《Light Weight Network Coding based Key Distribution.doc》由会员分享,可在线阅读,更多相关《Light Weight Network Coding based Key Distribution.doc(16页珍藏版)》请在三一办公上搜索。
1、精品论文Light Weight Network Coding based Key DistributionScheme for MANETsJianwei Liu1, Abdur Rashid Sangi1, Ruiying Du2, Qianhong Wu25(1. School of Electronics & Information Engineering, Beihang University, Beijing 100191;2. School of Computer Science, Wuhan University, WuHan 430072)Abstract: Along wi
2、th other advantages, throughput enrichment is considered a main advantage provided by network coding. It is a lightweight, efficient, easy to implement technique that can be used to resolve security related issues in resource constraint wireless ad hoc networks. To utilize the10advantages of network
3、 coding, we present a lightweight key distribution scheme based on inherent security property of network coding. Our novel scheme is a combination of simple XOR network coding operations and message authentication codes (MACs) to achieve data confidentiality and guarantee the integrity of the distri
4、buted keys, respectively. A thorough security analysis is given toexplain the effectiveness of our scheme against eavesdropping and impersonation attacks as well as15with few reasonable assumptions, it could withstand more intelligent attacks i.e. node compromising and brute force attacks. this sche
5、me requires adequate amount of memory and we have also discussed memory aspects of our scheme. Simulation analysis proved that while key exchange between two nodes in same cluster, this scheme achieved more than 95% key delivery ratio with an ignorable average delay of 2 m.s. 58% key delivery ratio
6、was achieved while the key was exchanged between20two nodes in different clusters and the average delay was around 10 m.s.Keywords: network coding; key distribution scheme; message authentication code (MAC); wireless ad hoc network; network simulator-2.0Introduction25Since network coding approach wa
7、s first proposed by R. Ahlswede, Li, Cai and Yeung in their pioneering work in 2000 1, few further studies have begun to investigate how to exploit the network coding idea to design secure lightweight protocols for a lot of applications. A few of papers deal with network coding security problems. L.
8、 Lima, J. P. Vilela, P. F. Oliveira and J. Barros discussed the attacks and countermeasures in wireless network coding 2. J. Dong et al30identify some security threats and challenges in several network coding-based systems proposed for unicast in wireless network3. P. F. Oliveria and J. Barros propo
9、sed a secret key distribution protocol for wireless networks based on network coding4 and C. Gkantsidis and P.R. Roddriguez proposed a large scale contents distribution scheme 5 in network scenarios. J. P. Vilela, L. Lima and J. Barros proposed a low-complexity cryptographic scheme6 based on random
10、linear network35coding 7. Z. Yu, Y. Wei, B. Ramkumar and Y. Guan proposed an efficient XOR network coding scheme to combat against pollution attacks8. S. Jaggi, M. Langberg, S. Katti, T. Ho, D. Katabi, and M. Medard proposed the algorithms to resist Byzantine attacks9.While in mobile ad hoc network,
11、 its dynamic network topology, multi-hop, decentralized and self-organizing properties pose even more serious security challenges than those in static40networks10. One of the most important problems is how to distribute and update secret keys toensure secure communication among all participating nod
12、es. A network coding-based protocol is proposed for wireless sensor network11. In this scheme, the authors suppose that there is a mobile node in the static sensor network. Obviously, the scheme can not meet the security requirements in ad hoc network, because all nodes in ad hoc network are mobile,
13、 and so-called neighbors of any45node are not fixed any more.Foundations: Specialized Research Fund for the Doctoral Program of Higher Education (No. 20091102110004); National Basic Research Program of China (973 Program) Foundation(No.2012CB315905)Brief author introduction:Liu Jianwei, (1964 -), ma
14、le, professor and doctoral supervisor. Main research:security of wireless and mobile communication network and computer network. E-mail: liujianwei- 16 -Figure 1 shows a cluster-based topology of a general multi-hop wireless ad hoc communication network, where the black dots indicate the clusterhead
15、s and the black linesindicates the communication route from node A to node B.50Fig.1 MANETS Cluster-based topology.Fig.2 A hierarchical network topologyIn this paper, we propose a new key distribution scheme for mobile ad hoc network. Our scheme is based on network coding paradigm. The scheme allows
