1 / 29

Secure Ad-Hoc Routing

Secure Ad-Hoc Routing. CS 598 HL, Fall 2006. routing table. routing table. routing table. Network-Layer Security. What to secure: Routing Packet forwarding. Challenges. Wireless media are open, shared, and unreliable - no clear line of defense Device compromise or theft

becky
Télécharger la présentation

Secure Ad-Hoc Routing

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Secure Ad-Hoc Routing CS 598 HL, Fall 2006

  2. routing table routing table routing table Network-Layer Security • What to secure: • Routing • Packet forwarding

  3. Challenges • Wireless media are open, shared, and unreliable - no clear line of defense • Device compromise or theft • Resource constraints, network dynamics

  4. Proactive vs. Reactive • Proactive: • install a lock in the door • authorized personnel have key • Reactive • employ a doorman • report to the police when the bad guys enter.

  5. Pro and Con • Proactive approach: • Proven secure to bad guys without the key • If the bad guy obtains the key by any means … • Reactive approach: • Hopefully, bad guys will be caught • Absent-minded doorman • The police need some time to come • All proposals on secure routing are proactive • A few reactive proposals address packet forwarding - reactive

  6. Secure Ad-Hoc Routing • Message authentication primitives • Secure source routing • Secure DSR • Secure distance vector routing • Secure DSDV, AODV

  7. Message Authenticators • HMAC: message authentication codes • Digital signature • One-way HMAC chain

  8. HMAC • Alice and Bob share a secret symmetric key K • Alice wants to send a message M to Bob: • HMAC: hK(M) [MD5(M.K) or SHA-1(M.K)] • Alice sends {M, hK(M)} to Bob • Bob is assured that M is from Alice

  9. HMAC • Advantages • Computationally efficient • Disadvantages: • Only intended receiver can verify • Pair-wise key sharing • A total of N(N-1)/2 keys for N nodes • SRP uses HMAC • Secure routing protocol for DSR

  10. Digital Signature • Based on asymmetric cryptograph (e.g., RSA) • Alice, Bob, and Charles • Alice: (PKA, SKA) • Bob: (PKB, SKB) • Charles: (PKC, SKC) • Alice wants to send M to Bob • DA(M) [MSKA mod N] • Alice sends {M, DA(M)} to Bob • Bob is assured that M is from Alice

  11. Digital Signature • Advantages: • A total of N key pairs for N nodes • Each node only needs to carry 1 key pair for itself, and a “group” public key PK • Disadvantages: • 3~4 orders of magnitude more computation overhead • SAODV, ARAN use digital signature • Authenticated routing for ad hoc networks

  12. One-way HMAC Key Chain • Based on HMAC • A one-way hash key chain • h0, h1, h2, …, hn • h1 = H(h0), h2 = H(h1), …, hn = H(hn-1) • Divide time into slots: possess hn release hn-2 release hn-1 use hn-1 use hn-2

  13. One-way HMAC key chain • Advantages: • A total of N roots for a network of N nodes • Computationally efficient • Disadvantages: • Time synchronization • Efficient storage of key chains (or on-line generation) • Delayed authentication (MAC must be received before the key is released • Two rounds of communication (key release) • SEAD, Ariadne, and Packet Leash use TESLA • For DSDV, DSR, and wormhole attacks

  14. Secure Ad-Hoc Routing • Message authentication primitives • Secure source routing • Secure DSR • Secure distance vector routing • Secure DSDV, AODV

  15. Secure Source Routing • Challenges: • Cannot remove nodes from source routes • Cannot add nodes into source routes • Solution: • Attach a per hop authenticator on routing messages • Ariadne uses one-way HMAC key chain to generate per hop authenticator

  16. Ariadne • S -> A -> B -> C -> D

  17. Ariadne • What kind of attacks it can handle? • Bogus route • Add or remove nodes from the route • Replay attack (partially, longer than TESLA’s time interval) • What kind of attacks it cannot handle? • Collaborative attackers • Replay attack up to TESLA’s time interval • Attacks on time synchronization • Selfishness

  18. Secure Ad-Hoc Routing • Message authentication primitives • Secure source routing • Secure DSR • Secure distance vector routing • Secure DSDV, AODV

  19. Secure Distance Vector Routing • Challenge: • Advertise routing metric properly • Increase hop count by 1 for each hop • Cannot decrease hop count • Advertise sequence number correctly • Cannot increase the sequence number • Solution: • Hash chain

  20. Hash Chain for Secure Hop Count • Assuming maximum hop count is n • A node • Generates hash chain • h0, h1, h2, …, hn • h1 = H(h0), h2 = H(h1), …, hn = H(hn-1) • hx= h0 , HopCount = 0 • Add {hx, hn, HopCount} into RREP • When receiving a RREP • Verify hn = Hn-HopCount(hx) • hx= H(hx), HopCount ++ • Add {hx, hn, HopCount} into RREP

  21. Hash Chain • Attacks it can handle • Increase sequence number • Decrease hop count • Cannot handle • Collaborative attackers • Replay attackers, especially when the update period is long and the attackers are mobile • Selfishness • Neighbor authentication is not clear • More complicated scheme using hash tree to ensure monotonically increasing hop count • Only applicable to discrete routing metric • Discretize continuous metric

  22. Secure Ad-Hoc Routing • Message authentication primitives • Secure source routing • Secure DSR • Secure distance vector routing • Secure DSDV, AODV

  23. Reactive Approaches to Pkt Forwarding/routing • Intrusion Detection • Watchdog and Pathrater • CONFIDANT

  24. Intrusion Detection • Intrusion Detection in Wireless Ad Hoc Networks, L. Zhang, W. Lee, MobiCom 2002 • Distributed IDS • Statistical anomaly detection • Gather information from multiple layers • Problem: How to realize this framework? • Mobility • Imperfect information source • False accusation • Dynamic member join/leave

  25. Watchdog and Pathrater • Mitigating Routing Misbehavior in Mobile Ad Hoc Networks, M. Baker, MobiCom 2000 • Source Routing • Localized Watchdog (each node monitors its next hop) • End-to-End Pathrater evaluates the path quality and chooses the best

  26. CONFIDANT • Performance Analysis of the CONFIDANT Protocol, J. Boudec, MobiHoc 2002

  27. CONFIDANT • Neighborhood monitor • No collaboration • Send alarm to friends • Individual reaction to bad guys • Detection: ? • Node Authentication: ?

  28. Discussion • Secure Routing problem should be solved in a proactive manner • Service enforcement should be solved in a combined manner • On-demand detection • Local Repair (also good for general ad hoc routing) • Fairness: ad hoc node is both the user and the service provider

  29. Network Security • Trust/key management • PKI, KDC, Self-organized PGP • Nov. 12~17 lecture • MAC layer security • Insecurity of 802.11 WEP • Secure pkt forwarding for sensor net • Filtering of injected false data reports • Incentives • Collaboration motivation and enforcement • Privacy • How to achieve the same level of privacy that cellular network provides?

More Related