Get documents about "Group Key Management in Manet
Description
Group Key Management in Manet document sample
Document Sample
Distributed Multicast Group Security Architecture
for Mobile Ad Hoc Networks1
Jiejun Kong, Yeng-zhong Lee, Mario Gerla
Department of Computer Science
University of California
Los Angeles, CA 90095
{jkong,yenglee, gerla}@cs.ucla.edu
ABSTRACT “flat” physical network topology, and result in significant per-
formance degradation or even failure in a scalable MANET.
Multicast communication is an efficient means to support key Especially in the mobile military networks, there are more and
network applications such as real-time teleconferencing and more analytic results and empirical experiments illustrating that
data dissemination. In this paper we devise a security architec- a “flat” ad hoc network topology encounters scalability problems
ture for multicast communications in mobile ad hoc networks due to their intrinsic drawbacks. Recent studies [9][10] present
(MANETs). Our design is both suitable in MANET environment the throughput bounds of homogeneous ad-hoc wireless net-
and compliant to the IETF standard Multicast Group Security works. Under uniform traffic patterns, the available bandwidth
Architecture (MGSA) [1]. Because centralized servers are vul- to each networking node approaches zero as the network size
nerable to network dynamics and security attacks in a distrib- increases. As pointed out in [10], one fundamental reason is that
uted MANET, we distribute the function of MGSA's Group Con- communication is not localized, thus long-distance packet flows
trol Key Server (GCKS) to a dedicated subset of mobile compete the shared wireless channel with all other intersecting
backbone nodes in MANET. Unlike distributed GCKS nodes in flows.
stationary infrastructure networks, our GCKS backbone nodes
are mobile, fully distributed and adaptive to network dynamics, An emerging promising solution for achieving a better perform-
in particular the constant and instant changes in network topol- ance guarantee in a scalable MANET is to build hierarchical
ogy, node density and node mobility. We study the characteris- network architecture, such as a cluster structure. Using a
tics of our GCKS backbone design and its impacts on ad-hoc clustering scheme in a MANET divides nodes into different
multicast security research. Our simulation study and Linux virtual groups, and those nodes are allocated geographically
implementation confirm the effectiveness of the new MANET adjacent into the same cluster according to some rules with
MGSA design. different behaviors for nodes included in a cluster from those
excluded from the cluster. By reducing inter-cluster traffic
(e.g., converting inter-cluster traffic into intra-cluster traffic),
I. INTRODUCTION wireless communication is effectively localized and incurs less
protocol performance degradation.
Multicast communication is an efficient means to support key
applications of mobile ad hoc networks (MANET) such as tele- Our contributions are three-fold. First, we design and implement
conferencing and data dissemination. These applications require an underlying k-clustering protocol to significantly reduce multi-
both high secure protections and efficiency guarantees even in cast key management overhead and to accommodate non-
the presence of mobility, random link error, and frequent out- uniform node density in the mobile network. Unlike conven-
ages. Characteristics of MANET, for example limited resources, tional single-hop clustering protocols, our scheme applies to any
dynamic topology, vulnerability to network congestion, chal- k value as long as k is smaller than the network diameter. Dif-
lenge a secure multicast protocol that is suitable in MANET en- ferent clusterheads can use different k values according to their
vironment. estimation of their own capability. Intuitively, given local node
density estimation (which can be acquired from a secure
Many Multicast Group Security Architecture (MGSA) for the neighborhood detection algorithm [11]), a proper value k is se-
management of group control key for multicast communications lected based on the density estimation to perform k-clustering in
in distributed networks have been proposed recently, such as in a neighborhood. A GCKS node is elected as the clusterhead in
[1][4]. In these proposals, a group control key server (GCKS) every cluster. Consequently, the choices of different k’s cope
node manages cryptographic keys for multicast groups in the with the idiosyncratic network topology at every site in the mo-
network. For an arbitrary multicast group, a group member node bile network, and key management for group members can be
must authenticate itself to the GCKS node and establish a pair- performed within the k-cluster with minimized latency. For in-
wise secure channel protected by the Key Encryption Key stance, to establish the needed KEK, a joining new group mem-
(KEK). Then the GCKS node is able to distribute the group key ber should contact the nearest GCKS node which is at most k
(aka. Net-Key) to the group member node via the pairwise se- hops away, rather than to initiate the contact with a remote
cure channel. However, all of these schemes are proposed for a GCKS node (as the remote contact will consume network re-
1
Part of this work is funded by ONR MINUTEMAN grant N00014-01-C-0016 and NSF NRT WHYNET grant ANI-0335302.
