Presentation is loading. Please wait.

Presentation is loading. Please wait.

A secure anonymous routing protocol with authenticated key exchange for ad hoc networks Authors: R. Lu, Z. Cao, L. Wang, and C. Sun Sources: Computer Standards.

Published byLogan Washington Modified over 9 years ago

Similar presentations

Presentation on theme: "A secure anonymous routing protocol with authenticated key exchange for ad hoc networks Authors: R. Lu, Z. Cao, L. Wang, and C. Sun Sources: Computer Standards."— Presentation transcript:

1 A secure anonymous routing protocol with authenticated key exchange for ad hoc networks Authors: R. Lu, Z. Cao, L. Wang, and C. Sun Sources: Computer Standards & Interfaces, article in press. Reporter: Chun-Ta Li ( 李俊達 )

2 22 Outline  Motivation  SARPAKE (Secure Anonymous Routing Protocol with Authenticated Key Exchange) protocol  Comments

3 3 Motivation  Reactive routing (source-initiated on-demand driven) in privacy-vital environment Anonymity  Authenticated key exchange into the routing algorithm

4 4 SARPAKE protocol  Notations

5 5 SARPAKE protocol (cont.)  Assumptions

6 6 SARPAKE protocol (cont.)  Path discovery phase

7 7 SARPAKE protocol (cont.)  Path reverse phase

8 8 SARPAKE protocol (cont.)  Data transfer phase

9 9 Comments  Security weakness in data transfer phase (non- repudiation is not achieved) (replay attack) Node SNode DNode 1Node 2 [C||CH] [C’||CH’] C = [M] SK, h=H(C) CH = E PK1 (tag#, h) C = [M] SK, h=H(C) CH = E PK2 (tag#, h) Intruder C’ = [M’] SK’, h’=H(C’) CH’ = E PKD (tag#, h’) // No one can accuse that Node 2 is guilty because all of nodes are capable of forging this fake messages //

10 10 Comments  Even assumption 4 is used, anonymity might not be achieved (Assume that attacker can collect all the communication messages over ad hoc networks and tag# is public)

11 Comments  Improvement (path discovery phase) 11 || Nonce 0n (tag#, N n, Nonce 0n, ?, null, T 0 )  LRT 0 (tag#, N n-1, null, ?, null, T i )  LRT i (tag#, N n-2, null, ?, null, T n-1 )  LRT n-1 (tag#, N n-1, null, N 0, Nonce 0n, T n )  LRT n // Assume that the involved nodes for a specific route are trusted //

12 12 Comments  Improvement (path reverse phase) (tag#, N 2, Nonce 2D, N S, Nonce SD, T D )  LRT D Node SNode DNode 1Node 2 C 2 = E PK2 (tag#, Nonce 2 ) C D = E PKS (M||Nonce SD +1) [C D ||C 2 ] (tag#, N 1, Nonce 12, N D, Nonce 2D, T 2 )  LRT 2 C 1 = E PK1 (tag#, Nonce 1 ) C D = E PKS (M ||Nonce SD +1) [C D ||C 1 ] (tag#, N S, Nonce S1, N 2, Nonce 12, T 1 )  LRT 1 C S = E PKS (tag#, Nonce S ) C D = E PKS (M ||Nonce SD +1) [C D ||C S ] (tag#, 0, Nonce SD, N 1, Nonce S1, T S )  LRT S M = D SKS (C D )

13 13 Comments  Improvement (data transfer phase) Node SNode DNode 1Node 2 C = [M||Nonce SD +2] SK, h=H(C||Nonce S1 +1) CH = E PK1 (tag#, h) [C||CH] C = [M] SK, h=H(C||Nonce 12 +1) CH = E PK2 (tag#, h) [C||CH] C = [M] SK, h=H(C||Nonce 2D +1) CH = E PKD (tag#, h) [C||CH] H(C||Nonce 2D +1) ?= h M||Nonce SD +2 = D SK (C)

