Ariadne: A Secure On-Demand Routing Protocol for Ad Hoc Networks

Abstract

An ad hoc network is a group of wireless mobile computers (or nodes), in which individual nodes cooperate by forwarding packets for each other to allow nodes to communicate beyond direct wireless transmission range. Prior research in ad hoc networking has generally studied the routing problem in a non-adversarial setting, assuming a trusted environment. In this paper, we present attacks against routing in ad hoc networks, and we present the design and performance evaluation of a new secure on-demand ad hoc network routing protocol, called Ariadne. Ariadne prevents attackers or compromised nodes from tampering with uncompromised routes consisting of uncompromised nodes, and also prevents many types of Denial-of-Service attacks. In addition, Ariadne is efficient, using only highly efficient symmetric cryptographic primitives.

This is a preview of subscription content, access via your institution.

References

  1. [1]

    N. Abramson, The ALOHA system – another alternative for computer communications, in: Proceedings of the Fall 1970 AFIPS Computer Conference (November 1970) pp. 281–285.

  2. [2]

    S. Basagni, K. Herrin, E. Rosti and D. Bruschi, Secure pebblenets, in: Proceedings of the 2nd Symposium on Mobile Ad Hoc Networking and Computing (MobiHoc 2001) (October 2001) pp. 156–163.

  3. [3]

    M. Bellare, R. Canetti and H. Krawczyk, Keying hash functions for message authentication, in: Advances in Cryptology – Crypto’96, Lecture Notes in Computer Science, Vol. 1109, ed. N. Koblitz (Springer, 1996) pp. 1–15.

  4. [4]

    B. Bellur and R.G. Ogier, A reliable, efficient topology broadcast protocol for dynamic networks, in: Proceedings of the 18th Annual Joint Conference of the IEEE Computer and Communications Societies (INFOCOM’99) (March 1999) pp. 178–186.

  5. [5]

    A. Benjaminson and S.C. Stallings, A microcomputer-compensated crystal oscillator using a dual-mode resonator, in: Proceedings of the 43rd Annual Symposium on Frequency Control (May 1989) pp. 20–26.

  6. [6]

    V. Bharghavan, A. Demers, S. Shenker and L. Zhang, MACAW: A Media Access Protocol for Wireless LANs, in: Proceedings of the SIGCOMM’94 Conference on Communications Architectures, Protocols and Applications (August 1994) pp. 212–225.

  7. [7]

    K.A. Bradley, S. Cheung, N. Puketza, B. Mukherjee and R.A. Olsson, Detecting disruptive routers: a distributed network monitoring approach, in: Proceedings of the IEEE Symposium on Research in Security and Privacy (May 1998) pp. 115–124.

  8. [8]

    J. Broch, D.A. Maltz, D.B. Johnson, Y.-C. Hu and J.G. Jetcheva, A performance comparison of multi-hop wireless ad hoc network routing protocols, in: Proceedings of the 4th ACM/IEEE International Conference on Mobile Computing and Networking (MobiCom’98) (October 1998) pp. 85–97.

  9. [9]

    M. Brown, D. Cheung, D. Hankerson, J.L. Hernandez, M. Kirkup and A. Menezes, PGP in constrained wireless devices, in: Proceedings of the 9th USENIX Security Symposium (August 2000) pp. 247–261.

  10. [10]

    S. Cheung, An efficient message authentication scheme for link state routing, in: Proceedings of the 13th Annual Computer Security Applications Conference (1997) pp. 90–98.

  11. [11]

    S. Cheung and K. Levitt, Protecting routing infrastructures from denial of service using cooperative intrusion detection, in: Proceedings of the 1997 New Security Paradigms Workshop (September 1998) pp. 94–106.

  12. [12]

    T. Clark, Tom Clark’s totally accurate clock FTP site, Greenbelt, MA, available at ftp://aleph.gsfc.nasa.gov/GPS/totally.accurate.clock/

  13. [13]

    D. Coppersmith and M. Jakobsson, Almost optimal hash sequence traversal, in: Proceedings of the 4th Conference on Financial Cryptography (FC’02), Lecture Notes in Computer Science (2002) pp. 102–119.

