New Strategies for Revocation in Ad-Hoc Networks

  • Tyler Moore
  • Jolyon Clulow
  • Shishir Nagaraja
  • Ross Anderson
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4572)


Responding to misbehavior in ad-hoc and sensor networks is difficult. We propose new techniques for deciding when to remove nodes in a decentralized manner. Rather than blackballing nodes that misbehave, a more efficient approach turns out to be reelection – requiring nodes to secure a majority or plurality of approval from their neighbors at regular intervals. This can be implemented in a standard model of voting in which the nodes form a club, or in a lightweight scheme where each node periodically broadcasts a ‘buddy list’ of neighbors it trusts. This allows much greater flexibility of trust strategies than a predetermined voting mechanism. We then consider an even more radical strategy still – suicide attacks – in which a node on perceiving another node to be misbehaving simply declares both of them to be dead. Other nodes thereafter ignore them both. Suicide attacks, found in a number of contexts in nature from bees to helper T-cells, turn out to be more efficient still for an interesting range of system parameters.


credential revocation sensor networks key management 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Anderson, R.: The eternity service. In: First International Conference on the Theory and Applications of Cryptology (PRAGOCRYPT) (1996)Google Scholar
  2. 2.
    Eschenauer, L., Gligor, V.D.: A key-management scheme for distributed sensor networks. In: CCS. 9th ACM Conference on Computer and Communications Security, pp. 41–47. ACM Press, New York (2002)Google Scholar
  3. 3.
    Chan, H., Perrig, A., Song, D.X.: Random key predistribution schemes for sensor networks. In: IEEE Symposium on Security and Privacy (S&P), pp. 197–213. IEEE Computer Society Press, Los Alamitos (2003)Google Scholar
  4. 4.
    Du, W., Deng, J., Han, Y.S., Varshney, P.K.: A pairwise key pre-distribution scheme for wireless sensor networks. In: 10th ACM CCS, pp. 42–51. ACM, New York (2003)CrossRefGoogle Scholar
  5. 5.
    Liu, D., Ning, P.: Establishing pairwise keys in distributed sensor networks. In: 10th ACM CCS, pp. 52–61. ACM Press, New York (2003)CrossRefGoogle Scholar
  6. 6.
    Zhu, S., Setia, S., Jajodia, S.: LEAP: efficient security mechanisms for large-scale distributed sensor networks. In: 10th ACM CCS, pp. 62–72. ACM Press, New York (2003)CrossRefGoogle Scholar
  7. 7.
    Anderson, R.J., Chan, H., Perrig, A.: Key infection: Smart trust for smart dust. In: 12th IEEE International Conference on Network Protocols, pp. 206–215. IEEE Computer Society Press, Los Alamitos (2004)CrossRefGoogle Scholar
  8. 8.
    Douceur, J.R.: The Sybil attack. In: Druschel, P., Kaashoek, M.F., Rowstron, A. (eds.) IPTPS 2002. LNCS, vol. 2429, pp. 251–260. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  9. 9.
    Newsome, J., Shi, E., Song, D.X., Perrig, A.: The Sybil attack in sensor networks: analysis and defenses. In: 3rd International Symposium on Information Processing in Sensor Networks, pp. 259–268. ACM Press, New York (2004)CrossRefGoogle Scholar
  10. 10.
    Parno, B., Perrig, A., Gligor, V.D.: Distributed detection of node replication attacks in sensor networks. In: IEEE S&P, pp. 49–63. IEEE Computer Society Press, Los Alamitos (2005)Google Scholar
  11. 11.
    Hu, Y.C., Perrig, A., Johnson, D.B.: Packet leashes: A defense against wormhole attacks in wireless networks. In: 22nd IEEE INFOCOM, IEEE Computer Society Press, Los Alamitos (2003)Google Scholar
  12. 12.
    Brands, S., Chaum, D.: Distance-bounding protocols (extended abstract). In: Helleseth, T. (ed.) EUROCRYPT 1993. LNCS, vol. 765, pp. 344–359. Springer, Heidelberg (1994)Google Scholar
  13. 13.
    Hancke, G.P., Kuhn, M.G.: An RFID distance bounding protocol. In: IEEE Secure Comm., pp. 67–73. IEEE Computer Society Press, Los Alamitos (2005)Google Scholar
  14. 14.
    Capkun, S., Buttyan, L., Hubaux, J.P.: SECTOR: secure tracking of node encounters in multi-hop wireless networks. In: 1st ACM Workshop on Security of ad hoc and Sensor Networks, pp. 21–32. ACM Press, New York (2003)CrossRefGoogle Scholar
  15. 15.
    Marti, S., Giuli, T.J., Lai, K., Baker, M.: Mitigating routing misbehavior in mobile ad hoc networks. In: 6th International Conference on Mobile Computing and Networking, pp. 255–265. ACM Press, New York (2000)CrossRefGoogle Scholar
  16. 16.
    Chan, H., Gligor, V.D., Perrig, A., Muralidharan, G.: On the distribution and revocation of cryptographic keys in sensor networks. IEEE Transactions on Dependable Secure Computing 2(3), 233–247 (2005)CrossRefGoogle Scholar
  17. 17.
    Moore, T., Clulow, J.: Secure path-key revocation for symmetric key pre-distribution schemes in sensor networks. In: 22nd IFIP TC-11 International Information Security Conference (to appear, 2007)Google Scholar
  18. 18.
    Anderson, R., Bergadano, F., Crispo, B., Lee, J.H., Manifavas, C., Needham, R.: A new family of authentication protocols. ACM SIGOPS Operating Systems Review (OSR) 32(4), 9–20 (1998)CrossRefGoogle Scholar
  19. 19.
    Clulow, J., Moore, T.: Suicide for the common good: a new strategy for credential revocation in self-organizing systems. ACM SIGOPS OSR 40(3), 18–21 (2006)CrossRefGoogle Scholar
  20. 20.
    Perrig, A., Canetti, R., Tygar, J.D., Song, D.X.: Ecient authentication and signing of multicast streams over lossy channels. In: IEEE S&P, pp. 56–73. IEEE Computer Society Press, Los Alamitos (2000)Google Scholar
  21. 21.
    Merkle, R.C.: A certified digital signature. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol. 435, pp. 218–238. Springer, Heidelberg (1990)Google Scholar
  22. 22.
    Seys, S., Preneel, B.: Power consumption evaluation of efficient digital signature schemes for low power devices. In: IEEE International Conference on Wireless And Mobile Computing, Networking And Communications, pp. 79–86. IEEE Computer Society Press, Los Alamitos (2005)CrossRefGoogle Scholar
  23. 23.
    Danezis, G., Anderson, R.: The economics of resisting censorship. IEEE Security& Privacy 3(1), 45–50 (2005)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2007

Authors and Affiliations

  • Tyler Moore
    • 1
  • Jolyon Clulow
    • 1
  • Shishir Nagaraja
    • 1
  • Ross Anderson
    • 1
  1. 1.Computer Laboratory, University of Cambridge, 15 JJ Thomson Avenue, Cambridge CB3 0FDUnited Kingdom

Personalised recommendations