A Secure On-Demand Routing
Protocol for Ad Hoc Networks
Allan HUNT
Wandao PUNYAPORN
Yong CHENG
Tingting OUYANG
GZ06 : Mobile and Adaptive Systems
Agenda
Introduction
Design
Evaluation & Analysis
Related work
Critical Appraisal of the work
GZ06 : Mobile and Adaptive Systems
Motivation
On demand Ad hoc routing protocol
Security in Ad hoc protocols.
Attack models
General protocol
Mobility
GZ06 : Mobile and Adaptive Systems
Motivation (cont.)
Resource constrained devices (palm)
GZ06 : Mobile and Adaptive Systems
Ariadne
Ariadne Protocol
They have based there protocol on the basic
operators of DSRs, on demand source routing
protocol.
Basic operations of DSR are:
Route discovery
Route maintenance
GZ06 : Mobile and Adaptive Systems
Overview of TESLA
Basic Operation of Tesla:
Uses a MAC
 Picks an initial key at random Kn.
 Generates a set of keys Ko – Kn using a one way
Hash chain.
Delayed key discloser
 For each K there is a release time.
Time synchronization
 You have to pick delta to be the maximum delay error
between any 2 nodes. All nodes must know this.
GZ06 : Mobile and Adaptive Systems
Network Assumptions
They ignore the physical layer
Networks are bidirectional
Attacks on medium access control are
disregarded.
Normal network (drop, corrupt, re-order)
Ariadne inherits all assumptions of the
broadcast authentication protocol used
such as (TESLA).
GZ06 : Mobile and Adaptive Systems
Node Assumptions
Resource constrained Nodes.
No asymmetric cryptography.
Loosely synchronized clocks.
No trusted hardware used such as
tamperproof modules.
GZ06 : Mobile and Adaptive Systems
Security Assumptions
 Ariadne relies on the following keys to be
set up, depending on which
authentication mechanism is used:
1. Pairwise shared secret key.
2. Digital signatures.
3. If TESLA is used, we assume a mechanism
to set up shared secret keys between
communicating nodes, and to distribute one
authentic public TESLA key for each node.
GZ06 : Mobile and Adaptive Systems
Agenda
Introduction
Design
Evaluation & Analysis
Related work
Critical Appraisal of the work
GZ06 : Mobile and Adaptive Systems
Attack Model
Passive
Active
 An attacker injects packets into the network
 An attack which has compromised nodes is
called an Active-VC attacker if it owns all
nodes on a vertex cut through the network
that partitions the good nodes into multiple
sets.
 Active-n-m
• Active-0-1
• Active-1-x
• Active-y-x
GZ06 : Mobile and Adaptive Systems
General Attacks on Ad Hoc Network
Routing Protocols
Routing disruption attacks
 Routing loop
 Black hole
 Wormhole
 Rushing Attack
Resource consumption attacks
 Inject extra data packets
 Inject extra control packets
GZ06 : Mobile and Adaptive Systems
Basic Ariadne Route Discovery
 Stage 1 – Target verifies Route Requests
 Stage 2 - Target authenticates the data in Route
Requests and the sender can authenticate the
Route Replies
 Stage 3 - Provides a way to verify that no node
is missing from the node list.
 Assume initiator S performs a Route Discovery
for target D.
 S and D share the secret keys KSD and KDS for
message authentication in each direction
GZ06 : Mobile and Adaptive Systems
Ariadne Route Discovery
Using TESLA
 A ROUTE REQUEST packet contains eight fields
(ROUTE REQUEST, initiator, target, id, time interval, hash
chain,node list, MAC list)
 The initiator of the REQUEST then initializes the
hash chain to
MACKSD(initiator, target id, time interval)
 The hash chain for the target node
H[n,H[n-1 ,H[1,MACKSD(initiator, target id, time interval)]..]]]
