SAODV and Distributed Key Management Mark Guzman, Jeff Walter, Dan Bress, Pradhyumna Wani
Agenda SAODV AODV Authentication and Integrity Distributed Key Management Overview Advantages Disadvantages
AODV Ad-Hoc On-Demand Distance Vector Routing Reactive route discovery Contains no security (no authentication of source nodes, no data integrity checking)
AODV RREQ, RREP, RERR Each node maintains a routing table of destination nodes Each node uses sequence numbers to check ‘freshness’ of routes
AODV
SAODV Secure Ad-Hoc On-Demand Distance Vector Routing Authentication - must verify source node’s identity Data integrity - information passed through routing packets must not be tampered with
Authentication Digital signatures (asymmetric, one public and private key per node) No specific key distribution system Possibility of certificates
Integrity Mutable (hop count) vs. immutable (source and destination IP addresses) information Use Hash Chains to help secure the hop count Digital Signatures prevent tampering of immutable data
Issues High cost of using digital signatures Nothing to prevent some kinds of tampering of the hop count No exact key distribution system Man in the middle and tunneling attacks not prevented No mention of how to secure the process of joining group
Distributed Key Mangement Simple and Fault-Tolerant Key Agreement for Dynamic Collaborative Groups
Overview Efficient Key Management required to provide secure and reliable group communication Problem domain Dynamic Membership Distributed and Collaborative System
Key Management Solution Group Diffie-Hellman Secured Key exchanged between nodes Key Tree Efficient Key calculation
Key Trees Efficiency Tree Balancing Private and Public (blinded) Keys
Communication Group Key Agreement View Synchrony Guarantees group members receive same set of messages Sender’s requested message order preserved
Group Membership Events JOIN LEAVE MERGE PARTITION
JOIN Role of sponsor
Cascaded Events Event A occurs, and during its processing event B occurs. This is handled using re-entrance. Partially mitigated by VS usage
Security Cryptographic Requirements Group Key Secrecy Forward Secrecy Backward Secrecy Key Independence
Security cont. Security features of the protocol Each node contributes to group key Node’s shares are secret Group membership fluctuation handled All messages are signed by senders
Complexity Broadcast Tree Calculation