1 / 39

SEAD : Secure Efficient Distance Vector Routing for mobile wireless ad-hoc networks

SEAD : Secure Efficient Distance Vector Routing for mobile wireless ad-hoc networks. Prepared by :Irit Siso. What will we discuss . What is an ad-hoc network Routing problems in ad-hoc networks Assumptions Possible attacks SEAD solutions Evaluation Conclusions. Introduction.

carlota
Download Presentation

SEAD : Secure Efficient Distance Vector Routing for mobile wireless ad-hoc networks

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. SEAD :Secure Efficient Distance Vector Routing for mobile wireless ad-hoc networks Prepared by :Irit Siso

  2. What will we discuss • What is an ad-hoc network • Routing problems in ad-hoc networks • Assumptions • Possible attacks • SEAD solutions • Evaluation • Conclusions

  3. Introduction • An ad-hoc network is a collection of wireless computers (nodes) communicating among themselfs without the help of any infrastructure such as a base station. Assumtions: • A node in this network is with limited CPU power and low battery power • Limited transmition range • Nodes in the network may move at any time or even move continuously. • Propagation conditions may change frequently

  4. What is an ad-hoc network In a distence vector protocol each node in the network act as a router. Each router maintains a routing table listing all possible destinations in the network.

  5. What is an ad-hoc network Due to the nature of this networks we need a secure but efficient routing protocol to communicate between the nodes We use distance vector protocols. they are esey to inplement and require relatively little memory or CPU processing capacity. (ex. RIP)

  6. Routing problems in ad-hoc networks Each entry is a node’s routing table contains the address of the destination, this node shortest known distance (in number of hops) and the adress of the next hop. To maintain the routing tables, each node periodically transmits a routing update. An optimization – the use of triggered updates • On demand protocol- nodes exchange routing information only when needed. A node transmits a new update about some destination as soon as the metric in its table entry changes.

  7. Drawbacks – can overload the network when nothing changes. A lot of changes can be implemented between the updates. Routing problems in ad-hoc networks Routing protocols for ad-hoc networks generally can be divided in to tow main categories: • Periodic protocol- nodes periodically exchange routing information, so evry node always know a current route to all destinations.

  8. Counting to infinity –distance vector routing although simple, has problems. In wireless and mobile networks routing loops are more common due to the mobilty of the nodes. So in addition to a small max matric value and poisoned reverse used is RIP for ex. Sead has an addition of a sequence number. B C 4 X 6 1 A

  9. Routing problems in ad-hoc networks • In each routing table entry we add a sequence number. This sequnce number prevent routing loops caused by updates being applied out of order. This problem is common beacuse the information may be spread in many diffrent paths. • Each node maintains an even sequence nomber that it includes in each routing update that it sends. • Each entry in a node’s routing table is tagged whit the most recent sequnce nomber for that destination.

  10. When a node detects a broken link to its neighbor (A to C) the node creates a new routing update for that neighbor as a destination whit the infinity metric and the next odd sequnce number. In SEAD - When a node detects that its next hop link is broken, it flags its routing table entry for that destination to not accept any new updates for the same sequence number. When a node recives the update for each destination in that update. If the sequence number is greater than the current one he has. If the sequnce number is equal than he will take the one with the lower metric. If the sequnce number is smaller he dismiss the recived update B C X A

  11. amongst the distance vector routing protocol SEAD is based on the DSDV protocol. DSDV protocol support both periodic and triggered updates When to do a triggered update? One suggestion is by reciving a new metric for some destination. Another suggestion is that the receipt of a new sequnce number also should couse a triggered update. THE LAST SEGGESTION OUT PERFORM THE FIRST ONE

  12. ASSUMPTIONS • As a matter of terminology we refer to MAC as the network Medium Access Control protocol at the link layer • Wireless links in the network are bidirectional, since it is necessray for the distributing algorithem of distance vector routing. • Network physical layer and MAC attacks are beyond the scope of this lecture.

  13. More ASSUMPTIONS • We assume that the network may drop, corrupt, duplicate or reorder packets. • We also assume that the MAC layer detect randomly corrupted packets in some level. (ALOHA) • The network diameter is the maximum. • We also limit the max metric value , we use m-1 to denote the upper bound. Thus all routes that can be used by the routing protocol are of length less than m hops

  14. Another assumption is that nodes are resours constraind. So we use One –way hash chains and Markel hash trees to evoid expensive asymetric crypyographic. One way hash chains In SEAD in order to create a one-way chain a node chooses a random initial value x and computes h0,h1,...,hn . When h0 =x & hi=H(hi-1). Since nodes uses elements in goups of m . A node generates its hash chain when n is divisible by m. Securing the protocol

  15. When a node first enters the network or when it used most of its available hash-chain, it can choose a new random x. In order to distribute the nodes hash- chain we use one of this approches: • A trusted entity sign a public key certificates for each node. Which uses this key to sign a new hash chain. • A trusted node can securely distribute an othenticated hash chain. Using symetric key or non- cryptographic approaches.

