You are on page 1of 9

SEAD: Secure Efficient Distance Vector Routing

For Mobile Wireless Ad Hoc Networks

Abstract while those that are far apart rely on


An ad hoc network is a other nodes to relay messages as routers.
collection of wireless computers (nodes), Node mobility in an ad hoc network
communicating among themselves over causes frequent changes of the network
possibly multihop paths, without the topology. Figure 1 shows such an
help of any infrastructure such as base example: initially, nodes A and D have a
stations or access points. Although many direct link between them. When D
previous ad hoc network routing moves out of A’s radio range, the link is
protocols have been based in part on broken. However, the network is still
distance vector approaches, they have connected, because A can reach D
generally assumed a trusted through C, E, and F.Military tactical
environment. The Secure Efficient Ad operations are still the main application
hoc Distance vector routing protocol of ad hoc networks today. For example,
(SEAD), a secure ad hoc network military units (e.g., soldiers, tanks, or
routing protocol based on the design of planes), equipped with wireless
the Destination-Sequenced Distance- communication devices, could form an
Vector routing protocol (DSDV). In ad hoc network when they roam in a
order to support use with nodes of battlefield. Ad hoc networks can also be
limited CPU processing capability,and used for emergency, law enforcement,
to guard against Denial-of-Service and rescue missions. Since an ad hoc
(DoS) attacks in which an attacker network can be deployed rapidly with
attempts to cause other nodes to relatively low cost, it becomes an
consume excess network bandwidth or attractive option for commercial uses
processing time, we use efficient one- such as sensor networks or virtual
way hash functions and do not use classrooms. Secure ad hoc network
asymmetric cryptographic operations in routing protocols are difficult to design,
the protocol. It is robust against due to the generally highly dynamic
multiple uncoordinated attackers nature of an ad hoc network and due to
creating incorrect routing state in any the need to operate efficiently with
other node, even in spite of any active limited resources, including network
attackers or compromised nodes in the bandwidth and the CPU processing
network. capacity, memory, and battery
Introduction power(energy) of each individual node
Ad hoc networks are a new in the network. Existing insecure ad hoc
paradigm of wireless communication for network routing protocols are often
mobile hosts (which we call nodes). In highly optimized to spread new routing
an ad hoc network, there is no fixed information quickly as conditions
infrastructure such as base stations or change, requiring more rapid and often
mobile switching centers. Mobile nodes more frequent routing protocol
that are within each other’s radio range interaction between nodes than is typical
communicate directly via wireless links, in a traditional (e.g., wired and
stationary) network. Expensive and service for any security framework.
cumbersome security mechanisms can Confidentiality ensures that certain
delay or prevent such exchanges of information is never disclosed to
routing information, leading to reduced unauthorized entities. Network
routing effectiveness, and may consume transmission of sensitive information,
excessive network or node resources, such as strategic or tactical military
leading to many new opportunities for information, requires confidentiality.
possible Denial-of-Service (DoS) attacks Leakage of such information to enemies
through the routing protocol. could have devastating consequences.
Routing information must also remain
Security Goals confidential in certain cases, because the
Security is an important issue for information might be valuable for
ad hoc networks, especially for those enemies to identify and to locate their
security-sensitive applications. To secure targets in a battlefield.Integrity
an ad hoc network, we consider the guarantees that a message being
following attributes: availability, transferred is never corrupted. A
confidentiality, integrity, authentication, message could be corrupted because of
and non-repudiation. benign failures, such as radio
propagation impairment, or because of
malicious attacks on the network.
Authentication enables a node to ensure
the identity of the peer node it is
communicating with. Without
authentication, an adversary could
masquerade a node, thus gaining
Figure 1: Topology change in ad hoc unauthorized access to resource and
networks: nodes A, B, C, D, E, and F sensitive information and interfering
constitute an ad hoc network.The circle with the operation of other nodes.
represent the radio range of node A. The Finally, non-repudiation ensures that the
network initially has the topology in (a). origin of a message cannot deny having
When node D moves out of the radio sent the message. Non repudiation is
range of A, the network topology useful for detection and isolation of
changes to the one in (b). Availability compromised nodes. When a node A
ensures the survivability of network receives an erroneous message from a
services despite denial of service attacks. node B, non-repudiation allows A to
A denial of service attack could be accuse B using this message and to
launched at any layer of an ad hoc convince other nodes that B is
network. On the physical and media compromised. There are other security
access control layers, an adversary could goals (e.g., authorization) that are of
employ jamming to interfere with concern to certain applications, but we
communication on physical channels. will not pursue these issues in this paper.
