Professional Documents
Culture Documents
Seminar PDF
Seminar PDF
:
:
:
1384/7/30
)(Routing Security in Ad-hoc Networks
:
:
:
1384/7/30
:
.
.
.
.
.
. SEAD Ariadne SRP SAODV ARAN
.
.
1.
.....................................................................................................................
2.
................................................................................................
3.
..........................................................................
4.
...................................................................................
FLOODING .......................................................
................................................................................................. DSR
.............................................................................................. AODV
.............................................................................................
4.1.
4.2.
4.3.
4.4.
..........................................................
5.
..........................................................................MODIFICATION
5.1.
..........................................................
5.1.1.
............................................................ hop
5.1.2.
...................................................
5.1.3.
........................................................................ IMPERSONATION
5.2.
..............................................................................................
5.3.
....................................................................................................
5.4.
6.
..............................................................................
7.
.................................................
7.1.
7.1.1.
7.1.2.
7.1.3.
7.1.4.
7.1.5.
7.1.6.
7.2.
7.3.
7.4.
.7,5
7.6.
.7,6,1
.7,6,2
................................................................................................ARAN
..........................................................................................
...................................................................
...............................................................
........................................................................................
.................................................................
..........................................................................................
.............................................................................................ARIADNE
..............................................................................................SAODV
................................................................................................... SRP
................................................................................................ SEAD
.............................................................................................. SPAAR
..............................................................................................
........................................................................................
-5-
.7,6,3
...........................................................................................
............................................................................
8.
...............................................................................................
.................................................................................................. EKE
.................................................................................. DIFFIE HELLMAN
8.1.
8.2.
8.3.
9.
................................................................
10.
.........................................................................
10.1.
10.2.
...........................................................................................
....................................................................................................
11.
...........................................................................................................
.12
...................................................................................................................
-6-
.1
1
. .
laptop
.
.
.
. .
.
.
.2
host .
)( .
2 3
.
.
1 .
. .
.
.
.
.
Ad-hoc Networks
Base Station
3
Router
2
-7-
.1
.
.
.
.
laptop
.
.3
.
.
.
.
.
.
:
...
-8-
.
.
.
.4
.
1 2 hub .
host .
.
.
.
.4,1
Flooding
flooding
. .
3 .
4
.
.
flooding .
.
.
. flooding .
.
flooding .
.
.
Switch
Router
3
Packet
4
Sequence number
2
-9-
.4,2
DSR
.4,3
AODV
.4,4
.
LAR1 DREAM2 .
1
Rout request
Rout Reply
3
Header
4
Rout Error
2
-10-
.
.
.5
.
.
.
.
.
. .
MAC .
4
3
.[1] 5
. .
.5,1
Modification
. .
modification ].[1
.5,1,1
AODV
RREQ . 2
. M RREQ B .
Location-Aided Routing
Distance Routing Effect Algorithm for Mobility
3
Modification
4
Impersonation
5
Fabrication
2
-11-
.2
RREQ S X . M RREP
RREQ .
RREP B .
RREP RREQ RREP M
B.
.5,1,2
hop
AODV
. hop .
RREQ hop .
hop count .
hop count RREQ .
].[1
.5,1,3
DSR
.
. .
.5,2
Impersonation
.
IP MAC .
. ].[1
-12-
B
M
.3
3 .
AODV . M B MAC A
RREP hop count B B A .
M C MAC B RREP hop
count C . C B .
) (A,D,C,B,A .
.
1 2 .
.
.
.
.
.5,3
.
.
. .
. hop
hop
. hop hop .
.
1
Routing-disruption attack
Routing-consumption attack
3
Worm Hole Attack
2
-13-
1] .[11 Yih-
Chun Hu Adrian Perrig ] .[2 :
:2
] .[11
hop .
hop
. .
:3 ] .[11
.
.5,4
.
on-demand ) ( .
on-demand
. flooding
.
SRP ARAN SAODV Ariadne LAR AODV DSR
.
].[4
.
.
.
. .
] .[4
. CDMA5
.
1
Packet Leashes
Temporal Leashes
3
Geographical Leashes
4
Rushing Attack
5
Carrier Sense Multiple Access
2
-14-
.
