Security in Mobile Ad-hoc Networks
Secure Routing
Most routing protocols for Mobile Ad-hoc Networks (MANET) were originally
designed without having security in mind. In most of their specifications it
was assumed that all the nodes in the network were friendly. The security issue
was postponed and there used to be the common feeling that it would be possible
to make those routing protocols secure by retrofitting preexisting
cryptosystems.
Nevertheless, securing network transmissions without securing the routing
protocols is not sufficient. Moreover, by retrofitting cryptosystems (like
IPSec) security is not necessarily achieved.
Therefore, in MANET networks with security needs, there must be two security
systems: one to protect the data transmission and one to make the routing
protocol secure. There are already well studied point to point security systems
that can be used for protecting network transmissions. But there was no much
work about how make MANET routing protocols discover routes in a secure
manner till recently.
It was in this context that we proposed the Secure Ad hoc On-Demand Distance
Vector (SAODV) routing protocol. SAODV is an extension of the AODV routing
protocol that can be used to protect the route discovery mechanism providing
security features like integrity and authentication. SAODV was originally
published in 2002 and it has made a deep impact in the research area.
Key Management
In Mobile Ad-hoc Networks, nodes use the air to communicate, so a lot of nodes
might hear what a node transmits and there are messages that are lost due to
collisions. The concept of servers has to be modified: there is no guarantee
that a node will be able to reach another node, so things like DNS servers,
certification authorities (CAs) and other entities that are assumed to be found
in fixed networks cannot be used here.
In a network where the existence of central servers cannot be expected, it is
needed that nodes will be able to communicate without the risk of malicious
nodes impersonating the entities they want to communicate with. In a network
where everybody is anonymous, identity and trust need to be redefined.
In addition, if the security protocols that are used in these kind of networks
are based in mechanisms that require asymmetric cryptography, the task of
having secure routing protocols for such kind of networks will not be completed
without an specific key management scheme.
Therefore, we designed the Simple Ad hoc Key Management (SAKM). SAKM is a key
management system that allows the nodes of an ad hoc network to use asymmetric
cryptography with zero configuration. It is intended to be applied to wireless
network routing protocols that provide security features that require the use
of asymmetric cryptography (like SAODV).
Publications
- Manel Guerrero Zapata: "Key Management and Delayed Verification for Ad Hoc Networks". In Journal of High Speed Networks Special Issue. Vol. 15, Num. 1, 2006. Pages 93-109. ISSN 0926-6801.
- Manel Guerrero Zapata: "Shortcut Detection and Route Repair in Ad-hoc Networks". In Proceedings of the Third IEEE International Conference on Pervasive Computing and Communications Workshops (PERCOMW'05), pp. 237-242. March 2005. ISBN 0-7695-2300-5.
- Manel Guerrero Zapata: "Key Management and Delayed Verification for Ad Hoc Networks". In Proceedings of HiPC Workshops 2004, Electronic proceedings, Trusted Internet Workshop, paper #8, 8 pages. December 2004.
- Manel Guerrero Zapata and N. Asokan: "Securing Ad hoc Routing Protocols". In Proceedings of the 2002 ACM Workshop on Wireless Security (WiSe 2002), pages 1-10. September 2002. ISBN 1-58113-585-8.
- Manel Guerrero Zapata: "Secure Ad hoc On-Demand Distance Vector Routing". ACM Mobile Computing and Communications Review (MC2R), Vol 6. No. 3, pp. 106-107, July 2002.
Internet Drafts
- "Secure Ad hoc On-Demand Distance Vector (SAODV) Routing"
- Manel Guerrero Zapata: draft-guerrero-manet-saodv-06.txt, September 2006.
- Manel Guerrero Zapata: draft-guerrero-manet-saodv-05.txt, February 2006.
- Manel Guerrero Zapata: draft-guerrero-manet-saodv-04.txt, September 2005.
- Manel Guerrero Zapata: draft-guerrero-manet-saodv-03.txt, March 2005.
- Manel Guerrero Zapata: draft-guerrero-manet-saodv-02.txt, November 2004.
- Manel Guerrero Zapata: draft-guerrero-manet-saodv-01.txt, August 2004.
- Manel Guerrero Zapata: draft-guerrero-manet-saodv-00.txt. First published in the IETF MANET Mailing List (October 8th 2001). Submitted to the IETF on August 12th 2002.
- "Simple Ad hoc Key Management (SAKM)"
- "Secure Dynamic MANET On-Demand (SDYMO) Routing Protocol"
Home