  14. [14]

    T. Dierks and C. Allen, The TLS protocol, version 1.0, RFC 2246 (January 1999).

  15. [15]

    E. Gabber and A. Wool, How to prove where you are: tracking the location of customer equipment, in: Proceedings of the 5th ACM Conference on Computer and Communications Security (November 1998) pp. 142–149.

  16. [16]

    O. Goldreich, S. Goldwasser and S. Micali, How to construct random functions, Journal of the ACM 33(4) (1986) 792–807.

    Article  Google Scholar 

  17. [17]

    R. Hauser, A. Przygienda and G. Tsudik, Reducing the cost of security in link state routing, in: Proceedings of the Symposium on Network and Distributed Systems Security (NDSS’97) (February 1997) pp. 93–99.

  18. [18]

    A. Heffernan, Protection of BGP sessions via the TCP MD5 signature option, RFC 2385 (August 1998).

  19. [19]

    Y.-C. Hu and D.B. Johnson, Caching strategies in on-demand routing protocols for wireless ad hoc networks, in: Proceedings of the 6th Annual IEEE/ACM International Conference on Mobile Computing and Networking (MobiCom 2000) (August 2000) pp. 231–242.

  20. [20]

    Y.-C. Hu and D.B. Johnson, Implicit source routing in on-demand ad hoc network routing, in: Proceedings of the 2nd Symposium on Mobile Ad Hoc Networking and Computing (MobiHoc 2001) (October 2001) pp. 1–10.

  21. [21]

    Y.-C. Hu, D.B. Johnson and A. Perrig, Secure efficient distance vector routing in mobile wireless ad hoc networks, in: Proceedings of the 4th IEEE Workshop on Mobile Computing Systems and Applications (WMCSA’02) (June 2002) pp. 3–13.

  22. [22]

    Y.-C. Hu, A. Perrig and D.B. Johnson, Ariadne: A secure on-demand routing protocol for wireless ad hoc networks, in: Proceedings of the 8th Annual International Conference on Mobile Computing and Networking (MobiCom 2002) (September 2002) pp. 12–23.

  23. [23]

    Y.-C. Hu, A. Perrig and D.B. Johnson, Rushing attacks and defense in wireless ad hoc network routing protocols, in: Proceedings of the 2003 ACM Workshop on Wireless Security (WiSe 2003) (September 2003) pp. 30–40.

  24. [24]

    Y.-C. Hu, A. Perrig and D.B. Johnson, Efficient security mechanisms for routing protocols, in: Proceedings of the 10th Annual Network and Distributed System Security Symposium (NDSS 2003) (February 2003) pp. 57–73.

  25. [25]

    Y.-C. Hu, A. Perrig and D.B. Johnson, Packet leashes: a defense against wormhole attacks in wireless ad hoc networks, in: Proceedings of the 22nd Annual Joint Conference of the IEEE Computer and Communications Societies (INFOCOM 2003) (April 2003) pp. 1976–1986.

  26. [26]

    J.-P. Hubaux, L. Buttyán and S. Čapkun, The quest for security in mobile ad hoc networks, in: Proceedings of the 2nd Symposium on Mobile Ad Hoc Networking and Computing (MobiHoc 2001) (October 2001) pp. 146–155.

  27. [27]

    IEEE Computer Society LAN MAN Standards Committee, Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) specifications, IEEE Std 802.11-1997, The Institute of Electrical and Electronics Engineers (1997).

  28. [28]

    P. Johansson, T. Larsson, N. Hedman, B. Mielczarek and M. Degermark, Scenario-based performance analysis of routing protocols for mobile ad-hoc networks, in: Proceedings of the 5th Annual ACM/IEEE International Conference on Mobile Computing and Networking (MobiCom’99) (August 1999) pp. 195–206.

  29. [29]

    D.B. Johnson, Routing in ad hoc networks of mobile hosts, in: Proceedings of the IEEE Workshop on Mobile Computing Systems and Applications (WMCSA’94) (December 1994) pp. 158–163.

  30. [30]

    D.B. Johnson and D.A. Maltz, Dynamic source routing in ad hoc wireless networks, in: Mobile Computing, eds. T. Imielinski and H. Korth (Kluwer Academic, 1996) chapter 5, pp. 153–181.

  31. [31]

    D.B. Johnson, D.A. Maltz, Y.-C. Hu and J.G. Jetcheva, The dynamic source routing protocol for mobile ad hoc networks, Internet-draft, draft-ietf-manet-dsr-07.txt (February 2002), work in progress.

