1 / 20

SAODV and Distributed Key Management

SAODV and Distributed Key Management. Mark Guzman, Jeff Walter, Dan Bress, Pradhyumna Wani. Agenda. SAODV AODV Authentication and Integrity Distributed Key Management Overview Advantages Disadvantages. AODV. Ad-Hoc On-Demand Distance Vector Routing Reactive route discovery

jayden
Télécharger la présentation

SAODV and Distributed Key Management

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. SAODV and Distributed Key Management Mark Guzman, Jeff Walter, Dan Bress, Pradhyumna Wani

  2. Agenda • SAODV • AODV • Authentication and Integrity • Distributed Key Management • Overview • Advantages • Disadvantages

  3. AODV • Ad-Hoc On-Demand Distance Vector Routing • Reactive route discovery • Contains no security (no authentication of source nodes, no data integrity checking)

  4. AODV • RREQ, RREP, RERR • Each node maintains a routing table of destination nodes • Each node uses sequence numbers to check ‘freshness’ of routes

  5. AODV

  6. SAODV • Secure Ad-Hoc On-Demand Distance Vector Routing • Authentication- must verify source node’s identity • Data integrity- information passed through routing packets must not be tampered with

  7. Authentication • Digital signatures (asymmetric, one public and private key per node) • No specific key distribution system • Possibility of certificates

  8. Integrity • Mutable (hop count) vs. immutable (source and destination IP addresses) information • Use Hash Chains to help secure the hop count • Digital Signatures prevent tampering of immutable data

  9. Issues • High cost of using digital signatures • Nothing to prevent some kinds of tampering of the hop count • No exact key distribution system • Man in the middle and tunneling attacks not prevented • No mention of how to secure the process of joining group

  10. Distributed Key Mangement • Simple and Fault-Tolerant Key Agreement for Dynamic Collaborative Groups

  11. Overview • Efficient Key Management required to provide secure and reliable group communication • Problem domain • Dynamic Membership • Distributed and Collaborative System

  12. Key Management Solution • Group Diffie-Hellman • Secured Key exchanged between nodes • Key Tree • Efficient Key calculation

  13. Key Trees • Efficiency • Tree Balancing • Private and Public (blinded) Keys

  14. Communication • Group Key Agreement • View Synchrony • Guarantees group members receive same set of messages • Sender’s requested message order preserved

  15. Group Membership Events • JOIN • LEAVE • MERGE • PARTITION

  16. JOIN • Role of sponsor

  17. Cascaded Events • Event A occurs, and during its processing event B occurs. • This is handled using re-entrance. • Partially mitigated by VS usage

  18. Security • Cryptographic Requirements • Group Key Secrecy • Forward Secrecy • Backward Secrecy • Key Independence

  19. Security cont. • Security features of the protocol • Each node contributes to group key • Node’s shares are secret • Group membership fluctuation handled • All messages are signed by senders

  20. Complexity • Broadcast • Tree Calculation

More Related