Secure, redundant and fully distributed key management for mobile ad hoc networks: An analysis.

摘要

Ad hoc networks are emerging to be "anywhere anytime networks". The main difference between traditional networks and ad hoc networks is the lack of a central administration, which is responsible for providing security services such as defining the security services, policies for the network and pre-distribution of keys to all the participants. Due to the lack of infrastructure in ad hoc networks, providing security becomes a major challenge. The traditional mechanisms of providing security cannot be applied to ad hoc networks due to their high computational complexity. Hence, the security protocol proposed should have low computational complexity and factors like dynamic topology, limited bandwidth, energy constraints have to be taken into consideration.;In the modified scheme, the level of security provided decreases as compared to the original scheme, due to the decrease in the number of nodes to be compromised. However, increasing the number of shares per node helps in recreating the CA key in spite of high mobility. A probabilistic analysis of security versus the ease of CA key recreation is also presented.;In this research a modification to existing fully-distributed certificate authority scheme is proposed. This modification is based on incorporating redundancy into the network by allocating more than one share per node. This results in the decrease in the number of neighbors required to recreate the Certificate Authority (CA) key. The services provided by the CA such as the certificate renewal, share update will be provided in the modified scheme.