On the network layer, an adversary could
disrupt the routing protocol and Routing In Mobile Ad Hoc Networks
disconnect the network. On the higher Routing in mobile ad hoc
layers, an adversary could bring down networks faces additional problems and
high-level services. One such target is challenges when compared to routing in
the key management service, an essential
traditional wired networks with fixed the destination is known as the metric in
infrastructure. There are several well- that table entry. When routing a packet
known protocols in the literature that to some destination, the node transmits
have been specifically developed to cope the packet to the indicated neighbor
with the limitations imposed by ad hoc router, and each router in turn uses its
networking environments. The problem own routing table to forward the packet
of routing in such environments is along its next hop toward the
aggravated by limiting factors such as destination.
rapidly changing topologies, high power To maintain the routing tables,
consumption, low bandwidth and high each node periodically transmits a
error rates [2]. Most of the existing routing update to to each of its neighbor
routing protocols follow two different routers, containing the information from
design approaches to confront the its own routing table. Each node uses
inherent characteristics of ad hoc this information advertised by its
networks, namely the table-driven and neighbors to update its own table, so that
the source-initiated on-demand its route for each destination uses as a
approaches. next hop the neighbor that advertised the
smallest metric in its update for that
Distance Vector Routing destination; the node sets the metric in
A distance vector routing its table entry for that destination to 1
protocol finds shortest paths between (hop) more than the metric in that
nodes in the network through a neighbor’s update. A common
distributed implementation of the optimization to this basic procedure to
classical Bellman-Ford algorithm. As spread changed routing information
noted in Section 1, distance vector through the network more quickly is the
protocols are easy to implement and are use of triggered updates, in which a
efficient in terms of memory and CPU node transmits a new update about some
processing capacity required at each destination as soon as the metric in its
node. A popular example of a distance table entry for that destination changes,
vector routing protocol is RIP [14, 26], rather than waiting for its next scheduled
which is widely used in IP networks of periodic update to be sent. Distance
moderate size. Distance vector routing vector routing protocols are simple, but
can be used for routing within an ad hoc they cannot guarantee not to produce
network by having each node in the routing loops between different nodes
network act as a router and participate in for some destination. Such loops are
the routing protocol. In distance vector eventually resolved by the protocol
routing, each router maintains a routing through many rounds of routing table
table listing all possible destinations updates in what is known as “counting to
within the network. Each entry in a infinity” in the metric for this
node’s routing table contains the address destination; to reduce time needed for
(identity) of some destination, this this resolution, the maximum metric
node’s shortest known distance (usually value allowed by the protocol is
in number of hops) to that destination, typically defined to be relatively small,
and the address of this node’s neighbor such as 15 as is used in RIP [14, 26]. To
router that is the first hop on this shortest further reduce these problems, a number
route to that destination; the distance to of extensions, such as split horizon and
split horizon with poisoned reverse [14, attacker is that it is able to eavesdrop the
26], are widely used. These extensions, communication between two legitimate
however, can still allow some loops, and network participants, inject fabricated
the possible problems that can create messages and delete, alter or replay
routing loops are more common in captured packets.
wireless and mobile networks such as ad Weaker assumptions of external
hoc networks, due to the motion of the attackers include the ability to inject
nodes and the possible changes in messages but not read them, or read and
wireless propagation conditions. replay messages but not inject new ones,
or just the ability to read messages.
Security Problems with Existing Ad Cryptographic solutions can be
Hoc Routing Protocols employed to prevent the impact of
The main assumption of the external attackers by mutual
previously presented ad hoc routing authentication of the participating nodes
protocols is that all participating nodes through digital signature schemes [14].
do so in good faith and without However, the underlying protocols
maliciously disrupting the operation of should also be considered since an
the protocol [11, 12]. However, the attacker could manipulate a lower level
existence of malicious entities cannot be protocol to interrupt a security
disregarded in any system, especially in mechanism in a higher level. Although
open ones like ad hoc networks. The these attacks are a significant part of a
RPSEC IETF working group has complete threat assessment, our analysis
performed a threat analysis that is focuses only on network-layer threats
applicable to routing protocols employed and countermeasures. Internal attackers
in a wide range of application scenarios have the capabilities of the strongest
[13]. According to this work, the routing outside attacker, as they are legitimate
function can be disrupted by internal or participants of the routing process.
external attackers. An internal attacker Having complete access to the
can be any legitimate participant of the communication link they are able to
routing protocol. An external attacker is advertise false routing information at
defined as any other entity. As we have will and force arbitrary routing decisions
previously noted, we consider denial-of- on their peers [15]. One of the most
service attacks that target the utilized difficult to detect problems in routing is
wireless medium, such as frequency that of Byzantine failures. These failures
jamming, outside the scope of our threat are the result of nodes that behave in a
model. Two commonly used way that does not comply with the
countermeasures against jamming are protocol. The reasons for the erroneous
frequency hopping spread spectrum behavior could be software or hardware
(FHSS) and direct sequence spread faults, mistakes in the configuration, or
spectrum (DSSS) [45]. Furthermore, malicious compromises. Attempts to
outside the scope of our threat model are solve the problem of Byzantine failures
transport layer attacks, such as session have been proposed for both
hijacking, and application layer attacks, infrastructures [16] and infrastructure
such as repudiation-based attacks and less networks [17]. Based on this threat
user information disclosure. The analysis and the identified capabilities of
strongest assumption for an external the potential attackers, we will now
discuss several specific attacks that can
target the operation of a routing protocol
in an ad hoc network.
1• Location disclosure [18]: Location
disclosure is an attack that targets the
privacy requirements of an ad hoc network.
Through the use of traffic analysis
techniques [19], or with simpler probing and
monitoring approaches an attacker is able to A wormhole attack performed by
discover the location of a node, or even the colluding malicious nodes A and B.
structure of the entire network. 1• Blackmail [21]: This attack is
2• Black hole [15]: In a black hole attack a relevant against routing protocols
malicious node injects false route replies to that use mechanisms for the
the route requests it receives advertising identification of malicious nodes and
itself as having the shortest path to a propagate messages that try to
destination. These fake replies can be blacklist the offender. An attacker
fabricated to divert network traffic through may fabricate such reporting
the malicious node for eavesdropping, or messages and try to isolate legitimate
simply to attract all traffic to it in order to nodes from the network. The security
perform a denial of service attack by property of non-repudiation can
dropping the received packets. prove to be useful in such cases since
3• Replay [13]: An attacker that performs a it binds a node to the messages it
replay attack injects into the network routing generated [22].
traffic that has been captured previously. • Denial of service: Denial of service
This attack usually targets the freshness of attacks aim at the complete disruption of
routes, but can also be used to undermine the routing function and therefore the
poorly designed security solutions. whole operation of the ad hoc network.
4• Wormhole [20]: The wormhole attack is Specific instances of denial of service
one of the most powerful presented here attacks include the routing table
since it involves the cooperation between overflow [18] and the sleep deprivation
two malicious nodes that participate in the torture [23]. In a routing table overflow
network. One attacker, say node A, captures attack the malicious node floods the
routing traffic at one point of the network network with bogus route creation
and tunnels them to another point in the packets in order to consume the
network, say to node B, that shares a private resources of the participating nodes and
communication link with A. Node B then disrupt the establishment of legitimate
selectively injects tunneled traffic back into routes. The sleep deprivation torture
the network (see Figure 1). The connectivity aims at the consumption of batteries of a
of the nodes that have established routes specific node by constantly keeping it
over the wormhole link is completely under engaged in routing decisions.
the control of the two colluding attackers. 2
3• Routing table poisoning: Routing
protocols maintain tables which hold
information regarding routes of the network.
In poisoning attacks the malicious nodes
generate and send fabricated signaling
traffic, or modify legitimate messages from
other nodes, in order to create false entries that provide security for ad hoc routing.
in the tables of the participating nodes. For However, this classification is only
example, an attacker can send routing indicative since a lot of solutions can be
updates that do not correspond to actual classified into more than one category.
changes in the topology of the ad hoc As we will see in the rest of this paper,
network. Routing table poisoning attacks most proposals follow similar
can result in selection of non-optimal routes, approaches to solve the problems of
creation of routing loops, bottlenecks and insecure ad hoc routing protocols
even partitioning certain parts of the hindering extensive classification
network. attempts.
