Secure Routing for Mobile Ad hoc Networks Panagiotis Papadimitratos - - PowerPoint PPT Presentation

1 CS 6204, Spring 2005

Secure Routing for Mobile Ad hoc Networks

Panagiotis Papadimitratos & Zygmunt J. Haas Presented by Leland Smith

2 CS 6204, Spring 2005

Overview

♦ What are MANETs? ♦ Motivation ♦ Secure Routing Protocol ♦ Protocol Description ♦ Discussion

3 CS 6204, Spring 2005

Mobile Ad hoc NETworking (MANET) [1]

♦ Self-organized wireless interconnection of

communication devices that would:

– Extend or operate in concert with the wired networking infrastructure – Possibly evolve to autonomous networks

♦ Unique characteristics and challenges

4 CS 6204, Spring 2005

Mobile Ad hoc NETworking (MANET) [2]

♦ Characteristics

– Absence of fixed infrastructure – Decentralized operation

♦ Challenges

– Physical limitations – Difficult to determine which nodes to trust – Difficult to have a clear picture of membership

• Cannot make trust assumptions in large networks

– No guarantee paths are free of malicious nodes

5 CS 6204, Spring 2005

Motivation

♦ Current MANET routing protocol cannot

cope with disruptions due to malicious behavior.

– Denial of service attacks on end nodes

♦ Propose the Secure Routing Protocol (SRP)

– Applied as an extension to existing routing protocols. – Guarantees acquisition of correct topological information in a timely manner.

6 CS 6204, Spring 2005

Secure Routing Protocol (SRP)

♦ Features

– Guarantees that a node initiating a route discovery will be able to identify and discard replies providing false topological information.

• Or avoid receiving them all together.

– Places computational overhead on end-nodes

• Efficient and scalable
• Doesn’t rely on state stored on intermediate nodes.

– Only requires a security association between the pair of end nodes.

• Security association?

♦ Assumptions

– Adversary nodes are not capable of colluding within one step of protocol execution – Each broadcast is received by all neighbors within range. Nodes

• perate in promiscuous mode.

7 CS 6204, Spring 2005

Basic Concept

♦ Request:

– A source node initiates a route discovery and broadcasts the request packet along with a secure Message Authentication Code and secret key shared between the source and destination. – IP addresses are accumulated along the path.

♦ Propagation:

– Intermediate nodes relay route requests such that one or more request packets arrive at the destination. – Discard previously seen route requests. – Provide feedback in the event of path breakage.

♦ Reply:

– Calculates new MAC covering route reply contents. – Returns packet to source along the reverse of the accumulated path. – Responds to one or more requests from the same query to provide the source with a diverse topology picture. – Querying node validates replies and updates its topology view.

8 CS 6204, Spring 2005

Packet Format

Builds on underlying basis protocol 6 words = 192 byte header

9 CS 6204, Spring 2005

SRP Packet Components

♦ Query Sequence number (Qseq):

– Increases with each route request by a node – Allows destination to detect outdated routes – Initialized at establishment of security association

♦ Query Identifier (Qid):

– Used by intermediate nodes to identify request – Output of secure pseudorandom number generator

♦ Message Authentication Code (MAC):

– Generated by a keyed hash function – Input: entire IP header, basis protocol route request packet, shared key KS,T – Excludes: accumulated addresses of intermediate nodes, mutable IP header fields.

10 CS 6204, Spring 2005

Process Example

11 CS 6204, Spring 2005

Query Propagation

♦ Determine whether SRP header is present

– If not, route according to basis protocol – If so:

• Route according to SRP
• Extract Qid, source and destination addresses and

store in query table.

• If incoming packet Qid, source and destination

addresses match one already in the query table, discard the packet.

• Query frequency heuristics

12 CS 6204, Spring 2005

Route Reply

♦ Verifies request packet

– Security association? – In sequence?

♦ Calculate hash of request fields and compare to the request

header MAC

– Verification complete

♦ Formulate reply using the same Qid and Qseq as the request

and recompute the MAC for the new packet.

♦ Destination generates numerous replies to a single valid

request.

– Disallow malicious neighbor to control multiple replies.

13 CS 6204, Spring 2005

Reply Validation

♦ Source discards reply if it does not correspond to a

currently pending query

♦ Compare reply IP source-route with the reverse of

the route carried in the reply payload. Discard if they differ

♦ Calculate MAC using data in reply payload and the

shared key.

♦ Upon verification, source is assured that the

request reached destination T, and that the reply was not tampered with on its way from T to S.

14 CS 6204, Spring 2005

Route Maintenance

♦ Topology changes must be detected ♦ Route error packets source-routed along the prefix

• f the route reported as broken.

♦ The path source compares the route traversed by

the error packet to the prefix of the corresponding route.

♦ Verifies error feedback refers to the actual route,

and was generated by a node on the route.

♦ Correctness of feedback cannot be verified

– A malicious node on route S->T can at most invalidate that route, mislead S by corrupting error packets from another node, or mask a dropped packet as a link failure

15 CS 6204, Spring 2005

Summary & Conclusion

♦ Proofs in paper ♦ Implementations? ♦ How to establish security associations?