Research On Secure Routing For Mobile Ad Hoc Networks

An ad hoc network is a collection of self-organized mobile hosts with wirelessinterfaces, which can dynamically form a multihop wireless network by peer-to-peercommunication without fixed infrastructure. Each node may serve as a packet-levelrouter for its peers in the same network. Its user's terminal could be notebookcomputer, PDA and vehicle computer which are such portable devices as that withwireless transceiver equipment facilitated to construct rapidly a self provisional net,and can be applied to mobile teleconferencing, disaster relief and dealing withemergencies, AFS ambulance, military operations and sensor networks, etc., in themilitary and civilian various fields share extensive important application prospects.Comparing with wired networks, in mobile ad hoc networks the nodes' mobilityand the fundamentally limited capacity of the wireless medium, together withwireless transmission effects such as attenuation, multipath propagation, andinterference, combine to create significant challenges for secure routing protocolsoperating in an ad hoc network.In addition to the same types of attacks suffered by wired networks, the routingin ad hoc networks is more likely to be attacked by some other attacks such asrouting-disruption attacks and resource-consumption attacks. In routing-disruptionattacks, the attacker attempts to cause legitimate data packets to be routed indysfunctional ways. In resource-consumption attacks, the attacker injects packetsinto the network in an attempt to consume valuable network resources such asbandwidth or to consume node resources such as memory or computation power.Therefore in order for the rapid, effective and secure communication, to studythe secure routing protocol for mobile ad hoc networks is very important.The main research and innovation of this dissertation are as follows:1) The novel cryptographic mechanisms used for source authenticationHORSEI and HORSEI2 were presented based on improving HORSE algorithm fortwice successively.The existing source authentication algorithms used for secure mobile ad hocnetwork routing protocol can be divided into four categories: Asymmetric cryptography, i.e. public key digital signature; Symmetric cryptography; Hash chainand Hash tree. Their drawbacks are expensive computational cost, difficult toprevent receivers from forging sender's signature, requiring time synchronizationbetween senders and receivers and not adapted to authenticate the dynamic packetmessage respectively, which could not to be ignored. We developed novel efficientcryptographic mechanisms HORSEI and HORSEI2 by improving HORSE algorithmfor twice successively, which reduce the computational complexity of verifying asignature is from O(kd) to O(d^1/2) without drop in security, and overcome theshortcomings of the four listed above.2) A series of novel secure routing protocols for ad hoc networks werepresented for Ad hoc networks, which are secure on-demand distance vector routingprotocol, secure multicast routing protocol, secure QoS routing protocol and secureQoS multicast route protocol respectively.These security protocols use HORSEI/HORSEI2 for authentication, withfaster signing and verifying speed than public key based authentication schemes. Thesecurity of the protocol relies entirely on the one way hash functions and need notime synchronization between senders and receivers. The main purposes of thesesecurity protocols are to provide source authentication mechanism for on-demanddistance vector route, multicast route, QoS route and QoS multicast route in mobilead hoc networks. And these security protocols will consturct multicast tree withauthentication constrains for the multicast routes. The performances of these securityprotocols are evaluated with simulator NS2. The results represent they produce lessend-to-end packet latency than public key based secure routing scheme, and they arefeasible approaches to secure various routes for mobile ad hoc networks. Thetheoretic analyses and the network simulations prove that these security protocols arepractical and perform well.3) A new Secure QoS Multicast Routing Protocol NSQMRAN based on thenew public key cryptography NTRUSign for Ad Hoc networks was prensented.NSQMRAN used NTRUSign as cryptographic mechanism to sign the routemassages. Comparing with the HORSEI2 based protocol, NTRUSign is smaller butHOREI2 is faster. The either has its distinct advantages. The results on networksimulating based on NS2 show NSQMRAN's performance well.4) A threshold scheme-based mobile ad hoc networks key distributing protocolwas presented. This paper faces the communication characteristics of mobile ad hoc networks,and indicates that the traditional certificate technology is not applicable to MANET.This paper presents a threshold scheme, Asmuth-Bloom algorithm-based Mobile adhoc Networks Key Distributing Protocol (MANNETKDP), and discusses theprotocol's computation complexity, communication performance and the security.The discussion shows that the protocol has good enough performance at computationcomplexity, communication and security when comparing with the other keydistributing schemes.This dissertation is supported by National Natural Science Foundation of China(No. 60672137, 90304018) and Specialized Research Fund for the Doctoral Programof Higher Education of China (under Grant No. 20060497015).