Mobile Adhoc Networks

Document Sample
Mobile Adhoc Networks Powered By Docstoc
					Mobile and Ad hoc Networks
                         Background of Ad hoc
                         Wireless Networks
                            Wireless Communication
                            Technology and Research
                                Ad hoc Routing and
                                Mobile IP and Mobility
                               Wireless Sensor and Mesh
                               Networks
                         Student Presentations


   Security in Ad hoc Networks
    http://web.uettaxila.edu.pk/CMS/SP2012/teAWNms/
Outline

 Introduction
 Attacks and Challenges
 A Multifence Security Solution
  Network-layer Security
    Secure Ad Hoc Routing
    Secure Packet Forwarding
  Link-layer Security
 Open Challenges


                                   2
Introduction

 In order to provide protected communication
  between nodes in a potentially hostile environment,
  security has become a primary concern
 The challenges of MANETs
   Open network architecture
   Shared wireless medium
   Stringent resource constraints
   Highly dynamic network topology




                                                        3
Security Pragmatism

 Q: How do we keep our embedded device from being
  messed with?
   A: Turn it off.
 Sometimes the best we can hope for is to detect
  intrusions.




                                    4
Introduction (cont.)

 The goal of the security solutions for MANETs
  Integrity
  Anonymity
  Confidentiality
  Availability
  Authenticity




                                                  5
Security Criteria

 Three main security concerns:
   Confidentiality
     Data privacy
   Availability
     Resistance to DOS attacks
   Authenticity
     Keeping “foreign objects” out, data integrity



                                     6
Encryption

 A basic building block of security
 Public vs. Symmetric key cryptography
 Embedded devices have power constraints
   Asymmetric keys are 103-104 times slower
   Use symmetric keys (AES, IDEA)
     Can use public key cryptography to setup secret
      key
       Key exchange – more on that later
   Use efficient hardware implementations
   http://en.wikipedia.org/wiki/AES
   http://en.wikipedia.org/wiki/Rsa             7
   http://en.wikipedia.org/wiki/IDEA_(cipher)
Advanced Encryption Standard (AES)

 The Rijndael block cipher was selected by NIST in
  2000 to be the AES
   Replacement
    for DES
   Key length of
    128, 192, or
    256 bits, block
    is 128 bits


   http://www.iaik.tu-graz.ac.at/research/krypto/AES/
   http://www.quadibloc.com/crypto/co040401.htm                         8
   http://www.iaik.tugraz.at/research/publications/2005/IEEIFSTINA2005.htm
Small Hardware AES-128
Implementations
 5.4 kgates implementation (Satoh et al., 2001)
 AES Implementation on a Grain of Sand (Feldhofer
  et al., 2005)
   3.4 kgates equivalent
   0.25mm²
   9 Mbps
   “draws only a current of 3.0 µm when operated at
     100 KHz and 1.5 V”



                                                                             9
   http://www.iaik.tugraz.at/research/publications/2005/IEEIFSTINA2005.htm
Fast Software Implementations

 AES-128
   226 cycles/block on a P-III (Aoki & Lipmaa, 2002)
      14464 P-III cycles for 1kb
 FastIDEA (4-way IDEA) (Lipmaa)
   440 cycles for a 4x64 block using MMX
 Poly1035-AES message authentication (Bernstein)
   3.1n + 780 Athlon cycles for an n-byte message
      5361 P-III cycles for 1kb




   http://www.cs.ut.ee/~lipmaa/aes/rijndael.html   10
   http://cr.yp.to/mac/poly1305-20050329.pdf
Embedded Encryption

 Put the encryption in the network device
 Wired (100Base-TX) and wireless (802.11b) versions
   Supports WPA, WEP
   Does 256 bit AES
   Not hardware
    encryption
   820-1280mW



   http://www.lantronix.com/device-networking/embedded-device-servers/wiport.html
                                                                      11
   http://www.lantronix.com/device-networking/embedded-device-servers/xport.html
Embedded Encryption (2)
 Put the encryption in the CPU
   VIA chips now offer a built-in security engine
     256 bit AES
     Quantum-based random number generator
     Montgomery Multiplier for accelerating Public
      Key Cryptography
   Example: Eden-N Processor (smallest)
     Thermal Design Power: 2.5W @ 533MHz
     Size: 15x15mm
   http://www.via.com.tw/en/initiatives/padlock/hardware.jsp
   http://www.via.com.tw/en/products/processors/eden-n/
   http://en.wikipedia.org/wiki/Thermal_Design_Point, http://en.wikipedia.org/wiki/Montgomery_reduction
                                                                                 12
   http://citeseer.ist.psu.edu/ravi02system.html
Authentication Woes

 Central Authentication Mechanisms?
   Ad-hoc wireless networks aren’t permanent
     Not always reachable
     Congestion around central authorities
     DOS
   Expensive to make rapid changes
     Nodes may only connect periodically
 How do we know we’re talking to who we think
  we’re talking to?
                                  13
Introduction (cont.)

