SECURITY MEASURES IN CRYPTOGRAPHY

QUESTION

Task

Recently, ad hoc networking, as a new paradigm of wireless communication, has received numerous attentions from both academic and industry communities. A MANET represents a infrastructure-less distributed system that comprises wireless mobile nodes that can freely and dynamically self-organize into arbitrary and temporary, “ad-hoc” network topologies, allowing people and devices to seamlessly internetwork with no pre-existing communication infrastructure and central administration. Like all other networks, MANETs need security assurance for its normal operations. However, securing MANETs is particularly challenging due to its unique features.
Also, traditional security mechanisms used in infrastructure networks may be inapplicable to MANETs. For example, the dynamic and transient nature of MANETs can result in constant changes in trust among nodes. This, in turn, will create problems with key management, if cryptography is used. Standard security solutions would not be good enough since they are essentially for statically configured systems. The dynamically changing topology and movement of nodes in and out of the network raise difficulties for these standard security solutions when they are applied in MANETs.

SOLUTION

Literature Review on Use of Cryptography as Security Measure in MANETSand its Limitations

Abstract                      

Mobile ad-hoc networks or MANETs are wireless network systems built without any fixed infrastructure. They have the ability to move, and change their topology as and when required. The dependence on nodes to transmit messages and compute the authenticity of the other nodes creates a lot of security issues in addition to the traditional networking security issues. MANETs are susceptible to active as well as passive attacks like eavesdropping, interception and routing attacks. Newer forms of attacks like Denial of Service (DoS), Black-holes, Routing table overflows are increasing the vulnerability of MANETs.  Of the various security techniques used to protect MANETs, cryptography is a popular method. Symmetric and Asymmetric Cryptographic methods are used for securing the mobile ad hoc networks. Recent literature has seen a number of innovative ideas for better use of cryptography in security. Some of these include Identity-based Cryptography, Threshold Cryptography etc. However, Cryptography is not without its share of limitations. Although helpful in preventing certain passive attacks, Cryptography has been seen to be rendered helpless in-front of modern active attacks like DoS, Black-holes and Routing table overflows. The Cryptography protocols are also prone to attack, where in the key distribution networks may be compromised.Moreover, the choosing of a Certification authority and trusted node-network is easier said than done. The various limitations of cryptography in providing a secured networking platform for MANETs creates the need to improvise upon the existing cryptographic techniques and keep looking for newer methods.

Introduction

Mobile ad-hoc networks, popularly known as MANETs, are modern wireless networks that operate on an ad-hoc basis without requiring a fixed infrastructure. As the name suggests, these networks are flexible and adaptable to the current needs; the infrastructure changes continuously according to the demands and in the process newer nodes get added and irrelevant nodes are dropped off. Nodes are wireless devices like laptops, cell-phones or PDAs. This adaptable nature of MANETs is very attractive for military purposes. In military operations, MANETs can provide more reliable and comprehensive information to soldiers.

With the dynamic topology and restraints in deciding the trust-worthy nodes, the security concerns are higher in a mobile ad hoc network than in any traditional wireless network.MANETs are susceptible to dangers of eavesdropping, interception and routing attacks. Apart from facing the traditional security issues, MANETS are prone to several new-age threats like DoS (Denial of Service) attacks (Cordasco and Wetzel, 2007), Black hole (Lundberg, 2000), Routing Table overflow (Lundberg, 2000) etc. A MANET is expected to be providing secure communication by fulfilling criteria like: certain discovery of paths between nodes, isolation of misbehaving nodes, location privacy of nodes, self-stabilization and byzantine robustness (Lundberg, 2000). A MANET is also expected to be immune to active and passive attacks.

The need for secured MANETS has resulted in the use of various techniques like Intrusion detection, Firewall and Cryptography to secure the network. However, all these techniques have their share of limitations. In this paper we will study how cryptography is being used for securing MANETS and their limitations.

Cryptography Techniques

Cryptography, in simple words, means creating ciphers or codes for the original message which is meant to protect the original message from being intercepted while transmission. Some of the most-used Cryptographic techniques are Stream Ciphers, Block Ciphers, Public Key Encryption, and Digital Signatures.

Stream Ciphers or Random Generators are random functions, whose input stream is fixed while the output is long stream of bits, called the key-stream (Anderson, 2001). It is used for protecting the confidentiality of back-up data.

Block Ciphers or Random Permutations are invertible functions with the output cipher-text of fixed size. As Anderson says, “A block cipher is akeyed family of pseudorandom permutations”. The input or plain-text and the key should be sufficient to give the cipher-text and similarly, the cipher-text and the key should be sufficient to give back the plain-text.

