JOURNAL OF COMPUTING, VOLUME 4, ISSUE 4, APRIL 2012, ISSN 2151-9617 https://sites.google.com/site/journalofcomputing WWW.JOURNALOFCOMPUTING.

ORG

160

An Encryption Key Scheme for Security Issues In Authentication Address of Networks

V.UpendranandDr.R.Dhanapal
AbstractSecured communication in ad hoc wireless networks is primarily important, because the communication signals are openly available as they propagate through air and are more susceptible to attacks ranging from passive eavesdropping to active interfering. The lack of any central coordination and shared wireless medium makes them more vulnerable to attacks than wired networks. Nodes act both as hosts and routers and are interconnected by Multi- hop communication path for forwarding and receiving packets to/from other nodes. The objective of this paper is to propose a key exchange and encryption mechanism that aims to use the MAC address as an additional parameter as the message specific key[to encrypt]and forward data among the nodes. The nodes are organized in spanning tree fashion, as they avoid forming cycles and exchange of key occurs only with authenticated neighbors in ad hoc networks, where nodes join or leave the network dynamically. Index TermsAd hoc networks, Spanning tree, Neighborhood key, Message specific key

INTRODUCTION

Ad hoc wireless networks are defined as the category of wireless networks that utilize multihop radio relaying and are capable of operating without the support of any fixed infrastructure and nodes communicate directly be tween one another over wireless channels [6]. As the wireless channels are openly available and propagate throughtheair,securityinadhocnetworksisofprimary concern [5]. In an ad hoc wireless network, the routing andresourcemanagementaredoneinadistributedman ner in which all nodes coordinate to enable communica tion among them as a group. This requires each node to be more intelligent so that it can function both as a net work host for transmitting and receiving data and as a networkrouterforroutingpacketsfromothernodes. Asadhocnetworkssignificantlyvaryfromeachotherin many aspects, an environmentspecific and efficient key management system is needed. To protect nodes against eavesdropping, the nodes must have made a mutual agreement on a shared secret or exchanged public keys. Forveryrapidlychangingadhocnetworkstheexchange ofencryptionkeysmayhavetobeaddressedondemand,

thus without assumption about a priori negotiated se crets. The main advantage of ad hoc network is its eco nomically less demanding deployment. In this work, a key exchange and encryption mechanism is presented where each node shares secret key only with authenti cated neighbors in the ad hoc network thus avoiding global rekeying operations [2]. The proposed technique improves privacy protection and also takes care of ano nymousroutingperformancesintermsofnetworkcapac ity using onehop anonymous links with its neighbors. ThismethodologyusestheMACaddressofthenodesas an additional parameter for encryption as the message specific key among the nodes within the group. The en crypted data is appended with the ID of the receiving nodesbeforeforwardingitinthenetwork.So,theautho rized destination node initially checks the ID of the re ceived packet. If it matches, it further decrypts based on theneighborhoodkeyaswellasthemessagespecifickey. This mechanism requires the nodes to be organized in a spanningtreefashionasspanningtreeisconstructedwith minimumdistancewhichcancoverallthenodeswithout formingacycle.

V.Upendran , Department of Computer Science, Research scholar, Bhara Active attacks involve actions performed by adversaries, thiarUniversity. Prof.Dr.R.Dhanapal , Head in Research Department of Computer Apexchanged data. External attacks are typically active at plications, Easwari Engineering College, Chennai, Affiliated to Anna Unitacks that are targeted to cause congestion, propagate versity of Technology, Chennai.