1 of 6
source along the long path). The choice of k at each site offers a B. Flexible clustering
flexible tradeoff between security performance and network dy-
namics. The larger the node density is in a neighborhood, the Many clustering schemes have been presented recently for dif-
smaller k is used, and each GCKS node’s workload is approach- ferent objectives, for example, distributing workload, avoid-
ing the average load automatically. ing/balancing unnecessary energy consumption, and providing a
cluster infrastructure for upper layer applications. However,
Second, upon the efficient k-clustering algorithm, our MGSA unlike the k-clustering algorithm studied in this paper, these ex-
architecture provides secure key management service for multi- isting clustering (or backbone election) algorithms typically only
cast group members in a MANET. For intra-cluster traffic, each elect backbone nodes within a single-hop neighborhood. As a
clusterhead performs the function of GCKS node in its k-cluster, result, the number of backbone nodes is N/d where N is the total
so that each group member is served with minimized latency and number of nodes and d is the average node density (defined here
transmission overhead. For inter-cluster key management, clus- as number of neighbors) in the network. This is a constant frac-
terheads periodically synchronize their states by re-using the tion without considering the different network dynamics (e.g.,
underlying multicast routing protocol where the clusterheads are node density) at different sites of the network. More impor-
treated as group members of a special multicast group including tantly, due to random node mobility, frequent re-clustering is
all current clusterheads. This self-similar design simplifies the required to reflect the constant change in network topology.
protocol specification. This incurs significant control overhead even in those simplified
Third, we use analytic stochastic study and empirical simulation single-hop clustering algorithms. For example, the least cluster
study to illustrate the advantage of k-clustering (k>1) over con- change (LCC) [5] is widely used due to its simplicity and stabil-
ventional single-hop clustering (k=1). Our results show that k- ity. LCC is considered to be a significant enhancement of Low-
clustering localizes wireless traffic. In addition, clusters are est ID Clustering (LID) and Highest Degree (HD) algorithms. In
more stable in mobile ad hoc networks, thus incur less mainte- LID, initially mobile nodes with the lowest ID in their neighbor-
nance overhead and ensure better MGSA service availability. hoods declare themselves as clusterheads. When a node cannot
access any cluster head or two cluster heads move into the reach
The paper is organized as follows. In Section II we compare our range of each other, the cluster structure is rebuilt according to
design with related work. Section III describes our MGSA ar- LID. In HD, the clustering scheme is performed periodically to
chitecture and the underlying k-clustering algorithm. We show check the “local highest node degree” attribute of a cluster head.
our implementation and evaluation results in Section IV. And When a cluster head finds a member node with a higher degree,
finally Section V concludes this paper. it is forced to relinquish its cluster head role. This scheme, of
course, involves frequent re-clustering. LCC improves cluster
stability significantly by relinquishing the requirement that a
II. COMPARISON TO RELATED WORK cluster head should always bear some specific attributes in its
local area.
A. Multicast security
Like the IETF standards [1][2][3], our design follows the same
MGSA design in multicast security service provisioning. This III. DISTRIBUTED MULTICAST GROUP
allows our MANET multicast security design and implementa- SECURITY ARCHITECTURE (DMGSA)
tion to be seamlessly connect to existing Internet multicast de-
A. Design space and design assumptions
sign and implementations. IETF Multicast Security (MSEC)
architecture is comprised of four components. (1) The “data In IETF multicast security design [RFC2093, RFC2094,
transform” component corresponds to the AH/ESP design in RFC2627, RFC3547, RFC3740], the Group Controller Key
unicast IPsec architecture. The protocols in use are TESLA and Server (GCKS) node shares a pairwise secret with each group
MESP (the multicast version of IPsec ESP); (2) The “key man- member. The pairwise secret is called Key Encryption Key
agement” component applies GDOI and GSAKMP to manage (KEK), which is used to establish multicast group keys (also
multicast group key in a distributed network; (3) The “policy called Net-Keys). When the group key for a specific multicast
architecture” component addresses how security policy is speci- group is created / deleted / updated, group control messages are
fied and how to enforce security policy, for example, via Com- exchanged between GCKS nodes and group members to reflect
mon Open Policy Service (COPS) protocol; (4) The “algo- the update. The GCKS node encrypts Net-Keys for the multi-
rithms” component defines cryptographic algorithms used by the cast group to each group member. There are various tree-based
MSEC charter. The current pool includes a set of authentication optimization schemes, e.g., Logical Key Hierarchy (LKH) [16]
and key management algorithms like TESLA, LKH (Logical and One-way Function Trees (OFT) [15], proposed recently to
Key Hierarchy), and OFT (One-way Function Tree). In this build virtual tree structures to reduce Net-Key update overheads
work, we will focus on realizing an efficient implementation of when group member joins or leaves. Nevertheless, as depicted
MGSA-compliant key management component for mobile ad in Figure 1, the overall architecture is unchanged by these opti-
hoc networks. In other words, data transform, security policy, mization designs.