Public Key Encryption is a type of Block Cipher, where the key is owned by a person and then the elf will perform the encryption function for anyone who cites this key. The encryption is done for anyone who requests the particular key, but the decryption is done only for the key’s owner (Anderson, 2001).

Digital signature operates on the principle of signature, i.e. it can be created by only one person but checked by anyone (Anderson, 2001). Signature schemes can be deterministic (computation result is always the same) and randomized (computation result is different in each time).

Various other advanced forms of Cryptography have emerged in the recent years, as described in Security Engineering: A Guide to Building Dependable Distributed Systems.

Implementing Cryptography to Secure MANETs

A simple public-key Cryptography secured MANET uses the following principle: A Certification-Authority is selected to certify the authenticity of nodes and the generated key-pairs. This certification-authority may be pre-selected or distributed among a set of servers. Nodes generate their secret keys, and are associated with the particular keys for the rest of the life.

Cryptography in the form of Symmetric Cryptography, Asymmetric Cryptography and Threshold Cryptography are used to secure MANETs. Various Symmetric cryptography methods are Random nonce which involves the use of one-way hash function; and the Shared-key technique (Chen and Wu). Use of Asymmetric Cryptography in the form of public keys using RSA and Identity- based Cryptography is also popular (Chen and Wu). Data authentication is done using Digital signatures, Hash functions and HMAC (Hash functions based on message authentication code) (Menezes et al., 1996).

A lot of additions and modifications have been done in the recent literature to make the system more robust and secure.Daza et al. have proposed using public-key cryptography techniques for mobile ad-hoc networks. They have proposed that each node can obtain a secret key pair to be used in the remaining life of the MANET in the following way: each node generates its own pair of public/ secret keys; then the nodes communicate with each other and jointly compute a valid certificate linking the key to the creating node.

In another attempt at using cryptography for securing MANETs, Prof. Kapil and Mr. Rana have proposed a scheme using Identity based cryptography using public-key cryptography approach for key management. They have tried to eliminate the need of certificate-based key distribution by introducing a trusted key-generation center for verifying user identity and generating corresponding private keys.

Yet another improvement to the traditional cryptography technique is Threshold Cryptography (TC). TC eliminates the need for trusting one individual node by sharing the key with multiple individuals engaged in encryption or decryption or splitting of message either before or after encryption (Ertaul and Chavan, 2007). In this technique, each node performs computation on the message without giving away the key or the partial message. A certain number of nodes, t, also called the threshold, are required for encryption or decryption of the message in this method.

Of all the methods discussed, symmetric key algorithms and asymmetric key algorithms are prominently used. An integral part of the cryptography security method is the efficient storage and secure exchange of the symmetric keys.

Limitationsof Cryptography as a Security Measure in MANETs

A MANET is vulnerable to different kind of attacks: active and passive. Passive attacks are the most common where the adversary spies upon the nodes and collects information. Passive attacks include activities such as eavesdropping, traffic analysis and monitoring (Sharma, Khandelwal and M). Active attacks include injection of arbitrary packets into the network (Lundberg, 2000). Some examples of active attacks include Spoofing, Fabrication, Black-holes, and Denial of service, Sybil attack and Worm-hole attack (Sharma, Khandelwal and M).

Even with cryptography techniques, these attacks cannot be prevented. A study on various cryptographic techniques and their efficiency in preventing various types of attacks shows the following results (Sharma, Khandelwal and M):

Symmetric Cryptographic Solution in the form of Secure Efficient Ad Hoc Distance Vector (SEAD) fails in preventing DoS, Tunneling, Spoofing, and Black-holes. Symmetric Cryptographic Solution in the form of Secure Routing Protocol (SRP) is useful in preventing Spoofing and Black-holes but fails in DoS and Tunneling. Similarly, Asymmetric Cryptographic solutions like SAR and Authenticate Routing for ad hoc network (ARAN) fail in case of DoS, Tunneling and Routing Table Overflows.

Cryptographic protocols are prone to various attacks, and hence, have limitations in securing MANETs. There can be various attacks on key-distribution systems, cryptographic protocols and trust authorities. Enemy can easily infiltrate the network by holding enough keys. One has to ensure that keys are exchanged or distributed among authenticated parties. Diffie-Helman Protocol, for instance, involves exchange of pair-wise exchange of key without authenticating each other’s identities, thereby making it prone to a ‘man-in-the-middle-attack’ (Rescorla, 1999). A Sybil Attack is one in which one attacking node holds multiple identities to gain an enormous influence in the network (Reidt, 2010). Cryptographic protocols, though secure in their construct, may fall prey to adversary’s attacks. If an adversary is able to predict the output of the hash function, the protocol falls apart.An attack which may easily disrupt the protocol is Sybil attack.

