Wireless Networks

, Volume 11, Issue 1–2, pp 21–38 | Cite as

Ariadne: A Secure On-Demand Routing Protocol for Ad Hoc Networks

Article

Abstract

An ad hoc network is a group of wireless mobile computers (or nodes), in which individual nodes cooperate by forwarding packets for each other to allow nodes to communicate beyond direct wireless transmission range. Prior research in ad hoc networking has generally studied the routing problem in a non-adversarial setting, assuming a trusted environment. In this paper, we present attacks against routing in ad hoc networks, and we present the design and performance evaluation of a new secure on-demand ad hoc network routing protocol, called Ariadne. Ariadne prevents attackers or compromised nodes from tampering with uncompromised routes consisting of uncompromised nodes, and also prevents many types of Denial-of-Service attacks. In addition, Ariadne is efficient, using only highly efficient symmetric cryptographic primitives.

Keywords

mobile ad hoc network ad hoc network routing secure routing secure ad hoc network routing Ariadne 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. [1]
    N. Abramson, The ALOHA system – another alternative for computer communications, in: Proceedings of the Fall 1970 AFIPS Computer Conference (November 1970) pp. 281–285. Google Scholar
  2. [2]
    S. Basagni, K. Herrin, E. Rosti and D. Bruschi, Secure pebblenets, in: Proceedings of the 2nd Symposium on Mobile Ad Hoc Networking and Computing (MobiHoc 2001) (October 2001) pp. 156–163. Google Scholar
  3. [3]
    M. Bellare, R. Canetti and H. Krawczyk, Keying hash functions for message authentication, in: Advances in Cryptology – Crypto’96, Lecture Notes in Computer Science, Vol. 1109, ed. N. Koblitz (Springer, 1996) pp. 1–15. Google Scholar
  4. [4]
    B. Bellur and R.G. Ogier, A reliable, efficient topology broadcast protocol for dynamic networks, in: Proceedings of the 18th Annual Joint Conference of the IEEE Computer and Communications Societies (INFOCOM’99) (March 1999) pp. 178–186. Google Scholar
  5. [5]
    A. Benjaminson and S.C. Stallings, A microcomputer-compensated crystal oscillator using a dual-mode resonator, in: Proceedings of the 43rd Annual Symposium on Frequency Control (May 1989) pp. 20–26. Google Scholar
  6. [6]
    V. Bharghavan, A. Demers, S. Shenker and L. Zhang, MACAW: A Media Access Protocol for Wireless LANs, in: Proceedings of the SIGCOMM’94 Conference on Communications Architectures, Protocols and Applications (August 1994) pp. 212–225. Google Scholar
  7. [7]
    K.A. Bradley, S. Cheung, N. Puketza, B. Mukherjee and R.A. Olsson, Detecting disruptive routers: a distributed network monitoring approach, in: Proceedings of the IEEE Symposium on Research in Security and Privacy (May 1998) pp. 115–124. Google Scholar
  8. [8]
    J. Broch, D.A. Maltz, D.B. Johnson, Y.-C. Hu and J.G. Jetcheva, A performance comparison of multi-hop wireless ad hoc network routing protocols, in: Proceedings of the 4th ACM/IEEE International Conference on Mobile Computing and Networking (MobiCom’98) (October 1998) pp. 85–97. Google Scholar
  9. [9]
    M. Brown, D. Cheung, D. Hankerson, J.L. Hernandez, M. Kirkup and A. Menezes, PGP in constrained wireless devices, in: Proceedings of the 9th USENIX Security Symposium (August 2000) pp. 247–261. Google Scholar
  10. [10]
    S. Cheung, An efficient message authentication scheme for link state routing, in: Proceedings of the 13th Annual Computer Security Applications Conference (1997) pp. 90–98. Google Scholar
  11. [11]
    S. Cheung and K. Levitt, Protecting routing infrastructures from denial of service using cooperative intrusion detection, in: Proceedings of the 1997 New Security Paradigms Workshop (September 1998) pp. 94–106. Google Scholar
  12. [12]
    T. Clark, Tom Clark’s totally accurate clock FTP site, Greenbelt, MA, available at ftp://aleph.gsfc.nasa.gov/GPS/totally.accurate.clock/