and algorithmic components are not covered in this work. We
understand that related research work on TESLA, COPS, LKH, There are some schemes adapting virtual tree-based multicast
OFT and many other multicast security issues will build security key management scheme [17] into MANET. These efforts are
suites to address these complementary components. orthogonal to our design which implements GCKS backbone
2 of 6
using physical clustering. On the other hand, other MANET
multicast security proposals [13] [14] seek to reduce computa- B. Design details
tional overhead by using more efficient key exchange algorithms
(e.g., Key Pre-distribution Scheme used in [14] is purely based We distribute the “group key management” workload from a
on symmetric key cryptography). As we stated earlier, the “al- centralized GCKS site to a distributed mobile backbone of
gorithmic” component is also a complementary issue to our GCKS nodes. In each k-hop neighborhood, a clusterhead is dy-
GCKS component design. All these complementary research namically elected whenever the locality is changed in topology
efforts can be combined with our GCKS component design to by network dynamics (e.g., mobility) or adversarial behaviors
facilitate multicast key management in MANETs. (e.g., the head is destroyed). There is no single point of failure
in the network, as the adversary is unable to shut down the
In Figure 1, we assume that the security policies are pre- MGSA service globally or in each locality with candidate GCKS
deployed on all ad hoc nodes prior to their joins of the network. nodes.
Thus we will not address the “policy architecture” component
and policy servers in this paper. In the “key management” com- The simple and efficient k-clustering algorithm is used to elect
ponent, dedicated GCKS nodes are responsible of maintaining GCKS nodes (clusterheads). It can be divided into two fully
group control over multicast group members, which dynamically distributed design phases: cluster formation phase and cluster
join or leave the multicast groups at their own wills. The com- maintenance phase.
munication between a GCKS and a specific group member must • Fully distributed cluster formation phase: A Candidate
be authenticated using each other’s credentials (e.g., each node GCKS node that does not belong to any cluster can initiate a
must acquire its certificate from an offline authority) and is pro- cluster formation by broadcasting a clusterhead claim packet
tected by KEK. From the group control channel protected by up to k hop away to claim itself as a cluster head. The k hop
KEK, a group member receives the current group key (i.e., Net- forwarding constraint is enforced with a TTL (Time-to-live)
Key), then the multicast group communication amongst senders field. A clusterhead claim packet’s TTL field is decreased
and receivers is protected by this group-wise Net-Key. The by one upon each forwarding, until the TTL field becomes 0
Net-Key is updated when there are group members joining or and the packet is dropped. The autonomous choice of k is
leaving the group. based on the node’s self-estimation of local density (which
can be acquired from an existing secure neighborhood de-
Functional Areas tection algorithm [11]). The node ensures the property
k*d≈C, so that the elected GCKS node won’t be over-
Multicast whelmed by the security workload. Afterward, all its k hop
Policy
Security
Server neighbor nodes overhearing such a broadcast claim packet
Policies
become member of the cluster and give up their right to be a
Policy cluster head. If there are multiple broadcasts concurrently
Group occur, the node with least k and lower ID wins the chance to
Key Group Control /
be the clusterhead.
