Research On Wireless Ad Hoc Network Security Mechanism

The OLSR protocol is widely used in wireless ad hoc networks.Based on its security strategy,there have been many theoretical solutions.Most of these schemes use the method of encrypting data packets during data transmission and verifying data packets during data reception to achieve tamper-proof and anti-counterfeiting goals.Using credentials provided by a trusted authority for authentication is also one of the common methods.This thesis proposes the Safe Domain Based Authentication(SDA)method,which authenticates mobile nodes when they apply to join the current ad hoc network.Identity authentication is accomplished by a combination of real-time negotiated random numbers and the comparison of the results of their own functions.The nodes that apply for access to the network do not explicitly transmit concrete functions when communicating with the current network,but only pass necessary parameters.The difficulty of trying to fit a function curve when the complexity of the function is high enough will increase.This thesis also proposes and implements a key agreement protocol based on"challenge/response" authentication mode on the basis of identity authentication of nodes to ensure the security of each node in the current network.The participating nodes will negotiate a specific key according to the agreement.The node running the protocol broadcasts a HELLO message to its one-hop neighbor during the neighbor discovery phase.The message carries a key.Only the node whose key is verified can receive feedback from the neighbor node.Otherwise,the HELLO message will be discarded.The protocol proposed in this thesis makes up for the lack of verification of node when the OLSR protocol constructs self-organizing networks.The SDA and key agreement protocol proposed in this thesis do not set up a fixed certification authority.Because every node that applies to access is authenticated,the node that already exists in an Ad Hoc network is considered to be trusted and can act as an authentication server to authenticate the new node.SDA can also set a limited space for authentication,limitting the total number of nodes that can be authenticated,and effectively control the number of security authentications for the access node.