  13. [13]
    D. Coppersmith and M. Jakobsson, Almost optimal hash sequence traversal, in: Proceedings of the 4th Conference on Financial Cryptography (FC’02), Lecture Notes in Computer Science (2002) pp. 102–119. Google Scholar
  14. [14]
    T. Dierks and C. Allen, The TLS protocol, version 1.0, RFC 2246 (January 1999). Google Scholar
  15. [15]
    E. Gabber and A. Wool, How to prove where you are: tracking the location of customer equipment, in: Proceedings of the 5th ACM Conference on Computer and Communications Security (November 1998) pp. 142–149. Google Scholar
  16. [16]
    O. Goldreich, S. Goldwasser and S. Micali, How to construct random functions, Journal of the ACM 33(4) (1986) 792–807. CrossRefGoogle Scholar
  17. [17]
    R. Hauser, A. Przygienda and G. Tsudik, Reducing the cost of security in link state routing, in: Proceedings of the Symposium on Network and Distributed Systems Security (NDSS’97) (February 1997) pp. 93–99. Google Scholar
  18. [18]
    A. Heffernan, Protection of BGP sessions via the TCP MD5 signature option, RFC 2385 (August 1998). Google Scholar
  19. [19]
    Y.-C. Hu and D.B. Johnson, Caching strategies in on-demand routing protocols for wireless ad hoc networks, in: Proceedings of the 6th Annual IEEE/ACM International Conference on Mobile Computing and Networking (MobiCom 2000) (August 2000) pp. 231–242. Google Scholar
  20. [20]
    Y.-C. Hu and D.B. Johnson, Implicit source routing in on-demand ad hoc network routing, in: Proceedings of the 2nd Symposium on Mobile Ad Hoc Networking and Computing (MobiHoc 2001) (October 2001) pp. 1–10. Google Scholar
  21. [21]
    Y.-C. Hu, D.B. Johnson and A. Perrig, Secure efficient distance vector routing in mobile wireless ad hoc networks, in: Proceedings of the 4th IEEE Workshop on Mobile Computing Systems and Applications (WMCSA’02) (June 2002) pp. 3–13. Google Scholar
  22. [22]
    Y.-C. Hu, A. Perrig and D.B. Johnson, Ariadne: A secure on-demand routing protocol for wireless ad hoc networks, in: Proceedings of the 8th Annual International Conference on Mobile Computing and Networking (MobiCom 2002) (September 2002) pp. 12–23. Google Scholar
  23. [23]
    Y.-C. Hu, A. Perrig and D.B. Johnson, Rushing attacks and defense in wireless ad hoc network routing protocols, in: Proceedings of the 2003 ACM Workshop on Wireless Security (WiSe 2003) (September 2003) pp. 30–40. Google Scholar
  24. [24]
    Y.-C. Hu, A. Perrig and D.B. Johnson, Efficient security mechanisms for routing protocols, in: Proceedings of the 10th Annual Network and Distributed System Security Symposium (NDSS 2003) (February 2003) pp. 57–73. Google Scholar
  25. [25]
    Y.-C. Hu, A. Perrig and D.B. Johnson, Packet leashes: a defense against wormhole attacks in wireless ad hoc networks, in: Proceedings of the 22nd Annual Joint Conference of the IEEE Computer and Communications Societies (INFOCOM 2003) (April 2003) pp. 1976–1986. Google Scholar
  26. [26]
    J.-P. Hubaux, L. Buttyán and S. Čapkun, The quest for security in mobile ad hoc networks, in: Proceedings of the 2nd Symposium on Mobile Ad Hoc Networking and Computing (MobiHoc 2001) (October 2001) pp. 146–155. Google Scholar
  27. [27]
    IEEE Computer Society LAN MAN Standards Committee, Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) specifications, IEEE Std 802.11-1997, The Institute of Electrical and Electronics Engineers (1997). Google Scholar
  28. [28]
    P. Johansson, T. Larsson, N. Hedman, B. Mielczarek and M. Degermark, Scenario-based performance analysis of routing protocols for mobile ad-hoc networks, in: Proceedings of the 5th Annual ACM/IEEE International Conference on Mobile Computing and Networking (MobiCom’99) (August 1999) pp. 195–206. Google Scholar
  29. [29]
    D.B. Johnson, Routing in ad hoc networks of mobile hosts, in: Proceedings of the IEEE Workshop on Mobile Computing Systems and Applications (WMCSA’94) (December 1994) pp. 158–163. Google Scholar