  16. Merkle hash trees The Merkle hash trees are binary trees. For simplicity we assume balanced trees. To authenticate the values v0,v1,....,vw-1 , we use the hash fuction H to compute vi’ . Each internal node of the tree is dirived from its tow child nodes. m01=H[v’0||v’1]

  17. ATTACKS Attackes we wont discuse: • An attaker can attempt ro reduce the amount of routing information aveilable to other nodes. By not advertising certin routers or by destroying routing pachets. • A node can drop routing packets it recives. • An intruder can jam routing packets. ALL THOSE ARE IN THE PHYSICAL LAYER. WHICH THIS LECTUR DONT DISCUSE

  18. Another attack we wont solve here • A more sutible attack is the creation of a worm-hole in the network . A & B are liked by a privete network . Every packet that A recives it forward it to B , which spread them to the packet normaly. B may also send al of its recived packets to A. This attack distrups routing by short circuting the normal flow of routing packets • A sulotion is the use of other mechanisms at the MAC layer

  19. Attacks we choose to solve • False metric – an attaker can advertise a zero metric for all destinations.cousing all nodes arond it to route packets for all destinations toward it. • An attacker can modify the source address of an advertisment. Spreading inaccurate next hop information. • An attacker can send old advertisment to a node, in an attempt that that node will update his routing table whit stale routs • An attacker can be a compromised node. If so, it will have access to all cryphtographic keys of that node and may cooperate with other attacker or compromised node

  20. SEAD solutions One approch for authenticatig a routing updates in distance vector routing protocol is for each node to sign each of its routing updates with asymetric cryptography. Drawbacks: • An attacker can send a large number of arbirary routing updates to some victim node. Forcing him to spend all of his CPU powerin the attempt to verify them. Creating a Denial- Of - Servise attack.. • An attacker how has compromised a node can send update with the metric 1 claiming all nodes are his neighbors. • Finally- even if ther’s no attacker large generation and verification time can harm the preformences of an ad-hoc network

  21. SEAD solutions Insted we use in SEAD the one way hash chain. Each node uses a specific next element of its hash-chain in each routing update. The other nodes can autenticate the messege by computing the hash fuction. Thuse authenticatethe lower bound of the metric for this destination. • This do not prevent a malicious node from claiming the same metric he receved as his own. The hash chain can only prevent from decreasing the themetric. An attacker cannot generate any value in the chain that will be used in the future.

  22. SEAD solutions In addition we assume an upper bound, in the size of the network diameter. We used m-1 to be that bound. Making all metrics in the routing protocol less than m. A routing update contains the sequence number, and than m elements when one of them, used to authenticate that routing update. The sequence number If a node’s hash chain has the sequence values: h0,h1,.....,hn when n is divisible by m. Than the sequence number i for some routing update entry , let k=(n/m)-i. An element from the group hkm,hkm+1,...,hkm+m-1. if the node lists an entry for itself, it sets the address to its own, the metric to 0 , the sequence number to its own next sequence number and the hash value to the first in his hash chain. For ex. For sequence number i the node will set the the hash value in that entry to its hkm.

  23. SEAD solutions If the node lists an entry for some other destination, it sets the address in that entry to the destination node’s address , the metric and sequence number to destination’s values according to the nodes routing table. and the hash value to the one recived in the routing update from which he learned the route to taht destenation.

  24. SEAD solutions Denail-Of -Servise attack In order to guard against an attacker forcing a receiving node to preform a large number of hash operations in order to authenticate, we limit the number of hashes the node is willing to preform. In that we make an asummption about the number of routing updates the reciving node had missed. Another sulotion is to use a loosely synchronized clock. Allowing a receiving node to determine if a claimed sequence number in an update could be authentic before performing any hash operations.

  25. SEAD solutions Neghbour authentication The source of each routing update message in SEAD must be authenticated otherwise an attacker can create routing loops. We can use a broadcast mechanism, such as TESLA for neghbour authentication Darwbacks – such mechanism require synchronized clocks and has a relatively high overhead. Another approch is a shared secret key among each pair of nodes, in addition a message authentication code which the sender include in each routing update.

  26. SEAD solutions Since SEAD includes periodic neighbor sensing functionality, each node knows the set of neghbors he needs to authenticate routing updates. Each node trusts any zero-metric with a valid authenticator. If a node has received such an update from another node for a recent sequence number, it consider that node a neghbor and computes a message authentication code for it. When tow nodes first become neghbors, one of them will transmit a routing update. The receiverwill send a triggered routing table for the other node revealing the new node to the network.

  27. SEAD solutions Same-distance fraud Consider a node receiving a message for a sequence number s and a metric d, and re-advertise the same sequence number and metric. To defend against that fraud we use hash tree chains. We tye the authenticator to the address of the sender. We construct a special one way chain were each element element of the chain encodes the node id , by that forcing a node to increase the metric if it want to encode its own id. These values are authenticated by Markle trees. The root is used to generate the collection of values in the next step.

