RBMR with Diffie-Hellman key exchange algorithm

The RBMR protocol is first explained, and then the modification to this protocol

Chapter 4 Proposed secure routing protocol

for RBMR with Diffie-Hellman key exchange algorithm is presented. Before transmitting the data, the node should perform a route discovery process, to determine whether the node is directly reachable within the wireless transmission range or reachable through one or more intermediate network hops through other hosts. When one host sends a packet to another host, the sender may attempt to discover one route using the route setup process. As part of route setup process a route request is broadcast, all the neighbor nodes retransmit this. When it reaches the destination, the destination responds with a route reply message containing the information, to the source. The source sends the data packets using the route.

Our proposed protocol involves the incorporation of the proposed security mechanism in the basic RBMR protocol. The main addition is the handling of the token exchange process prior to key determination. This is incorporated as a part of the route setup process. The source token is generated using the Diffie-Hellman method. It is added to the route request packet to be sent to the destination. The format of the route request packet with the source token is given in table 4.3.

Packet type (RS)

As in RBMR, the destination receives a number of route request packets which have traveled through different paths. However, the destination does not send the reply packets as soon as it receives the first request. The destination extracts the source token from all the request packets it receives, and compares them. The value that has been received maximum number of times is taken to be the correct source token. Destination now sends reply packets on the routes having the correct token and an error message is broadcast so that other nodes may get the indication of the particular route that is likely to have a malicious node. The reply packets contain the destination token to be sent to the source. The destination token is derived using the Diffie-Hellman process. The format of the reply packet and error message packet are given in table 4.2 and 4.3.

After retrieving the destination token, the source generates the secret key using the Diffie-Hellman algorithm. The destination also generates the secret key in the same manner. The secret key generated by both the source and the destination will be the same according to Diffie-Hellman method. Using this secret key, data is encrypted using any conventional encryption algorithm. The same secret key can be used for further communication between the two nodes.

Chapter 4 Proposed secure routing protocol

Packet type (FN) Detecting node address

Route record

Table 4.3 Error message packet format

In our proposed algorithm, the destination node cannot send the reply packet as soon as it receives the route request. It has to wait until it receives all the route request packets, so that it can compare them and extract the token information. The problem here is that the destination node has no way of determining when all the packets have been received. Hence, practically, it has to wait for a certain threshold number of packets to be received, before it starts the route reply process. Determining the threshold is hard. The threshold value has to be large enough for the success of this algorithm, since a good number of correct tokens have to be received. (Malicious nodes send wrong tokens, and the number of correct tokens should be greater than the number of wrong tokens for the success of our proposed algorithm.). However a large value for the threshold could increase the waiting time before the token-extraction processing at the destination can be done. This could cause a delay in the route discovery process. So, this is a trade-off problem. How many requests should be received is also depend on the density of the network. Thus choosing the threshold value is a difficult task.

Chapter 5

Conclusions

In mobile ad hoc networks, each mobile host will always move and the topology will change all the time. The links between hosts will be broken easily, so it is important to use a routing protocol which can find another route fast when link is broken. Under wireless transmission, To keep the data transmission secure is very important. Our proposed algorithm can achieve both routing reconfiguration fast and data encryption easily. It has less control overhead. This algorithm provide an easy way to make the routing secure.

Bibliography

Bibliography

[1] Lidong Zhou and Zygmunt J. Haas, “Securing Ad Hoc Networks,” IEE Network Magazine, Volume 13, Issue 6, Nov.-Dec. 1999, page(s):24 - 30.

[2] S. Marti, T.J. Giuli, K. Lai and M. Baker, “Mitigating Routing Misbehavior in Mobile Ad Hoc Networks,” Proceedings of the 6th annual international conference on Mobile computing and networking, 2000, page(s):255 – 265.

[3] B. Dahill, B. Levine, E. Royer and C. Shields, “A Secure Routing Protocol for Ad Hoc Networks.”

[4] P. Papadimitrators and Z. J. Hass, “Secure routing for Mobile Ad Hoc Networks,”

SCS Communication Networks and Distributed Systems Modeling and Simulation Conference (CNDS 2002), San Antonio, TX, January 27-31,2002.

[5] R. Perlman, “Network Layer Protocols with Byzantine Robustness,” Ph.D. thesis, Department of Electrical Engineering and Computer Science, Massachusetts Institute of Technology, 1988.

[6] B. Kumar, “Integration of security in network routing protocols,” SIGSAC Reviews, vol. 11, no. 2, 1993, pp. 18-28.

[7] S. Murphy and J. J. Garcia-Luna-Aceves, “An Efficient Routing Algorithm for Mobile Wireless Networks,” MONET, Oct. 1996, vol. 1, no. 2, pp. 183-197.

[8] K. E. Sirois and S. T. Kent, “Securing the Nimrod Routing Architecture,” Proc.

Symposium on Network and Distributed System Security, Los Alamitos, CA, Feb.

1997, The Internet Society, IEEE Computer Society Press, pp. 74-84.

[9] B. R. Smith, S. Murphy and J. J. Garcia-Luna-Aceves, “Securing Distance-Vector Routing Protocols,” Proc. Symp. Network and dist. Sys. Security, Los Alamitos, CA, Feb. 1997, pp. 85-92.

[10] V. D Park and M. S. Corson, “A Highly Adaptive Distributed Routing Algorithm for Mobile Wireless Network,” Proceedings of the IEEE International Conference on Computer Communications (INFOCOM), Kobe, Japan, April, 1997, pp. 1405-1413.

[11] Castaneda R, Das SR. Query localization techniques for on-demand routing protocols in ad hoc networks. Proceedings of the ACM/IEEE International Conference on Mobile Computing and Networking (MobiCom); Seattle, WA, August 1999, pp. 186-194.

[12] David B. Johnson, David A. Maltz, Yih-Chun Hu, “The Dynamic Source Routing Protocol for Mobile Ad hoc Networks (DSR),” draft-ietf-manet-dsr-09.txt, 15 April, 2003.

[13] S.J Lee, M. Gerla, and C. C. Chiang, “On-Demand Multicast Routing Protocol,”

Proceedings of the IEEE Wireless communications and Networking Conference (WCNC), New Orleans. LA, September 1999, pp. 1298-1302.

[14] Charles E. Perkins, Elizabeth M. Belding-Royer, Samir R. Das, “Ad hoc On-Demand Distance Vector (AODV) Routing,” Internet-Draft, draft-ietf-manet-aodv-13.txt, 17 February, 2003.

[15] Charles E. Perkins, “Ad Hoc Networking.” pp. 139-168.

[16] Sangyung Kim, Wonjong Noh, and Sunshin An, “Multi-path Ad Hoc Routing Considering Path Redundancy,” Proceedings of the IEEE International Symposirm on Computers and Communication, 2003.

[17] William Stallings, “Cryptography and Network Security.”

[18] 姜自強,蔡顯明,黃悅民, “隨建即連網路廣播風暴的問題與挑戰.”