Professional Documents
Culture Documents
I. INTRODUCTION
A. Overview of OLSR
OLSR is a protocol which exchanges a control message
periodically and creates the routing table beforehand. Each
node broadcasts the control message called HELLO
periodically, and notifies the information on an adjacent node,
i.e. and the node with which it can communicate directly. By
receiving HELLO, each node gets to know existence of the
MPR (MultiPoint Relay) node, which used as relay when
communicating with the node which cannot communicate
directly. The MPR transmits control messages called TC that is
information about nodes to which the MPR can transmit
messages, to all nodes. Each node knows existence of other
nodes with which it cannot communicate directly by receiving
TC, and creates a routing table based on that information.
B. Security Requirement for mobile ad hoc network
There are threats for ad hoc network routing protocol like
having other nodes make incorrect routing table by sending
incorrect control message for the nodes malicious reason.
There are following types of attacks [7].
Incorrect Control Traffic Generation
Incorrect Control Traffic Relaying
To protect ad hoc networks from those malicious node's acts,
we take strategy to connect only authenticated node.
Taking this strategy we have to assume the following cases.
(1) A malicious node sends incorrect control message
pretending authenticated node.
(2) A malicious node takes authenticated node's place when
the node moves.
(3) A malicious node connects network pretending that the
node has been authenticated and moves from other place.
As a countermeasure, we employ message authentication
code for control messages, and a key to create and verify the
code is published only to the authenticated node. And, nodes
are authenticated not only when nodes connect the network first
2
Since existence of a fixed server cannot be assumed in an
ad hoc network, each node in an ad hoc network generates
and distributes an ad hoc key. And the node which received
the ad hoc key chooses one key using the same selection
criterion.
It enables all nodes in the ad hoc network to share one
same ad hoc key. In OLSR, an ad hoc key is distributed using
TC.
Fig. 1 and fig. 2 shows how these security functions work as
a whole. When a node connect to an ad hoc network, mutual
authentication based on a public key cryptosystem is performed
with an neighbor node (initial authentication), and when it
succeeds, a re-authentication key, a real circle key, and an ad
hoc key are exchanged between them. And the node drops
control messages from the node which failed in authentication,
and accepts and processes only control messages from the
successfully authenticated node (fig. 1.). When the received
control message is TC, the node compare ad hoc keys in the TC
with the node's own ad hoc key, and choose the newest one (fig.
2.). Moreover, nodes re-authenticate neighbor nodes
periodically and check the existence. When a node moves,
mutual authentication using an ad hoc key is performed. The
security overhead is reduced using a symmetric key
cryptosystem for a re-authentication and the authentication
when nodes move.
Moreover, in order to maintain security, each node updates
keys periodically. A new re-authentication key is exchanged
during the re-authentication process. A new real circle key and
a new ad hoc key are distributed to the node which adjoins at
the time.
Secure
Secure Routing
Routing
Interface
Interface Library
Library
Between Process
Communication
Secure
Secure Routing
Routing
Functions
Functions
Between Process
Communication
Refer
H-OLSR
H-OLSR
random number.
If the authentication succeeds, a re-authentication key, a real
circle key, and an ad hoc key is exchanged (fig. 4). One node
creates a re-authentication key, and sends it to the other node.
In real circle key updating process, old real circle key is used
until a new real circle key is distributed to all neighbor nodes,
as described in section III.F. Therefore, if authentication of new
node occurs and exchange new real circle key in middle of real
circle key updating process, new node cannot verify MAC. So,
in authentication process, nodes exchange both old and new
real circle key. And ad hoc key is distributed in TC, but a node
does not send TC when MPR does not exist. It means the ad hoc
key should be exchanged also at the time of authentication. As
described in section III.E, two or more ad hoc keys which the
node holds are sent to the other nodes, so that authentication
using an ad hoc key may be attained even if a movement of a
node occurs when all nodes have not chosen same ad hoc key
yet.
Node A
Start Authentication
Node B
Random Number A, Ad hoc Key ID List
Authentication Messages
Key Information
Control Message
Authentication Data B, Random Number B,
Ad hoc key ID or Public Key Certification
TCP/UDP
TCP/UDP
IP
IP
Public
Public Key
Key
Certification
Certification
Wireless
WirelessInterface
Interface
Encrypted Key Data B
Get Keys
1) Decrypt key data B
Finish Authentication
Component
OS
Wireless I/F
Cryptographic
Library
Routing Software
Name / Version
Red Hat Linux 9.01)
IEEE 802.11b
OpenSSL 0.9.7d
H-OLSR
B. Authentication
When a node receives a HELLO message from another node
which has not authenticated, the secure routing functions called
by the OLSR process and starts mutual authentication process.