4
Secure Ad hoc Routing Secure Routing Protocol (SRP)
There exist several proposals that The Secure Routing Protocol
attempt to architect a secure routing (SRP) is a set of security extensions that
protocol for ad hoc networks, in order to can be applied to any ad hoc routing
offer protection against the attacks protocol that utilizes broadcasting as its
mentioned in the previous section. These route querying method [26]. The authors
proposed solutions are either completely mention specifically DSR as a
new stand-alone protocols, or in some particularly appropriate protocol for
cases incorporations of security incorporating their proposed security
mechanisms into existing ones (like extensions. The operation of SRP
DSR and AODV). As we will see, the requires the existence of a security
design of these solutions focuses on association (SA) between the source
providing countermeasures against node initiating a route query and the
specific attacks, or sets of attacks. destination node. This security
Furthermore, a common design principle association can be utilized in order to
in all the examined proposals is the establish a shared secret key between the
performance-security trade-off balance. two, which is used by SRP.The SRP
Since routing is an essential function of protocol, appends a header (SRP header)
ad hoc networks, the integrated security to the packet of the basis routing
procedures should not hinder its protocol. The source node sends a route
operation. Another important part of the request with a query sequence (QSEQ)
analysis is the examination of the number that is used by the destination in
assumptions and the requirements that order to identify outdated requests, a
each solution depends on. Although a random query identifier (QID) that is
protocol might be able to satisfy certain used to identify the specific request, and
security constraints, its operational the output of a keyed hash function, as
requirements might thwart its successful shown in Figure 4. The input to the
employment.In order to analyze the function is the IP header, the header of
proposed solutions in a structured way the basis protocol, and the shared secret
we have classified them into five between the two nodes.
categories; solutions based on
asymmetric cryptography, solutions
based on symmetric cryptography,
hybrid solutions, reputation-based
solutions and a category of mechanisms
that they correspond to the active query,
compares the IP source route with the
reverse of the route in the payload of the
reply, and if they match it calculates the
MAC. Although the authors do not
encourage the optimization of
intermediate node replies to a route
SRP Packet Header: the input to the query as a severe vulnerability, they
keyed hash function is the IP header, the propose an extension to SRP that
header of the basis protocol, and the implements this functionality. They
shared secret. accomplish this by defining groups of
The mutable fields of the request, nodes with shared secrets. Route
like the accumulated addresses of the maintenance is realized in SRP by route
intermediate nodes, are transmitted in error messages that are source-routed
the clear. The intermediate nodes along the prefix of the path that they
broadcast the query to their neighbors, report as broken. When the notified node
after updating their routing tables. The receives a route error packet it compares
query is dropped in case it has the same the route taken by the packet with the
QID with an entry in an intermediate prefix of the corresponding route.
node’s routing table. Furthermore, all However this approach cannot guarantee
nodes maintain a priority ranking of their that a malicious node did not fabricate
neighbors according to the rate of the the route error packets. SRP consists of
generated route queries. Nodes that several security extensions that can be
generate a low rate of queries have a applied to existing ad hoc routing
higher priority. This guarantees that the protocols providing end-to-end
routing protocol is responsive [26]. The authentication. The operational
destination confirms that the query is not requirement of SRP is the existence of a
outdated or replayed through the QSEQ, security association between every
and verifies its integrity and authenticity source and destination node. The
through the calculation of the keyed security association is used to establish a
hash. In response to a valid route query shared secret between the two nodes,
the destination node generates a number and the non-mutable fields of the
of replies with different routes, at most exchanged routing messages are
as many as its number of neighbors. protected by this shared secret.
Secure Efficient Ad hoc Distance
This mechanism is an additional Vector Routing (SEAD)
protection against malicious nodes that The Secure Efficient Ad hoc
attempt to modify route replies. A route Distance vector (SEAD) is a secure ad
reply consists of the path from the hoc network routing protocol based on
source to the destination, the QSEQ and the design of the Destination-Sequenced
QID numbers. The integrity and Distance-Vector (DSDV) algorithm [21].
authenticity of the reply is ensured In order to find the shortest path between
through the same method as the route two nodes, the distance vector routing
request, namely with a message protocols utilize a distributed version of
authentication code (MAC). The source the Bellman-Ford algorithm [5]. The
node checks the QSEQ and QID SEAD routing protocol employs the use
numbers of the reply in order to verify
of hash chains to authenticate hop counts authenticate the source of each routing
and sequence numbers. Applying update.