The various cryptographic techniques discussed in the previous section also have some inherent limitations. The selection of a Certification authority is still ambiguous, with many research papers suggesting different approaches to solve the issue. The main concern lies with the certificate-based public key distribution system in Certificate based Cryptography. Pre-loading each node with all others public key based certificates from the very beginning poses scalability issues; and each node requires to hold (n-1) keys which may create a significant overload in the network (Kapil and Rana). On-demand certificate retrieval, another approach to solve the certification issues, has limitations of communication latency and communication overhead (Kapil and Rana). Symmetric key techniques have the limitation of being known only to two nodes and hence do not support digital signatures.

Conclusion

MANETs are a hot-topic in military and civilian research; and have a wide range of applications. However, the security issues associated with them are acting as barriers in the way of their effective use. Key management is an important issue related to Cryptography in MANETs, as is the selection of the Cryptography technique to be used. Research needs to be done on key management issues; and as more and more cryptographic techniques are invented, this will be a hot-research topic for years to come. Cryptography has certain in-built advantages like source- secrecy. These good features should be combined with other security techniques like Firewall and Intrusion-detection systems to create hybrid security techniques, which will be a holistic answer to all the security problems of MANETs.MANET research will progress more efficiently if cryptographic solutions are emphasized and proper research is done in this area. Different cryptographic techniques should be studied on case-by-case basis, and proper case-studies should be prepared to encourage and help future researchers in this area.

ID based key management  and Threshold Cryptography look to be a promising solutions to the issues of key management; hence more research needs to be put into these to make the techniques bettor and error-free. These methods eliminate the need for a Certification authority, and also avoid dependence on users to generate their own public keys. These techniques ought to be researched more and their applicability in areas like intrusion detection and secure routing should be experimented.

MANETs can provide holistic solutions to the military and civilian world provided the security issues are taken care of.

 

 

 

 

 

 

 

 

 

 

 

 

 

References:

Anderson, R. 2001, ‘Cryptography’, in Security Engineering: A Guide to Building Dependable Distributed Systems, Wiley.

Chen, J. and Wu, J., A Survey on Cryptography Applied to Secure Mobile Ad Hoc Networks and Wireless Sensor Networks, Florida Atlantic University, Accessed on 26 April 2012, Available at http://www.cse.fau.edu/~jie/research/publications/Publication_files/wsn-chapter.pdf

Cordasco, J. and Wetzel, S. (Department of Computer Science, Stevens Institute of Technology, Hoboken, New Jersey, USA) 2007, ‘Cryptographic vs. Trust-based Methods for MANET Routing Security’, STM, USA, Accessed on 26 April 2012, Available at http://www.coglib.com/~jcordasc/onsite/cordasco_cryptographic_07.pdf

Daza, V. Herranz, J. Morillo, P. and Rafols, C. ed. Shen, X.S. 2007, ‘Cryptographic techniques for mobile ad-hoc networks’, Elsevier, Accessed on 26 April 2012, Available at http://crises2-deim.urv.cat/docs/publications/journals/66.pdf

Ertaul, L. and Chavan2, N.J. 2007, ‘Elliptic Curve Cryptography based Threshold Cryptography (ECC-TC) Implementation for MANETs’, International Journal of Computer Science and Network Security, vol. 7, no. 4, April 2007, Accessed on 26 April 2012, Available at http://paper.ijcsns.org/07_book/200704/20070407.pdf

Kapil, A. and Rana, S., ‘Identity-Based Key Management in MANETs using Public Key Cryptography’, International Journal of Security, vol. 3, no. 1, Accessed on 26 April 2012, Available at http://www.cscjournals.org/csc/manuscript/Journals/IJS/volume3/Issue1/IJS-8.pdf

Lundberg, J. 2000, Routing Security in Ad Hoc Networks, Helsinki University of Technology.

Menezes, A. Oorschot, P. and Vanstone, S. 1996, Handbook of Applied Cryptography, CRC Press

Rescorla, E. 1999, Diffie-Hellman Key Agreement Method, available at http://www.

ietf.org/rfc/rfc2631.txt.

Sharma, K. Khandelwal, N. M, P., An Overview of Security Problems in MANET

KE91

“The presented piece of writing is a good example how the academic paper should be written. However, the text can’t be used as a part of your own and submitted to your professor – it will be considered as plagiarism.

But you can order it from our service and receive complete high-quality custom paper.  Our service offers Information Technology  essay sample that was written by professional writer. If you like one, you have an opportunity to buy a similar paper. Any of the academic papers will be written from scratch, according to all customers’ specifications, expectations and highest standards.”

Please  Click on the  below links to Chat Now  or fill the Order Form !

order-now-new                chat-new (1)