Management Key Server (GCKS)
KEK(s) • Fully distributed cluster maintenance phase: every cluster-
KEK head periodically (per thead) broadcasts a clusterhead claim
Multicast Net-Key
packet within its k-hop scope to maintain its cluster so that
Data A sender Receiver(s)
Handling
the clusterhead claim packet is overheard by all its cluster
members. The value of thead is determined by one-hop radio
radius r and average node motion speed v, e.g. thead=r/v ap-
Figure 1: Key management component in proximates the average link break time in a mobile ad hoc
the IETF standard MGSA architecture network. If a cluster member node does not hear a cluster-
head claim packet from its clusterhead for a timeout ttimeout
Currently we assume that candidate GCKS nodes are special =3*thead (where the coefficient 3 can be adapted upon meas-
nodes with relatively large computational resource and high uring local channel error rate traffic and contention ratio),
tamper resistance capability. Amongst all N certified network then the node does not belong to its current cluster any
member nodes, η·N of them are capable of being GCKS nodes. more. It joins other cluster if it hears a clusterhead claim
Each GCKS node has enough resource to serve C local nodes. packet from other clusterheads or declares itself as a clus-
For example, GCKS nodes can be implemented on unmanned terhead to form a new cluster after an autonomous random
aerial vehicles (UAV) and tanks to serve mobile soldiers in their deferring time.
k-hop neighborhoods. Clearly, a centralized GCKS design is
vulnerable to security threats even in the wired Internet. For This simple and efficient k-clustering algorithm is employed to
example, the centralized site can be easily disabled by Distrib- dynamically form and maintain clusters in a mobile ad-hoc net-
uted Denial-of-Service (DDoS) attacks. Research projects like work. In the Hierarchical Multicast Group Security Architecture,
Iolus and IETF informational RFC2627 have shown initial ef- each clusterhead functions as a group control key server (GCKS)
forts in addressing the security challenge. Unfortunately, the as illustrated in Figure 2. A multicast group member learns its
proposed countermeasures are dedicated to fixed networks with- current group key (also called Net-Key) from the nearest GCKS
out considering network characteristics of MANETs. node which is at most k hops away. In order to deliver a multi-
3 of 6
cast group key to each requesting member securely, during the the probabilistic distribution of how these grids are occupied by
early cluster maintenance period a GCKS node authenticates each single mobile ad hoc node. Here n, the total number of
each member’s credential and establish a pair-wise secret called grids, is very large; and p, the probability that a grid is occupied
Key Encryption Key (KEK) with each its member. Via the pair- by the single node, is very small. When n is large and p is small,
wise secure channels protected by the KEKs, the GCKS node it is well-known that a bionomial distribution B(n, p) approaches
can securely deliver Net-Key to every multicast group member Poisson distribution with parameter λ=n·p. Hence this binomial
in its cluster. This only requires a GCKS node to keep track of spatial distribution is translated into a spatial Poisson point
the keys and multicast group IDs for all member nodes only process [19] to model the random presence of the network
within its own cluster. In mobile networks, a soft state approach nodes. In other words, suppose that N events occur in area A
is adopted in our design such that the stored GCKS states expire (here an event is an ad hoc node’s physical presence in the area),
upon a timeout 10*thead, thus no explicit message overhead is And the node density ρN=|N| / A (where | | denotes the cardinal-
required when mobile nodes leave their current clusters. Like ity of a set, and ρN=|N|·ρ1 if nodes roam independently and iden-
batched re-keying [18], once the GCKS node detects that a tically distributed) is equivalent to a random sampling of A with
threshold number of members have left/joined since last Net- rate ρN. Let x denote the random variable of number of network
Key update, the current Net-Key of the corresponding multicast nodes in the area. Then the probability that there are exactly m
group is regenerated, and will be redistributed to other GCKS nodes in a specific area A is
nodes.
(ρ A)m − ρN A (1)
Pr[x = m] = N ⋅e
m!
The choice of ρ1 depends on the underlying mobility model. For
a network deployed in a bounded system area, let the random
variable Ω = (X,Y) denote the Cartesian location of a mobile
node in the network area at an arbitrary time instant t. The spa-
tial distribution of a node is expressed in terms of the probability
density function
⎡ δ δ δ δ ⎤
Pr ⎢(x- < X ≤ x + ) ∧ (y- < Y ≤ y + )⎥
ρ1 = f XY (x,y) = lim ⎣ 2 2 2 2 ⎦
δ →0 δ2
The probability that a given node is located in a subarea A’ of
the system area A can be computed by integrating ρ1 over this
subarea
Pr[ node in A' ] = Pr[(X,Y) ∈ A'] = ∫∫ f XY (x,y)dA
A'
where fXY(x,y) can be computed given geometric properties of the
network.
