Hisham Dahshan

A robust self-organized public key management for mobile ad hoc networks

A mobile ad hoc network (MANET) is a self-organized wireless network where mobile nodes can communicate with each other without the use of any existing network infrastructure or centralized administration. Trust establishment and management are essential for any security framework of MANETs. However, traditional solutions to key management through accessing trusted authorities or centralized servers are infeasible for MANETs due to the absence of infrastructure, frequent mobility, and wireless link instability. In this paper, we propose a robust self-organized, public key management for MANETs. The proposed scheme relies on establishing a small number of trust relations between neighboring nodes during the network initialization phase. Experiences gained as a result of successful communications and node mobility through the network enhance the formation of a web of trust between mobile nodes. The proposed scheme allows each user to create its public key and the corresponding private key, to issue certificates to neighboring nodes, and to perform public key authentication through at least two independent certificate chains without relying on any centralized authority. A measure of the communications cost of the key distribution process has been proposed. Simulation results show that the proposed scheme is robust and efficient in the mobility environment of MANET and against malicious node attacks.

On Demand Self-Organized Public Key Management for Mobile Ad Hoc Networks

A mobile ad hoc network MANET is a self-organized wireless network where mobile nodes can communicate with each other without reliance on a centralized authority. Security solutions for traditional networks are not suitable for MANETs due to the infrastructureless nature and the absence of centralized administration. Key management through accessing trusted authorities or centralized servers are infeasible for MANETs due to the absence of any infrastructure, frequent mobility, and wireless link instability. In this paper we propose an on demand, self-organized, public key management for MANETs based on the existence of a web of trust between mobile nodes forming the network. The proposed scheme allows each user to create its public key and the corresponding private key, to issue certificates to neighboring nodes, and to perform public key authentication without relying on any centralized authority. Simulation results show that the proposed scheme is efficient and highly robust in stationary networks and networks with low to high mobility.

An Elliptic Curve Distributed Key Management for Mobile Ad Hoc Networks

Due to the characteristics of mobile ad hoc networks such as lack of infrastructure, shared wireless medium, resource constraints, and highly dynamic topology, a number of challenges to security design arise. In mobile ad hoc networks MANETs, traditional security solutions are not adequate due to the lack of infrastructure and the absence of centralized administration. Distributive key management schemes are essential components in threshold cryptosystems used to secure mobile ad hoc networks. Elliptic curve cryptosystems are suitable for low-power devices in terms of memory and processing overhead. In this paper, a key management scheme for MANETs using elliptic curve discrete logarithm based cryptosystem is presented. In the proposed scheme, each mobile node generates a private/public key pair, a share of the group private key, and the group public key. The advantages of the proposed scheme are justified through extensive simulations

A Trust Based Threshold Cryptography Key Management for Mobile Ad Hoc Networks

The characteristics of mobile ad hoc networks cause a number of challenges to security design such as lack of infrastructure, shared wireless medium, stringent resource constraints and highly dynamic topology. Key management is a central aspect for security in mobile ad hoc networks. While central servers generate and distribute the keys in traditional wired networks, distributive key management systems are used in mobile ad hoc networks. Trust establishment and management are essential for any security framework of MANETs. Threshold cryptography has proved to be an effective scheme for key management and distribution. In this paper we propose a trust based threshold cryptography key management scheme for MANETs. In the proposed scheme, threshold cryptography supports security association establishment between mobile nodes in a web of trust. It enables the source and the destination nodes to successfully complete a certificate chain discovery even if the number of trusted nodes in the neighborhood of the requesting nodes is very low. The advantages of the proposed scheme are justified through extensive simulations.

A Trust Based Threshold Revocation Scheme for MANETs

Security is very important for the reliable operation of mobile Ad Hoc networks (MANETs). One of the critical security issues in MANETs is the revocation of misbehaving nodes. In this paper, we propose a trust based threshold cryptography revocation scheme for MANETs. In our proposed scheme, the master private key is split into n pieces according to a random polynomial. Each node in the proposed scheme is configured with a share ski of the CA private key SK, the nodes public key pki, and the CA public key PK before joining the network. Meanwhile, the master private key could be recovered by combining any threshold t pieces based on Lagrange interpolation. Consequently, the proposed scheme improves the safety levels in MANETs. The proposed hop-by-hop certificate revocation scheme is based on both threshold cryptography and transitive trust between mobile nodes. Because of the decentralized nature of our proposed scheme, it enables a group of legitimate nodes to perform fast revocation of a nearby misbehaving node. The proposed scheme is highly robust in the mobility environment of MANETs. The advantages of the proposed scheme are justified through extensive simulations.