16、 any pair of node to setup a shared key through a multi-hop route, efficiently.55Our scheme adopts a trusted third party (TTP) to pre-install a secret key and all padded key materials of the other nodes to each ad hoc node in the initialization stage. Each node only knows its own secret key. Besides
17、, it also keeps an encrypted version of keys of all other nodes pre-installed by TTP in the initialization stage. After the initialization stage, end-to-end key distribution can be performed efficiently based on network coding paradigm.60Memory requirement is an overhead but without storing these se
18、cret keys, this scheme would needs an online mechanism to distribute these secret keys when required. Burden to include data communication in resource constraint network would be more as compared to the nominal memory that our scheme require on each node. Memory advancements are introduced frequentl
19、y and it is becoming easy to install a big amount of compact memory day by day.65We did not find an exact similar technique that used cluster topology, network coding and message authentication code to devise key distribution scheme. Authors in 4 11 proposed a key distribution scheme that uses netwo
20、rk coding. Unlike this scheme, our scheme requires less memory space on each participating nodes and does not expect a mobile (super) node to bootstrapthe participating network nodes.70The rest of the paper is organized as follows: we explain the symbols we use in the paper in section II, and securi
21、ty model as well as some reasonable assumptions in section III. We propose our scheme in section IV and analyze its security and performance in section V. Section VI concludes the paper.1Notation And Symbol75Before we begin to describe our proposed schemes, we explain the symbols used in the paper.T
22、able 1 lists the symbols and their corresponding meanings in our scheme.80Tab.1 Notation and Symbols.Symbol DescriptionKi IDi aij h(x)riMACithe secret key of i-th Ad hoc node the identifier of i-th Ad hoc noderandom number between i-th and j-th Ad hoc node generated by TTPsecure hash function used t
23、o generate a MACrandom challenge generated by i-th Ad hoc node message authentication code using i-th nodes key| Message concatenation operationH lP, | P |l-th clusterheadglobal key pool and its size859095100105110115NMaximum number of Ad hoc nodesSK shared secret key between two Ad hoc nodes2Securi
24、ty Model2.1 Network Topology ModelWe consider a cluster-based ad hoc hierarchical network topology. A subset of the network nodes is selected to serve as the network backbone over which essential network control functions are supported. The approach to topology control is often called clustering, an
25、d consists of selecting a set of clusterheads in a way that every node is associated with a clusterhead, and clusterheads are connected with each other directly or by means of gateways, so that the union of gateways and clusterheads constitute a connected backbone. Once elected, the clusterheads and
26、 the gateways help reduce the complexity of maintaining topology information, and can simplify such essential functions as routing, bandwidth allocation, channel access, power control or virtual-circuit support. For clustering to be effective, the links and nodes that are part of the backbone (i.e.,
27、 clusterheads, gateways, and the links that connect them) must be close to minimumand must also be connected 12.From Figure 2, we can learn that each clusterhead has control ability over all the other normal nodes within the cluster. The clusterheads are connected with each other to perform traffic
28、delivery among nodes in different clusters. The characteristics of cluster-based topology of ad hoc network can be leveraged to distribute secret keys based on network coding paradigm.2.2 Network Topology ModelWe consider the security threats posed by an attacker in ad hoc network have the following
29、 characteristics:1) It can eavesdrop every wireless link in the network;2) It has full access to all data traffic and can perform analysis upon receiving the traffic.3) It knows all the cryptographic algorithms used in the network, but it has limited computing resources and thus unable to break the
30、cryptographic primitives.4) It can inject bogus traffic, and modify traffic to launch impersonation attack.5) It can capture some ad hoc nodes and extract authentication/encryption keys from the compromised nodes.Our goal is to design a network coding-based scheme that can efficiently set up a secre
31、t key between two communication nodes, or set up a conference key among a group of nodes. We particularly address that the 2-layer topology should be adopted for ad hoc network, which can be greatly benefited from XOR operations in network coding paradigm.1201251301351401451501552.3 Initial Assumpti
