Related work

There are several secure components which are deployed to provide the routing security for ad hoc networks. First, we will introduce the shared key setup mechanisms. It is key component for many security services. Further, we review and compare several efficient broadcast authentication mechanisms which are more practical than the asymmetric cryptographic methods in the resource-constrained

environment. Then we examine some current secure routing protocols on the ad hoc networks. We also present the disruption attacks and some countermeasures for the ad hoc routing protocol.

1.2.1. Setup Pair-wised Shared Keys and Public-key distribution

Many authentication mechanisms assume the pairwise shared secrets or the prior-dispensed authentic public values for verification. They must be distributed in advance in order to make sure the authentication mechanisms workable. The concept of the key distribution center [3] can used to bootstrap the shared key, its role also could be the network access control system. Zhu et al [20] proposed a distributed protocol for establishing a shared key without a centralized infrastructure, which combine probabilistic key sharing and threshold secret sharing techniques. The most well-known solution of public-key distribution problem bases on third party public-key certificates. Another approach presented by Hubaux et al [9][18] provides a self-organized infrastructure like Pretty Good Privacy (PGP) system but without depending on the certificate directories for public-key distribution. Every user maintains a small local certificate repository, and merges others to find the certificate chains to each other with high probability. Numerous of distribution techniques have been proposed [9][12].

1.2.2. Broadcast Authentication Mechanisms

The broadcast authentication protocol is used to confirm the source identification of sender nodes and the one-time authentication mechanism is used for broadcast authentication recently due to their efficiency. However, another approach for broadcast authentication, named signature amortization, which relies on RSA-like cryptographic primitives is still cost-expensive for computing the signature and not suitable on resource-constrained mobile network environment. One-time authentication applies the symmetric cryptographic operation but brilliantly achieves

asymmetric signature property like the public-key system. The primitive idea most put the onewayness of the hash function in applying the signature verification. Timed Efficient Stream Loss-tolerant Authentication (TESLA) protocol [1] which is presented by Perrig et al is a light-way source authentication approach. TESLA integrates a time element and the concept of the hash-chain into the authentication process. It achieves the asymmetric property by delaying signature-verified time and possesses the loss-tolerant characteristic. The necessary for time synchronization and temporally buffering received messages are primary constrains for TESLA. BiBa [2]

also proposed Perrig, it takes use of the hash collision event and discloses the partial private values as the message signatures. The security strength against which the adversary has to take is getting easier with more disclosed partial private values. In contrary, the HORS [13] requires the subset-resilient hash function to generate different combination values for signatures. HORS also is so far most efficient broadcast authentication mechanism and our scheme also integrates it for source authentication. We will depict it in details on next chapter.

1.2.3. Secure On Demand Routing Protocols on Ad Hoc networks

There are several secure routing protocols which have been developed on ad hoc networks. In this paper, we focus on securing on-demand routing protocol and there are several works [10][17] show its better performance than that proactive routing protocols could provide. Generally speaking, the ad hoc routing protocol needs no confidentiality and privacy. Actually the routing privacy is also difficult to accomplish in wired network. The most significant security consideration for secure ad hoc routing protocol is the ability to prevent the routing information from impersonation and modification. Dahill et al [11] proposed a secure routing protocol, named ARAN which required a centralized trusted certificate server which initiated all certifications for communication nodes and also deployed the asymmetric cryptography for digital

signature. However computing such signature is expensive on resource-constrained mobile devices. Papadimitratos and Haas proposed the Secure Routing Protocol (SRP) [16] to apply on the existing routing protocols, particularly for Dynamic Source Routing protocol [7][6]. It assumed that any pair of initiator and target node in route discovery shared the security association for authentication or other secure communication scheme. Basically, SRP point the concept about end-to-end security and ignore the possible disruption behaviors revealed by the intermediate nodes on the route path.

Ariadne is a secure on demand routing protocol proposed by Perrig et al, which uses MAC with a shared secret key between any couple of communication nodes for end-to-end authentication. The efficient authentication protocol TESLA is also deployed for providing integrality of a work route between the intermediate nodes.

The requirement of the time synchronization is the main drawback for Ariadne.

Secure Ad Hoc On-Demand Vector Routing protocol (SAODV) [15] provides a security framework with IPsec for AODV protocol. Zapata and Asokan [14] also identify the security flaws of AODV, then deploying the hash chain to protect the hop count field of AODV from modifying by malicious nodes.

1.2.4. Disruption Prevention in Ad Hoc Routing protocol

Although the black hole and gray hole [23] problem is difficult to defend by current secure routing protocol, the additional detection techniques [21] have been proposed and possibly mitigate this kind of disruption behaviors. This work devises two methods: watchdog is taken for detecting the uncooperative nodes, pathrater is taken for managing the most reliable path, whereas the main problem of this approach is still hard to detect some ambiguous misbehavior such as receiver collisions, collusion and etc. The disruption misbehavior about flooding the routing control

messages and fabricating the routing information are main concern issues in this paper.

The corrupted routing information might cause Route Cache Poison attack in DSR.

Since DSR allows nodes to learn new routes from any promiscuously received packets and also implicitly gives the chance to exploit this flaw for the malicious nodes. Consequently any behavior about the injection or alteration with false routing information should be exhibited on secure ad hoc routing protocol. The rushing attack is a malicious attacks introduced by Hu and Perrig [24], and which exists in on-demand routing protocol of the ad hoc network, such as AODV[5], SAODV[15], DSR[7], Ariadne[23], ARAN[11] and etc. In the Router Discovery phase, the normal nodes initiate a Route Request message to request a route path for communicating with the target. Except for target node, all the nodes received the Route Request will help forwarding the Route Request. However in present on-demand routing protocol, the intermediate nodes only forward the first arrived Route Request then discard any further Route Request arrived later. This serious flaw could be exploited by attackers.

Under this attacks scenario, attacker can block the legitimate Route Request by quickly resending Route Request to result an effective denial-of-service phenomenon.

The Rushing Attack Prevention (RAP) solution [24] is adequate to solve Acitve-1-1 attacker model presented in Ariadne for rushing behavior. However, the cooperative attackers could turn the routing architecture into a mess, which is detailed in Chapter 2.