  32. [32]

    J. Jubin and J.D. Tornow, The DARPA packet radio network protocols, Proceedings of the IEEE 75(1) (1987) 21–32.

    Google Scholar 

  33. [33]

    S. Kent, C. Lynn, J. Mikkelson and K. Seo, Secure Border Gateway Protocol (S-BGP) – real world performance and deployment issues, in: Proceedings of the Symposium on Network and Distributed Systems Security (NDSS’00) (February 2000) pp. 103–116.

  34. [34]

    M. Kim and B. Noble, Mobile network estimation, in: Proceedings of the 7th Annual International Conference on Mobile Computing and Networking (MobiCom 2001) (July 2001) pp. 298–309.

  35. [35]

    Y.-B. Ko and N. Vaidya, Location-Aided Routing (LAR) in mobile ad hoc networks, in: Proceedings of the 4th ACM/IEEE International Conference on Mobile Computing and Networking (MobiCom’98) (October 1998) pp. 66–75.

  36. [36]

    J. Kohl and B.C. Neuman, The Kerberos Network Authentication Service (V. 5), RFC 1510 (September 1993).

  37. [37]

    B. Kumar, Integration of security in network routing protocols, SIGSAC Review 11(2) (1993) 18–25.

    Google Scholar 

  38. [38]

    D.A. Maltz, J. Broch, J. Jetcheva and D.B. Johnson, The effects of on-demand behavior in routing protocols for multi-hop wireless ad hoc networks, IEEE Journal on Selected Areas in Communications 17(8) (1999) 1439–1453.

    Article  Google Scholar 

  39. [39]

    D.A. Maltz, J. Broch and D.B. Johnson, Quantitative lessons from a full-scale multi-hop wireless ad hoc network testbed, in: Proceedings of the IEEE Wireless Communications and Networking Conference (September 2000) pp. 992–997.

  40. [40]

    S. Marti, T.J. Giuli, K. Lai and M. Baker, Mitigating routing misbehaviour in mobile ad hoc networks, in: Proceedings of the 6th Annual IEEE/ACM International Conference on Mobile Computing and Networking (MobiCom 2000) (August 2000) pp. 255–265.

  41. [41]

    M. Mathis, J. Mahdavi, S. Floyd and A. Romanow, TCP selective acknowledgment options, RFC 2018 (October 1996).

  42. [42]

    A.J. Menezes, P.C. van Oorschot and S.A. Vanstone, Handbook of Applied Cryptography, CRC Press Series on Discrete Mathematics and Its Applications (CRC Press, 1997).

  43. [43]

    T. Narten, E. Nordmark and W.A. Simpson, Neighbor discovery for IP, Version 6 (IPv6), RFC 2461 (December 1998).

  44. [44]

    P. Papadimitratos and Z.J. Haas, Secure routing for mobile ad hoc networks, in: Proceedings of the SCS Communication Networks and Distributed Systems Modeling and Simulation Conference (CNDS 2002) (January 2002).

  45. [45]

    C.E. Perkins and P. Bhagwat, Highly dynamic Destination-Sequenced Distance-Vector routing (DSDV) for mobile computers, in: Proceedings of the SIGCOMM’94 Conference on Communications Architectures, Protocols and Applications (August 1994) pp. 234–244.

  46. [46]

    C.E. Perkins and E.M. Royer, Ad-hoc on-demand distance vector routing, in: Proceedings of the 2nd IEEE Workshop on Mobile Computing Systems and Applications (WMCSA’99) (February 1999) pp. 90–100.

  47. [47]

    R. Perlman, Interconnections: Bridges and Routers (Addison-Wesley, 1992).

  48. [48]

    A. Perrig, R. Canetti, D. Song and J.D. Tygar, Efficient and secure source authentication for multicast, in: Proceedings of the Network and Distributed System Security Symposium, NDSS’01 (February 2001) pp. 35–46.

  49. [49]

    A. Perrig, R. Canetti, J.D. Tygar and D. Song, Efficient authentication and signing of multicast streams over lossy channels, in: Proceedings of the IEEE Symposium on Security and Privacy (May 2000) pp. 56–73.