If the node receives another control message during
authentication process, just drops the message. If a control
message from the node which failed in authentication is
received, it will also be dropped. When a control message from
authenticated node is received, the completeness of a control
message is verified.
If the node shares the same ad hoc key with authenticating
node, authentication using the ad hoc key is processed. If not,
authentication using a public key is processed. The
authentication process is based on challenge-response using a
1)
C. Re-Authentication
Each node performs a re-authentication with neighbor nodes
periodically using the re-authentication key shared at initial
authentication. Re-authentication process is also based on a
challenge response type authentication like initial
authentication.
D. Control Message Authentication
In OLSR, two or more control messages can be transmitted
in one packet. Therefore, the MAC is generated using the
node's own real circle key and attached for each control packet
(fig. 5). When a node receives a control packet, it verifies the
MAC using the real circle key of a sent node.
Header
(4bytes)
Control Message
(variable length)
MAC
(8bytes)
Real Circle Key ID
(4bytes)
Fig. 5 Format of control packet with MAC
F. Key Updating
This function updates a re-authentication key, a real circle
key, and an ad hoc key. Each new key is encrypted with the old
key and distributed.
(1) Re-authentication key
A re-authentication key is updated during the
re-authentication process after definite period of time.
(2) Real circle key
After a definite period of time passes, a new real circle key
will be generated and it is sent to the neighbor node which
has authenticated and the node under authentication at that
time. In consideration of a packet loss etc., the key is sent 3
times.
(3) Ad hoc key
After a definite period of time passes from last updating, a
new ad hoc key will be generated and it sent 3 times to
neighbor nodes which has authenticated, and nodes under
authentication at that time. If the node is MPR, the new ad
hoc key is distributed at the timing of the next TC
transmission.
IV. CONCLUSION
We designed secure routing functions for OLSR which
consists of node authentication / re-authentication, control
message authentication, key sharing, and key updating function
for the purpose of forming an ad hoc network only by
authenticated nodes. Authentication / re-authentication aimed
to reduce security overhead by using the symmetric key
exchanged during initial authentication process which uses the
public key. As a result, authentication processing time was
4
shortened compare with the authentication using a public key
cryptosystem. The following is mentioned as a future subject.
(1) Optimization of a security parameter
Security parameters, such as a re-authentication interval,
should be set up considering application, network use
environment, etc. The security parameter according to each
system will be evaluated supposing service environment.
(2) Further speedup of authentication process
Shortening of authentication processing time was
achieved by authentication using the ad hoc key which is a
symmetric key shared between the whole ad hoc network
when a node moves in the network. However, an increase of
the node connect to an ad hoc network will increase the
message for authentication and key sharing. In order that the
increase in a message might affect communication efficiency,
it turned out that it is necessary to reduce the amount of data
of the communication message for security. This becomes a
serious problem, because the number of authentication
increases when high-speed movements, such as cars, are
assumed. Research and development of a system which
improve communication efficiency maintaining security are
furthered from now on.
(3) Security functions to create private ad hoc network
Our strategy to authenticate nodes can be used to create
private ad hoc network. But to realize that we need to
consider some other attacks. For example, there may be
possibilities that the unauthorized nodes, which cannot
communicate with each other directly, use the ad hoc
network which consists of authorized nodes to establish
communication.
REFERENCES
[1]
[2]
[3]
[4]
[5]
[6]
[7]
RFC3626,Optimized
Link
State
Routing
Protocol
(OLSR),http://www.ietf.org/rfc/rfc3626.txt,IETF,2003
IETF INTERNET-DRAFT, The Dynamic Source Routing Protocol for
Mobile Ad Hoc Networks
(DSR)
,http://www.ietf.org/internet-drafts/draft-ietf-manet-dsr-09.txt,
IETF, 2003
RFC3561,Ad
hoc
On-Demand
Distance
Vector
(AODV)Routing,http://www.ietf.org/rfc/rfc3561.txt,IETF,2003
RFC3684,Topology Dissemination Based on Reverse-Path Forwarding
(TBRPF) , http://www.ietf.org/rfc/rfc3684.txt,IETF,2004
B. Potter, B. Fleck, 802.11 Security, OReilly Media Inc., 2002
Open
SSL
Project
Homepage,
http://www.infoscience.co.jp/technical/openssl/
C. Adjih, T. Clausen, P. Jacquet, A. Laouiti, P. Mhlethaler, and D. Raffo:
Securing the OLSR Protocol, Med-Hoc-Net 2003, Mahdia, Tunisia, June
25-27, 2003