2. KEY EXCHANGE AND ENCRYPTION TECHNIQUES

for instance the replication, modification and deletion of

incorrect routing information, prevent services from working properly or shut down them completely. Exter

JOURNAL OF COMPUTING, VOLUME 4, ISSUE 4, APRIL 2012, ISSN 2151-9617 https://sites.google.com/site/journalofcomputing WWW.JOURNALOFCOMPUTING.ORG

161

nal attacks can typically be prevented by using standard security mechanisms such as firewalls and encryption techniques.Tosecuregroupcommunication,nodesshare a single symmetric key for encrypting and decrypting messagesinexistingsystems.Inthetraditionalgroupkey exchangemechanism,ifanewnodejoinsorleaves,then the group key must be globally updated and distributed among the nodes in the group. This is referred to as grouprekeying[2,7].Thedisadvantageofthisapproach isthatgrouprekeyingneedsaccesstoacommonserver everytimeandcanbecomplexandtimeconsumingtask. Accesstoacommonservertogenerateakeyeverytimea nodejoinsorleavesinadhocenvironmentisatimecon sumingprocess.Moreoveritleadstoconsumptionofre sourcesintheadhocnetwork.GroupKeymanagementis a subcategory of cryptography. Cryptography concerns itself with securing information so that unauthorized in dividuals cannot access and understand the messages sent.KeyManagementisessentialforproperandsecure distribution, creation and revocation of the keys used to secure messages [4]. To overcome the disadvantage of group rekeying, key exchange occurs only between the authenticated neighbors. Whenever there is a change in set of authenticated neighbors, a node must compute a new key and send this new key to all its authenticated neighbors [2]. Since the key is exchanged only with neighborhoodnodes,thetimetakentoexchangethekey is reduced considerably as well as authentication is also increased.Forveryrapidlychangingadhocnetworksthe exchange of encryption keys may have to be addressed ondemand,thuswithoutassumptionsaboutapriorine gotiated secrets. Keys are securely exchanged in a Key update message after encryption using the traditional RSAalgorithm[8].

ningtreeisthatitissimple,cheapandanefficientwayto connect terminals[2]. Spanning trees are very important in designing efficient routing algorithms. In the ad hoc environment, after a spanning tree is built to connect a groupofmobiledevices,apacketcanbealwaysflooded toallmembersalongthetreestructurewithoutloopand duplicated transmission [2]. As spanning tree maintains security associations only with neighbors, the proposed securityschememakesuseofthismechanism.

Fig.1 System Architecture [Encryption at the Source]

2.1.1 Minimum Spanning Tree

Every node exchanges data only with its neighbors. In formation about the neighbors is maintained in a neigh bortable.Anodealsomaintainsanadjacencytablewhich contains the list of all nodes with which it can exchange messages. Figure 2. shows the example scenario of the chosen undirected graph and using the spanning tree construction procedure the minimum spanning tree is constructedasinFigure3.

2.1 Spanning Tree Construction

SpanningtreeofwirelessnodesisconstructedusingNS2 simulator. Wireless nodes are plotted on the network animator at some x coordinate and ycoordinate. The distance between each and every node is computed as follows: Distance(i,j)=(xjxi)2+(yjyi)2(1) Spanning tree is constructed with minimum distance whichcancoverallthenodeswithoutformingacycleas infigure4.Theminimumspanningtreeofwirelessnodes is constructed and the spanning tree path is indicated in thenetworkanimator.Thepurposeofconstructingspan
Fig3 Minimum Spanning Tree

Fig2. Undirected Graph

JOURNAL OF COMPUTING, VOLUME 4, ISSUE 4, APRIL 2012, ISSN 2151-9617 https://sites.google.com/site/journalofcomputing WWW.JOURNALOFCOMPUTING.ORG

162

Fig4.SpanningTreeConstruction

3. Key Exchange Mechanism

The proposed security scheme consists of RSA key ex changemechanismandanovelencryptionmechanismto provide security. Each node in the network has its own symmetrickeycalledtheNeighborhoodkey.Toperform encryptionanddecryptioneachnodemusthaveaccessto othernodesneighborhoodkey.Atsource,Neighborhood Keyisencryptedwiththepublickeyofthereceiverand transmitted to the destination node. At destination, neighborhoodkeyisdecryptedwiththenodesownpri vatekey.

it again reencrypts the message with the neighborhood key and transmits to its authenticated neighbor nodes. Theprocedureisrepeateduntildestinationnodeisfound and the original message is decrypted at the destination node.Twodifferentsymmetricencryptionalgorithmsare used to encrypt the message and the neighborhood key with the messagespecific key. The advantage of imple mentingtwodifferentencryptionproceduresistomakeit to improve the security of the message being forwarded in the ad hoc network which is susceptible to more vul nerableattacks.