  28. SEAD solutions We constract the hash tree between each pair vi-1, vi of the one-way chain. From them we dirive a set of values b0,...,bn using the hash function. bj=H[vi||j] , for each j. The root of the tree is the previous value of the one way chain vi-1 =b0n. Here we see the node forwards the values b’0,b1, and b23. and use the value b03 to sign his id.

  29. SEAD solutions In a small network, each value bj can correspond to a single node.since no tow nodes share a single value, an attacker has no way to dirive its value from the tree chain there for it has to follow the hash chain to the next step in order to provide a valid authanticator. In large networks, we authenticate each node with a g- tuple of values. Although no tow nodes share the same g- tuple of values, an attacker could learn each of its g- values from different neighbors. For ex. If a hash tree chain with 2^m values (the hash tree is of height m+1) if each node has a uniqe id between 0 and 2^m y Than the tuple of values encodes 2^m X= (node id +H [sequence number] ) mod y So we change the encoding of the node id for each update

  30. SEAD solutions The overhead to verify authentication values can be large if a node has missed several routing updates. A Denail-Of-Service attack can still accure when an attacker forces a victim node to verify a hash chain as long as O(ks) were k is the maximum number of hops and s is the maximum number of sequnce numbers represented by the hash chain. A node generates a random hash chain root h0,s for each sequence number s. Than by a function (ex. PRF) we use an authentic anchor of this hash chain. Each node builds a hash tree, useing this hash chain anchors as leaves. When a node sends an update with a new sequence number s , it includes the root of the hash chain , the anchor, and the path to the root of the hash tree to authenticate an update the node follows the path to the root. That requires O(log(s)) there for to verify an update we need k+log(s) computing operations

  31. Evaluation • An attacker cannot create a valid advertisment with a larger (better) sequence number. • An attacker that do not collude cannot advertise a route shorter than the one it heard. (in a small network) Furthermore in a larger network when g ≠1, and Ai is the combinations of nodes that do not include the value of bi, needed by the attacker the attacker has : |UAi| = S|Ai|- S|Ai1Ai2| + ...+(-1)^ (g +1) * |Ai| The probability can be quite high for ex. When m=6 and g=3 an attacker has a 1.675*10^-3 probabilty of success. When 3 consequtive advertiesments are required for the metric before a routing change is made, the attacker succeeds once every 6.74 years.

  32. Evaluation • An attacker that has’nt compromised any node (do not posses any cryptographic keys from a node) cannot successfuly send any routing messages, since an compromised neighbor node will reject the message. • A reapeter can function as a one node wormhole, this is not addressed by SEAD. • A collection of attackers that have compromised one or more nodescan only redirect the path from the source to the destination if the source best known path is as large as the path trough attackers.

  33. Evaluation • If each node uses SEAD (including attackers) keeps routing tables were the next hop for a given destination is set to the authenticated source address of the first advertisment received by that nade, than the next-hop pointersin all nodes’ routing tables will descrive a route back to the destination. • No routing loops are posible!!! Unless the loop contains one or more attackers. • If a collection of arrackers form a vertex cut between tow groups of nodes,the attacker can arbitary control the networl the routes between any node in one group and a node in the next. No routing protocol can eliminate that attack!

  34. Evaluation To evaluate the preformens of SEAD , whit out attackers. We will see a simulation comparing SEAD and DSDV-SQ the protocol on which its based. in this simulation there are pairwise shared keys authentichation. Nodes moves randomly. Each node initialy placed at a random location and pauses for a period of time. It than chooses a new random location and moves rhere whit a random bounded velocity. When he reaches the new location it pauses, and again choose a random location.

  35. Evaluation • The number of the nodes in this simulation is 50 • The maximum velocity is 20 m/s • Nominal radio range is 250m • Source destinayion pairs 20 • Periodic route update interval 15s • Periodic updates missed before 3 • Hash length 80bits • The results are based on 65 randomly generated runs at each pause time You need to know – DSDV-SQ uses a weighted settling time delay in sending triggered updates

  36. Pause time (d) Pause time (c)

  37. Evaluation Simulation results • SEAD consistenly outperforms DSDV-SQ in terms of packet delivery ratio. By not using weighted settling time delay in sending triggered updates, the number of routing advertisments increases, allowing nodes to have more up-to-date routing tables. • However SEAD also increases overhead, both due this increased number of routing advertisments , and due to the increase in size of each advertisment. • The increased overhead in SEAD causes some conjuction in the network, which shown in the latency results (fig. b).

  38. Conclusions Many previous routing protocols for ad-hoc networks have been based on distance vector aproaches but they have genrally assumed a trusted enviroment. Together with existing appoaches for securing the physical layer and MAC layer ,the SEAD protocol provides a foundation for all secure operation of an ad hoc network. The SEAD protocol is based on the DSDV-SQ protocol. For security, we use efficient ove-way hash functions and do not use asynetric cryptographic elements. SEAD actually outpreforms DSDV-SQ in terms of packet delivery ratio. Although it does create more overhead in the network.

  39. The End

More Related