Figure 2: Cluster structure illustration where K = 2
Some stochastic mobility models which directly choose a desti-
nation direction rather than a destination point and allow a
In inter-cluster GCKS synchronization, the underlying multicast bound back or wrap-around behavior at the border of the system
routing protocol is reused to disseminate a GCKS node’s newly area are able to achieve a uniform spatial distribution [20]. How-
re-generated states to other GCKS nodes. This self-similar de- ever, the others are not. Let’s use random way point (RWP)
sign simplifies protocol specification. Clearly, if the network model, the most popular one currently used in simulation stud-
topology is stable in a k-hop neighborhood, then the correspond- ies, as the underlying mobility model. The probability of mobile
ing GCKS node will not initiate inter-cluster routing packets to node’s spatial distribution in RWP model has been extensively
incur extra communication overhead. analyzed in various literatures [21][22][23]. As suggested in
[22], we can use the analytical expression
36 ⎛ a 2 ⎞⎛ a2 ⎞
IV. EVALUATION ρ1 = f XY ( x, y ) ≈ 6 ⎜ x − ⎟⎜ y − ⎟
⎜ ⎟⎜
a ⎝ 4 ⎠⎝ 4⎟ ⎠
A. MANET stochastic modeling for a square network area of size a×a defined by
Here we use analytic modeling to illustrate the effectiveness of (-a/2≤x≤a/2) and (-a/2≤y≤a/2).
k-clustering over conventional single-hop clustering. We divide Therefore, the node density ρN is typically a location dependent
the bounded network area into a large amount of small (virtual) variable. In particular for the random waypoint model, ρN is
grids, so that the grid size is even smaller than the physical size higher at the central area and lower at the boundary area
of the smallest network member. This way, each grid is either [21][22]. In general, for any location dependent distribution, the
empty, or is occupied by a single node. Also because the net- probability of (1) that there are exactly m nodes in a sub-area A’
work area is much larger than the sum of all mobile nodes’ of the system area A (with respect to a tiny unit area) is changed
physical size, the probability that a grid is occupied by a mobile to
node is very small. Now a bionomial distribution B(n, p) defines
4 of 6
⎛ N ⋅ ρ1m − N ⋅ ρ1 ⎞ model. Our clustering scheme is adopted to elect GCKS nodes
Pr[x = m] = ∫∫ ⎜
⎜ m! ⋅ e
⎟dA
⎟ among all nodes. Each mobile node has an IEEE 802.11 wireless
A' ⎝ ⎠ radio with transmission range 200m.
where ρN is the node’s spatial distribution function with respect In Figure 3, we show the stability of clusters vs. varying speed.
to the underlying mobility model. When k = 1, k-clustering is used to form only single-hop clus-
B. Analytic study ters, and when k = 2, the k-clustering is used to form clusters
within a 2-hop scope. From Figure 3, we can see that using the
An important metric is how to localize wireless communications k-clustering algorithm the average membership time that a
in MGSA service provisioning. We use a probabilistic approach member remains in a cluster is nearly 40 seconds (k = 1) and 60
to model the GCKS candidate nodes. Amongst all N certified seconds (k = 2) in low speed (4m/s). Even in high speed the ratio
network member nodes, η·N of them are capable of being GCKS stays as about 1.7. Clearly, as k increases, the cluster becomes
nodes. Because GCKS nodes manage cryptographic key materi- significantly more stable. This justifies the need of k-clustering
als for multicast groups, they must be properly protected in the over existing single-hop clustering schemes.
