SAODV and Distributed Key Management

Mark Guzman, Jeff Walter, Dan Bress, Pradhyumna Wani

Agenda SAODV

AODV Authentication and Integrity

Distributed Key Management Overview Advantages Disadvantages

AODV Ad-Hoc On-Demand Distance Vector

Routing Reactive route discovery Contains no security (no authentication

of source nodes, no data integrity checking)

AODV RREQ, RREP, RERR Each node maintains a routing table of

destination nodes Each node uses sequence numbers to

check ‘freshness’ of routes

AODV

SAODV Secure Ad-Hoc On-Demand Distance

Vector Routing Authentication

- must verify source node’s identity Data integrity

- information passed through routing packets must not be tampered with

Authentication Digital signatures (asymmetric, one

public and private key per node) No specific key distribution system Possibility of certificates

Integrity Mutable (hop count) vs. immutable

(source and destination IP addresses) information

Use Hash Chains to help secure the hop count

Digital Signatures prevent tampering of immutable data

Issues High cost of using digital signatures Nothing to prevent some kinds of

tampering of the hop count No exact key distribution system Man in the middle and tunneling attacks

not prevented No mention of how to secure the

process of joining group

Distributed Key Mangement Simple and Fault-Tolerant Key

Agreement for Dynamic Collaborative Groups

Overview Efficient Key Management required to

provide secure and reliable group communication

Problem domain Dynamic Membership Distributed and Collaborative System

Key Management Solution Group Diffie-Hellman

Secured Key exchanged between nodes Key Tree

Efficient Key calculation

Key Trees Efficiency

Tree Balancing Private and Public (blinded) Keys

Communication Group Key Agreement View Synchrony

Guarantees group members receive same set of messages

Sender’s requested message order preserved

Group Membership Events JOIN LEAVE MERGE PARTITION

JOIN Role of sponsor

Cascaded Events Event A occurs, and during its

processing event B occurs. This is handled using re-entrance. Partially mitigated by VS usage

Security Cryptographic Requirements

Group Key Secrecy Forward Secrecy Backward Secrecy Key Independence

Security cont. Security features of the protocol

Each node contributes to group key Node’s shares are secret Group membership fluctuation handled All messages are signed by senders

Complexity Broadcast Tree Calculation