Computer Science
Using Directional Antennas to
Prevent Wormhole Attacks
Presented by: Juan Du
Nov 16, 2005
1
Outline
• Wormhole attacks
• Related works
• Three neighbor discovery protocols
– Directional Neighbor Discovery
– Verified Neighbor Discovery
– Strict Neighbor Discovery
• Conclusion and future work
Computer Science
2
Wormhole Attacks
•
•
•
•
•
A, B, C: nodes in wireless networks
X, Y: transceivers connected by a high quality, low-latency link
Attacker replays packets received by X at Y, and vice versa
Makes A and B believe they are neighbors
Selectively drop data messages to disrupt communications
Computer Science
3
Wormhole Impact
• Cost
– Limited resources needed
– No cryptographic material needed
• Damage to routing
– Impact beyond the endpoints’ neighborhoods!
– Endpoints placed strategically
• Worst case: disrupts nearly all network routes
Computer Science
4
Related Works
• Secure routing protocols such as SRP, SEAD,
Ariadne, ARRIVE, …
– Still vulnerable to wormhole attacks
• Location based routing protocols
– Have the potential
– Have drawbacks
• Localization systems become attack target
• Need synchronized clocks and precise location
knowledge
Computer Science
5
Protocol Idea
• Wormhole attack depends on a node that is not
nearby convincing another node it is
• Solution:
– Verify neighbors are really neighbors
– Only accept messages from verified neighbors
Computer Science
6
The Technique: Directional Antennas
• Divide transmission range into N zones clockwise starting with
zone 1 facing east.
• All nodes have the same orientation.
• A node can get approximate direction information based on
received signals
Computer Science
7
Notations
•
•
•
•
•
•
•
•
A, B, C...
X, Y
R
EKAB(M)
Legitimate nodes
Wormhole endpoints
Nonce
Message encrypted by key shared between
nodes A and B
zone
The directional element, which ranges
from 1–6 as shown in figure
^zone
The opposite directional element. For
example, if zone=1 then ^zone=4.
zone (A, B)
Zone in which node A hears node B
neighbors (A, zone) Nodes within one (directional distance)
hop in direction zone of node A.
Computer Science
8
Directional Neighbor Discovery
3
2
N
4
1
A
5
6
1. A  Region
HELLO | IDA
Sent in every direction
2. N  A
IDN | EKNA (IDA | R | zone (N, A))
Sent in zone (N, A)
3. A  N
R
Checks zone is opposite, sent in zone (A, N)
Computer Science
9
Directional Neighbor Discovery (Cont.)
• The protocol itself is vulnerable to wormhole attacks
• Attack’s effectiveness is reduced
– Only node pairs that are in opposite directions relative to
the wormhole in each region will accept each other as
neighbors (e.g. A and C)
– How about A and B?
Computer Science
10
Verified Neighbor Discovery
• Observation: Cooperate!
– Wormhole can only trick nodes in particular locations
– Verify neighbors using other nodes
– Need receive confirmation from a verifier node before
accepting a new neighbor
– Need prevent verifiers from acting through the wormhole
• A valid verifier V for the link A B must satisfy:
– zone (B, A) ≠ zone (B, V)
B hears V in a different zone from node A
– zone (B, A) ≠ zone (V, A)
B and V hear node A from different directions
Computer Science
11
Verified Neighbor Discovery (Cont.)
• 1. A  Region
• 2. N  A
• 3. A  N
HELLO | IDA
IDN | EKNA (IDA | R | zone (N, A))
R
Same as
before
• 4. N  Region
INQUIRY | IDN | IDA | zone (N, A)
Sent in directions except zone (N, A) and ^zone (N, A)
• 5. V  N
IDV | EKNV (IDA | zone (V, N))
V satisfies verifier properties and completed 1-3
• 6. N  A
IDN | EKAN (IDA | ACCEPT)
N must receive at least one verifier response
Computer Science
12
Effect of Verified Neighbor Discovery
• D as the verifier
– zone (D, A) = 3‚ zone (A, D) = 1
– wormhole cannot convince D and A to accept each other as neighbors
– B will not be able to verify A as a neighbor through D
• Secure against wormhole attacks that involve two distant
endpoints
Computer Science
13
Strict Neighbor Discovery
• Worawannotai attack
– B and A are unable to communicate directly, but close enough to have a
verifier that can hear both A and B
Computer Science
14
Analysis
• Advantage
– Low overhead
– Directional antennas
• Energy conservative
• Better spatial reuse of bandwidth
• Disadvantage
– May prevent legitimate links from being established because
of no potential verifier node
– For network density of 10 neighbors, less than 0.5% (or
40%) of links are lost and no (or 0.03%) nodes are
disconnected in verified (or strict) neighbor discovery
protocol
Computer Science
15
Conclusion and Future Work
• Conclusion
– Wormhole attacks are a powerful attack which
depend on a node misrepresenting its location
– Directional antennas offer a promising approach
• Future work
– Multiple wormhole endpoint attacks
– Robustness
Computer Science
16
Questions?
Thank you!
Computer Science
17