Abstract
This paper proposes a compromise-tolerant (t,n)-threshold certification management scheme for MANETs. Our solution allows to mitigate the impact of compromised nodes that participate in the certification service. In our design, certification management is achieved anonymously by an Anonymous Certification Authority (ACA). The latter is fully distributed into multiple disjointed coalitions of nodes whose structure is made hidden. This prevents an adversary from taking the control of the ACA by arbitrarily compromising t or more nodes. In other words, our proposal enhances the compromise-tolerance to more than the threshold number t of nodes without breaking down the whole certification system. As a result, our scheme requires a very smaller threshold than traditional schemes, which improves considerably the service availability. The experimental study shows a clear advantage over traditional threshold-based certification schemes by ensuring a significant positive compromise between security and availability of certification service.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
Notes
The hypergeometric distribution is a discrete probability distribution that describes the probability of k successes in n draws, without replacement, from a finite population of size N that contains exactly K successes
References
Beimel A (2011) Secret-sharing schemes: a survey. In: Coding and cryptology - third international workshop, IWCC 2011, Qingdao, China, May 30–June 3, 2011. Proceedings, pp 11–46
Camenisch J, Shoup V (2003) Practical verifiable encryption and decryption of discrete logarithms. In: Advances in cryptology - CRYPTO 2003, 23rd annual international cryptology conference, Santa Barbara, California, USA, August 17–21, 2003, Proceedings, pp 126–144
Chen Z, Li S, Wu Q, Huang Q (2015) A distributed secret share update scheme with public verifiability for ad hoc network. Security and Communication Networks 8(8):1485–1493
Guo Y, Ma J, Chao W, Yang K (2013) Incentive-based optimal nodes selection mechanism for threshold key management in manets with selfish nodes. Int J Distrib Sens Netw, 2013
Hamouid K, Adi K (2010) Secure and robust threshold key management (SRKM) scheme for ad hoc networks. Security and Communication Networks 3(6):517–534
Hamouid K, Adi K (2015) Efficient certificateless web-of-trust model for public-key authentication in MANET. Comput Commun 63:24–39
Kobayashi K, Totani Y, Utsu K, Ishii H (2016) Achieving secure communication over MANET using secret sharing schemes. J Supercomput 72(3):1215–1225
Li L, Liu R (2010) Securing cluster-based ad hoc networks with distributed authorities. IEEE Trans Wirel Commun 9(10):3072–3081
Maity S, Hansdah R (2014) Self-organized public key management in manets with enhanced security and without certificate-chains. Comput Netw 65(0):183–211
Meng X, Li Y (2012) A verifiable dynamic threshold key management scheme based on bilinear pairing without a trusted party in mobile ad hoc network. In: 2012 IEEE international conference on automation and logistics, Zhengzhou, China, August 15-17, 2012, pp 315–320
Omar M, Boufaghes H, Mammeri L, Taalba A, Tari A (2016) Secure and reliable certificate chains recovery protocol for mobile ad hoc networks. J Netw Comput Appl 62:153–162
Park Y, Park Y, Moon S (2013) Anonymous cluster-based manets with threshold signature. Int J Distrib Sens Netw 2013
Pedersen TP (1991) Non-interactive and information-theoretic secure verifiable secret sharing. In: Advances in cryptology - CRYPTO ’91, 11th annual international cryptology conference, Santa Barbara, California, USA, August 11-15, 1991, Proceedings, pp 129–140
Pedersen TP (1991) A threshold cryptosystem without a trusted party (extended abstract). In: Advances in cryptology - EUROCRYPT ’91, workshop on the theory and application of of cryptographic techniques, Brighton, UK, April 8-11, 1991, Proceedings, pp 522–526
Schnorr CP (1990) Efficient identification and signatures for smart cards. Springer, Berlin, pp 239–252
Shamir A (1979) How to share a secret. Commun ACM 22(11):612–613
Yao L, Deng J, Wang J, Wu G (2015) A-CACHE: an anchor-based public key caching scheme in large wireless networks. Comput Netw 87:78–88
Zhou L, Haas Z (1999) Securing ad hoc networks. Network, IEEE 13(6):24–30
Zhou L, Schneider FB, van Renesse R (2005) APSS: Proactive secret sharing in asynchronous systems. ACM Trans Inf Syst Secur 8(3):259–286
Zhu B, Bao F, Deng RH, Kankanhalli MS, Wang G (2005) Efficient and robust key management for large mobile ad hoc networks. Comput Netw 48(4):657–682
Author information
Authors and Affiliations
Corresponding author
Additional information
Publisher’s note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
About this article
Cite this article
Hamouid, K., Adi, K. Secure and reliable certification management scheme for large-scale MANETs based on a distributed anonymous authority. Peer-to-Peer Netw. Appl. 12, 1137–1155 (2019). https://doi.org/10.1007/s12083-019-00787-3
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s12083-019-00787-3