 The security issues in each layer
Layer               Security issues
Application layer   Detecting and preventing viruses, worms, malicious
                    codes, and application abuses
Transport layer     Authenticating and securing end-to-end
                    communications through data encryption
Network layer       Protecting the ad hoc routing and forwarding
                    protocols
Link layer          Protecting the wireless MAC protocol and providing
                    link-layer security support
Physical layer      Preventing signal jamming denial-of-service attacks

                                                                    14
Introduction (cont.)

 A fundamental security problem in MANET: the
  protection of its basic functionality to deliver data
  bits from one node to another.
   ensuring one-hop connectivity through link-layer
    protocols (e.g., wireless medium access control,
    MAC)
   Extending connectivity to multiple hops through
    network layer routing and data forwarding
    protocols (e.g., ad hoc routing)

                                                          15
Introduction (cont.)

 Security never comes for free.
 Security strength and network performance are
  equally important
 Achieving a good trade-off between the two
  extremes is one fundamental challenge in security
  design for MANETs.




                                                      16
Attacks

 The network-layer operations in MANETs are ad hoc
  routing and data packet forwarding
 The ad hoc routing protocols
   Exchange routing messages between nodes
   Maintain routing states at each node accordingly
 Two attack categories
   Routing attacks
   Packet forwarding attacks



                                                       17
Attacks (cont.)

 Routing attacks
   Any action of advertising routing updates that does not
    follow the specifications of the routing protocol
 Packet forwarding attacks
   Cause the data packets to be delivered in a way that is
    intentionally inconsistent with the routing states




                                                              18
A Multifence Security Solution

 The approaches to securing MANETs
  Proactive
    Prevent security threats in the first place
     Adopted by secure routing protocols
  Reactive
     Seek to detect threats a posteriori and react
      accordingly
     Adopted by packet forwarding operations


                                                      19
A Multifence Security Solution (Cont.)

           Secure ad hoc routing            Secure packet forwarding
   Proactive protection through message    Reactive protection through
          authentication primitives          detection and reaction
                 Proactive                          Reactive
    Source    Link state Distance vector    Misbehavior    Misbehavior
    routing    routing       routing         detection      reaction
 Network-layer security solutions

    Secure wireless MAC                   Next-generation WEP
  Reactive protection through       Modification to existing protocol
    detection and reaction         to fix the cryptographic loopholes
 Link-layer security solutions



                                                                         20
Network-layer Security

 Protecting the network functionality to deliver
  packets between mobile nodes through multi-hop ad
  hoc forwarding
 Message Authentication Primitives
   HMAC
   Digital signature
   One-way HMAC key chain




                                                  21
Network-layer Security (cont.)

 HMAC
   Two nodes share a secret symmetric key k (the total number
    of the pairwise shared key is n(n-1)/2
   They can efficiently generate and verify a message
    authenticator hk(·)




   +Secret key k


                                                           22
 Digital signature
  Based on asymmetric key cryptography
   (signing/encrypting and verifying/decrypting)
  Each node needs to keep a CRL of revoked
   certificates




                                                   23
Privacy using asymmetric-key encryption




                                          24
Signing the whole document




                             25
 Signing the Digest. Digital signature does not
  provide privacy. If there is a need for privacy,
  another layer of encryption/ decryption must be
  applied.




                                                     26
Signing the Digest (Sender side)




                                   27
Signing the Digest (Receiver side)




                                     28
Network-layer Security (cont.)

 One-way HMAC (Hash-based Message
  Authentication Code) key chain
   Given the output f(x), it is computationally infeasible to
      find the input x
   By applying f(⋅) repeatedly on an initial input x, one can
      obtain a chain of outputs fi(x).
   a message with an HMAC using fi(x) as the key is proven
      to be authentic when the sender reveals
  f(i–1)(x).
   Very tight clock synchronization and large storage are
      necessary
   The release of the key involves a second round of
      communication                                            29
Secure Ad Hoc Routing

 Source Routing
   Ensure that each intermediate node cannot remove existing
    nodes from or add extra nodes to the route
   A secure extension of DSR is Ariadne, which uses a one-
    way HMAC key chain




                                                              30
Secure Ad Hoc Routing (cont.)

 Distance Vector Routing
   The main challenge is that each intermediate node has to
    advertise the routing metric correctly
   For example, when hop count is used as the routing metric,
    each node has to increase the hop count by one exactly
   A hop count hash chain is devised so that an intermediate
    node cannot decrease the hop count in a routing update




                                                               31
Secure Ad Hoc Routing (cont.)

 Link State Routing
   Secure Link State Routing (SLSP)
   Each node seeks to learn and update its neighborhood by
    Neighbor Lookup Protocol (NLP)
   Periodically flood Link State Update (LSU) packets to
    propagate link state information
   SLSP adopts a digital signature approach in authentication
   NLP’s hello messages and LSU packets are signed with the
    sender’s private key