14 14 Comments  An efficient and secure routing protocol for providing anonymous channel and key exchange in ad hoc networks Node SNode DNode 1Node 2 h S = H(tag#, K SD ) M S = [tag# ||S||D||X=g x ||Nonse SD ) C S = E K SD (M S ) packet = [tag# ||hop||h S ||C S ) (tag#,N D,Nonce SD,?,null,T S )  LRT S packet (tag#,N S,null,?,null,T 1 )  LRT 1 (tag#,N 1,null,?,null,T 2 )  LRT 2 h D = H(tag#, K DS ) h D ?= h S (tag#,N 2,?,N S,Nonce SD,T D )  LRT D Node S: K S1, K S2, K SD Node 1: K 1S, K 12, K 1D Node 2: K 2S, K 21, K 2D Node D: K DS, K D1, K D2 session key table

15 15 Comments  Path reverse phase Node SNode D Node 1 Node 2 [D||C D ||C 2 ] session key SK=X y =g xy M D = [tag# ||S||D||Y=g y ||Nonce SD +1) C D = E K DS (M D ) C 2 = E K D2 (tag#||Nonce 2D ) D K 2D (C 2 ) to recover tag# C 1 = E K 21 (tag#|| Nonce 12 ) [2||C D ||C 1 ] D K 12 (C 1 ) to recover tag# C S = E K 1S (tag#|| Nonce S1 ) [1||C D ||C S ] D K SD (C D ) to verify Nonce SD +1 session key SK=Y x =g xy (tag#,N 1, Nonce 12,N D, Nonce 2D,T 2 )  LRT 2 (tag#,N S, Nonce S1,N 2, Nonce 12,T 1 )  LRT 1 (tag#,N D, Nonce SD,N 1, Nonce S1,T S )  LRT S

16 16 Comments (cont.)  Data transfer phase Node SNode DNode 1Node 2 [S||C||CH] C = E SK (M||Nonce SD +2), h=H(C|| Nonce S1 +1) CH = E S1 (tag#||h) CH = E 12 (tag#||h) [1||C||CH] CH = E 2D (tag#||h) [2||C||CH] Verify H(C|| Nonce 2D +1)?=h M||Nonce SD +2 = D SK (C) Verify H(C|| Nonce S1 +1)?=h h=H(C|| Nonce 12 +1) h=H(C|| Nonce 2D +1) Verify H(C|| Nonce S1 +1)?=h

Download ppt "A secure anonymous routing protocol with authenticated key exchange for ad hoc networks Authors: R. Lu, Z. Cao, L. Wang, and C. Sun Sources: Computer Standards."

Similar presentations

Efficient Kerberized Multicast Olga Kornievskaia University of Michigan Giovanni Di Crescenzo Telcordia Technologies.

Efficient Kerberized Multicast Olga Kornievskaia University of Michigan Giovanni Di Crescenzo Telcordia Technologies.
By Md Emran Mazumder Ottawa University Student no: 6282845.

By Md Emran Mazumder Ottawa University Student no:
A key agreement protocol using mutual Authentication for Ad-Hoc Networks IEEE 2005 Authors : Chichun Lo, Chunchieh Huang, Yongxin Huang Date : 2005_11_29.

A key agreement protocol using mutual Authentication for Ad-Hoc Networks IEEE 2005 Authors : Chichun Lo, Chunchieh Huang, Yongxin Huang Date : 2005_11_29.
A hierarchical key management scheme for secure group communications in mobile ad hoc networks Authors: Nen-Chung Wang and Shian-Zhang Fang Sources: The.

A hierarchical key management scheme for secure group communications in mobile ad hoc networks Authors: Nen-Chung Wang and Shian-Zhang Fang Sources: The.
1 Efficient Self-Healing Group Key Distribution with Revocation Capability by Donggang Liu, Peng Ning, Kun Sun Presented by Haihui Huang

1 Efficient Self-Healing Group Key Distribution with Revocation Capability by Donggang Liu, Peng Ning, Kun Sun Presented by Haihui Huang
Kerberos Assisted Authentication in Mobile Ad-hoc Networks Authors: Asad Amir Pirzada and Chris McDonald Sources: Proceedings of the 27th Australasian.

