Professional Documents
Culture Documents
Dr.R.PushpaLakshmi
Associate Professor/IT
PSNA College of Engineering & Technology
Email:push@psnacet.edu.in
Outline
Introduction
Security
Security functions
Challenges
Classification of attacks
Solutions
References
Ad Hoc Networks
Characteristics
Cost effective
Wireless medium
Limited resources
a) Normal flow
b) Interruption- attack on
availability
c) Interception- attack on
confidentiality
Snooping
Hijacking
SYN Flooding
Embed security metric into the RREQ packet itself and change
the forwarding behavior of the protocol w.r.t. RREQs
Source node :
Intermediate node :
Optimal route: All nodes on the shortest path (in terms of hop-count)
satisfy the security requirements
Advantages:
•Different level of security
•Incorporate with traditional routing table
Drawback:
•If no path with nodes that meet the RREQ’s security requirements
exists, SAR fails to find a route even though the network may be
connected
•Requires different keys for different levels of security
Route updation:
1. Route update message is sent along with the hash value used for
authentication.
2. If the authentication value used is hkm+j, then the attacker who tries
to modify this value can do so only if he/she knows hkm+j-1.
3. An intermediate node, on receiving this authenticated update,
calculates the new hash value based on the earlier updates (hkm+j-1), the
value of the metric, and the sequence number.
4. If the calculated value matches with the one present in the route
update message, then the update is effected; otherwise, the received
update is just discarded.
Advantage:
Overcome DoS and resource consumption attacks.
Withstand multiple uncoordinated attacks.
Drawback:
Fails if attacker uses same metric and seq. no. of past update message.
2/12/2018 FDTP on IT6601 Mobile Computing 22
Authenticated Routing for Ad Hoc
Networks (ARAN) Protocol
Effectively basic AODV, except route
discovery/setup/maintenance are authenticated
Utilizes public-key cryptography to verify hop-by-hop
all route request “RDP” & route reply “REP” packets
Eliminates most routing security problems except for
tunneling & trivial DoS attacks
Public Key A
IP Address A
Create Time
Expiry Time
Signature by T
IP Address D
Initial RDP packet
Certificate A
Nonce A
Create Time
Signature by A
RDP: A -> D
A B C D
RDP: A -> D
verified
A B C D
RDP: A -> D
Signature by C
Certificate C
RDP: A -> D
verified verified
A B C D
REP: A->D
verified
REP: A -> D
Signature by B
CertificateB
REP: A->D
verified
verified
IP Address A
IP Address D
Certificate C
Nonce C
Create Time
Signature by C
ERR: A->D
A B C D
Link broken!
Drawback:
discovers single route and it cannot handle attacks when
multiple nodes collude during route discovery
2/12/2018 FDTP on IT6601 Mobile Computing 37
Trust based Secure Routing Protocols
TRUST DSR [4]
Characteristics of VANET
High Mobility
Wireless Communication
Time Critical
Sufficient Energy
Attacks on confidentiality
Eavesdropping attack
Traffic analysis attack
2/12/2018 FDTP on IT6601 Mobile Computing 48
Cryptographic solutions for VANETs
attacks and vulnerabilities.
Attacks : Jamming
Cryptographic solutions :
Switch the transmission channel and use the frequency
hopping technique FHSS (Frequency Hopping Spread
Spectrum) which involves cryptographic algorithms to
generate pseudo-random numbers for the hopping
algorithm. This proposal requires a modification of the
used standard which currently allows only the OFDM.
Cryptographic solutions :
Encrypt only data which has paramount importance
and which manipulation puts in risk the privacy of the
driver (positioning data, vehicle identification data, ...).
Cryptographic solutions :
– Same proposition as eavesdropping.
– Use algorithms such as VIPER for V2I communications
Cryptographic solutions :
Use bit commitment and signature based authentication
mechanisms, which reduces the impact of almost of DOS
attacks
Cryptographic solutions :
– Use a vehicular PKI (VPKI) or a zero-knowledge techniques
for the authentication between vehicles and for signing
warning messages
– Establish group communications. Keys can be managed by a
Group Key Management system (GKM). This causes that an
intruder could not be able to communicate with the group.
2/12/2018 FDTP on IT6601 Mobile Computing 54
Cryptographic solutions for VANETs
attacks and vulnerabilities.
Attacks : Broadcast tampering
Cryptographic solutions :
– Given that this attack can be performed by a legitimate node
of the network, cryptographic primitives are enable to
prevent it. However, a non-repudiation mechanism may
exist.
Cryptographic solutions :
– Use strong encryption and key generation algorithms
unbreakable within a reasonable running time
Cryptographic solutions :
– Use bit commitment and signature based mechanisms with
positioning systems to accept only authentic location data
Cryptographic solutions :
– Use a strong authentication methods such as digital
certificates and zero-knowledge.