Академический Документы
Профессиональный Документы
Культура Документы
Ad Hoc Networks
Manik Kapil
MANIK KAPIL
Wireless Network Security
Routing Protocols
! Requirements for MANET routing:
# Distributed Operation
# Loop Free Routing & Unidirectional Link
# Power Conservation
# QoS Support
# Network Layer Security->Firewalls..??
MANIK KAPIL
Wireless Network Security
Existing Schemes for Routing
! Proactive Approach
! Reactive Approach
! Cluster Based Approach (Hybrid)
! Flooding
Design:
# Flat vs Hierarchical
MANIK KAPIL
Wireless Network Security
Consistent 0-Administration
Personnel Environment
! Wireless Devices moving independently
! Abstraction of VPI not possible
! Individual Firewalls and Authentication
! Multicasting in C0PE:
# New paradigm: Transient Multicast in c0pe
# Secure Multicast Infrastructure
# 2-way authentication..?
MANIK KAPIL
Wireless Network Security
IPSec
! Authentication Header (AH) & Encapsulating
Security Payload (ESP)
# AH: Authentication & Integrity at IP level
# ESP: Confidentiality at TCP/UDP layer
! Security Association & Security Parameter
Index
! Simple Key-management for IP (SKIP)
# Connectionless protocol, suited for IP
# Reboot of encryption gateways made easier
MANIK KAPIL
Wireless Network Security
Problems in Multicast + IPSec
! Group Owner => group leader
! Lack of proper key revocation strategies
! Lack of leader election strategies
! Fast Dynamics of Group
! Absence of Back up leader
! Choice of Cryptosystems
MANIK KAPIL
Wireless Network Security
Existing Solutions for wired
networks
! Run daemons from application layer to
SKIP layer– Access Control List (ACL)
! Use of single/multiple encryption
schemes
! Exploiting the mobility for dodging
! IEEE 802.11B recommends use of
beacons,
MANIK KAPIL
Wireless Network Security
Protocol Stack with IPSec
Application SKIP Daemon
TCP UDP
IP LAYER
PHYSICAL LAYER
MANIK KAPIL
Wireless Network Security
Proposals
! Group owner can send beacons at
regular time intervals
! Heuristics for identifying compromised
nodes- traffic analysis, sleep off mode
recurrence
! Elliptic curve cryptography
! Leader election protocol to be handled
by MAC’s station management layer
MANIK KAPIL
Wireless Network Security
Conclusion
! Need of MANET routing protocols$
Hybrid Approach makes sense
! SKIP above IP layer would cut
overheads
! Security in Transient Multicast still an
open problem
MANIK KAPIL
Wireless Network Security
References
! R. Atkinson, “Security Architecture for the Internet Protocol RFC 1825”
! Fox and Gribble, “Charon - Security on the Move,
http://www.cs.berkeley.edu/~gribble/cs294-7_wireless/”
! Doraswamy, Harkins, “IPSec”, Prentice Hall Publishers
! Ashley & Vandenwauver, “Practical Intranet Security”, Kluwer Acad
! D Chapman, “Building Internet Firewalls”, O’Reilly & Associates
! Manet Charter, “http://www.ietf.org/html.charters/manet-charter.html”
! Papers on ad hoc wireless networks
“http://www.ics.uci.edu/~atm/adhoc/paper-collection/papers.html”
! E Madruga and J.J. Garcia-Luna-Aceves " Scalable Multicasting: The
Core Assisted Mesh Protocol " , accepted for publication in
ACM/Baltzer Mobile Networks and Applications Journal
MANIK KAPIL
Wireless Network Security