repeatedly a one-way hash function to a The first method requires clock
random value creates a hash chain. The synchronization between the nodes that
elements of such a chain are used to participate in the ad hoc network, and
secure the updates of the routing employs broadcast authentication
protocol. SEAD requires the existence of mechanisms such as TESLA [27]. The
an authentication and key distribution second method requires the existence of
scheme in order to authenticate one a shared secret between each pair of
element of a hash chain between two nodes. This secret can be utilized in
nodes. Given this authenticated element, order to use a message authentication
a node is able to verify later elements in code (MAC) between the nodes that
the chain [21]. must authenticate a routing update
When a node transmits a routing message. In SEAD every node that
update it includes one value from the participates in the ad hoc network has a
hash chain for each entry in the update hash chain. The elements of the hash
message. Moreover, it includes the chain are used in succession to
address of the destination node (or its authenticate the entries in the transmitted
own address if the update concerns routing messages, given that an initial
itself), the metric and the sequence authenticated element exists. The hash
number of the destination (from its chains have a finite size and must be
routing table), and a hash value equal to generated again when all their elements
the hash of the hash value received when have been used.
it learned the route to the destination.
This hash value can be authenticated by
the nodes that receive this routing update
since they have an already authenticated
element of the same hash chain. As
noted by the authors of the protocol, this
mechanism allows other nodes to only
increase the metric in a routing update,
but not to decrease it. In order to avoid
denial of service attacks, a receiving
node can specify the exact number of
hashes it is willing to perform for each Conclusion
authentication. A node that receives a This survey has presented the
routing update, verifies the most well known protocols for securing
authentication of each entry of the the routing function in mobile ad hoc
message. The hash value of each entry is networks. The analysis of the different
hashed the correct number of times and proposals has demonstrated that the
it is compared to the previously inherent characteristics of ad hoc
authenticated value. Depending on this networks, such as lack of infrastructure
comparison the routing update is either and rapidly changing topologies,
accepted as authenticated, or discarded. introduce additional difficulties to the
The SEAD routing protocol proposes already complicated problem of secure
two different methods in order to routing.
The comparison we have volume 353. Kluwer Academic
completed between the surveyed Publishers, 1996.
protocols indicates that the design of a [8] M. G. Zapata. Internet Draft: Secure
secure ad hoc routing protocol Ad hoc On-Demand Distance Vector
constitutes a challenging research (SAODV)Routing.
problem since already existing generic [9]S. Buchegger, and J.-Y. Le Boudec,
solutions, like IPSec, cannot be “Performance Analysis of the
successfully applied. Additionally, the CONFIDANT Protocol (Cooperation Of
flexibility of ad hoc networks enables Nodes: Fairness In Dynamic Ad hoc
them to be deployed in diverse NeTworks),” Proc. 3rd Symp. Mobile Ad
application scenarios. hoc Networking and Computing
(MobiHoc 2002), ACM Press, 2002, pp.
References 226-236.
[1] J. Lundberg, “Routing Security in Ad [10] J. Kong, P. Zerfos, H. Luo, S. Lu,
hocNetworks,”http://citeseer.nj.nec.com/ and L. Zhang, “Providing Robust and
400961.html. Ubiquitous Security Support for Mobile
[2] B. R. Smith, S. Murphy, and J. J. Ad hoc Networks”, Proc. 9th Int’l. Conf.
Garcia-Luna-aceves. Securing distance- on Network Protocols (ICNP), 2001.
vector routing protocols. In
Proceedings of Symposium on Network
and Distributed System Security, pages
85–92, Los Alamitos,
CA, February 1997. The Internet
Society, IEEE Computer Society Press.
[3] T. Aura. Internet Draft:
Cryptographically Generated Addresses
(CGA).http://www.ietf.org/proceedings/
04mar/I-D/draftietf-send-cga-05.txt,
February 2004.
[4] E. M. Belding-Royer. Report on the
AODV interop.http://www.cs.ucsb.edu/~
ebelding/txt/interop.ps, June 2002.
[5] Y.-C. Hu, A. Perrig, and D. B.
Johnson. Rushing attacks and defense in
wireless ad hoc network routing
protocols. In Proceedings of the 2003
ACM workshop on Wireless security,
pages 30–40. ACM Press, 2003.
[6] V. Jacobson, C. Leres, and S.
McCanne. TCPDUMP group’srelease
3.8.3. http://www.tcpdump.org/.
[7] D. B. Johnson and D. A. Maltz.
Dynamic Source Routing in Ad Hoc
Wireless Networks. In Imielinski and
Korth, editors, Mobile Computing,