The Research And Implementation Of Revocation Schemes For Ad Hoc Networks

Ad Hoc networks are infrastructure-free, self-organizing wireless networks. They have good mobility and flexibility, can adapt well to military battlefields, disaster rescue and other emergencies. However, some fundamental characteristics including open medium and dynamic topology make Ad Hoc networks highly vulnerable to attacks. The research of security mechanisms for Ad Hoc networks becomes a hot research topic. Most of them use digital certificates to authenticate network nodes. If we can establish effective node revocation mechanisms for Ad Hoc networks, so that it becomes difficult for malicious nodes to interact with the legitimate nodes or legitimate nodes are able to distinguish malicious nodes and isolate them from the networks, the security of the whole network can get be guaranteed.The paper is mainly focused on the node revocation of both fully distributed architecture and clustering structure of the Ad Hoc networks, the contributions of the paper are outlined as follows:Firstly, this paper presents a distributed certificate revocation scheme for Ad Hoc networks. This scheme uses one-way hash chain to authenticate accusatory information in order to reduce the overhead of computation of the nodes and provides protections against certificates being wrongfully revoked through malicious accusations by dynamicly updating creditability. It uses two tables to describe the credibility and accusatory relationships of the nodes, which is convenient to calculate the creditability. And on this basis, the introduction of a certificate suspended status effectively prevents the certificates of good nodes from being revoked for accidental misbehaviors.Secondly, this paper presents a node revocation scheme for cluster-based Ad Hoc networks. The nodes in Ad Hoc networks use beta reputation system to predict the behaviors of other nodes in the same cluster. This scheme uses identity-based cryptographic algorithms (IBC) so that public key certificates are not needed any more. Combined with the threshold mechanism to realize the revocation of the nodes, it prevents the power of revocation from being centralized. It also removes the security defects in the roaming of mobile nodes and enhances the network security.Finally, we also simulate the process of the distributed certificate revocation for Ad Hoc networks based on the use of network simulation software, NS2. The simulation validates the feasibility of the scheme.