Kerberos Assisted Authentication in Mobile Ad-hoc Networks Authors: Asad Amir Pirzada and Chris McDonald Sources: Proceedings of the 27th Australasian.
Further improvement on the modified authenticated key agreement scheme Authors: N.Y. Lee and M.F. Lee Source: Applied Mathematics and Computation, Vol.157,

Further improvement on the modified authenticated key agreement scheme Authors: N.Y. Lee and M.F. Lee Source: Applied Mathematics and Computation, Vol.157,
Analysis of the 802.11i 4-Way Handshake Changhua He, John C Mitchell Stanford University WiSE, Oct. 1, 2004.

Analysis of the i 4-Way Handshake Changhua He, John C Mitchell Stanford University WiSE, Oct. 1, 2004.
Analysis and Improvements over DoS Attacks against IEEE 802.11i Standard Networks Security, Wireless Communications and Trusted Computing(NSWCTC), 2010.

Analysis and Improvements over DoS Attacks against IEEE i Standard Networks Security, Wireless Communications and Trusted Computing(NSWCTC), 2010.
TAODV: A Trusted AODV Routing Protocol for MANET Li Xiaoqi, GiGi March 22, 2004.

TAODV: A Trusted AODV Routing Protocol for MANET Li Xiaoqi, GiGi March 22, 2004.
A Survey of Secure Wireless Ad Hoc Routing

A Survey of Secure Wireless Ad Hoc Routing
1 Secure Credit Card Transactions on an Untrusted Channel Source: Information Sciences in review Presenter: Tsuei-Hung Sun ( 孫翠鴻 ) Date: 2010/9/24.

1 Secure Credit Card Transactions on an Untrusted Channel Source: Information Sciences in review Presenter: Tsuei-Hung Sun ( 孫翠鴻 ) Date: 2010/9/24.
Implementation of a Two-way Authentication Protocol Using Shared Key with Hash CS265 Sec. 2 David Wang.

Implementation of a Two-way Authentication Protocol Using Shared Key with Hash CS265 Sec. 2 David Wang.
Nov.6, 2002 Secure Routing Protocol for Ad Hoc Networks Li Xiaoqi.

Nov.6, 2002 Secure Routing Protocol for Ad Hoc Networks Li Xiaoqi.
Secure Data Communication in Mobile Ad Hoc Networks Authors: Panagiotis Papadimitratos and Zygmunt J Haas Presented by Sarah Casey Authors: Panagiotis.

Secure Data Communication in Mobile Ad Hoc Networks Authors: Panagiotis Papadimitratos and Zygmunt J Haas Presented by Sarah Casey Authors: Panagiotis.
SUMP: A Secure Unicast Messaging Protocol for Wireless Ad Hoc Sensor Networks Jeff Janies, Chin-Tser Huang, Nathan L. Johnson.

SUMP: A Secure Unicast Messaging Protocol for Wireless Ad Hoc Sensor Networks Jeff Janies, Chin-Tser Huang, Nathan L. Johnson.
Trust Level Based Self-Organized Routing Protocol for Secure Ad Hoc Networks Li Xiaoqi, GiGi 12/3/2002.

Trust Level Based Self-Organized Routing Protocol for Secure Ad Hoc Networks Li Xiaoqi, GiGi 12/3/2002.
TAODV: A Trust Model Based Routing Protocol for Secure Ad Hoc Networks Li Xiaoqi, GiGi October 28, 2003.

TAODV: A Trust Model Based Routing Protocol for Secure Ad Hoc Networks Li Xiaoqi, GiGi October 28, 2003.
TAODV: A Trust Model Based Routing Protocol for Secure Ad Hoc Networks Xiaoqi Li, Michael R. Lyu, and Jiangchuan Liu IEEE Aerospace Conference March 2004.

TAODV: A Trust Model Based Routing Protocol for Secure Ad Hoc Networks Xiaoqi Li, Michael R. Lyu, and Jiangchuan Liu IEEE Aerospace Conference March 2004.
CMSC 414 Computer and Network Security Lecture 16 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 16 Jonathan Katz.

Similar presentations

Ads by Google