.
.
.
.
.
.
hop .
.
.
.
on-demand .
.
.
.6
. .
] .[1
:
.
.
.
.
.
1 .
.
2
.
... .
Open Environment
Managed Open Environment
-15-
1
2
1
.
. .
.7
.
DSR AODV
.
.7,1
ARAN2
.7,1,1
ARAN T
. T
. T
. T .
.
. A T
:
-16-
T A : certA = [IPA,KA+,t,e]KT)(1
: IP A A t
e . .
T .
.
.
:1
.7,1,2
. .
A 2 X :
)(2
-17-
1
2
. ) (NA,IPA
RDP .
. spoofing
.
B RDP A .
B brdcast : [[RDP,IPX,certA,NA,t]KA-]KB-,certB
)(3
RDP C B .
C B B
. RDP .
C brdcast : [[RDP,IPX,certA,NA,t]KA-]KC-,certC
)(4
IP .
.7,1,3
X RDP
. RDP
. RDP
RDP .
. RDP hop
hop .
RDP ) (REP .
REP X D .
)(5
X D : [REP,IPa,certx,NA,t]KX-
-18-
D C : [[REP,IPa,certx,NA,t]KX-]KD-,certD
)(6
C D
REP B .
C B : [[REP,IPa,certx,NA,t]KX-]KC-,certC
)(7
REP hop .
X . REP
.
.7,1,4
ARAN on-demand .
.
. ) (ERR
.
.
. A X B C
:
B C : [ERR,IPA,IPX,certb,Nb,t]KB-
)(8
.
.
.
.
.
.
.7,1,5
. ARAN
Route Maintenance
-19-
.
. ARAN
1 .
.7,1,6
.
2
.
T
. certr :
T brdcast : [revoke, certr]KT-
)(9
.
.
.
.
.
.
4 .
.4
S D .
:
Local decision
Managed-open environment
-20-
1
2
(M)K-X M X .
CertX X t . RREQ
RREP .
AODV .
AODV RERR
. ARAN .
B C .
>B A : <(ROUTE ERROR, S, D, certB , N, t )KB
>A S : <(ROUTE ERROR, S, D, certB , N, t ) KB
RERR .
B .
.
.
].[11
.7,2
Ariadne
-21-
1
2
. RREQ
. ID hash
hash .
) TIK (
] .[11
.
.7,3
SAODV1
ARAN AODV .
hash . ) .hn-1=H(hn hop count
hop . hop count Max
Count . hop count
hash . .
.
Secure AODV
-22-
) hn-1=H(hn
. N hop .
.7,4
SRP1
.
2 ] .[10 SA
.
.
KS,T .
.
.
3
.
.
. 4
5 Byzantine
. .
.
.
.
1
-23-
RTS/CTS
. IP
.
.
1
S
: 2 . KS,T
(MAC) 3 .
) (IP .
.
.
T MAC
S .
.
.
5 10 . S
T . M1 M2
. } {QS,T;n1,n2,..,nk QS,T
SRP T S ni , i{1,k} .
IP . n1=S, nk=T
} {RS,T;n1,n2,..,nk .
.
:5
1
Route Request
Query
3
)Message Authentication Code (MAC
2
-24-
:1 {QS,T;S} M1
} {RS,T;S,M1,T S .
S } {S,M1,T hop
.
M1 S .
M1
KS,T .
:2 M1
1 .
.
S .
S .
S M1 S .
:3 {QS,T;S,1,M1} M1
} {QS,T;S,1,M1,5,4 T .
{RS,T;S,1,M1,5,4,T} M1 } {RS,T;S,1,M1,Y,T
Y .
S .
:4 {QS,T;S,2,3} M2
} {QS,T;S,X,3,M2 X IP )
(IP . T
} {T,M2,3,X,S S . 3
X .
:5 M1
.
.
T .
T .
. T
.
:6 M1 S
.
} {QS,T;n1,,nj . )
( ) (TTL
.
SRP
-25-
on-demand .
.
*
:7 M1 } {QS,T;S,M IP spoof
. T
. {RS,T;S,M*,1,4,T} S .
