Abstract
In mobile ad hoc networks, due to unreliable wireless
media, host mobility and lack of infrastructure, providing secure
communications is a big challenge in this unique network environment.
Usually cryptography techniques are used for secure
communications in wired and wireless networks. The asymmetric
cryptography is widely used because of its versatileness (authentication,
integrity, and confidentiality) and simplicity for key distribution.
However, this approach relies on a centralized framework
of public key infrastructure (PKI). The symmetric approach has
computation efficiency, yet it suffers from potential attacks on key
agreement or key distribution. In fact, any cryptographic means
is ineffective if the key management is weak. Key management
is a central aspect for security in mobile ad hoc networks. In
mobile ad hoc networks, the computational load and complexity
for key management is strongly subject to restriction of the node’s
available resources and the dynamic nature of network topology.
In this paper, we propose a secure and efficient key management
framework (SEKM) for mobile ad hoc networks. SEKM builds PKI
by applying a secret sharing scheme and an underlying multicast
server group. In SEKM, the server group creates a view of the
certification authority (CA) and provides certificate update service
for all nodes, including the servers themselves. A ticket scheme is
introduced for efficient certificate service. In addition, an efficient
server group updating scheme is proposed.
I. INTRODUCTION
Mobile ad hoc networks are special type of wireless networks
in which a collection of mobile hosts with wireless
network interfaces may form a temporary network, without
the aid of any fixed infrastructure or centralized administration.
In mobile ad hoc networks, nodes within their wireless
transmitter ranges can communicate with each other directly
(assume that all nodes have the same transmission range),
while nodes outside the range have to rely on some other nodes
to relay messages. Thus a multi-hop scenario occurs, where
the packets sent by the source host are relayed by several
intermediate hosts before reaching the destination host. Every
node functions as a router. The success of communication
highly depends on the other nodes’ cooperation.
While mobile ad hoc networks can be quickly and inexpensively
setup as needed, security is a critical issue compared
to wired or other wireless counterparts. Many passive and
active security attacks could be launched from the outside
by malicious hosts or from the inside by compromised hosts
[10][12].
Cryptography is an important and powerful tool for security
services, namely authentication, confidentiality, integrity, and
non-repudiation. It converts readable data (plaintext) into
meaningless data (ciphertext). Cryptography has two dominant
flavors, namely symmetric-key (secret-key) and asymmetrickey
(public-key) approach. In symmetric-key cryptography, the
same key is used to encrypt and decrypt the information, while
in the asymmetric-key approach, different keys are used to
convert and recover the information. Although the asymmetric
cryptography approach possesses versatileness (authentication,
integrity, and confidentiality) and simplicity for key
distribution, symmetric-key algorithms are generally more
computation-efficient than the public-key approach. There is a
variety of symmetric or asymmetric algorithms available, such
as DES, AES, IDEA, RSA, and EIGamal [1][2][11]. Threshold
cryptography [3] is a scheme quite different from the above
two approaches. In Shamir’s (k; n) secret sharing scheme, a
secret is split into n pieces according to a random polynomial.
The secret can be recovered by combining k pieces based on
Lagrange interpolation. Secret splitting, reconstruction, and
verification is quickly reviewed in Section 3. These cryptography
tools are widely used in wired and wireless networks,
obviously they could also be used in mobile ad hoc networks.
Key management is a basic part of any secure communication.
Most cryptosystems rely on some underlying secure,
robust, and efficient key management system. Key management
deals with key generation, storage, distribution, updating,
revocation, and certificate service, in accordance with security
policies. Key management primitives and a trust model are
presented in Section 3. The outline of key management is
described below. First, secrecy of key itself must be assured in
the local host system. Second, secure network communications
involve key distribution procedure between communication
parties, in which the key may be transmitted through insecure
channels. Key confidentiality, integrity, and ownership must
be enforced in the whole procedure. Third, a framework of
trust relationships needs to be built for authentication of key
ownership. While some frameworks are based on a centralized
Trusted Third Party (TTP), others could be fully distributed.
For example, a Certificate Authority is the TTP in PKI,
Key Distribution Center (KDC) is the TTP in the symmetric
system


Download full report
http://googleurl?sa=t&source=web&cd=1&ve...1.110.3221%26rep%3Drep1%26type%3Dpdf&ei=4wUxTsGcGYGLsgK4g4j6Cg&usg=AFQjCNFiW1C2JPn8iDm5JWumSej7VjvTPw&sig2=BW_OTRYAp5Gdnya_c9dLKA