The Community for Technology Leaders
RSS Icon
Subscribe
Issue No.09 - September (2009 vol.8)
pp: 1180-1188
Mike Burmester , Florida State University, Tallahassee
Breno de Medeiros , Google Inc., Mountain View
ABSTRACT
Mobile ad hoc networks (MANETs) are collections of wireless mobile devices with restricted broadcast range and resources, and no fixed infrastructure. Communication is achieved by relaying data along appropriate routes that are dynamically discovered and maintained through collaboration between the nodes. Discovery of such routes is a major task, both from efficiency and security points of view. Recently, a security model tailored to the specific requirements of MANETs was introduced by Acs, Buttyán, and Vajda. Among the novel characteristics of this security model is that it promises security guarantee under concurrent executions, a feature of crucial practical implication for this type of distributed computation. A novel route discovery algorithm called endairA was also proposed, together with a claimed security proof within the same model. In this paper, we show that the security proof for the route discovery algorithm endairA is flawed, and moreover, this algorithm is vulnerable to a hidden channel attack. We also analyze the security framework that was used for route discovery and argue that composability is an essential feature for ubiquitous applications. We conclude by discussing some of the major security challenges for route discovery in MANETs.
INDEX TERMS
Network protocols: routing protocols (security), Network architecture and design—distributed networks (security), computer communication networks (general): security and protection, management of computing and information systems (security), MANET security, hidden channels, provably secure protocols.
CITATION
Mike Burmester, Breno de Medeiros, "On the Security of Route Discovery in MANETs", IEEE Transactions on Mobile Computing, vol.8, no. 9, pp. 1180-1188, September 2009, doi:10.1109/TMC.2009.13
REFERENCES
[1] C.E. Perkins and P. Bhagwat, “Highly Dynamic Destination-Sequenced Distance-Vector Routing (DSDV) for Mobile Computers,” Proc. ACM SIGCOMM, pp. 234-244, 1994.
[2] D. Johnson and D. Maltz, “Dynamic Source Routing in Ad Hoc Wireless Networks,” Mobile Computing, T. Imielinski and H.Korth, eds., Kluwer Academic Publishers, 1996.
[3] P. Papadimitratos and Z. Haas, “Secure Routing for Mobile AdHoc Networks,” Proc. SCS Comm. Networks and Distributed Systems Modeling and Simulation Conf. (CNDS '02), 2002.
[4] C. Perkins, “Ad-Hoc On-Demand Distance Vector Routing,” Proc. Military Comm. Conf. (MILCOM '97), panel on ad hoc networks, 1997.
[5] C.E. Perkins and E.M. Belding-Royer, “Ad-Hoc On-Demand Distance Vector Routing,” Proc. Second Workshop Mobile Computing Systems and Applications (WMCSA '99), pp. 90-100, 1999.
[6] M.G. Zapata, “Secure Ad Hoc On-Demand Distance Vector Routing,” Mobile Computing and Comm. Rev., vol. 6, no. 3, pp.106-107, 2002.
[7] P. Papadimitratos and Z. Haas, “Securing Mobile Ad Hoc Networks,” Handbook of Ad Hoc Wireless Networks, M. Ilyas, ed., CRC Press, 2002.
[8] K. Sanzgiri, B. Dahill, B.N. Levine, C. Shields, and E.M. Belding-Royer, “A Secure Routing Protocol for Ad Hoc Networks,” Proc. IEEE Int'l Conf. Network Protocols (ICNP '02), pp.78-89, 2002.
[9] Y.-C. Hu, D.B. Johnson, and A. Perrig, “SEAD: Secure Efficient Distance Vector Routing for Mobile Wireless Ad Hoc Networks,” Ad Hoc Networks, vol. 1, no. 1, pp. 175-192, 2003.
[10] Y.-C. Hu, A. Perrig, and D.B. Johnson, “Packet Leashes: A Defense against Wormhole Attacks in Wireless Networks,” Proc. IEEE INFOCOM, 2003.
[11] Y.-C. Hu and A. Perrig, “A Survey of Secure Wireless Ad Hoc Routing,” IEEE Security and Privacy, vol. 2, no. 3, pp. 28-39, Mar. 2004.
[12] L. Buttyán and I. Vajda, “Towards Provable Security for Ad Hoc Routing Protocols,” Proc. ACM Workshop Ad Hoc and Sensor Networks (SASN '04), 2004.
[13] G. Ács, L. Buttyán, and I. Vajda, “Provably Secure On-Demand Source Routing in Mobile Ad Hoc Networks,” Technical Report 159, Int'l Assoc. for Cryptologic Research, 2004.
