1 / 29

CSCE 715

CSCE 715. Anonymous Communication in Mobile Ad Hoc Networks. Vishal Patel. Introduction . What is Mobile Ad-hoc Network? Also called as MANET They became popular for research in mid – late 1990’s Vehicular ad – hoc networks (VANETs). Introduction. This paper proposes……. Security

charleslester
Télécharger la présentation

CSCE 715

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. CSCE 715 Anonymous Communication in Mobile Ad Hoc Networks Vishal Patel

  2. Introduction • What is Mobile Ad-hoc Network? • Also called as MANET • They became popular for research in mid – late 1990’s • Vehicular ad – hoc networks (VANETs)

  3. Introduction • This paper proposes……. • Security • Traffic Analysis

  4. Introduction • Military uses of MANETs • Civilian uses of MANETS • Personal Uses of MANETS

  5. Security Issues/Countermeasures • MANETS ARE EASILY HACKABLE!!!! • Countermeasures • -LPI/LPD • -Traffic Padding • -End to End Encryption

  6. MASK-Routing Protocol • An on-demand anonymous routing protocol for MANETS • Fulfills the routing task without disclosing real identity • --Anonymous neighborhood • --Anonymous route discovery

  7. MASK is designed to meet • Sender, receiver anonymity • Untraceability and Unlocatability • Anonymous secure authentication • Low cryptographic overhead • Resistance to a wide range attacks

  8. Preliminaries and Models • Let G1 and G2 be two groups of the same prime order q • G1 – additive group and G2 – multiplicative group • Paring is a computable bilinear map where f : G1XG1  G2

  9. Adversarial Model • Active attacks • -Visible attack (radio jamming, DoS) • Countermeasures to active attacks • -IDS, frequency hopping

  10. Adversarial Model • Passive Attacks • - Invisible attack (Eavesdropping, inject packets) • Countermeasures • - LPI/LPD, spread spectrum

  11. Network Model • Limited transmission • Non-neighboring nodes must communicate via multi-hop • Wireless links are unreliable • MAC interface in promiscuous mode

  12. MASK System Design • Nodes changes vigorously. • H1 z;{0,1}*  G1 • H2 : {0,1}*  {0,1}β • PSi = collision resistant pseudonyms • Si = secret point set • Given one pseudonym and secret pair cannot deduce the master key

  13. Anonymous Neighborhood Authentication • Ensure two neighboring nodes have trust relationship • The nodes create there own key

  14. Alice wants to send a message to Bob A random pseudonym is picked from their set A session key from bob and secret point set is calculated to send the message Example (Alice & Bob)

  15. Example continued • The message is send to Alice • After Alice’s receives a reply, she then calculates her session key and authenticates Bob based on his authenticator • She then send the message same way bob replied • And now we have anonymous authentication

  16. Example continued • After authentication, they can compute how many pairs of session key can be used • With the same process, Alice knows all her neighbors and will create a table which will have session key and link identifier • The link ID will be used to identify the packets transmitted between Alice and Bob • When all pairs have been used, they need to generate another set of pairs

  17. Example Continued • Only Trusted Authority and give pseudonym to a node, the hacker does not learn anything • The hacker (Trudy) cannot compute the link identifier or the shared key

  18. Anonymous Route Discovery • Neighbors authenticate and establish session key and link ID pairs • Each node has • Forwarding routing table <dest_id, destSeq, pre-link, next-link> • Reverse route table <dest_id, destSeq, pre-hop-pseudonym> • Target link table

  19. Anonymous Route Request • ARREQ • Packet format of <ARREQ, ARREQ_id, dest_id, destSeq, PSx> • Intermediate node C received ARREQ • Rebroadcasts ARREQ • Previously seen ARREQ_ids are discarded • Continues until all nodes have broadcast

  20. Random routes MASK doesn’t use best path, which could delay the packet Anonymous route are used so the nodes inform the network to remove the path that was taken Anonymous Data Forwarding

  21. Attacks against MASK • Message Coding Attack • -- attack happens when contents are not changed during transmissions • Countermeasures • Random padding • Per-hop link encryption

  22. Flow Recognition and Message Replay Attacks • Recognize packets that belong to same ongoing communication • Countermeasures • Multipath packet forwarding • LinkIDs should be change periodically

  23. Timing Analysis Attack • Attacker learns what time packets come in/out • Countermeasures • Forge a packet with fake LINKID • Wait random amount of time

  24. Performance Evaluation • Cryptographic Operations • -Anonymous Neighborhood Authentication • -Hop-by-Hop link encryption/decryption

  25. Performance • Routing performance • -MASK v/s AODV • Three metrics used • -Packet Delivery Ratio • -Average end-to-end delay of data packets • -Normalized routing load

  26. PDR v/s MASK • Normal load – 20 sources • -No difference • Large load – 40 sources • -MASK is advantageous

  27. PDR v/s MASK Cont. • Same as Packet delivery ratio • Finds long path less frequently

  28. PDR v/s MASK Cont. • Normal traffic • -AODV is better • Heavy traffic • -MASK is better • MAC layer collisions

  29. Conclusion • Anonymity • Unlocatability • Untraceability • Can immune to wide range of attacks • Comparable routing performance

More Related