Efficient and Robust Key Management for Large Mobile Ad-Hoc Networks

Publication Type

Journal Article

Publication Date

7-2005

Abstract

Existing research efforts in key management can only handle very limited number of nodes and are vulnerable to active attacks. In addition, the flexibility and adaptivity of handling dynamic risks in different parts of networks, although critical in the practical usages of ad hoc networks, have been largely ignored. In this paper, we propose a novel hierarchical scheme based on threshold cryptography to address both security and efficiency issues of key management and certification service in Mobile Ad hoc Network (MANET). The main contributions of our key management scheme include: 1. providing various parts of MANET the flexibility of selecting appropriate security configurations, according to the risks faced; 2. providing the adaptivity to cope with rapidly-changing environments; 3. handling of MANETs with a large number of nodes; 4. issuing certificates with different levels of assurance. We also propose two algorithms, which can be used independently from the hierarchical structure, to protect certification services in ad hoc networks from active attacks. Our simulation results show that, compared to the previous work [16], [18] and [19], our second algorithm is much faster in a friendly environment. When the key length is 1024 bits, the process of generating or renewing a certificate in our second algorithm is around six to eight times faster, and the process of generating partial certificates in our second algorithm is around 20-80 times faster. The latter advantage is critical in MANET where intrinsically the less help a node requests from its neighbors, the higher is the chance of obtaining the help. Furthermore, simulation results also show that our two algorithms work well in a hostile environment in which existing schemes work poorly.

Keywords

Ad hoc, Key management, Threshold signature, Verifiable secret sharing, Active attacks

Discipline

Information Security

Research Areas

Cybersecurity

Publication

Computer Networks

Volume

48

Issue

4

First Page

657

Last Page

682

ISSN

1389-1286

Identifier

10.1016/j.comnet.2004.11.023

Publisher

Elsevier

Additional URL

http://dx.doi.org/10.1016/j.comnet.2004.11.023

Share

COinS