3.1 Encryption Algorithm

Each node has its own symmetric key called neighbor hood key which is encrypted. Then, the message is en cryptedusingthemessagespecifickeywhichistheMAC address. Further, the message specific key is encrypted with neighborhood key. Then, the sender appends the destination nodes ID and transmits this message to its authenticated neighbors. Source Node A creates a Mes sageSpecificKey[MKey(M)].Messageisencryptedwith MessageSpecificKey [EMKey(M)(M)].FurthertheMessageSpecificKeyisen cryptedwithAsneighborhoodkey[EN Key(A)(MKey(M)].Then,theDestinationnodesIDis appendedtotheCiphertext [(ENKey(A)(MKey(M)EMKey(M)(M))NodeID(B)].

3.3 Neighborhood Key Exchange Procedure

Keyexchangewithonlyneighborhoodnodesaimsatre ducing cryptofunctions processing overheads occurred in a pure reactive approach. This neighbor detection scheme is identityfree and is carried over through a handshake process between any pair of neighbors[6]. Handshaking procedure is basically carried over for key exchanges between a given node and its new detected neighbors. After the handshake procedure, each pair of nodes shares a chain of secret keys[5]. HELLO messages are periodically sent to the nodes in the group. To for ward the information the RREQ and RREP messages are usedbyeachintermediatenodetoestablishtheroutebe tween the source and the destination nodes in the net work.

4. Conclusion And Future Enhancements

The advantage of the proposed security scheme is that sinceencryptionisdonetwicewithtwodifferentencryp tionschemes,onewithneighborhoodkeyandotherwith messagespecifickey,moresecurityisimposed.Itensures backward secrecy (a new member of network cannot access data transmitted before the member joined) and forwardsecrecy(amembercannotaccessthedatathatis transmittedafterthememberleavesthegroup)[2].When

3.2 Decryption Algorithm

Atreceivingend,iftheIDofthenodematches,thenitis the intended recipient and decryption is performed with neighborhood key of sending node and the plain text messageisobtained.Asanextstep,furtherdecryptionis donewiththemessagespecifickeyandtheoriginalmes sageisobtained.Ifthenodeisnottheintendedrecipient,

JOURNAL OF COMPUTING, VOLUME 4, ISSUE 4, APRIL 2012, ISSN 2151-9617 https://sites.google.com/site/journalofcomputing WWW.JOURNALOFCOMPUTING.ORG

163

everthetopologychangeswiththeinclusionorexclusion ofamember,newneighborhoodkeyiscomputedandis distributedtoallauthenticatedneighbors. Anovelsecurityschemeinadhocnetworksispresented whichcanaddressthesecurityissuessuchasauthentica tion, confidentiality and key management that would avoidglobalrekeying.Theproposedschemewhichaims at sender deniable encryption can be widely applicable forvotingandauctionprotocols.Thisshallbeapplicable wherevergroupcommunicationsistobeestablishedina secured manner in an ad hoc environment. The future enhancement to the implementation of the proposed se curity scheme is to incorporate the key storage, message storageatthenodelevelandcomparetheperformanceof spanning tree with and without the inclusion of features suchaskeystorageandmessagestorage.

Biography
First. Mr.V.Upendran persuing Ph.D in computer Science from Bharathiyar University, Tamil Nadu, India. He is currently Head, DepartmentofComputerScience,SrimadAndavanArtsandScience College,AffiliatedtoBharathidasanUniversity,Truchirapalli,India. He has 7 years of teaching experience.He has presented 4 national and 2 international papers in conferences. He has served as NSS programmeofficerforpast3yearsinBharathidasanUniversity.