32、onsWe make some reasonable assumptions for the scheme.1)In the initialization stage, there exists an offline trusted third party (TTP) in the network.2)Each ad hoc node has enough memory to store all the encrypted keys of all network nodes.3)One clusterhead knows all identifiers of nodes within its
33、jurisdiction and can route the traffic to other clusterhead, and the latter will deliver the data to the designated node in the other cluster.Clearly, the first and the third assumptions are not difficult for us to understand. Some people may argue that the second assumption seems unreasonable, beca
34、use terminals of ad hoc network have limited memory resource. Actually, unlike wireless sensor network, mobile ad hoc network usually has limited number of nodes under some military or industry scenarios, i.e., military rescue action and geological prospecting and exploration. We suppose that the se
35、cret key size is of128 bits (16 bytes), and the node identifier is of 16 bits (2 bytes, which can represent to themaximum 65536 ad hoc nodes), then the memory needed at each node to store the secret keys for such big number of nodes would only be approximately 1M bytes. It is obviously affordable fo
36、r a mobile ad hoc node with the technical advancement of storage device.3Key Distribution Scheme using Network Coding for MANETsThe In this section, a new key distribution scheme is proposed based on network coding paradigm. As the XOR operations are used in the scheme, so it requires only a few lig
37、htweight computations and provides a level of security of probabilistic key sharing scheme13. In the following paragraph, we will describe 3 phases in detail.3.1 The Framework for Key Distribution in Ad Hoc NetworkBefore describing our proposed scheme, we first propose a framework for securely distr
38、ibuting secret keys in mobile Ad hoc network.Our proposed scheme includes 3 phases. The first one is the initialization phase. The second one is the key distribution phase. And the third one is the key updating phase.- Initialization phase: In this phase, we suppose there is an offline trusted third
39、 party (TTP) in Ad hoc network, which is responsible to setup security parameter, such as generating secret key for each node, and choose cryptographic hash functions and algorithms. The TTP will initialize every Ad hoc node and injects the security data into its memory. Once this phase is finished,
40、 all network nodes are ready for deployment.- Key distribution phase: Two kinds of protocols will be executed based on whether two communication nodes belong to a same cluster or not. If the two nodes belong to the same cluster, then key distribution can be easily done by the aid of the clusterhead.
41、 Whereas, if the two nodes belong to different clusters, the key distribution will be realized by the aid of two different clusterheads, which take the effect of gateways.- Key updating phase: When Ad hoc network topology changes dynamically or there are newnodes entering the network, new keys shoul
42、d be securely and efficiently distributed. When an Ad hoc node wants to update its current secret key, it needs to send an update request to its clusterhead. Then key updating procedure will be executed with the aid of clusterheads.3.2 Detailed Procedure of Our Key Distribution SchemeWe assume that
43、2-layer hierarchical topology model is adopted, and the clusterheads can be160165170elected through a recommendation algorithm automatically12, and every Ad hoc node is associated with a clusterhead. Thus, once any pair of node wants to setup a common secret key and communicate securely, they must f
44、irst contact their own clusterheads. The clusterheads with the help of gateways can compute and deliver data between the two communication nodes.There are two cases here.In the first case, both nodes are associated with one same clusterhead. In the second case, both nodes are associated with two dif
45、ferent clusterheads. Therefore, we will propose two different key distribution protocols to meet the above two cases. Case 1: Both Ad hoc nodes belong to the same clusterhead.Fig.3 Protocol for two ad hoc nodes associated with the same clusterhead.- Initialization phase: The offline TTP in the netwo
46、rk generates a secret key K i P , where P isthe large key pool generated by TTP, and the corresponding identifiersID i , i 0 , L , N 1 foreach Ad hoc node. TTP stores a list of an encrypted version of the other nodes keysK j a ij , j = 0 , L , i 1 , i + 1 , L , N 1(notice thata ij = a ji) into nodeialone with all175180corresponding identifiers of the Ad hoc n
