Security in Mobile Ad Hoc Networks: Challenges and Solutions (IEEE Wireless Communications 2004)Hao Yang, et al.

October 10th, 2006Jinkyu Lee

2

Contents

• Introduction• Attacks• A Multi-fence Security Solution

– Network-layer security• Message authentication primitives• Secure ad hoc routing• Secure packet forwarding

– Link-layer security

• Open Challenges• Conclusions

3

Introduction

• Mobile Ad Hoc Networks (MANETs)– Self-configuration– Self-maintenance

• Security Challenges– Shared medium– Resource constraints– Dynamic topology

4

Introduction

• The Goal of Security for MANETs– Protection of the network connectivity between mobile nodes over

potentially multi-hop wireless channels• One-hop connectivity through link-layer protocols• Multi-hop connectivity through network-layer routing and data forward

ing protocols

• Two Approaches– Proactive– Reactive

• Network Performance V.S. Security– Scalability, service availability, and robustness

5

Attacks

• Network-layer– Routing attacks

• Not to follow the specifications of the routing protocol• Example: modification of the source route listed in the RREQ or RRE

P (DSR), advertising a route with a smaller distance metric than its actual distance to destination (AODV)

• Goal: attraction of traffic toward certain destinations, generation of routing loops, or introduction of sever network congestion and channel contention

– Packet forwarding attacks• Not to forward packets properly• Example: drop the packets, modify the contents, duplicate the packe

ts, denial-of-service (DoS)

6

Attacks

• Link-layer– WEP (Wired Equivalent Privacy)

• Cryptography attacks– DoS attacks

• Control of backoff value • Data corruption using NAV and interfering victim’s link-layer frame

7

Multi-fence Security Solution

• Multi-fence Security Solution should …– Spread across many individual components– Span different layers– Thwart threats from both outsiders and insiders– Encompass prevention, detection, and reaction– Be practical and affordable

Network-layer security solutions

Link-layer security solutions

Secure ad hoc routing

Proactive protection through message authentication primitives

Secure packet forwarding

Reactive protection through detection and reaction

Source routing

Link state routing

Distance vector routing

Misbehavior detection

Misbehavior reaction

Secure wireless MAC

Reactive protection through detection and reaction

Next-generation WEP

Modification to existing protocol to fix the cryptographic loopholes

8

A Multi-fence Security Solution - Network Layer Security

• Message Authentication Primitives– HMAC – Digital signature– One-way HMAC key chain

• Secure Ad Hoc Routing– Source routing– Distance vector routing– Link state routing– Other routing protocols

• Secure Packet Forwarding– Detection– Reaction

9

A Multi-fence Security Solution - Network Layer Security

• Message Authentication Primitives– HMAC (Message authentication codes)

• Symmetric key• Cryptographic one-way hash function• Verified only by the intended receiver• Efficient computation• n (n-1) / 2 keys should be maintained

10

A Multi-fence Security Solution - Network Layer Security

• Message Authentication Primitives– Digital Signature

• Asymmetric key• More computation overhead in signing/decrypting and verifying/encrypting op

erations• Less resilient to DoS attacks• Verified by any node given the public key• n public/private key pairs should be maintained

11

A Multi-fence Security Solution - Network Layer Security

• Message Authentication Primitives– One-way HMAC key chain

• Generated by repeated application of the one-way function• Proven to be authentic in reverse order• Lightweight computation• One authenticator can be verified by large numbers of receivers• Shortcomings

– Buffer messages– To require additional communication

12

A Multi-fence Security Solution - Network Layer Security

• Secure Ad Hoc Routing• Proactive approach

– Source Routing• Goal: to prevent intermediate nodes from modifying nodes to the route• Solution: to attach a per-hop authenticator• Example: Ariadne (extension of DSR) uses a one-way HMAC key chain

13

A Multi-fence Security Solution - Network Layer Security

• Secure Ad Hoc Routing– Source Routing (Ariadne)

S : pS = (RREQ, S, D), mS = HMACKSD(pS)

S-> * : (pS, mS)

A : hA = H(A, mS), pA = (RREQ, S, D, [A], hA, []), mA = HMACKA(pA)

A-> * : (pA, mA)

B : hB = H(B, hA), pB = (RREQ, S, D, [A,B], hB, [mA]), mB = HMACKB(pB)

B -> * : (pB, mB)

C : hC = H(C, hB), pC = (RREQ, S, D, [A, B, C], hC, [mA, mB]), mC = HMACKC (pC)

C -> * : (pC, mC)

D : pD = (RREP, D, S, [A, B, C], [mA, mB, mC]), mD = HMACKDS(pD)

D -> C : (pD, mD, [])

C -> B : (pD, mD, [KC])

B -> A : (pD, mD, [KC, KB])

A -> S : (pD, mD, [KC, KB, KA])

S A B C D

14

A Multi-fence Security Solution - Network Layer Security

• Secure Ad Hoc Routing

– Distance Vector Routing• Goal: correct advertisement of the routing metric• Solution: to authenticate aggregation of metric

– Link State Routing• Goal: to authenticate both neighbor discovery and neighbor broadcast• Solution: links only added only if two valid LSUs (Link State Update) from bot

h nodes of the link are received• Example: SLSP (Secure Link State Routing) uses digital signatures

15

A Multi-fence Security Solution - Network Layer Security

• Secure Ad Hoc Routing– Other Routing Protocols

• ARAN (Authenticated Routing for Ad hoc Networks)• To authenticate link to link by public key cryptography• Information only about the next hop

S A B C

16

A Multi-fence Security Solution - Network Layer Security

• Secure Ad Hoc Routing– Other Routing Protocols

• [17]• To broadcast both ways to provide redundancy• To improve path length• More communication and less computation

17

A Multi-fence Security Solution - Network Layer Security

• Secure Packet Forwarding

– Detection• Localized detection• ACK-based detection

– Reaction• Global reaction• End-host reaction

18

A Multi-fence Security Solution - Link Layer Security

• IEEE 802.11 MAC– Intentionally small backoff value

• Checking deviation and penalizing

– Data corruption using NAV and interfering victim’s link-layer frame• So far, no clear solution

• IEEE 802.11 WEP– Attacks

• Message privacy and message integrity attacks• Probabilistic cipher key recovery attacks

– Enhanced in 802.11i/WPA

19

Open Challenges

• Resiliency-oriented Security Solution - Feature– Bigger Problem Space

• Not only to thwart malicious attacks, but also to cope with other network faults

– Intrusion Tolerance• Robust against the breakdown of any individual fence

– Bigger Solution Space• To use other non-crypto-based schemes to ensure resiliency

– Unexpected Faults Tolerance• To enhance redundancy

20

Open Challenges

• Open Challenges– To build efficient fence considering each device’s

resource constraint– To identify system principles of how to build a new

generation of network protocols– To evaluate the security design

21

Conclusions

• Summary of security issues in MANETs– Resiliency-oriented multi-layered solution design– Focus on network-layer security

• Many open problems related to security in MANETs