network. 60
For any regular node α who needs MGSA service, it should rely
Average Membership Time (second)
K= 1 K=2
on intra-cluster traffic in order to avoid remote communication 50
which features unpredictable service guarantees. Given the
40
value k in k-clustering, the probability that the node α can find a
local GCKS node within k hops is 30
∫∫ e
−η⋅ N ⋅ ρ1
PlocalGCKS = Pr[x > 0] = 1 − dA 20
k ⋅πR 2
10
Clearly, the difference between PlocalGCKS and 1 decreases expo-
nentially as the network scale N increases linearly. In particular, 0
in the (quasi-)uniform distribution cases, the value k is raised to 4 6 8 10 12 14 16 18 20
Mobility speed (m/sec)
the exponent ( PlocalGCKS = 1 − e − kπR ⋅ηNρ ) and thus compensates the
2
1
percentage η. This verifies the conclusion that a few GCKS Figure 3: Average cluster membership lasting time
nodes can be deployed on some highly expensive tamper-proof
nodes (e.g., unmanned aerial vehicles--UAV), and k-clustering
D. Testbed experiments
effectively restores the MGSA service availability to a normal
level comparable to a much denser-and-vulnerable solution, for Moreover, the MGSA design has been implemented in Linux
example, the case where every node can be GCKS node testbeds under the support of NSF WHYNET project. Our im-
( PlocalGCKS = 1 − e −πR ⋅ Nρ ). plementation of Hierarchical Multicast Group Security Architec-
2
1
ture is realized as a daemon in user space to minimize changes to
Another important metric is the stability of cluster members be- the kernel. Our test-bed consists of 14 Dell Pentium IV, 3.0GHz
cause this directly determines communication overhead caused D600 laptops equipped with Orinoco 802.11b PCMCIA card
by the distributed MGSA design. We define a metric average with channel rate as 2Mbps. The laptops run Red-Hat Linux dis-
cluster membership lasting time to measure the stability of clus- tribution 9 with kernel version 2.4.20. Linux PCMCIA package
ters. The analytic study of cluster stability can be modeled as version 3.2.0 and Orinoco wavelan2-cs driver are used for
computing the expected time for a random node staying in a 802.11b devices and the devices are set to ad-hoc mode. There is
bounded area (e.g., a circular area with radius R). Like what we one multicast source and three designed receivers among these
did before, the area is divided into large amount of points, then nodes in our experiments. Using the current test-bed capabilities,
all the points are theoretically connected into a fully-connected we have been able to conduct real network experiments and to
complete graph. The node goes from one point to another point test the accuracy and performance of the Hierarchical MGSA
in random motion. Clearly, if the radius R increases linearly, the against simulated results. In particular, we have been able to
number of the inside points increases quadratically. If the mo- validate the stability of our k-clustering algorithm by showing
tion pattern uniformly distributed over all the points, then the that, the Hierarchical MGSA testbed exhibits about the same
expected staying time also increases quadratically. Neverthe- average cluster membership lasting time predicated in the simu-
less, as the previous analysis showed, the motion pattern is loca- lation study. The lessons learned from the joint testbed and
tion dependent and non-uniform in typical mobility models. We simulation experiments have greatly improved our understand-
use the following simulation study to illustrate the impact of k on ing of the architecture and will undoubtedly contribute to more
cluster stability in random waypoint model. efficient designs in the future.
C. Simulation study V. SUMMARY
In this section, we use Qualnet, a scalable simulation library to In this paper we have devised a distributed security architecture
evaluate our MGSA design. 1000 mobile nodes are deployed in for multicast communications in mobile ad hoc networks. We
a 3200m×3200m network field following random waypoint distribute the function of MGSA's Group Control Key Server
5 of 6
(GCKS) to a dedicated subset of mobile backbone nodes in cols,” In Proc. of ACM WiSe in conjunction with
MANET. We use simple and efficient k-clustering scheme to MOBICOM, pp. 30--40, 2003.
dynamically elect GCKS backbone nodes at real time. The
[12] S.Basagni, I.Chlamtac, V.R.Syrotiuk, and B.A.Woodward.
GCKS backbone nodes are mobile and adaptive to network dy-
“A Distance Routing Effect Algorithm for Mobility
namics, in particular the constant and instant changes in network
(DREAM)},” In Proc. of ACM MOBICOM, pp. 76--84,
topology, node density and node mobility. Our MANET model-
1998.
ing and analytic study proves that our design localizes MGSA
security traffic, thus is suitable in MANET with wireless capac- [13] T. Kaya, G. Lin, G. Noubir, A. Yilmaz, “Secure multicast
ity constraints. In addition, we also illustrate the advantage of a groups on ad hoc networks,” In Proc. of the 1st ACM work-
flexible k-clustering scheme over conventional single-hop clus- shop on Security of ad hoc and sensor, pp. 94 – 102, 2003.
