Upload
lavada
View
39
Download
0
Tags:
Embed Size (px)
DESCRIPTION
Castor: Scalable Secure Routing for Ad Hoc Networks. Wojciech Galuba , Panos Papadimitratos, Marcin Poturalski, Karl Aberer EPFL, Switzerland Zoran Despotovic , Wolfgang Kellerer Docomo Euro-Labs, Munich, Germany. Ad-hoc network routing challenges. source. destination. - PowerPoint PPT Presentation
Citation preview
Castor: Scalable Secure Routing for Ad Hoc Networks
Wojciech Galuba, Panos Papadimitratos, Marcin Poturalski, Karl AbererEPFL, Switzerland
Zoran Despotovic, Wolfgang Kellerer Docomo Euro-Labs, Munich, Germany
2
Ad-hoc network routing challenges
source
destination
3
Ad-hoc network routing challenges
source
destination
4
Ad-hoc network routing challenges
source
destination
5
Scale Mobility
Security
?
6
Secure route discovery
Secure data transmissionCastor
Continuously-Adapting Secure Topology-Oblivious Routing
Provides routes Avoids compromised
nodes
Evaluates routes Needs route
redundancy
7
Topology-obliviousness
Nodes only aware of their neighbors No routing information exchange
no routes included in control traffic no routing table fragments exchanged
8
Flows instead of destinations
In-network state is maintained per-flow not per-destination
Flow isolation crucial for security
s1 d1
d2s2
9
Castor – basic operation
PKTs contain the data payload ACKs follow the reverse path of PKTs
source
destination
10
Local learning from failures
v2 v1v4
v3
Locality: each node only aware of its neighborhood
Autonomy: each node routes independently
- -+
+
+per-flow per-neighborreliability estimator
+
+
11
Broadcast as a fallback
v2 v1v4
v3
Autonomy: nodes independently decide wether to broadcast or unicast
- --
12
Initial PKT flood
No reliability history each node decides to broadcast the PKT
ACKs are broadcasted back
source
destination
13
Routing around failures
Failure ACKs stop returning Local repair:
on failure some nodes broadcast, most still unicast alternative route discovered without network-wide flood
source
destination
14
Castor is failure agnostic
Same recovery mechanism good for:Malicious PKT or ACK droppingLinks broken by mobilityWider-area outages (e.g. jamming)Wormholes and tunnels
15
Trust model
Untrusted cloud of intermediate nodes Security associations:
Source to destination Neighbor to neighbor
s1 d1
d2s2
16
Crucial property: flow state isolation
v1
Routing state at v1:
v2
v3v4
v5
Isolate in-network states for the two flows
Otherwise malicious flows could disrupt the benign flows
node reliabilityv2 0.9 0.2v3 0.6 0.95v4 0.8 0.9v5 0.1 0.8
17
Ensuring flow isolation Flow authentication
Nodes can recognize PKTs belonging to the same flow
Only source can generate the next PKT ACK authentication
Nodes can match ACKs to PKTsOnly destination can generate correct ACK
Achieved without public-key crypto
18
Evaluation
1Mbps 802.11b MAC 3 km x 3 km plane 1-20 m/s random waypoint mobility 5 flows, 4 packets/s, 100 nodes
19
Blackhole attack: adversary drops data packets not control traffic
20
Bandwidth utilization under blackhole attack
21
Wormhole drops data packets, no mobility Complete recovery from wormholes
22
Scalability
Mobility, 20% of balckholes Increasing the network size
23
Summary Simple PKT-ACK messaging
flow-control-ready applicable to other networks than MANETs
Scalability No routing information exchanged Local repair, few network-wide floods
Fast adaptation Security
Failure agnosticism Flow state isolation
24