                                                              32
Secure Packet Forwarding

 Detection
   Each node can perform localized detection by overhearing
    ongoing transmissions and evaluating the behavior of its
    neighbors
   Localized detection
     Watchdog
     Add a next_hop field in AODV packets
   ACK-based detection
     The source can initiate a fault detection process on a suspicious path
      that has recently dropped more packets than an acceptable threshold



                                                                          33
                     Mitigating Routing Misbehavior in Mobile Ad Hoc Networks,
                                                         ACM MOBICOM 2000
Watchdog

 Assume bidirectional communication symmetry on
  every link between nodes
   If a node B is capable of receiving a message from a node
    A at time t, then node A could instead have received a
    message from node B at time t
 Implement the watchdog
   Maintain a buffer of recently sent packets
   Compare each overheard packet with the packet in the
    buffer


                                                                      34
Watchdog (cont.)

 When B forwards a packet from S toward D through
  C, A can overhear B’s transmission and can verify
  that B has attempted to pass the packet to C


    S         A         B         C         D




                                                  35
                 An On-Demand Secure Routing Protocol Resilient to Byzantine Failures
                                                                     ACM WiSe 2002
 ACK-based detection


Weight List                         Byzantine        Path       Link
                Route       Path
                                      Fault                    Weight
              Discovery
                                    Detection               Management



  Byzantine failures
      Drop packets
      Modify packets
      Miss-route packets



                                                                             36
ACK-based detection (cont.)

 The fault detection
   Based on using ACKs of the data packets
   The source keeps track of the number of recent losses
   When the number of recent losses violates the acceptable
    threshold
    Register a fault between the source and the destination
    Start a binary search on the path
   The adaptive probing techniques identifies a faulty link
    after log n faults have occurred, where n is the length of the
    path

                                                                37
Secure Packet Forwarding (cont.)

 Reaction
   Once a malicious node is detected, certain actions are
    triggered to protect the network from future attacks
    launched by this node
   Global reaction
     The malicious node is excluded from the network
   End-host reaction
     Each node may make its own decision on how to react to a malicious
      node (e.g., putting this node in its own blacklist)




                                                                     38
End-host reaction- Pathrater

 Each node maintains a rating for every other node
  and calculates a path metric by averaging the node
  ratings in the path
 It gives a comparison of the overall reliability of
  different paths
 It differs from standard DSR, which chooses the
  shortest path in the route cache




                                                        39
Link-layer Security

 IEEE 802.11 MAC
  The vulnerability of the IEEE 802.11 MAC to DoS
    attacks was identified
  The attacker may exploit its binary exponential
    backoff scheme to launch DoS attacks
  The solution is that the sender can set the backoff
    timer on its own




                                                         40
Link-layer Security (cont.)

 IEEE 802.11 WEP
  Message privacy and message integrity attacks
    Short IV
    CRC-32 checksum
   Key stream recovery by known plaintext attacks
    Probabilistic cipher key recovery attacks




                                                     41
Open Challenges

 The new design perspective is called resiliency-
  oriented security design
 The design possesses several features
   Seek to attack a bigger problem space
   Intrusion tolerance
   Use other noncrypto-based schemes to ensure resiliency
   Handle unexpected faults to some extent
 The solution may also take a collaborative security
  approach
 The solution relies on multiple fences

                                                             42
Conclusion

 The research on MANET security is still in its early stage. The
  existing proposals are typically attack-oriented in that they
  first identify several security threats and then enhance the
  existing protocol or propose a new protocol to thwart such
  threats. Because the solutions are designed explicitly with
  certain attack models in mind, they work well in the presence
  of designated attacks but may collapse under anticipated
  attacks. Therefore, a more ambitious goal for ad hoc network
  security is to develop a multi-fence security solution that is
  embedded into possibly every component in the network,
  resulting in in-depth protection that offers multiple lines of
  defense against many both known and unknown security
  threats.
Sources

 [1] Cavin et al., "On the accuracy of MANET simulators," Proc. ACM
    Workshop on Princ. Mobile Computing
   [2] K.-W. Chin, et al., "Implementation Experience with MANET Routing
    Protocols," ACM SIGCOMM Computer Communications Review, Nov.
    2002, pp. 49-59. Available online.
   [3] Frodigh, et al, "Wireless Ad Hoc Networking: The Art of Networking
    without a Network," Ericsson Review, No. 4, 2000. online. [4] M. S.
    Corson et al., "Internet-Based Mobile Ad Hoc Networking," IEEE Internet
    Computing, July-August 1999
   [5] C. Elliott and B. Heile, "Self-Organizing, Self-Healing Wireless
    Networks," Proc. 2000 IEEE
   [6] K. Kim, "A New Mobile Environment: Mobile Ad Hoc Networks
    (MANET)," IEEE
   [7] C. Perkins and E Royer, “Ad Hoc On-Demand Distance Vector
    Routing,” 2nd IEEE Wksp. Mobile Comp. Sys.and Apps., 1999
Assignment #12


 Write note on the topics highlighted in Yellow.
Q&A


 ?

				
DOCUMENT INFO
Shared By:
Categories:
Tags:
Stats:
views:18
posted:9/29/2012
language:English
pages:46