SECURITY-AWARE AD-HOC ROUTING SECURITY-AWARE AD-HOC ROUTING FOR WIRELESS NETWORKSFOR WIRELESS NETWORKS

Seung Yi, Prasad Naldurg, Robin KravetsSeung Yi, Prasad Naldurg, Robin Kravets

Department of Computer ScienceDepartment of Computer ScienceUniversity of Illinois at Urbana-ChampaignUniversity of Illinois at Urbana-Champaign

August, 2001August, 2001

Presented by:Presented by:

Poonam MunshiPoonam Munshi

SECURITY-AWARE AD-HOC ROUTING (SAR)SECURITY-AWARE AD-HOC ROUTING (SAR)

Need for Secure Routing - MotivationNeed for Secure Routing - Motivation

SAR – Protocol and BehaviorSAR – Protocol and Behavior

Protocol MetricsProtocol Metrics

Protection in SARProtection in SAR

Implementation of SARImplementation of SAR

Performance Evaluation & ConclusionPerformance Evaluation & Conclusion

NEED FOR SECURE ROUTING - MOTIVATIONNEED FOR SECURE ROUTING - MOTIVATION

Problems in ad-hoc wireless networksProblems in ad-hoc wireless networks– Lack of fixed infrastructure supportLack of fixed infrastructure support– Frequent changes to network topologyFrequent changes to network topology– Poor protection to protocol packets at physical layerPoor protection to protocol packets at physical layer– Network layer routing protocols are “cooperative” by natureNetwork layer routing protocols are “cooperative” by nature

Based on implicit ‘trust-your-neighbor’ relationshipsBased on implicit ‘trust-your-neighbor’ relationshipsSusceptible to erroneous routing updates, replay attacks etc.Susceptible to erroneous routing updates, replay attacks etc.

SAR - ApproachSAR - Approach– Use different security attributes to improve the quality of the Use different security attributes to improve the quality of the

security of an ad-hoc routesecurity of an ad-hoc route– Incorporate security levels of nodes into traditional routing Incorporate security levels of nodes into traditional routing

metricsmetrics– Goal :Goal :

Quantify the notion of trust Quantify the notion of trust Represent trust relationships explicitly by defining a suitable Represent trust relationships explicitly by defining a suitable hierarchy of trust valueshierarchy of trust valuesIntegrate the trust value of a node and the security attributes of a Integrate the trust value of a node and the security attributes of a route to provide an “integrated security metric” route to provide an “integrated security metric”

NEED FOR SECURE ROUTING - MOTIVATIONNEED FOR SECURE ROUTING - MOTIVATION

ChallengesChallenges– Ensuring data is routed through a secure route composed of Ensuring data is routed through a secure route composed of

trusted nodestrusted nodes– Security of the information in the routing protocol messagesSecurity of the information in the routing protocol messages

Example Scenario – Battlefield communicationExample Scenario – Battlefield communication

Transmission range

Shortest route

Secure route

Private

Officer

General

SAR – PROTOCOL OVERVIEWSAR – PROTOCOL OVERVIEW

Similar to policy-based routing protocols for QoSSimilar to policy-based routing protocols for QoS

Protocol:Protocol:– Basic protocol : On-demand protocol AODVBasic protocol : On-demand protocol AODV– Embed security metric into the RREQ packet itself and change Embed security metric into the RREQ packet itself and change

the forwarding behavior of the protocol w.r.t. RREQsthe forwarding behavior of the protocol w.r.t. RREQs

– Source node :Source node :Specify desired level of security in the RREQSpecify desired level of security in the RREQ

Broadcast the packet Broadcast the packet

– Intermediate node :Intermediate node :Process/forward the packet only if it can provide the required Process/forward the packet only if it can provide the required security or has the required authorization or trust level ;security or has the required authorization or trust level ;

Otherwise drop the RREQOtherwise drop the RREQ

– If an end-to-end path with the required security found, the If an end-to-end path with the required security found, the intermediate node or eventual destination sends a suitably intermediate node or eventual destination sends a suitably modified RREPmodified RREP

SAR – BEHAVIOR OVERVIEWSAR – BEHAVIOR OVERVIEW

Route discovered by SAR may not be the shortest route in Route discovered by SAR may not be the shortest route in terms of hop-countterms of hop-count

SAR finds a route with a ‘quantifiable guarantee of security’ SAR finds a route with a ‘quantifiable guarantee of security’

If one or more routes satisfying the required security If one or more routes satisfying the required security attributes exists, SAR finds the shortest such routeattributes exists, SAR finds the shortest such route

Optimal route:: All nodes on the shortest path (in terms of All nodes on the shortest path (in terms of hop-count) satisfy the security requirementshop-count) satisfy the security requirements

Drawback:– If no path with nodes that meet the RREQ’s security If no path with nodes that meet the RREQ’s security

requirements exists, SAR fails to find a route even requirements exists, SAR fails to find a route even though the network may be connectedthough the network may be connected

SAR – PROTOCOL METRICSSAR – PROTOCOL METRICS

Explicit representation of trust levels using a simple hierarchy that reflects organizational privileges

Trust hierarchy– Associate a number with each privilege levelAssociate a number with each privilege level

Numbers reflect security/importance/capabilities of mobile Numbers reflect security/importance/capabilities of mobile nodes and also of the pathsnodes and also of the paths

– QoP (Quality of Protection) bit vectorQoP (Quality of Protection) bit vector

Trust level or protection should be immutableTrust level or protection should be immutable– Keys can be distributed a priori, or a key agreement can

be reached by some form of authentication– Encrypt the portion of the RREQ and RREP headers that

contain the trust level.

