Protegendo Redes Ad Hoc com Certificados Digitais: Uma Proposta de Arquitetura

Wagner Gaspar Brazil; Célio Vinícius Neves de Albuquerque

doi:10.5753/sbseg.2006.20948

Wagner Gaspar Brazil UFF
Célio Vinícius Neves de Albuquerque UFF

DOI: https://doi.org/10.5753/sbseg.2006.20948

Abstract

In this paper we propose a PKI architecture with high availability and resilience to mitigate the Black Hole and Spoofing attacks against ad hoc networks. The architecture is designed to reduce the amount of control messages exchanged, increasing its scalability and performance. In order to reach this goal, we propose that the various nodes within an ad-hoc network use a distributed digital certification service to authenticate and encrypt its messages. Particularly, the media access control and the network protocols must use the authentication and cryptography to protect the network from the above-mentioned attacks, granting confidentiality, authenticity and integrity when exchanging messages. Results show a decrease of up to 85% in the number of messages of the renovation certificates protocol compared to existing approaches.

References

Aad, I., Hubaux, J.P. and Knightly, E. (2004). “Denial of Service Resilience in Ad Hoc Networks”, Proceedings of the 10th annual international conference on Mobile computing and networking, p 202-205, Philadelphia, USA.

Desmedt, Y. (1994). “Threshold Cryptography”, European Transactions on Telecommunications, 5(4), p. 449-457, July-August, California, USA.

Douceur, J. (2002). “The Sybil Attack”, First Int. Workshop on Peer-to-Peer Systems (IPTPS'02), p 251-260, MIT, MA, USA.

Gasser, M., Goldstein, A., Kaufman, C. and Lampson, B. (1989). “The digital distributed systems security architecture”, Proceedings of the 12th National Computer Security Conference, p 305-319.

Haas, Z. and Zhou, L. (1999). “Securing Ad Hoc Networks”, IEEE Network Magazine, November, NY, USA.

Karri, R. and Mishra, P. (2002). “Minimizing Energy Consumption of secure Wireless Session with QOS Constraints”, Proceedings of the IEEE International Conference on Communications (ICC), p 2053-2057, vol. 4, New York, USA.

Kaufman, C (1993). “DASS: Distributed authentication security service”, Request for Comments: 1507.

Kong, J., Zefros, P., Luo, H., Lu, S. and Zhang, L., (2001). “Providing robust and ubiquitous security support for MANET”, 9th IEEE International Conference on Networks Protocols (ICNP 2001), p 251-360, Riverside, California, USA.

Kurose, J. and Ross, K. (2005). “Computer Networking – A Top-Down Approach Featuring the Internet”, Ed. Addison Wesley, 3rd Edition.

Luo, H., Zefros, P., Kong, J., Lu, S and Zhang, L. (2002). “Self-securing Ad Hoc Wireless Networks”, Proceedings of the 7th IEE International Symposium on Computer and Communications (ISCC'02), p. 567-576, 2002, Giardini Naxos, Itália.

Oliveira, L. B., Wong, H. C., Bern, M., Habib, E., Loureiro, A. A. F. and Dahab, R. (2005) “SecLEACH – Uma solução segura de distribuição de chaves para redes de sensores sem fio hierárquicas”, V Simpósio Brasileiro em Segurança da Informação e de Sistemas Computacionais (SBseg´05), Florianópolis, Brasil.

Poltapally, N., Ravi, S., Raghunathan, A. and Jha, N.K. (2003). “Analyzing the energy Consumption of Security Protocols”, Proceedings of the 2003 international symposium on Low power electronics and design, p 30-35, Seoul, Korea.

Reiter, M.K. (1996) “Distributing trust with de Rampart toolkit”, Communications of the ACM, 39(4) p 71-74, New York, USA.

RSA, http://www.rsa.com.

Seung, Yi and Kravets, R. (2001). “Practical ICP for Ad Hoc Wireless Networks”, Department of Computer Science, Illinois University, USA.

Shamir, A. (1979). “How to Share a Secret”, Communications of the ACM, vol. 22 issue 11, p.612-613, New York, USA.

Simulador NS-2, http://www.isi.edu/nsnam/ns/.

Villela, B. A. M. and Duarte, O. C. M. B. (2004). "Maximum Throughput Analysis in Ad Hoc Networks", Proceedings of Third International IFIP-TC6 Networking Conference, p. 223-234, Vol. 3042, Athens, Greece.