. M1
.
ST spoof IP
.
:8 M1 spoofed IP
Mi,Mi+1,Mi+j) . (7 S
T M1 .
1 M1 spoof
. M1
IP . T M1
S . SRP :
M1
. 3 1 5
. M1
T
.
.
.
M1
M2 M2 .M2
M1 M2 } {QS,T;S,M1,Z,M2 T .
M2 .{T,M2,Z,M1,S} :
M1 S .
) ( .
S M2
spoofed IP T .
M2 T .
DSR
. .
. IP
RREQ KS,T .
.
] .[11
-26-
.
.
RREP .
.
1
SRP INRT .
. INRT
KG
] .[10
].[11
SRP .
.
.
.7,5
SEAD2
DSDV .
.
) metric ( hop
. metric hop .
] .[2
SEAD DSDV .
3 .
SEAD DSDV
] .[11 x
} x {0,1 ) (
h0, h1, , hn .h0=x, hi=H (hi-1) .
hi-3 hi .hi=H(H(H(hi-3))) .
) (
. .
.
. SEAD
] .[11
-27-
.
SEAD .
] .[11 .
TESLA .
. .
.7,6
SPAAR2
SPAAR
.
hop ) ] [8 (.
SPAAR hop
. SPAAR
. GPS3
.
SPAAR
.
.
.
flooding .
.7,6,1
SPAAR : /
) (
.
/ .
T .
T .
T .
N1 N2 N2
T .
1
Replay Attack
Secure Position Aided Ad-hoc Routing Protocol
3
Global Positioning System
2
-28-
.7,6,2
SPAAR
.
.
.
" " 1 .
.7,6,2,1
: N "" . N
N N
. N N
. N
.
N X1 X1 hop
. N hop
N .
N : / " " 2
. " N 3"N
GEK_N . " N 4"N
GDK_N N .
. N
. N
N .
X1 X2 N
N .
X1 X2 "" .
"" X1 X2 .
.7,6,2,2
" "
.
1
-29-
. N
hop
.
TUSN RREP
N . " TUSN "
. RREQ
TUSN
.
TUSN
.
.
.
.
RREQ) (
.
"" .
"" N N
. " "NGK .
NGK N N
"" . N NGK N
" " .
.
.7,6,3
.7,6,3,1
)(RREQ
: N RREQ RREQ N D
D TUSN . RREQ
RREQ . RREP
.
: RREQ .
RREQ hop . RREQ
RREQ
.
-30-
: D .
TUSN
RREQ . RREQ .
RREQ S
. TUSN
RREQ .
RREQ
. .
.7,6,3,2
)(RREP
.
.
.
.
RREP . hop
.
.
.7,6,3,4
-31-
. .
.
TUSN
MRL .
N " "
. D " "
N S . SPAAR
TUSN .
.
TUSN ) .(TUSN
TUSN
TUSN .
.8
) ] [12 (.
.
. .
laptop .
.
.
.
.
.8,1
IP
. IKE1 ) .
(identity based . 2
Internet Key Exchange
Revoke
-32-
1
2
. .
cross-certification . .
.
.8,2
EKE
.
) ( .
.
. .
:
:
.
:2
.
:3
.
:4
.
-33-
.
.
. EKE .
.
.
. .
EKE :
.8,3
Diffie Hellman
.
:
SA
(1) A B : A, P(g ).
) (2) B A : P(gSB),K(Cb
) (3) A B : K(Ca,Cb
) (4) B A : K(Ca
K=gSASB
1 .
.
(1) Mi Mi+1 : gS1S2Si , i=1,, n-2, in sequence
(2) Mn-1 ALL : =gS1S2Sn-1 , broadcast
(3) Mi Mn : P(ci), i=1,,n-1, in parallel, where ci= i/Si and i is a
blinding factor that is randomly chosen by Mi
(4) Mn Mi : (ci)Sn , i=1,,n-1, in parallel
(5) Mi ALL : Mi,K(Mi,H(M1,M2,,Mn)), for some i, broadcast
Challenge/Response
-34-
i blind . blind
Mn-1 .
Mn-1 .
.9
] [7
.
A B .
A B .
