Efficient and Robust Key Management for Large Mobile Ad-Hoc Networks
Existing research efforts in key management can only handle very limited number of nodes and are vulnerable to active attacks. In addition, the flexibility and adaptivity of handling dynamic risks in different parts of networks, although critical in the practical usages of ad hoc networks, have been...
Saved in:
Main Authors: | , , , , |
---|---|
Format: | text |
Language: | English |
Published: |
Institutional Knowledge at Singapore Management University
2005
|
Subjects: | |
Online Access: | https://ink.library.smu.edu.sg/sis_research/153 http://dx.doi.org/10.1016/j.comnet.2004.11.023 |
Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
Institution: | Singapore Management University |
Language: | English |
Summary: | Existing research efforts in key management can only handle very limited number of nodes and are vulnerable to active attacks. In addition, the flexibility and adaptivity of handling dynamic risks in different parts of networks, although critical in the practical usages of ad hoc networks, have been largely ignored. In this paper, we propose a novel hierarchical scheme based on threshold cryptography to address both security and efficiency issues of key management and certification service in Mobile Ad hoc Network (MANET). The main contributions of our key management scheme include: 1. providing various parts of MANET the flexibility of selecting appropriate security configurations, according to the risks faced; 2. providing the adaptivity to cope with rapidly-changing environments; 3. handling of MANETs with a large number of nodes; 4. issuing certificates with different levels of assurance. We also propose two algorithms, which can be used independently from the hierarchical structure, to protect certification services in ad hoc networks from active attacks. Our simulation results show that, compared to the previous work [16], [18] and [19], our second algorithm is much faster in a friendly environment. When the key length is 1024 bits, the process of generating or renewing a certificate in our second algorithm is around six to eight times faster, and the process of generating partial certificates in our second algorithm is around 20-80 times faster. The latter advantage is critical in MANET where intrinsically the less help a node requests from its neighbors, the higher is the chance of obtaining the help. Furthermore, simulation results also show that our two algorithms work well in a hostile environment in which existing schemes work poorly. |
---|