 A ROUTE REPLY packet also contains eight fields
(ROUTE REPLY, target, initiator, time interval, node list,
MAC list, target MAC, key list)
GZ06 : Mobile and Adaptive Systems
Ariadne Route Maintenance
Using TESLA
To prevent unauthorized Route Error
Messages, we authenticate a sender.
A ROUTE ERROR packet in Ariadne
contains six fields
(ROUTE ERROR,sending address, receiving address, time
interval, error MAC,recent TESLA key)
It should handle the possible memory
consumption attack.
GZ06 : Mobile and Adaptive Systems
Agenda
Introduction
Design
Evaluation & Analysis
Related work
Critical Appraisal of the work
GZ06 : Mobile and Adaptive Systems
Evaluation
Modified Simulation Model
 Increased packet size to reflect the additional
fields necessary for authenticating
 Modified Route Discovery and Maintenance
 Adjusted re-transmission timeouts for Route
Requests to compensate for the delay
 Disallowed the use of prefixes of routes in the
Route Cache
GZ06 : Mobile and Adaptive Systems
Evaluation - Packet Delivery Ratio
4.66% less PDR than DSR-NoOpt in maximum
Ariadne outperforms DSR-NoOpt at lower level of mobility
GZ06 : Mobile and Adaptive Systems
Evaluation - Packet Overhead
Ariadne has 41.7% lower packet overhead than DSR-NoOpt
GZ06 : Mobile and Adaptive Systems
Evaluation - Byte Overhead
Ariadne has 26.19% higher byte overhead than DSR-NoOpt
GZ06 : Mobile and Adaptive Systems
Evaluation – Path Optimality
DSR-NoOpt performs slightly better than Ariadne
GZ06 : Mobile and Adaptive Systems
Evaluation – Average Latency
Ariadne always has consistently lower latency than DSR-NoOpt
GZ06 : Mobile and Adaptive Systems
Security Analysis
 Active-0-x
 Bogus messages
 Wormhole and rushing attacks
 Active-1-x
 Prevent two nodes from communicating
 Replace MAC or keys in the Route Request
 Active-y-x
 Attempt to force the initiator to repeatedly initiate
Route Discoveries
 Resist Active-VC?
 No solution provided
GZ06 : Mobile and Adaptive Systems
Agenda
Introduction
Design
Evaluation & Analysis
Related work
Critical Appraisal of the work
GZ06 : Mobile and Adaptive Systems
Related Work
Periodic protocols
 Much overhead introduced (storage,
bandwidth, control and delay)
Protocols that use asymmetric crypto.
 Computationally expensive to sign and verify
• Possible DoS attacks
 High network bandwidth usage
Protocols that use network-wide
symmetric keys
 Single-node compromise
GZ06 : Mobile and Adaptive Systems
Agenda
Introduction
Design
Evaluation & Analysis
Related work
Critical Appraisal of the work
GZ06 : Mobile and Adaptive Systems
Conclusions
Achievements
 Security against various types of attacks
 Efficient symmetric cryptography
 General
• trusted hardware, powerful processors not needed
Overall Performance
 Compared to optimized DSR: less efficient
 Compared to unoptimized DSR: better in
some metrics (e.g. packet overhead)
GZ06 : Mobile and Adaptive Systems
Critical Appraisal
Key Setup
 Methods: Pre-deployed, KDC, CA
 Fixed nodes. Circular dependency.
Centralized.
Clock synchronization.
 Circular dependency
 Resource constrained. Insecure
Maximum end-to-end delay
 How to choose adaptively
GZ06 : Mobile and Adaptive Systems
Critical Appraisal (cont.)
Delay and Buffer Size
 Slow responsiveness
 Resource constrained
Intermediate nodes authentication
 Authentication on demand
Remaining Security Issues
 Passive eavesdropper
 Inserting data packets attack
 Non-participating attacker
 Single layer security scheme
GZ06 : Mobile and Adaptive Systems
Thanks for your attention!
Any questions?
GZ06 : Mobile and Adaptive Systems