. . n
2 n x n
. n-1 .
i Ci xor Cx+i-1 . x
CX .
.
.10 3
.
. .
].[9
/ 4 5 .
.
6 7 .
.
1
MultiPath Routing
Signaling Link
3
Misbehavior
4
Accidental
5
Deliberate
6
Selfish
7
Malicious
2
-35-
.
.
. .
1 .
.
.
].[5
2 3 .
.
.
.
.
.
] .[9
.
.
.10,1
] .[6
.
. 4 . S
D . A C
B B C .
A B .
A B ] .[6
A . B
C A .
B .
. DSR
5 1 .
1
Reputation
Individual
3
Collusion
4
Watchdog
5
Link
2
-36-
. A B
].[6
:2 B S
A . A A
B A
B . A
B .
:3 B C
C C .
A B
C . B
A C .
. A S B .
. A
D S . B A
A D .
.
. .
.
. B C
.
B . A C . C
. A
. .
.
.
) hop-by-hop (AODV
.
. hop
Forwarding
Ambiguous Collision
3
Receiver Collision
2
-37-
. DSR
.
.10,2
] .[6
.
.
.
] .[6 ) ( 0/5
. 1 .
0/5
.
) (200ms 0/01 .
0/8 . .
0/05 . .
.
) (-100
.
.
.
.
2 .
.11
.
.
.
.
. .
. .
Pathrater
)Send Route Request (SRR
-38-
1
2
.
.
-39-
.12
1. Bridget Dahill et al, A Secure Routing Protocol for Ad Hoc Networks,
MobiCom 2002, Atlanta, Georgia, USA, September 23-28, 2002.
2. Yih-Chun Hu and Adrian Perrig, A Survey of Secure Wireless Ad Hoc Routing,
IEEE Security and Privacy 2004, Editorial Calendar, Vol. 2, No. 3, PP. 94-105,
May/June 2004.
3. Nicola Milanovic et al, Routing and Security in Mobile Ad Hoc Networks,
IEEE Computer, Vol. 37, No. 2, PP. 61-65, 2004.
4. Yih-Chun Hu, et al, Rushing Attacks and Defense in Wireless Ad Hoc Network
Routing Protocols, Proceedings of the 2003 ACM workshop on Wireless security,
San Diego, USA, PP. 30-40, 2003.
5. Po-Wah Yau and Chris J. Mitchell, Reputation Methods for Routing Security for
Mobile Ad Hoc Networks, Proceedings of SympoTIC '03 Joint IST Workshop on
Mobile Future and Symposium on Trends in Communications, Bratislava,
Slovakia, PP. 130-137, October 2003.
6. Sergio Marti et al, Mitigating Routing Misbehavior in Mobile Ad Hoc
Networks, Proceedings of the 6th annual international conference on Mobile
computing and networking, Boston, USA, PP. 255-265, 2000.
7. Souheila Bouman, Jalel Ben-Othman, Data Security in Ad hoc Networks Using
MultiPath Routing, accepted in The 2004 International Workshop on Mobile Ad
Hoc Networks and Interoperability Issues (MANETII'04), Las Vegas, Nevada,
USA, June 2004.
8. Stephen Carter and Alec Yasinsac, Secure Position Aided Ad hoc Routing,
Proceedings of the IASTED International Conference on Communications and
Computer Networks (CCN02), Nov 3-4, 2002.
9. B Strulo, J Farr and A Smith, Securing mobile ad hoc networks a motivational
approach, BT Technology Journal, Vol. 21, No. 3, PP. 81-90, 2003.
10. Panagiotis Papadimitratos and Zygmunt J. Haas, Secure Routing for Mobile Ad
hoc Networks, SCS Communication Networks and Distributed Systems
Modeling and Simulation Conference (CNDS 2002), San Antonio, TX, January
27-31, 2002.
11. Stefano Basagni et al, Mobile Ad-hoc Networking, IEEE press, John Wiley and
Sons publication, PP. 329-354, 2004
12. N. Asokan and P. Ginzboorg, Key Agreement in Ad hoc Networks, Computer
Communications, vol. 23(17), pp. 1627-1637, 2000.
-40-