SECURITY ISSUES IN MOBILE AD-HOC NETWORK Mukul A. Khairatkar AGENDA Introduction to MANET Various Security Model Operations Introduction to IPSec IPSec Operation Simulation Details Conclusion MOBILE AD-HOC NETWORK No Infrastructure No Server Nothing Everybody acts like a Router Security Problem Network Resources Source Spoofing Eavesdropping Data Transformation SECURITY Key Pre-Distribution Scheme Web of Trust Public Key Certification IPSec SOME SECURITY TERMS Public Key Private Key Digital Signature Certificate Digital Signature Certificate Of Authority Certificates Public Key Infrastructure X.509 KEY PRE-DISTRIBUTION SCHEME Node 2 Key Node 1 Key Node 3 Key Node 4 WEB OF TRUST PGP Public Key Node 1 Public Key Node 3 PGP Node 2 PGP PUBLIC KEY INFRASTRUCTURE X.509 Certificate Authority CA CA CA Root Certificate Root certificate Distributed with Web Browser ..etc SSL/TLS web pages IPSEC Why IPSec? Open Standard Freely Available Modular Integrates in Existing IP structure Transparent to application layer entities For IPv6 SECURITY ARCHITECTURE MODES Transport Mode Payload Encrypted IP header is Intact Routing is Intact Tunnel Mode New IP packet New Routing NW-NW Communication (tunnel) IPSEC PACKET NETWORK MODEL IP TUNNEL PERFORMANCE FOR AD-HOC NETWORK IPSEC FOR AD-HOC IP Cloud Subnet 1 Subnet 2 SECURITY PROBLEMS Latency Increases Overhead Increases Throughput Decreases Complexity Increases CONCLUSION Ad-hoc Network uses various security methods Do not violate existing protocol IPSec is a new approach to secure IPv4 and IPv6 packets Better approach can be used than IPSec REFERENCES [1] Trust- and Clustering-Based Authentication Services in Mobile Ad Hoc Networks, Edith C. H. Ngai and Michael R. Lyu ,Department of Computer Science and Engineering ,The Chinese University of Hong Kong, IEEE 2004. [2] Secure Ad Hoc Networking, Panagiotis Papadimitratos, Virginia Polytechnic Institute and State University, IEEE 2006. [3] Data Security in Ad hoc Networks Using MultiPath Routing, Souheila BOUAM. Jalel HEN-O rlIMAN Laboratoirc CNRS-PRiSM. University of Versailles. [4]Securing Ad-Hoc Networks by IPSEC, Abhrajit Ghosh, Telcordia Technologies Applied Research Piscataway, NJ, IEEE paper 2004. [5] Securing Ad Hoc Networks, Lidong Zhou and Zygmunt J. Haas Cornell University, IEEE 1999. [6] C. Adams and S. Farrell “Internet X.509 Public Key Infrastructure Certificate Management Protocols”, RFC 2510, Mar 1999 [7] K. Young et. al. “Ad Hoc Mobility Protocol Suite for the MOSAIC ATD”, Milcom 2003. [8] D. Boneh and M. Franklin “Identity based encryption from the Weil pairing”, SIAM J. of Computing, Vol. 32, No. 3, pp. 586-615, 2003.