  30. [30]
    D.B. Johnson and D.A. Maltz, Dynamic source routing in ad hoc wireless networks, in: Mobile Computing, eds. T. Imielinski and H. Korth (Kluwer Academic, 1996) chapter 5, pp. 153–181. Google Scholar
  31. [31]
    D.B. Johnson, D.A. Maltz, Y.-C. Hu and J.G. Jetcheva, The dynamic source routing protocol for mobile ad hoc networks, Internet-draft, draft-ietf-manet-dsr-07.txt (February 2002), work in progress. Google Scholar
  32. [32]
    J. Jubin and J.D. Tornow, The DARPA packet radio network protocols, Proceedings of the IEEE 75(1) (1987) 21–32. Google Scholar
  33. [33]
    S. Kent, C. Lynn, J. Mikkelson and K. Seo, Secure Border Gateway Protocol (S-BGP) – real world performance and deployment issues, in: Proceedings of the Symposium on Network and Distributed Systems Security (NDSS’00) (February 2000) pp. 103–116. Google Scholar
  34. [34]
    M. Kim and B. Noble, Mobile network estimation, in: Proceedings of the 7th Annual International Conference on Mobile Computing and Networking (MobiCom 2001) (July 2001) pp. 298–309. Google Scholar
  35. [35]
    Y.-B. Ko and N. Vaidya, Location-Aided Routing (LAR) in mobile ad hoc networks, in: Proceedings of the 4th ACM/IEEE International Conference on Mobile Computing and Networking (MobiCom’98) (October 1998) pp. 66–75. Google Scholar
  36. [36]
    J. Kohl and B.C. Neuman, The Kerberos Network Authentication Service (V. 5), RFC 1510 (September 1993). Google Scholar
  37. [37]
    B. Kumar, Integration of security in network routing protocols, SIGSAC Review 11(2) (1993) 18–25. Google Scholar
  38. [38]
    D.A. Maltz, J. Broch, J. Jetcheva and D.B. Johnson, The effects of on-demand behavior in routing protocols for multi-hop wireless ad hoc networks, IEEE Journal on Selected Areas in Communications 17(8) (1999) 1439–1453. CrossRefGoogle Scholar
  39. [39]
    D.A. Maltz, J. Broch and D.B. Johnson, Quantitative lessons from a full-scale multi-hop wireless ad hoc network testbed, in: Proceedings of the IEEE Wireless Communications and Networking Conference (September 2000) pp. 992–997. Google Scholar
  40. [40]
    S. Marti, T.J. Giuli, K. Lai and M. Baker, Mitigating routing misbehaviour in mobile ad hoc networks, in: Proceedings of the 6th Annual IEEE/ACM International Conference on Mobile Computing and Networking (MobiCom 2000) (August 2000) pp. 255–265. Google Scholar
  41. [41]
    M. Mathis, J. Mahdavi, S. Floyd and A. Romanow, TCP selective acknowledgment options, RFC 2018 (October 1996). Google Scholar
  42. [42]
    A.J. Menezes, P.C. van Oorschot and S.A. Vanstone, Handbook of Applied Cryptography, CRC Press Series on Discrete Mathematics and Its Applications (CRC Press, 1997). Google Scholar
  43. [43]
    T. Narten, E. Nordmark and W.A. Simpson, Neighbor discovery for IP, Version 6 (IPv6), RFC 2461 (December 1998). Google Scholar
  44. [44]
    P. Papadimitratos and Z.J. Haas, Secure routing for mobile ad hoc networks, in: Proceedings of the SCS Communication Networks and Distributed Systems Modeling and Simulation Conference (CNDS 2002) (January 2002). Google Scholar
  45. [45]
    C.E. Perkins and P. Bhagwat, Highly dynamic Destination-Sequenced Distance-Vector routing (DSDV) for mobile computers, in: Proceedings of the SIGCOMM’94 Conference on Communications Architectures, Protocols and Applications (August 1994) pp. 234–244. Google Scholar
  46. [46]
    C.E. Perkins and E.M. Royer, Ad-hoc on-demand distance vector routing, in: Proceedings of the 2nd IEEE Workshop on Mobile Computing Systems and Applications (WMCSA’99) (February 1999) pp. 90–100. Google Scholar
  47. [47]
    R. Perlman, Interconnections: Bridges and Routers (Addison-Wesley, 1992). Google Scholar
  48. [48]
    A. Perrig, R. Canetti, D. Song and J.D. Tygar, Efficient and secure source authentication for multicast, in: Proceedings of the Network and Distributed System Security Symposium, NDSS’01 (February 2001) pp. 35–46. Google Scholar
