Академический Документы
Профессиональный Документы
Культура Документы
Abstract: mobile ad hoc networks (MANETs) are dynamically inside by compromised hosts. Without the appropriate
reconfigured networks in which security is a major concern. security precautions, critical applications for commercial or
MANETs face serious security problems due to their unique military use cannot employ networking technologies.
characteristics such as mobility, dynamic topology and lack of Key management is an essential cryptographic
central infrastructure support. Key management is crucial part primitive upon which other security primitives such as
of security, this issue is even bigger in MANETs. The privacy, authenticity and integrity are built. However, none
distribution of encryption keys in an authenticated manner is a
of the existing key management schemes are suitable for ad
difficult task. Because of dynamic nature of MANETs, when a
node leaves or joins it need to generate new session key to
hoc networks. The major limitation of these schemes is that
maintain forward and backward secrecy. In this paper we divide most of them rely on a trusted third party (TTP), thus not
the network into clusters. Cluster head will maintain the group fulfilling the self-organization requirement of an ad hoc
key, it will also update the group key whenever there is a change network. Special mechanisms and protocols designed
in the membership. Here the re-keying process will be specifically for ad hoc networks are necessary. Key
performed only if there is any movement of nodes within the management deals with key generation, storage,
clusters. So the computation and communication cost will be distribution, updating, and revocation and certificate service
reduced. And also we provide authentication between in accordance with security policies.
communicating nodes both in inter and intra cluster. The Due to dynamic behavior of the MANET, secret
network life time will be extended with the help of monitoring key used for communication is need to be updated whenever
node. The performance results prove the effectiveness of our key
any node joins or leaves the network in order to maintain
management scheme.
the forward and backward secrecy with in the network. If
the network is large and also the mobility is higher,
Keywords: Network Security, Key Management, Key Update, updating of the key will be more frequent. It will consume
Mobile Networks, clusters
more computation power and also communication power of
1. Introduction nodes. So in our proposal we divide the network into
clusters consisting of small group of nodes. Here the re-
We encounter new types of security problems in ad hoc keying process will be performed only if there is any
networks because these networks have little or no support of movement of nodes with in the clusters.
infrastructure. The network has no base stations, access The re-keying process will be distributed between
points, remote servers etc. All network functions are cluster heads. And also using monitoring node the life time
performed by the nodes itself. Each node performs the of the network is extended. The monitoring node is
functionality of host & router. In mobile ad hoc networks, continuously checking the cluster head for its energy. If the
nodes within their wireless transmission range can cluster head has less energy next high capability node will
communicate with each other directly, while nodes outside be elected as cluster head.
the range have to rely on some other nodes to relay message. And also the details contained in the CH will be shifted to
MANET is autonomous, multihop networks interconnected new CH and this process will be informed to all other nodes
via wireless links. Thus a multi-hop scenario occurs, where by monitoring nodes.
the packets sent by the source node are relayed by several
intermediate nodes before reaching the destination. The 2. Previous Work
success of communication highly depends on the other
Majority of research on security of ad hoc networks
nodes’ cooperation. While mobile ad hoc networks can be
emphasize the secure routing protocols, there are some
quickly and inexpensively setup as needed, security is a
proposals on key generation and distribution issues.
critical issue compared to wire or other wireless
Zhou et al [7] proposed a technique to distribute
counterparts. Many passive and active security attacks could
certificate authority (CA) functionality. In this method, the
be launched from the outside by malicious hosts or from the
104 (IJCNS) International Journal of Computer and Network Security,
Vol. 2, No. 5, May 2010
multicast group Within the network, if any two nodes A and B want to
key to all nodes communicate first it will authenticate each other. The
unicast authentication steps are as follows.
(grp key,
private key(d,n)) 1. Node A calculate hash value using its (id, public
key, group key) and transmit the hash value, id
First group key will be encrypted using RSA algorithm and and public key to node B
it is again encrypted using new node public key. 2. Node B receive hash value and also it calculate new
hash value from A’s id, public key and group key.
CH à new node: E(Pbnode , (E(e,[Ko]) || (d,n) ) ) where 3. Node B will check the received values and
Pbnode - public key of new node, calculated value both are equal or not.
{e, n } - Public key pair of RSA algorithm and 4. If the hashed values are equal, it identifies the peer
{d, n } - Private key pair of RSA algorithm. node as authenticated node.
Initially the new node gets the RSA private key pair by Algorithm for authentication:
decrypting received key information using its own private Procedure:
key, after then it decrypts using RSA private key to get BEGIN
group key. Precondition:
All other already existing nodes receive encrypted The nodes must wish to communicate with each other.
information and decrypt using RSA algorithm to get the if
updated group key. get the peer nodes public key and ID.
calculate the hash value and transmit to the peer one.
3.3 Existing Node Leaves A à B : hash (ida ,pka, group key) || ida ,pka
peer node : calcuate the same hash value.
Whenever an existing node B leaves the cluster the endif
following messages are exchanged. if both hash values are same
both are authenticated nodes
Node B leaves CH already endif
existing nodes END
to check for it's presence and wait for it's reply. Suppose if it ii) With respect to transmission delay:
does not receive reply, it will inform to other nodes to
initiate Cluster head selection process.
The monitoring node will wait for a period T and then it
will send hello message.
T= threshold time + propagation delay --- (4)
5. Conclusion: