A Security protocol for Mobile Ad-hoc Networks Thesis Report Student: Lijun Jia advisor: Dr. Mangir 05/18/2007 A Security protocol for Mobile Ad-hoc networks Outline • • • • • • • • • • • Background Problem Statement Objective Methods Used Research Methodology Root causes of key Attacks against ad hoc network Defining Security Requirements Secure AODV (SAODV) Design Secure AODV (SAODV) Operation Performance Analysis of Secure AODV Effect of Malicious Node Behavior A Security protocol for Mobile Ad-hoc networks Background Features of Ad hoc networks: • no fixed network infrastructure • deployed as multi hop packet networks rapidly • with relatively low expense Such networks can be very useful in scenarios where natural conditions or time constraints make it impossible to pre-deploy infrastructure. Meanwhile, secure routing has become an excellent topic of open research because of the extraordinary gap between the nature of ad hoc network and the security required by its applications. A Security protocol for Mobile Ad-hoc networks Problem Statement • Most current ad hoc network research has focused on providing routing services without considering security. Many ad hoc routing protocols have been proposed, such as DSR,AODV,TORA, DSDV and WRP, but none of the proposals have defined security requirements. Therefore, normal ad hoc networks are easily attacked by malicious actions. We classify following three malicious behaviors against ad hoc routing protocols: – Modification Attacks • – Malicious modification of fields in protocol control messages can cause traffic redirection, and denial of service. Impersonation Attacks • – Masquerading as another node (identity spoofing) Fabrication Attacks • Generation of false routing messages A Security Protocol for Mobile Ad-hoc Networks Objective • Identify the main issues for the attack action in ad hoc protocols, especially for AODV. • Gain fundamental understanding of the effects on malicious actions. • Find a robust solution to prevent attack actions in ad hoc network. A Security Protocol for Mobile Ad-hoc Networks Approaches Used • • • • • • Study the basic principal of ad hoc network Review of the existing routing protocols. Understand effects of key attacks against ad hoc network (External Attacks, Internal Attacks). Design security metrics/Design a set of related security components. Extend the existing protocol using those components. Security and network performance analysis. • Research Methodology • The case study approach was used as a research methodology to accomplish our thesis. – – • Firstly, most of the relevant researches have been extensively studied. Secondly, we assume 4 cases in our simulations, and use OPNET Modeler 12.0 simulator to compare and evaluate the performance efficiency for AODV with and without security conditions based on following metrics. Five performance metrics are computed for each simulation: – 1) Packet Delivery Fraction, 2) Packet/Byte Overhead, 3) Average Route Latency, 4) Average Path Length, and 5) Average End-to-End Delay of Data Packets: Overview AODV • Definition – • Ad hoc On-Demand Distance Vector (AODV) routing protocol is a reactive routing protocol for MANET that maintains routes only between nodes that need to communicate. Features of AODV – – – • Routing messages have small packets size. Build routes with the shortest path. Use source/destination sequence number (SN) to specify how fresh a route is AODV Operation – Route Discovery – – Route Setup Route maintenance AODV Route Establishment Process Main Issues of Key Attacks against Ad Hoc Network (1) 1. Attacks using Modification: • • Malicious modification of protocol messages Examples : – – – Redirection with modified sequence numbers Redirection with modified hop counts Tunneling attacks (Wormhole attack ) Main issues of AODV for the modification attack action : • In AODV protocol the main design issue is to achieve efficiency in ad hoc network environment, but no way to verify the routing metrics included in protocol packets, no message integrity. Therefore, an attacker can easily modify them and cause different security problems in routing. Main Issues of key Attacks against ad hoc network (2) 2. Attacks using Impersonation : • Masquerading as another node or Misrepresentation of identity by altering MAC or IP address in outgoing packets Examples : • – Forming routing loops by spoofing (a) (b) (c) Main issues of AODV for the impersonation attack action : • In AODV protocol, there is no message authentication. Therefore, an attacker can easily capture normal nodes, and then cause degradation in network communications, unreachable nodes, and possible routing loops . Main Issues of key Attacks against ad hoc network (3) 3. Attacks using Fabrication : • • Generation of false routing messages Examples : – Falsifying route error messages Main issues of AODV for the fabrication attack action : • In AODV protocol, there is no verification of message contents, and no nonrepudiation. Therefore, the malicious node may insulate any node quite easily. Defining Security Requirements • • Common Security Requirements: – No spoofing – – – – – No fabricated messages No malicious alteration of routing messages No routing loops No route redirection unauthorized nodes should be excluded from routing Secure Ad Hoc Routing – Properties and Techniques used to guarantee these properties: Secure AODV (SAODV) Design (1) • Our Secure AODV Protocol Metrics: – Timeliness: Routing updates need to be sent in a timely fashion. Timestamps and timeout mechanisms can guarantee the freshness of the routes they provide. – Authentication: ensures the identity of the party with which communications are exchanged, before granting it access to the network. – Non-repudiation: the originator of a message cannot deny having sent the message. If nonrepudiation is guaranteed, the receiver of a wrong message can prove that the originator sent it, and that therefore the originator misbehaved. • Preliminary – There is a key management subsystem to make it possible for each node to obtain public keys from the other nodes, called the trust third part. – SAODV is an extension of the AODV routing protocol Secure AODV (SAODV) Design (2) • AODV Vs SAODV for Message Format (AODV) (SAODV) Secure AODV (SAODV) Operation (1) • Timestamp – • The timestamp is used to clear possible wraparound of the Message Sequence Number. SAODV Digital Signatures 1. Certification Setup • 2. Before entering the network, each node obtains a public key certificate from a trusted certificate server (the trust third part, T) C[S ]= [ IPS || PKS || T || te ]PVT Route Discovery • • • End-to-end authentication between source and destination Hop-to-hop authentication between intermediate nodes Source only trusts destination to choose return path an example of secure ad hoc network Secure AODV (SAODV) Operation (2) • SAODV Digital Signatures (Continue) 2. Route Discovery (continue) • • Source broadcasts signed RDM (Route Discovery Message) along with its own certificate. RDM contains the source IP address, along with a source-specific nonce (to detect duplicates) S broadcasts RDM: = [RDM || IPD || C[S] || NS || t]PVS • First hop adds its own signature and certificate A rebroadcasts RDM: = [[RDM || IPD || C[S] || NS || t]PVS]PVA || C[A] • Each hop verifies signature of previous hop and replaces it with its own – also adds a reverse route to source B rebroadcasts RDM: = [[RDM || IPD || C[S] || NS || t]PVS]PVB || C[B] • Destination also verifies the source signature Secure AODV (SAODV) Operation (3) • SAODV Digital Signatures (Continue) 3. Route Reply (Route Setup) • Destination sends back a signed reply (RRM) to the first RDM received D to C RRM: = [RRM || IPS || C[D] || NS || t] PVD • Again, RRM is signed by intermediate nodes, just like RDM – forward path setup C to B RRM: = [[RRM || IPS || C[D] || NS || t] PVD] PVC || C[C] B to A RRM: = [[RRM || IPS || C[D] || NS || t] PVD] PVB || C[B] • Route discovered may not be the shortest, but is the “quickest” - likely to be the least loaded / congested at the time Secure AODV (SAODV) Operation (4) • SAODV Digital Signatures (Continue) 4. Route Maintenance • • Nodes send signed error messages (RERR) to indicate link breaks, and packets arriving on deactivated paths ERR message contains IP address of originating node, along with its signature – enables non-repudiation A broadcasts B REER: =[RERR || IPS || IPD || C[A] || NA || t]PVA • • Nonce included preventing replay attacks Summary for AODV Vs SAODV Summary for AODV Vs SAODV • AODV Vs SAODV for Diagram (AODV) (SAODV) Performance Analysis of Secure AODV (SAODV) (1) • – – – – – – – • – – – – – Network Performance Parameters • • Performance of SAODV compared with AODV Simulations using OPNET Modeler 12.0 (Educational Version) simulator MAC layer is the IEEE 802.11 MAC protocol with Distributed Coordination Function (DCF) Traffic sources are CBR (constant bit-rate) Route packet processing delay: 2ms Obtained through field testing of AODV Digital signature generation delay: 8.5ms Verification delay: 0.5ms Measured running times of RSA digital signature and verification algorithms Performance metrics • • Packet Delivery Fraction the Average Routing Traffic Received the Average Route Discovery Time Packet/Byte Overhead Average Route Latency Average Path Length Average End-to-End Delay of Data Packets Performance Analysis of Secure AODV (SAODV) (2) Four Cases are simulated: • Case 1: Distribution of nodes within IEEE 802.11 b physical layer: – – • Scenario 1: Node Equalized Distribution Scenario 2: Node Un-equalized Distribution Case 2: Effect of node mobility within IEEE 802.11 b physical layer – – • Scenario 3: Uniform Mobility Scenario 4: Random Mobility Case 3: Effect of node moving speed within IEEE 802.11 b physical layer – Scenario 5: Based on Scenario 4 condition, with 3 different uniform node velocities: 1m/s, 10m/s, and 20m/s to simulate Case 1 Case 2 Case 3 Performance Analysis of Secure AODV (SAODV) (2) The topology of Case 1 Simulation Results the Average Routing Traffic Received (bits/sec) Simulation Results the Average Route Discovery Time Simulation Results the Average Packet/Byte Overhead Simulation Results the Average Route Latency Simulation Results the Average Path Length Simulation Results the Average End-to-End Delay of Data Packets Case 4 Performance Analysis (1) • Case 4: Effect of different standard of physical layer : – • Scenario 6: repeat the process of Scenario 1 ~ Scenario 5 with different standard of physical layer and compare what the different results with IEEE 802.11.b, IEEE 802.11.g and IEEE 802.11.a. Key Results An example of the Average Routing Traffic Received (bits/sec) of Case 4 based on case 2 condition • The efficiency of both AODV and SAODV with five metrics in IEEE 802.11a is much lower than that in IEEE 802.11b and g . • The efficiency in 802.11g is the same as that in 802.11b Case 4 Performance Analysis (2) • Analysis – The relationship with the signal transmitted and received power, frequency, and distance: PR = PT / (2 * π * D * f / c)² C is speed of light D is the transmitted distance F is transmission frequency – • If power is the same, transmission frequency is higher, and then transmitted distance should be lower. The frequency in 802.11a is 5GHz, and in 802.11b is 2.4 GHz. This means the transmitted distance in 802.11a is about a half of that in 802.11b, in other word, that decreases the communication range. If using the same topology as 802.11b, most nodes with 802.11a are out of transmission range, and then the network connectivity decreases, thus, the average routing received traffic, routing load and average throughput should be low. Conclusion IEEE802.11a is not profitable in ad hoc network/multi-hop networks to use exclusively the high coding schemes (OFDM) Case 4 Performance Analysis(3) • Case 4 Effect of transmitted distance in ad hoc network Case 4 Performance Analysis(4) • Case 4 Effect of transmitted distance in ad hoc network (Continue) • Conclusion The transmitted distance can affect route topology, throughput, and efficiency of the network Effect of Malicious Node Behavior •Performance metrics _ simulations with 10 % malicious nodes for each protocol _Average Path Length _Routing Overhead an example of SAODV with 20% malicious nodes (red and yellow circled nodes) Simulation Results Average Path Length • One of advantages of AODV is to get the shortest path in ad hoc network. But if this network contained malicious nodes, then non-shortest paths would be selected. • The average path length increases 12.5% for AODV in the 10% of malicious node, but there is no change in SAODV • This means malicious node behavior can not affect SAODV Simulation Results Routing Overhead • Longer routes can cause greater routing overhead and longer data packet delay. • Routing overhead with 10% of malicious nodes AODV is larger than normal AODV, and SAODV. Conclusion and Future Works Conclusion • • • Our SAODV is based on authentication, message integrity and timeliness for an ad hoc environment as a part of a minimal security policy to detect and protect against malicious actions by third parties and peers in one particular ad hoc environment. Our evaluations show SAODV has minimal performance costs for the increased security in terms of processing and networking overhead. Our simulations based on five metrics proofed our SAOD is an efficient protocol. Future Works • Study what effects for AODV and SAODV with standards of physical layer: IEEE 802.11family • Study the key management of ad hoc network References • • • • • • • • • • • • • • • • • • • • [1] C. E. Perkins and E. Royer, “Ad-hoc on-demand distance vector routing,” in Proc. of the 2nd IEEE Workshop on Mobile Computing Systems and Applications, February 1999, pp. 90–100. [2] E. Royer and C. Toh, “A review of current routing protocols for ad-hoc mobile wireless networks,” IEEE Personal Communications, April 1999. [3] D. Johnson and D. Maltz, “Dynamic source routing in ad hoc wireless networks,” Mobile Computing, vol. 353, pp. 153– 181, 1996. [4] Z. J. Haas, “A new routing protocol for the reconfigurable wireless network,” in Proceeding of 1997 IEEE 6th International Conference on Universal Personal Communications Record: Bridging the Way to the 21st Century (ICUPC’97), October 1997, pp. 562–566. [5] V. Park and M. Corson, “A highly adaptive distributed routing algorithm for mobile wireless networks,” in Proc. of INFOCOM’97, 1997. [6] C. E. Perkins and P. Bhagwat, “Highly dynamic destination-sequenced distance-vector routing (DSDV) for mobile computers,” in Proceedings of the ACM SIGCOMM’94. ACM Press, 1994, pp. 234–244. [7] R. Ogier, F. Templin, and M. Lewis, “Topology Dissemination Based on Reverse-path Forwarding (TBRPF),” Request for Comments RFC 3684, February, 2004, February 2004. [8] L. Zhou and Z. J. Haas, “Securing ad hoc networks,” IEEE Network Magazine, vol. 13, no. 6, November/December 1999. [9] S. Wu, F. Wang, and B. Vetter, “Secure routing protocols: Theory and practice,” NC State Univ., Tech. Rep., April 1998. [10] B. Schneier, Applied Cryptography: Protocols, Algorithms, and Source Code in C. 2nd Edition. John Wiley & Sons, Inc., 1996. [11] B. Schneier, Secrets and Lies: Digital Security in a Networked World. 1st Edition. John Wiley & Sons, Inc., 2000. [12] R. Ramanujan, A. Ahamad, J. Bonney, R. Hagelstrom, and K. Thurber, “Techniques for intrusion-resistant ad hoc routing algorithms (TIARA),” in IEEE Military Communications Conference, October 2000. [13] S. Marti, T. Giuli, K. Lai, and M. Baker, “Mitigating routing misbehavior in mobile ad hoc networks,” in Proceedings of MOBICOM 2000, August 2000. [14] J.-P. Hubaux, L. Buttyan, and S. Capkun, “The quest for security in mobile ad hoc networks,” in MobiHoc ’01: Proceedings of the 2nd ACM international symposium on Mobile ad hoc networking & computing, New York, NY, USA, 2001, pp. 146–155. [15] J. Kong, P. Zerfos, H. Luo, S. Lu, and L. Zhang, “Providing robust and ubiquitous security support for mobile ad-hoc networks,” in IEEE International Conference on Network Protocols (ICNP), November 2001. [16] N. Asokan and P. Ginzboorg, “Key agreement in ad-hoc networks,” Computer Communications, vol. 23, no. 17, November 2000. [17] K. Fall and K. Varadhan, “ns notes and documentation,” available from http://www.isi.edu/nsnam/ns/, 2003. [18] “IEEE Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) Specifications,” IEEE Std. 802.11-1997, 1997. References •[19] B. Tuch, “Development of waveLAN, an ISM band wireless LAN,” AT&T Technical Journal, vol. 72, no. 4, pp. 27–37, July-Aug. 1993. •[20] J. Broch, D. A. Maltz, D. B. Johnson, Y.-C. Hu, and J. G. Jetcheva, “A performance comparison of multihop wireless ad hoc network routing protocols,” in Proc. IEEE/ACM MOBICOM’98, October 1998, pp. 85– •97. •[21] Y. Hu, D. B. Johnson, and A. Perrig, “SEAD: Secure efficient distance vector routing for mobile wireless ad hoc networks,” in 4th IEEE Workshop on Mobile Computing Systems and Applications, June 2002. •[22] Y. Hu, A. Perrig, and D. B. Johnson, “Ariadne: A secure on-demand routing protocol for ad hoc networks,” in 8th ACM International Conference on Mobile Computing and Networking (MobiCom 2002), September 2002. •[23] F. Stajano and R. J. Anderson, “The resurrecting duckling: Security issues for ad hoc wireless networks,” in 7th Security Protocols Workshop, volume 1796 of Lecture Notes in Computer Science, 1999, pp. 172–194,. •[24] F. Stajano, “The resurrecting duckling - what next?” in Security Protocols - 8th International Workshop, April 2001. •[25] D. Balfanz, D. Smetters, P. Stewart, and H. C. Wong, “Talking to strangers: Authentication in ad-hoc wireless networks,” in Network and Distributed System Security Symposium Conference Proceedings, •February 2002. •[26] M. Steiner, G. Tsudik, and M. Waidner, “Key agreement in dynamic peer groups,” IEEE Trans. Parallel Distrib. Syst., vol. 11, no. 8, pp. 769–780, 2000. •[27] S. Yi, P. Naldurg, and R. Kravets, “Security-aware ad hoc routing for wireless networks, Tech. Rep. UIUCDCS-R-2001-2241, August 2001. •[28] P. Papadimitratos and Z. Haas, “Secure routing for mobile ad hoc networks,” in SCS Communication Networks and Distributed Systems Modeling and Simulation Conference (CNDS 2002), January 2002. •[29] L. Venkatraman and D. P. Agrawal, “Security scheme for routing in adhoc networks,” in Proceedings of the 13th International Conference on Wireless Communications, July 2001, pp. 129–146. •[30] B. Dahill, B. Levine, C. Shields, and E. Royer, “Secure routing protocol for ad hoc networks,” U Mass, Tech. Rep. UM-CS-2001-037, 2001. •[31] B. Smith and J. Garcia-Luna-Aceves, “Securing the border gateway routing protocol,” in Proceedings of Global Internet, November 1996. •[32] B. Smith, S. Murthy, and J. Garcia-Luna-Aceves, “Securing distancevector routing protocols,” in Proceedings of the Symposium on Network and Distributed System Security (SNDSS’97), February 1997, pp. 85–92. •[33] S. Murphy and M. Badger, “Digital signature protection of the OSPF routing protocol,” in Proceedings of the Symposium on Network and Distributed System Security (SNDSS’96), February 1996, pp. 93–102. •[34] R. C. Merkle, “A digital signature based on a conventional encryption function,” in Advances in Cryptology-CRYPTO’87, August 1987. •[35] S. Cheung, “An efficient message authentication scheme for link state routing,” in 13th Annual Computer Security Applications Conference, 1997. •[36] R. Hauser, T. Przygienda, and G. Tsudik, “Reducing the cost of security in link-state routing,” in Symposium on Network and Distributed System Security (SNDSS’97), February 1997, pp. 93–99. •[37] L. Reyzin and N. Reyzin, “Better than BiBa: Short one-time signatures with fast signing and verifying,” in Information Security and Privacy-7th Australasian Conference ACSIP, 2002. •[38] K. Zhang, “Efficient protocols for signing routing messages,” in Proceedings of the 1998 Internet Society (ISOC) Symposium on Network and Distributed System Security, March 1998.