[14] G. Ács, L. Buttyán, and I. Vajda, “Provable Security of On-Demand Distance Vector Routing in Wireless Ad Hoc Networks,” Proc. European Workshop Security and Privacy in Ad Hoc and Sensor Networks (ESAS '05), pp. 113-127, 2005.
[15] G. Ács, L. Buttyán, and I. Vajda, “Provably Secure On-Demand Source Routing in Mobile Ad Hoc Networks,” IEEE Trans. Mobile Computing, vol. 5, no. 11, pp. 1533-1546, Nov. 2006.
[16] G. Ács, L. Buttyán, and I. Vajda, “Modelling Adversaries and Security Objectives for Routing Protocols in Wireless Sensor Networks,” Proc. Workshop Security in Ad Hoc and Sensor Networks (SASN '06), pp. 49-58, 2006.
[17] B. Pfitzmann and M. Waidner, “Composition and Integrity Preservation of Secure Reactive Systems,” Proc. ACM Conf. Computer and Comm. Security, pp. 245-254, 2000.
[18] R. Canetti, “Universally Composable Security: A New Paradigm for Cryptographic Protocols,” Proc. IEEE Ann. Symp. Foundations of Computer Science (FOCS '01), pp. 136-145, 2001.
[19] Y.-C. Hu, A. Perrig, and D. Johnson, “Ariadne: A Secure On-Demand Routing Protocol for Ad Hoc Networks,” Proc. ACM MobiCom, 2002.
[20] J.T.A. Perrig, R. Canetti, and D. Song, “Efficient Authentication and Signing of Multicast Streams over Lossy Channels,” Proc. IEEE Symp. Security and Privacy, pp. 56-73, 2000.
[21] D. Beaver, “Foundations of Secure Interactive Computing,” Proc. Conf. Advances in Cryptology (CRYPTO '91), pp. 377-391, 1992.
[22] D. Beaver and S. Haber, “Cryptographic Protocols Provably Secure against Dynamic Adversaries,” Proc. Conf. Advances in Cryptology (EUROCRYPT '92), pp. 307-323, 1992.
[23] B.P.M. Backes and M. Waidner, “A General Composition Theorem for Secure Reactive Systems,” Proc. Theory of Cryptography Conf. (TCC '04), pp. 336-354, 2004.
[24] D. Dolev and A. Yao, “On the Security of Public Key Protocols,” IEEE Trans. Information Theory, vol. 29, no. 2, pp. 198-208, Mar. 1983.
[25] J.R. Douceur, “The Sybil Attack,” Proc. First Int'l Workshop Peer-to-Peer Systems (IPTPS '02), pp. 252-260, 2002.
[26] G. Simmons, “The Subliminal Channels of the US Digital Signature Algorithm (DSA),” Proc. Third Symp. State and Progress of Research in Cryptography, pp. 35-54, 1993.
[27] M. Burmester, T. van Le, and A. Yasinsac, “Adaptive Gossip Protocols: Managing Security and Redundancy in Dense Ad Hoc Networks,” J. Ad Hoc Networks, vol. 5, no. 3, pp. 286-297, 2007.
[28] Y.-C. Hu, A. Perrig, and D. Johnson, “Packet Leashes: A Defense against Wormhole Attacks in Wireless Ad Hoc Networks,” Proc. IEEE INFOCOM, pp. 1976-1986, 2003.
[29] J. Hall, M. Barbeau, and E. Kranakis, “Enhancing Intrusion Detection in Wireless Networks Using Radio Frequency Fingerprinting,” Proc. IASTED Int'l Conf. Comm., Internet, and Information Technology, pp. 201-206, 2004.
[30] Y.-C. Hu, A. Perrig, and D. Johnson, “A Survey of Secure Wireless Ad Hoc Routing Protocols,” IEEE Security and Privacy Magazine, vol. 2, no. 3, pp. 28-39, May/June 2004.
[31] R. Perlman and C. Kaufman, “Key Exchange in IPSEC: Analysis of IKE,” IEEE Internet Computing Magazine, vol. 4, no. 6, pp. 50-56, Nov. 2000.
[32] M. Burmester and T. van Le, “Secure Multipath Communication in Mobile Ad Hoc Networks,” Proc. Int'l Conf. Information Technology: Coding and Computing (ITCC '04), vol. 2, pp. 399-405, 2004.
[33] M. Burmester, T. van Le, and M. Weir, “Tracing Byzantine Faults in Ad Hoc Networks,” Proc. Conf. Computer, Network and Information Security 2003, pp. 43-46, 2003.
5 ms
(Ver 2.0)

Marketing Automation Platform Marketing Automation Tool