tering schemes: (1) We show that single-hop clustering requires
large amount of GCKS nodes, which are vulnerable to intrusion [14] Sencun Zhu, Sanjeev Setia, Shouhuai Xu, Sushil Jajodia,
and could cause MGSA service compromise. But k-clustering “GKMPAN: An efficient group rekeying scheme for secure
scheme helps to minimize the number of GCKS nodes. (2) multicast in ad-hoc networks,” In Proc. of 1st International
Moreover, we also show that the average cluster membership Conference on Mobile and Ubiquitous Systems: Networking
and Services (MobiQuitous 2004), pages 42-51, 2004.
lasting time is longer as k increases. This helps to reduce cluster
maintenance overhead. Our simulation study and Linux testbed [15] D. Balenson, D. McGrew, and A. Sherman. “Key Manage-
confirm the effectiveness of the new MANET MGSA design. ment for Large Dynamic Groups: One-way Function Trees
and Amortized Initialization, ” IETF Internet draft (work in
progress), August 2000.
REFERENCES [16] C. Wong, M. Gouda, S. Lam. “Secure Group Communica-
[1] RFC 3740 http://www.faqs.org/rfcs/rfc3740.html tion Using Key Graphs,”, In Proc. of SIGCOMM, 1998.
[2] RFC 2094 http://www.faqs.org/rfcs/rfc2094.html [17] Loukas Lazos, and Radha Poovendran. “Energy-Aware Se-
cure Multicast Communication in Ad hoc Networks using
[3] RFC 4046 http://www.faqs.org/rfcs/rfc4046.html Geographic Location Information,” In Proc. of IEEE
[4] Thomas Hardjono, “Group Security Associations for IP ICASSP, 2003.
Multicast Security” in Proceedings of the Internet Security [18] Xiaozhou Steve Li, Yang Richard Yang, Mohamed G.
Conference (TIAC) 2001. Gouda, and Simon S. Lam, “Batch rekeying for secure
[5] C.-C. Chiang et al., "Routing in Clustered Multihop, Mobile group communications,” In Proc. of the tenth international
Wireless Networks with Fading Channel," in Proc. IEEE World Wide Web conference on World Wide Web", pp.
SICON'97, 1997. 525—534 , 2001.
[6] C.R Lin, and M. Gerla, “Adaptive Clustering for Mobile [19] N. Cressie. Statistics for Spatial Data. John Wiley and Sons,
Netowrks,” IEEE Journal on Selected Areas in Communica- 1993.
tions, Vol. 15, No. 7, pp. 1265-1275, Sep 1997. [20] C. Bettstetter. Mobility Modeling in Wireless Networks:
[7] A. Ephremides, J. E. Wieselthier, and D. J. Baker, "A De- Categorization, Smooth Movement, and Border Effects.
sign Concept for Reliable Mobile Radio Networks with Fre- ACM Mobile Computing and Communication Review,
quency Hopping Signaling," in Proc. IEEE, vol. 75, 1987, 5(3):55–67, 2001.
pp. 56–73. [21] C. Bettstetter, H. Hartenstein, and X. Perez-Costa. Stochas-
[8] Kaixin Xu, Mario Gerla, “A Heterogeneous Routing Proto- tic Properties of the Random Waypoint Mobility Model.
col Based on A New Stable Clustering Scheme” Milcom ACM/Kluwer Wireless Networks, Special Issue on Modeling
2003. and Analysis of Mobile Networks, 10(5):555–567, 2004.
[9] P. Gupta, P.R.Kumar, “The Capacity of Wireless Net- [22] C. Bettstetter and C. Wagner. The Spatial Node Distribution
works,”, IEEE Transactions on Information Theory IT, of the Random Waypoint Mobility Model. In German
Vol.46, No.2, pp. 388—404, 2002. Workshop on Mobile Ad Hoc Networks (WMAN), pages 41–
58, 2002.
[10] J. Li, C. Blake, D.D. Couto, H.I.Lee, R. Morris, “Capacity
of Ad Hoc Wireless Networks,” in Proc. of ACM [23] G. Resta and P. Santi. An Analysis of the Node Spatial Dis-
MOBICOM, pp. 61—69, 2001. tribution of the Random Waypoint Model for Ad Hoc Net-
works. In ACM Workshop on Principles of Mobile Comput-
[11] Y.-C. Hu, A. Perrig, and D. B. Johnson. “Rushing Attacks ing (POMC), pages 44–50, 2002.
and Defense in Wireless Ad Hoc Network Routing Proto-
6 of 6
