Security in MANET

1
Security in MANET

• Presented by
• Bhupendra kumar
• Hari Naik Jatoth

2
Content

• Introduction
• Key management
• Secure routing

3
Introduction

• New paradigm of wireless communication for mobile
  host
• Collection of nodes that do not rely on a
  predefined infrastructure
• Vulnerable to security attacks
• Autonomous networks consisting of routing nodes
  that are free to move about.

4
Introduction

• Mobile nodes communicate within radio-range
  directly or through routers

5
Security Goals

• Availability
• Survive despite DoS attack
• Primary concern Key management service
• Confidentiality
• Integrity
• Authentication
• Non-repudiation

6
Challenges

• Use of wireless links leads ad hoc networks
  susceptible to link attacks
• Relatively poor protection, as in battlefields
• So for high survivability, distributed
  architecture needed.
• Dynamic network topology
• Scalable security mechanisms

7
Key Management
8
Characteristics

• Dynamic network topology
• Limited physical security
• Limited bandwidth
• Energy constrained nodes
• Natures of ad hoc networks makes them vulnerable
  to security attacks
• Passive eavesdropping
• Denial of service attacks by malicious nodes
• Attacks from compromised entities

9
Security wired network vs Ad hoc network

• Wired network
• Adversary must gain physical access to wired link
• Adversary has to sneak through security holes at
  firewalls or routers
• Ad hoc network
• Infrastructure less network does not have a clear
  line of defense
• Wireless attacks may come from all directions
• Every node must be prepared to encounter with an
  adversary

10
Desired properties

• Secrecy
• Forward Secrecy
• Contributory Key Agreement
• Tolerance to disruption attempts

11
Key management in ad hoc networks

• Security in networking is in many cases dependent
  on proper key management
• A centralized approach in key management may not
  be available
• Centralized approaches are vulnerable as single
  point of failures
• Distributed approach is used
• Partially distributed certificate authority
• Fully distributed certificate authority

12
Trusted Third Parties

• Entity trusted by all users of the system
• Provides the key management services
• Examples of trusted third parties are
• key distribution centers (KDC)
• key translation centers (KTC), and
• certificate authorities (CA).

13
Trusted Third Parties
In line TTP
On line TTP
14
Trusted Third Parties
1
2
3
1) User A requests to share a secret key with
user B. If the TTP is a KDC it generates the key
to use, otherwise user A provides it. This
communication is encrypted using the key shared
by user A and the TTP.
15
Trusted Third Parties

• 2. The TTP encrypts the session key with the key
  it shares with user B and returns it to user A.
• 3. User A sends the encrypted session key to user
  B, who can decrypt it and thereafter use it to
  communicate securely with user A.

16
Partially Distributed Certificate Authority

• Proposed by Zhou and Hass (1999)
• Uses a (k, n) threshold scheme to distribute the
  services of the certificate authority to a set of
  specialized server nodes.
• nodes is capable of generating a partial
  certificate using their share of the certificate
  signing key skca, but only by combining k such
  partial certificates can a valid certificate be
  obtained.

17
Partially Distributed Certificate Authority
CA
Server node
CA
CA
Client node
18
Fully Distributed Certificate Authority

• Proposed by Luo and Lu (2000)
• Its uses a (k, n) threshold scheme to distribute
  an RSA certificate signing key to all nodes in
  the network.
• uses verifiable and proactive secret sharing
  mechanisms to protect against denial of service
  attacks and compromise of the certificate signing
  key.

19
Fully Distributed Certificate Authority

• no need to elect or choose any specialized server
  nodes.
• CA are distributed to all nodes in the ad hoc
  network.
• Any operations requiring the CAs private key
  skCA can only be performed by a coalition of k or
  more nodes.

20
Fully Distributed Certificate Authority
Fully distributed CA service where all nodes in
the network are equals and each hold a share of
the signing key.
21
Fully Distributed Certificate Authority

• The availability of the service is based on the
  assumption that every node will have a minimum of
  k one-hop neighbors.

22
Certificate Revocation

• Assumption that all nodes monitor the behavior of
  their one-hop neighbors and maintain their own
  certificate revocation lists.
• node discovers that one of its neighbors is
  misbehaving it adds its certificate to the CRL.
• floods an accusation against the node.

23
Certificate Revocation
Node B
CA
4
D
CA
Node F
BAD
1
3
2
CA
1
Node A
3
Node C
4
Node E
CA
CA
24
A Secure Routing Protocol for Ad Hoc Wireless
Networks
25
Mobile Ad-hoc Network (MANET)

• There is no pre-deployed infrastructure
• Nodes cooperatively form the network by agreeing
  to certain routing messages.
• So, it depends on the intermediate nodes to route
  the packets.
• MANET is particularly vulnerable due to its
  fundamental characteristics, such as open medium,
  dynamic topology, distributed cooperation, and
  constrained capability.

26

• Many Ad-Hoc routing protocols have been proposed
  previously, but none of these have define
  security requirements.
• Routing plays an important role in the security
  of the entire network.
• Mobile nodes are roaming independently and are
  able to move in any direction.

27

• MANET can be established extremely flexibly
  without
• any fixed base station in battlefields,
  military
• applications, and other emergency and disaster
• situation. (See Figure 1)

28
Security Concerns

• Existing protocols (AODV, DSR) are vulnerable
• Attacks using
• Modification
• Impersonation
• Fabrication

29
Attacks using modification False Sequence
number

• Malicious nodes can cause redirection of network
  traffic and DoS attacks by altering control
  message fields.
• In AODV, any node may divert traffic through
  itself by advertising a route to a node with a
  destination_sequence_num greater than the
  authentic value.

