240 likes | 431 Vues
S E A D. Secure Efficient Distance Vector Routing for Mobile Wireless Ad Hoc Networks Yih-Chun Hu, David B.Johnson, Adrian Perrig. Introduction. Ad Hoc Networks Possible attacks Secure routing protocols. Ad Hoc Networks. Unstable link High mobility Very limited computing resources
E N D
S E A D Secure Efficient Distance Vector Routing for Mobile Wireless Ad Hoc Networks Yih-Chun Hu, David B.Johnson, Adrian Perrig
Introduction • Ad Hoc Networks • Possible attacks • Secure routing protocols
Ad Hoc Networks • Unstable link • High mobility • Very limited computing resources • Easy to eavesdrop
Assumptions • All links are bi-directional • No physical or MAC layer attacks • The network may drop, corrupt, duplicate, or reorder packets • MAC layer can detect randomly corrupted packets • Network diameter
Possible Attacks • Ignorance attack (discarding packets) • Jam attack (jam routing packets) • Modification attack (modifying packets) • Replay attack (sending old advertisements) • Wormhole attack
Our Goal • Does not need too much resource • Provides security features • It is robust enough against multiple uncoordinated attackers Developing a protocol that
Distance Vector v.s.Link State • Link State routing is too expensive to use • Based on Distance Vector routing. • It is easy to implement and is efficient in terms of required memory and CPU processing capacity. • Improving DSDV protocol
DSDV • Destination-Sequenced Distance-Vector routing protocol • Introducing a sequence number to prevent loops (it doesn't suffer from the count-to-infinity problem) • Each node’s routing table is tagged with the most recent sequence number
DSDV (cont) • When a node receives a routing update, the node does the update if the sequence number is greater or sequence number is the same but metric is lower. • Routing updates are both “periodic and triggered”, and both “full dump or incremental”.
DV vs. DSDV vs. SEAD DV DSDV
Security featuresUsing one-way hash chains rather than asymmetric cryptographic operations • One-way hash chains • Built on a one-way hash function. • H:{0,1}*→{0,1}p • Simple to compute but infeasible to invert
One-way hash chains • h1,h2,h3,…,hn • h0=x, some arbitrary value • hi=H(hi-1) for all 1≦i≦n • Given hi it is easy to verify the authenticity of hj, if j<i
Message Authentication • The source node randomly pick up a value x in the beginning, and then it generates a hash chain: x=h0,h1,h2,…,hn • Suppose m is the network diameter, and n is divisible by m • It then releases hn to everybody
Message Authentication (cont) • For authenticating a routing update with sequence number i and metric j, it sends hn-i*m+j • The attacker can never forge better metrics or sequence numbers • Attacker can only generate worse metrics or sequence numbers
Message Authentication (cont) • However, other information such as node name or next hop can be forged • To prevent this, stream authentication schemes such as TESLA, HORS can be used • Their recent paper Ariadne has this feature!
Example m=5, n=20 i=sequence number, j=metric, m=network diameter, n=length of hash chain
SEAD v.s. DSDV • SEAD doesn't use an average weighted settling time • SEAD doesn't delay any triggered update • When a node detects a broken link and send a routing update, SEAD doesn't increment the sequence number. Instead, it sets the metric to infinity
Conclusion (pros) • SEAD is robust against uncoordinated attacks • SEAD is very efficient if nodes in space are distributed randomly enough
Conclusion (cons) • SEAD doesn't provide a way to prevent an attacker from tampering with “next hop” or “destination” columns • Instead, it relies on doing neighbor authentication, which is bad • Hash chains are consumed very fast • Either new hn needs to be released very often or the hash chain to be rather long
Future work • Creating a secure protocol based on ZRP is a good idea
Have a nice weekend! (Get relaxed and start partying!)