SAR – PROTOCOL METRICSSAR – PROTOCOL METRICS

Secure Ad Hoc Routing – Properties and Techniques used to guarantee these properties

PropertyProperty TechniqueTechnique

TimelinessTimeliness TimestampTimestamp

Ordering Sequence Number

AuthenticityAuthenticity Password, CertificatePassword, Certificate

AuthorizationAuthorization CredentialCredential

IntegrityIntegrity Digest, Digital SignatureDigest, Digital Signature

ConfidentialityConfidentiality EncryptionEncryption

Non-repudiationNon-repudiation Chaining of Digital SignaturesChaining of Digital Signatures

PROTECTION IN SAR PROTOCOLPROTECTION IN SAR PROTOCOL

Trust HierarchyTrust Hierarchy– Protocol Protocol User Trust Level User Trust Level User IdentityUser Identity– Nodes and users can be forced to respect trust hierarchy Nodes and users can be forced to respect trust hierarchy

using cryptographic techniques, e.g., encryption, public using cryptographic techniques, e.g., encryption, public key certificates, shared secretskey certificates, shared secrets

– Outsider attacks Threshold cryptography, key sharing, etc. can be usedThreshold cryptography, key sharing, etc. can be usedSAR uses simple shared secret to generate a symmetric encryption/decryption key per trust level.

– Insider AttacksCompromised users within a protection domain or trust levelSecure transient associations, tamper proofing etc. can be used

AAA

PROTECTION IN SAR PROTOCOLPROTECTION IN SAR PROTOCOL

Threats to Information in Transit– Interruption

– Interception and Subversion– Modification– Fabrication

Replay Attacks:– SAR uses sequence numbers and timestamps

Passive Attacks:– Examples: covert channels, traffic analysis, sniffing to

compromise keys– Using a suitable MAC layer encryption protocol for protection

against sniffing/eavesdropping

SAR - IMPLEMENTATIONSAR - IMPLEMENTATION

SAODV ( Security-aware AODV):– on-demand route discovery using flooding, reverse path maintenance in

intermediate nodes, and forward path setup via RREP messages

– RREQ (Route REQuest) packet:RQ_SEC_REQUIREMENT : the security requirement

– Set by the sender; does not change during route discovery phase – Simple integer values or bit vector

RQ_SEC_GUARANTEE : the security guarantee– Indicates the maximum level of security afforded by all nodes on the

discovered path– Updated at every hop during the route discovery phase

If the application requested integrity support, a new field to store the computed digital signatures added to the RREQ

– RREP (Route REPly) packet :RQ_SEC_GUARANTEE : the security guarantee

– Copied from RREQ and sent back to sender to indicate security level over whole path

SAR - IMPLEMENTATIONSAR - IMPLEMENTATION

SAODV Route Discovery– Source node :

Set the RQ_SEC_REQUIREMENT field in the RREQ packetBroadcast the packet just as in AODV

– When an intermediate node receives an RREQFirst check if the node can satisfy the security requirement indicated in the packetIf yes, update the RQ_SEC_GUARANTEE field; forward to its neighborsIf no, drop the RREQ packet

– When RREQ arrives at the destinationIndicates the presence of a path from the sender to the receiver that satisfiesthe security requirement specified by the senderCopy RQ_SEC_GUARANTEE from RREQ into RREPSend the RREP back to sender as in AODV

SAR - IMPLEMENTATIONSAR - IMPLEMENTATION

– When an intermediate node receives an RREPThe RREP packet arrives at an intermediate node in the reverse pathUpdate its routing tableRecord the new RQ_SEC_GUARANTEE value

– This value indicates the maximum security available on the cached forward path.

– When a trusted intermediate node answers a RREQ query using cached information

Compare RQ_SEC_GUARANTEE of the cached route to the security requirement in the RREQ packetSent back RREP containing cached path information only if the forward path can guarantee enough security

EXAMPLE SCENARIO - REVISITEDEXAMPLE SCENARIO - REVISITED

Example Scenario – Battlefield communicationExample Scenario – Battlefield communication– Embed the rank of the node as a metric in route negotiation

(establish routes that avoid all privates)– If no route found, the generals may decide to set up a route that

can support 128-bit encryption

Transmission range

Shortest route through private

Secure route through officers only

Private

Officer

General

PERFORMANCE EVALUATION & CONCLUSIONPERFORMANCE EVALUATION & CONCLUSION

SAR enables the discovery of secure routes in a mobile ad hoc environment. Though not optimal, routes discovered by SAR come with “quality of protection" guarantees. The processing overheads in SAR are offset by restricting the scope of the flooding for more relevant routes, providing comparable price/performance benefits.Its integrated security metrics allow applications to explicitly capture and enforce explicit cooperative trust relationships.SAR also provides customizable security (e.g., encryption for confidentiality etc.) to the flow of routing protocol messages themselvesThe techniques enabled by SAR can be easily incorporated into genericad hoc routing protocols