30
Attacks using modification
False hop counts, False source routes

• AODV uses the hop count field to determine a
  shortest path
• Malicious nodes can set hop count to zero.
• DSR uses source routes in data packets
• DoS attack can be launched in DSR by altering
  the source routes in the packet headers.

31
Attacks using modification Tunneling

• A tunneling attack is where two or more nodes may
  collaborate to encapsulate messages between them.
• Similarly, tunneling attacks are also a security
  threat to multipath routing protocol.

32
Attacks using Impersonation

• Spoofing occurs when a node misrepresents its
  identity in the network.
• Forming Loops by Spoofing

33
Attacks using Fabrication

• Generation of false routing information can be
  classified as fabrication attacks
• Falsifying Route Errors in AODV and DSR
• - If the source node is moves and the route is
  still needed
• - If the destination node or an intermediate node
  along an active path moves
• - The node upstream of the link break broadcast a
  route error message to all active upstream
  neighbors

34
Attacks using Fabrication (cont..)

• Route Cache Poisoning in DSR
• - A node overhearing any packet may add the
  routing information contained in that packets
  header to its own route cache

35
Security Requirements of Ad-Hoc Network

• Route signaling cant be spoofed
• Fabricated routing messages cant be injected
  into the network
• Routing messages cant be altered in transit
• Routing loops cant be formed by through
  malicious action
• Routes cant be redirected from the shortest path
  by malicious action
• Unauthorized nodes should be excluded from route
  computation and discovery

36
Authenticated Routing for Ad-hoc Networks (ARAN)

• ARAN, detects and protects against malicious
  actions
• It also introduces authentication, message
  integrity, and non-repudiation to an ad-hoc
  environment
• ARAN makes use of cryptographic certificates to
  offer routing security
• Exists as part of one-hop 802.11 networks
• It consists of a preliminary certification
  process followed by a route instantiation process
  that guarantees end-to-end authentication

37
Certification

• ARAN requires the use of a trusted certificate
• server T, whose public key known to all valid
  nodes
• A node A receives a certificate from T as follows
• T -gt A certA IPA,KA, t, eKT-

38
Authenticated route discovery

• Source node, A, broadcast a route discovery
  packet (RDP) to its neighbors.
• A -gt broadcast RDP, IPx, certA, NA, t
  KA-
• Each time A perform Route discovery, it
  monotonically increase the nonce.
• When a node receives an RDP message, it sets up a
  reverse path back to the source.

39
Authenticated route discovery (cont..)

• The receiving node uses As public key, which it
  extracts from As certificate, to validate the
  signature and verify that As certificate has not
  expired.
• The receiving node also checks the (NA, IPA) to
  verify that it has not already processed this
  RDP.
• Let B be a neighbor that has received from A the
  RDP broadcast,
• B -gt broadcast RDP, IPx, certA, NA,
  t KA- KB-, certB
• C -gt broadcast RDP, IPx, certA, NA,
  t KA- KC-, certC
• Thus creates complete authenticated path.

40
Authenticated route setup

• There is no guarantee that the first RDP received
  traveled along the shortest path from the source.
• A non-congested, non-shortest path to be
  preferred to a congested shortest path because of
  the reduction in delay.
• Let the first node that receives the REP sent by
  X be node D,
• X -gt D REP, IPA, certx, NA, t KX-
• Let D s next hop to the source be node C,
• D -gt C REP, IPA, certx, NA, t
  KX- KD-, certD

41
Route Maintenance

• ARAN is an on-demand protocol
• When no traffic has occurred on an existing route
  for that routes lifetime, the route is simply
  de-activated in the route table.
• B -gt C ERR, IPA, IPx, certb, Nb, t KB-
  

42
Attacks solved by ARAN

• Unauthorized participation
• Spoofed route signaling
• Prevents impersonation attacks
• Fabricated routing messages
• Though not completely prevented, protocol offers
  non-repudiation
• Alteration of routing messages
• Initial packet sent by source(RDP)/
  destination(REP) cannot be changed by the
  intermediate nodes

43
Comparison

• ARAN is secure, but
• Requires CA
• Computationally intensive slower route
  discovery, larger packet size (greater routing
  load)

44
Conclusions

• Ad Hoc networks pose an interesting problem in
  networking with dynamic routing and highly
  insecure working environment
• Need of Secure, Scalable, Reliable and Efficient
  algorithms for Key management and Routing

45
References

• 1 Sanzgiri K, Dahill B, Levine B.N and
  Belding-Royer E.M, A secure routing protocol for
  Ad-hoc networks, Proc. Of IEEE ICNP, 2002
• 2 Zhou L. and Haas Z.J, Securing Ad Hoc
  Networks, IEEE Network Magazine, vol. 13, no. 6,
  1999
• 3 L. Zhou and Z. J. Haas, Securing Ad Hoc
  Networks, IEEE Networks, Volume 13, Issue 6 1999
• 4 H. Luo, P. Zerfos, J. Kong, S. Lu and L.
  Zhang, Self-securing Ad Hoc Wireless Networks,
  IEEE ISCC 2002

46
References

• 5 Key Management in Ad Hoc Networks
• Institutionen för Systemteknik
• 581 83 LINKÖPING
• by Klas Fokine 2002-09-11

47
Thank You

• for your presence and patient hearing