Secure, Redundant, and Fully Distributed Key Management Scheme for Mobile Ad Hoc Networks: An Analysis
- PDF / 801,170 Bytes
- 11 Pages / 600 x 792 pts Page_size
- 23 Downloads / 165 Views
Secure, Redundant, and Fully Distributed Key Management Scheme for Mobile Ad Hoc Networks: An Analysis Deepti Joshi Department of Electrical and Computer Engineering, Wichita State University, Wichita, KS 67260, USA
Kamesh Namuduri Department of Electrical and Computer Engineering, Wichita State University, Wichita, KS 67260, USA Email: [email protected]
Ravi Pendse Department of Electrical and Computer Engineering, Wichita State University, Wichita, KS 67260, USA Email: [email protected] Received 21 June 2004; Revised 12 May 2005; Recommended for Publication by Athina Petropulu Security poses a major challenge in ad hoc networks today due to the lack of fixed or organizational infrastructure. This paper proposes a modification to the existing “fully distributed certificate authority” scheme for ad hoc networks. In the proposed modification, redundancy is introduced by allocating more than one share to each node in order to increase the probability of creating the certificate for a node in a highly mobile network. A probabilistic analysis is carried out to analyze the trade-offs between the ease of certificate creation and the security provided by the proposed scheme. The analysis carried out from the intruder’s perspective suggests that in the worst-case scenario, the intruder is just “one node” away from a legitimate node in compromising the certificate. The analysis also outlines the parameter selection criteria for a legitimate node to maintain a margin of advantage over an intruder in creating the certificate. Keywords and phrases: key management schemes, security, sensor networks.
1.
INTRODUCTION
A network can have mainly three types of infrastructure [1]: routing infrastructure consisting of routers and stable communication links; server infrastructure consisting of on-line servers such as dynamic host configuration protocol (DHCP) server, domain name system (DNS), and certificate authority (CA) server, in order to provide services to the network; administrative infrastructure consisting of servers supporting the registration of users, issuing of certificates, and handling of other network configuration tasks. Ad hoc networks are characterized as infrastructure-less networks. They are emerging to be “anywhere anytime networks” [2]. The main difference between traditional networks and ad hoc networks is the lack of a central adminThis is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.
istration. Central administration is responsible for providing security services such as defining the security services, policies for the network and predistribution of keys to all the participants. The nodes in an ad hoc network are assumed to be energy-constrained, mobile, and can support limited security [3]. Physical security is limited because the nodes can be turned off or stolen by intruders. Military tactical networks, personal area networks, senso
Data Loading...
