Secure and efficient content distribution in ad hoc wireless networks

Fueled by the proliferation of wireless devices, mobile ad hoc wireless networks (MANETs) have been the focus of active research in recent years. MANETs can be deployed fast and do not require fixed infrastructure, which makes them well-suited for critical environments (e.g., battlefield or disaster recovery). In such environments robustness and reliability are crucial. This strongly motivates the need for survivable routing protocols, which are able to provide service in the presence of attacks and failures. At the same time, the proliferation of wireless devices has been a driving factor for the adoption of wireless ad hoc networks into our daily activities.; Certain characteristics of MANETs, such as their lack of physical security and their cooperative nature, make them more vulnerable to inside (Byzantine) attacks coming from compromised nodes that behave arbitrarily to disrupt the network. The absence of security mechanisms that provide survivable service in the presence of both outside and inside attacks is a deterrent factor for the mass adoption of MANETs.; In secure content distribution, a source disseminates data to a select group of receivers that are authorized to access the data. We envision a solution to this problem by addressing relevant security aspects of MANETs at two layers: The network layer and the application layer.; At the network layer we examine the survivability of ad hoc wireless routing protocols in the presence of Byzantine attacks, under two communication models: Unicast and multicast. We show that traditional secure routing protocols that assume authenticated nodes can always be trusted, fail to defend against such attacks. To fill this gap, we introduce the first secure routing protocols designed to withstand a large class of Byzantine attacks from colluding adversaries and show their effectiveness in mitigating the considered attacks. Our solutions are software-based and do not require additional or specialized hardware.; At the application layer we are concerned with data confidentiality. The security semantics must ensure that only the authorized receivers are able to access the data, even if data packets also reach non-authorized receivers. We propose a reliable mes sage delivery mechanism for MANETs, which guarantees that partitioned nodes can recover lost messages within a reasonable amount of time. The mechanism is based on erasure codes and leverages node mobility to allow a trade-off between message recovery time and node storage. Our analysis shows that a stateful broadcast encryption scheme provisioned with this reliable message delivery mechanism can be used to achieve communication-efficient secure content distribution in MANETs.