You are here

Security in Ad Hoc Routing

Secure Routing
Most routing protocols for Mobile Ad-hoc Networks (MANET) were originally designed without having security in mind. In most of their specifications it was assumed that all the nodes in the network were friendly. The security issue was postponed and there used to be the common feeling that it would be possible to make those routing protocols secure by retrofitting preexisting cryptosystems.

Nevertheless, securing network transmissions without securing the routing protocols is not sufficient. Moreover, by retrofitting cryptosystems (like IPSec) security is not necessarily achieved.

Therefore, in MANET networks with security needs, there must be two security systems: one to protect the data transmission and one to make the routing protocol secure. There are already well studied point to point security systems that can be used for protecting network transmissions. But there was no much work about how make MANET routing protocols discover routes in a secure manner till recently.

It was in this context that we proposed the Secure Ad hoc On-Demand Distance Vector (SAODV) routing protocol. SAODV is an extension of the AODV routing protocol that can be used to protect the route discovery mechanism providing security features like integrity and authentication. SAODV was originally published in 2002 and it has made a deep impact in the research area.

Key Management
In Mobile Ad-hoc Networks, nodes use the air to communicate, so a lot of nodes might hear what a node transmits and there are messages that are lost due to collisions. The concept of servers has to be modified: there is no guarantee that a node will be able to reach another node, so things like DNS servers, certification authorities (CAs) and other entities that are assumed to be found in fixed networks cannot be used here.

In a network where the existence of central servers cannot be expected, it is needed that nodes will be able to communicate without the risk of malicious nodes impersonating the entities they want to communicate with. In a network where everybody is anonymous, identity and trust need to be redefined.

In addition, if the security protocols that are used in these kind of networks are based in mechanisms that require asymmetric cryptography, the task of having secure routing protocols for such kind of networks will not be completed without an specific key management scheme.

Therefore, we designed the Simple Ad hoc Key Management (SAKM). SAKM is a key management system that allows the nodes of an ad hoc network to use asymmetric cryptography with zero configuration. It is intended to be applied to wireless network routing protocols that provide security features that require the use of asymmetric cryptography (like SAODV).