.
1) N1 CH : Ekn1ch [N1id || N2id]
2) CH N1 :Ekn1ch [Ks || N1id || N2id || Ekn2ch [ks || N1id]]
3) N1 N2 : N1id || Ekn2ch [ks || N1id]
N1, N2 Nodes
N1id Identifier of node N1
N2id Identifier of node N2
CH Cluster Head
kn1ch Secret Key Known to CH and N1.
Kn2ch Secret Key Known to CH and N2.
Ks Session Key
Fig 2 Basic Operation.
Secure communication between two nodes, between two clusters When two nodes want to communicate, consider for example N1 is in one cluster CH1 and N2 is in another cluster CH2. N1 produce its N1id, and N2id to CH1. The CH1 checks N1id stored in the database and checks whether N2 is within the cluster or not. If N2 is not in the same cluster then CH1 generate a packet to the GWs. GW act as a communication channel between two cluster and store the two clusters node information in it (As per our example GW store details about all the node in CH1 and CH2). This packet is encrypted by another key Kch which is shared by all CHs GWs. The packet consists of N2id and CH1id. The GW decrypts the packet and checks N2id is in which cluster. GW generates the packet to CH1 in encrypted form and the packet consists of N1id, N2id, CH1id, and CH2id. Then CH1 generate packet to CH2 which consists of N1id, N2id, CH1id, and CH2id in an encrypted form. Then CH2 generate packet to CH1 consists of Ks, N1id, N2id, and Ekn2ch2 [Ks||N1id] by encrypting the packet using key shared by all CHs. Then CH1 generate the packet to node N1 consists of Ks, N1id, N2id, and Ekn2ch2 [Ks||N1id] by encrypting the packet using key shared by N1 and CH1 only. Now N1 sends the packet to N2 with N1id and Ekn2ch2 [Ks||N1id]. N2 decrypts the packet and compare the encrypted N1id with unencrypted N1id if they are correct N2 identifies that N1 is an authenticated node and sends acknowledgement to N1. Then further communication is established using the session key. The figure 4.5 shows the operation of communication between two nodes between clusters.
1) N1 CH1: Ekn1ch1 [N1id || N2id]
2) CH1 GW : N1id || N2id
3) GW CH1: N1id || N2id || CH1id || CH2id
4) CH1CH2 : Ekch [N1id || N2id || CH1id || CH2id]
5) CH2CH1 : Ekch [Ks || N1id || N2id || Ekn2ch2 [Ks||N1id]]
6) CH1N1 : Ekn1ch1 [Ks || N1id || N2id || Ekn2ch2 [Ks||N1id]]
7) N1 N2 : N1id || Ekn2ch2 [Ks || N1id]
N1, N2 Nodes
N1id, N2id Identifier of node N1 and N2
CH1, CH2 Cluster Heads
CH1id Identifier of CH1.
CH2id Identifier of CH2.
Kch Key known to CH and GW
kn1ch1 Secret Key Known to CH and N1.
Kn2ch2 Secret Key Known to CH and N2.
Ks Session Key
IV-Conclusion and Future Work
In this paper, we introduced a cluster based secure authentication protocol framework for symmetric key infrastructure, based on the clustering technique and Kerberos authentication application for an ad hoc network. Also we have analyzed the security issues, challenges, goals, application and analysis of existing scheme of an ad hoc network and presented the security objective that needs to be achieved.
Our future work includes doing further explorations to evaluate our architecture through security analysis and simulations.
References:
1. M. Bechler, H.-J. Hof, D. Kraft, F. Pählke, L. Wolf, A Cluster-Based Security Architecture for Ad Hoc Networks, IEEE Infocom 2004.
2. L. Zhou and Z.J. Haas, Securing Ad Hoc Networks, IEEE Network, Vol.13, no.6, pp.24-30, 1999.
3. V. Kärpijoki, Security in Ad Hoc Networks, Helsinki University of Technology, Telecommunications Software and Multimedia Laboratory.
4. A.Perrig, R.Canetti, J.D.Tygar, D.Sang, The TESLA Broadcast Authentication Protocol, IN CryptoBytes, 5:2, summer/fall 2002, pp.2-13.
5. K. Inkinen, New Secure Routing in Ad Hoc Networks: Study and Evaluation of Proposed Schemes, Helsinki University of Technology, Laboratory of Multimedia.
6. H. Lue, P. Zerfos, J. Kong, S. Lu and L. Zhang, Self- Securing Ad Hoc Wireless Networks, IEEE ISCC 2002.
7. D. Balfanz, D.K. Smetters, P. Stewart and H. Chiwong, Talking To Strangers: Authentication in Ad Hoc Wireless Networks, Internet Society, Xerox Palo Alto Research Center.
8. K.Fokine, Key Management in Ad Hoc Networks, LITH-ISY-EX-3322-2002 2002-09-11.
9. A. Shamir, How to Share a Secret, Acm Comm., Vol.22, no.11, 1979.
10. A. Herzberg, M. akobson, S. Jarecki, H. Krawczyk, and M. Yung, Proactive Public Key and Signature Systems, in Acm Conf, on Computer and Comm. Security, ziirich, 1997.
11. C. Perkins, Ad Hoc Networking, Addison-Wesley, 2001.
12. W. Stallings, Cryptography and Network Security: Principle and Practice, Third Edition, Prentice-Hall 2003.
13. Jon-Zhao Sun, Mobile Ad Hoc Networking: An Essential Technology for Pervasive Computing, University of Oulu, Finland.
14. S.G. Jyothi, M. Bagali , Performance Evaluation of Secure Routing in Mobile Ad Hoc Networks: Attacks and CounterMeasures, M S R I T Bangalore and IIT Roorkee.
15. C. Cr´epeau and C.R. Davis, A Certificate Revocation Scheme for Wireless Ad Hoc Networks, School of Computer Science, Mc Gill University.
h interests include Networking, Network Security, Ad Hoc Networks, and Client/Server Technologies.
Currently she is doing her research in Grid Security.