  50. [50]

    A. Perrig, R. Szewczyk, V. Wen, D. Culler and J.D. Tygar, SPINS: Security Protocols for Sensor Networks, in: Proceedings of the 7th Annual International Conference on Mobile Computing and Networking (MobiCom 2001) (July 2001) pp. 189–199.

  51. [51]

    R.L. Pickholtz, D.L. Schilling and L.B. Milstein, Theory of spread spectrum communications – a tutorial, IEEE Transactions on Communications 30(5) (1982) 855–884.

    Article  Google Scholar 

  52. [52]

    A. Qayyum, L. Viennot and A. Laouiti, Multipoint relaying: An efficient technique for flooding in mobile wireless networks, Technical Report, RR-3898, INRIA (February 2000).

  53. [53]

    T.S. Rappaport, Wireless Communications: Principles and Practice (Prentice Hall, 1996).

  54. [54]

    Y. Rekhter and T. Li, A Border Gateway Protocol 4 (BGP-4), RFC 1771 (March 1995).

  55. [55]

    R.L. Rivest, A. Shamir and L.M. Adleman, A method for obtaining digital signatures and public-key cryptosystems, Communications of the ACM 21(2) (1978) 120–126.

    Article  Google Scholar 

  56. [56]

    P. Rohatgi, A compact and fast hybrid signature scheme for multicast packet authentication, in: Proceedings of the 6th ACM Conference on Computer and Communications Security (November 1999) pp. 93–100.

  57. [57]

    K. Sanzgiri, B. Dahill, B.N. Levine, C. Shields and E. Belding-Royer, A secure routing protocol for ad hoc networks, in: Proceedings of the 10th IEEE International Conference on Network Protocols (ICNP’02) (November 2002) pp. 78–87.

  58. [58]

    B.R. Smith and J.J. Garcia-Luna-Aceves, Securing the border gateway routing protocol, in: Proceedings of the Global Internet’96 (November 1996) pp. 81–85.

  59. [59]

    B.R. Smith, S. Murthy and J.J. Garcia-Luna-Aceves, Securing distance vector routing protocols, in: Proceedings of the Symposium on Network and Distributed Systems Security (NDSS’97) (February 1997) pp. 85–92.

  60. [60]

    F. Stajano and R. Anderson, The resurrecting duckling: security issues for ad-hoc wireless networks, in: Proceedings of the Security Protocols, 7th International Workshop, Lecture Notes in Computer Science, Vol. 1796 (Springer, 1999) pp. 172–194.

  61. [61]

    Trimble Navigation Ltd., Data sheet and specifications for Trimble Thunderbolt GPS disciplined clock, Sunnyvale, CA, available at http://www.trimble.com/thunderbolt.html

  62. [62]

    A. Tsirigos and Z.J. Haas, Multipath routing in mobile ad hoc networks or how to route in the presence of topological changes, in: Proceedings of the IEEE MILCOM 2001 (October 2001) pp. 878–883.

  63. [63]

    S. Yi, P. Naldurg and R. Kravets, Security-aware ad hoc routing for wireless networks, Technical Report UIUCDCS-R-2001-2241, Department of Computer Science, University of Illinois at Urbana-Champaign (August 2001).

  64. [64]

    M.G. Zapata and N. Asokan, Securing ad hoc routing protocols, in: Proceedings of the ACM Workshop on Wireless Security (WiSe 2002) (September 2002) pp. 1–10.

  65. [65]

    K. Zhang, Efficient protocols for signing routing messages, in: Proceedings of the Symposium on Network and Distributed Systems Security (NDSS’98) (March 1998).

  66. [66]

    L. Zhou and Z.J. Haas, Securing ad hoc networks, IEEE Network Magazine 13(6) (1999) 24–30.

    Google Scholar 

Download references

Author information

Affiliations

Authors

Corresponding author

Correspondence to Yih-Chun Hu.

Rights and permissions

Reprints and Permissions

About this article

Cite this article

Hu, YC., Perrig, A. & Johnson, D.B. Ariadne: A Secure On-Demand Routing Protocol for Ad Hoc Networks. Wireless Netw 11, 21–38 (2005). https://doi.org/10.1007/s11276-004-4744-y

Download citation

Keywords

  • mobile ad hoc network
  • ad hoc network routing
  • secure routing
  • secure ad hoc network routing
  • Ariadne