A Threshold Key Management Scheme for Mobile Ad Hoc Networks Using Elliptic Curve Dlog-Based Cryptosystem

Abstract—In mobile ad-hoc networks (MANETs), traditionalsecurity solutions are not adequate due to the lack of infrastructureand the absence of centralized administration. In thispaper, a threshold key management scheme for MANETs ispresented. The proposed scheme is implemented using ellipticcurve dlog-based cryptosystem. In this scheme, an off-line centralauthority is required in the initialization phase before networkdeployment. The central authority creates and preloads theshares matrix for each mobile node in the network initializationphase. Each session member generates its private/public keypair, and the session public key by collaborating with its trustedneighbors. The generation of the node private/public key pair,and the session public key is performed without any priorcommunication between session members. The advantages ofthe proposed scheme are justified through extensive timing andnetwork simulations.

Authenticated symmetric key distribution for mobile ad hoc networks

A mobile ad hoc network (MANET) is a collection of wireless mobile nodes dynamically forming a temporary network without any existing network infrastructure or centralized administration. Key management schemes based on public key cryptography are not suitable for MANET because of its computation inefficiency and nodes resources constraints. In this paper, we propose a novel symmetric key distribution scheme that effectively distribute authenticated symmetric keys between mobile nodes. The proposed scheme distributes symmetric keys between mobile nodes in two steps. In the first step, it distributes certificates during the route request process and in the second step, it disseminates symmetric keys during the route reply process. Simulation results show that the proposed scheme has a negligible impact on the network performance and can be easily implemented because of its low complexity.

A Threshold Blind Digital Signature Scheme Using Elliptic Curve Dlog-Based Cryptosystem

In a (t,n) threshold Blind Digital signature scheme, only t or more users can generate a group signature on behalf of the entire group in a cryptographically secure manner. Such signatures require that a signer be able to sign a document without knowing its contents. Moreover, should the signer ever see the document/signature pair, he should not be able to determine when or for whom he signed it. By using blind digital signature, we can design protocols for secure distributed electronic banking, and secure online voting with multiple voting centers. In this paper, a blind threshold signature scheme based on elliptic curve discrete logarithm problem has been proposed. The proposed scheme provides high level of secrecy for small key sizes compared to the threshold signature schemes based on discrete logarithm problem (DLP) over a finite field or an integer factorization problem (IFP). Moreover, our proposed scheme has moderate timings, and timing do not vary significantly with changing the key size which reflects the suitability of the proposed scheme for applications where the devices are resource constrained such as mobile phones, PDAs, and sensor nodes.

Analysis of Key Distribution in Mobile Ad Hoc Networks Based on Message Relaying

Due to the insecure nature of the wireless media, the dynamically changing topology and lack of infrastructure, security in mobile ad hoc networks is hard to achieve. In this paper we present an analysis of a message-relaying based key distribution scheme for mobile ad hoc networks that was previously proposed by van der Merwe et al. Considering the message overhead occurring at the MAC layer in addition to the message overhead occurring at the network layer is an important issue in order to get a comprehensive study of the impact of the scheme on both layers. The scalability of the scheme is evaluated by investigating its performance on a network as large as 100 nodes. The analysis was performed using two scenarios: the first scenario is 50 nodes in 1000 m times 1000 m area and the second one is 100 nodes in 2000 m times 2000 m area. The simulation results show that the schemes communication and computational overhead has negligible impact on the network layer but had a significant impact on the MAC layer by adding a considerable value of MAC overhead.

An elliptic curve secret sharing key management scheme for mobile ad hoc networks

In mobile ad hoc networks (MANETs), traditional security solutions are not adequate due to the infrastructureless nature and the absence of centralized administration. In this paper, a threshold key management scheme for MANETs is presented. The proposed scheme is implemented using elliptic curve dlog-based cryptosystem. In this scheme, an off-line central authority (CA) is required in the initialization phase before network deployment. The CA creates and preloads the shares matrix for each mobile node in the network initialization phase. Each session member generates its private/public key pair, and the session public key by collaborating with its trusted neighbors. The generation of the node private/public key pair, and the session public key is performed without any prior communication between session members. The advantages of the proposed scheme are justified through extensive timing and network simulations.