  49. [49]
    A. Perrig, R. Canetti, J.D. Tygar and D. Song, Efficient authentication and signing of multicast streams over lossy channels, in: Proceedings of the IEEE Symposium on Security and Privacy (May 2000) pp. 56–73. Google Scholar
  50. [50]
    A. Perrig, R. Szewczyk, V. Wen, D. Culler and J.D. Tygar, SPINS: Security Protocols for Sensor Networks, in: Proceedings of the 7th Annual International Conference on Mobile Computing and Networking (MobiCom 2001) (July 2001) pp. 189–199. Google Scholar
  51. [51]
    R.L. Pickholtz, D.L. Schilling and L.B. Milstein, Theory of spread spectrum communications – a tutorial, IEEE Transactions on Communications 30(5) (1982) 855–884. CrossRefGoogle Scholar
  52. [52]
    A. Qayyum, L. Viennot and A. Laouiti, Multipoint relaying: An efficient technique for flooding in mobile wireless networks, Technical Report, RR-3898, INRIA (February 2000). Google Scholar
  53. [53]
    T.S. Rappaport, Wireless Communications: Principles and Practice (Prentice Hall, 1996). Google Scholar
  54. [54]
    Y. Rekhter and T. Li, A Border Gateway Protocol 4 (BGP-4), RFC 1771 (March 1995). Google Scholar
  55. [55]
    R.L. Rivest, A. Shamir and L.M. Adleman, A method for obtaining digital signatures and public-key cryptosystems, Communications of the ACM 21(2) (1978) 120–126. CrossRefGoogle Scholar
  56. [56]
    P. Rohatgi, A compact and fast hybrid signature scheme for multicast packet authentication, in: Proceedings of the 6th ACM Conference on Computer and Communications Security (November 1999) pp. 93–100. Google Scholar
  57. [57]
    K. Sanzgiri, B. Dahill, B.N. Levine, C. Shields and E. Belding-Royer, A secure routing protocol for ad hoc networks, in: Proceedings of the 10th IEEE International Conference on Network Protocols (ICNP’02) (November 2002) pp. 78–87. Google Scholar
  58. [58]
    B.R. Smith and J.J. Garcia-Luna-Aceves, Securing the border gateway routing protocol, in: Proceedings of the Global Internet’96 (November 1996) pp. 81–85. Google Scholar
  59. [59]
    B.R. Smith, S. Murthy and J.J. Garcia-Luna-Aceves, Securing distance vector routing protocols, in: Proceedings of the Symposium on Network and Distributed Systems Security (NDSS’97) (February 1997) pp. 85–92. Google Scholar
  60. [60]
    F. Stajano and R. Anderson, The resurrecting duckling: security issues for ad-hoc wireless networks, in: Proceedings of the Security Protocols, 7th International Workshop, Lecture Notes in Computer Science, Vol. 1796 (Springer, 1999) pp. 172–194. Google Scholar
  61. [61]
    Trimble Navigation Ltd., Data sheet and specifications for Trimble Thunderbolt GPS disciplined clock, Sunnyvale, CA, available at http://www.trimble.com/thunderbolt.html
  62. [62]
    A. Tsirigos and Z.J. Haas, Multipath routing in mobile ad hoc networks or how to route in the presence of topological changes, in: Proceedings of the IEEE MILCOM 2001 (October 2001) pp. 878–883. Google Scholar
  63. [63]
    S. Yi, P. Naldurg and R. Kravets, Security-aware ad hoc routing for wireless networks, Technical Report UIUCDCS-R-2001-2241, Department of Computer Science, University of Illinois at Urbana-Champaign (August 2001). Google Scholar
  64. [64]
    M.G. Zapata and N. Asokan, Securing ad hoc routing protocols, in: Proceedings of the ACM Workshop on Wireless Security (WiSe 2002) (September 2002) pp. 1–10. Google Scholar
  65. [65]
    K. Zhang, Efficient protocols for signing routing messages, in: Proceedings of the Symposium on Network and Distributed Systems Security (NDSS’98) (March 1998). Google Scholar
  66. [66]
    L. Zhou and Z.J. Haas, Securing ad hoc networks, IEEE Network Magazine 13(6) (1999) 24–30. Google Scholar

Copyright information

© Springer Science + Business Media, Inc. 2005

Authors and Affiliations

  1. 1.Carnegie Mellon UniversityUSA
  2. 2.Rice UniversityUSA

Personalised recommendations