Second. Prof.Dr.R.Dhanapal obtained his Ph.D in Computer Science from Bharathidasan University, Tamil Nadu, India. He is currently Professor & Head, Research Department of Computer Applications,SRMEaswariEngineeringCollege,AffiliatedtoAnna UniversityChennai,TamilNadu,India.Hehas25yearsofteaching, research and administrative experience which includes 21 years of GovernmentService. BesidesbeingProfessor,heisalsoaprolificwriter,having authored twenty one books on various topics in Computer Science. HisbookshavebeenprescribedastextbooksinBharathidasanUni versity and Autonomous colleges affiliated to Bharathidasan Uni versity.HehasservedasChairmanofBoardofStudiesinComputer ScienceofBharathidasanUniversity,memberofBoardofStudiesin Computer Science of several universities and autonomous colleges. Member of standing committee of Artificial Intelligence and Expert Systems of IASTED, Canada and Senior Member of International AssociationofComputerScienceandInformationTechnology(IAC SIT), Singapore and member of International Association of Engi neers,Hongkong.He has Visited USA,Japan, Malaysia,andSinga pore for presenting papers in the International conferences and to demonstrate the softwaredevelopedbyhim. Heistherecipient of the prestigious Lifetime Achievement and Excellence Awards institutedbyGovernmentofIndia. He served as Principal Investigator for UGC and AICTE, New Delhi funded innovative, major and minor research projects worthof1.7croreespeciallyintheareaofIntelligentsystems,Data Mining and Soft Computing. He is the recognized supervisor for research programmes in Computer Science leading to Ph.D and MSbyresearchinseveraluniversitiesincludingAnnaUniversity Chennai, Bharathiar University Coimbatore, Manonmaniam Sun daranar University Tirunelveli, Periyar University Salem, Mother TeresaUniversityKodaikanalandmanyDeemedUniversities.He hasgot59papersonhiscreditininternationalandnationaljournals. HehasbeenservingasEditorInChieffortheInternationalJournal of Research and Reviews in Artificial Intelligence (IJRRAI) United Kingdomandservingasreviewerandmemberofeditorialinaccre dited peer reviewed national and international journals including ElsevierJournals.

5. References
[1] M.Sughasiny, Dr.R.Dhanapal. A Study on Local Area Network
Access Point Using Bluetooth Devices. International Journal of Computing, Vol. 2, Issue 12, pp. 25 32, 2010. [2] Jorg Liebeherr, Guangyu Dong, An overlay approach to data security in ad-hoc networks Science Direct, Ad Hoc Networks, pp. 1055-1072, July 2006. [3] Matthew J. Moyer, Josyula R. Rao, Pankaj Rohatgi, and Thomas.J, A Survey of Security Issues in Multicast Communications, IEEE Network, November 1999. [4] David Manz, Jim Alves- Foss and Shanyu Zheng, Network Simulation of Group Key Management Protocols, Journal of Information Assurance and Security, pp. 67-79, January 2008. [5] Lidong Zhou and Zygmunt J. Haas, Securing Ad Hoc Networks, IEEE Network, November 1999. [6] Vesa Krpijoki, Security in Ad Hoc Networks, Seminar on Network Security, 2000. [7] X.B. Zhang, S.S. Lam, H. Liu, Efficient group rekeying using application-layer multicast, in Proceedings of the 25th IEEE International Conference on Distributed Computing Systems, (ICDCS 2005), June 2005. [8] C. Gui, P. Mohapatra, Efficient overlay multicast for mobile ad hoc networks, in Proceedings of IEEE Wireless communications and Networking Conference (WCNC), March 2003. [9] Y.C. Hu, A. Perrig, A survey of secure wireless ad hoc routing, IEEE Security and Privacy 2 (3) (2004). [10] Kevin Fall, Kannan Varadhan, The ns manual, The VINT project, December 2008. multicast for mobile ad hoc networks, in Proceedings of IEEE Wireless