Professional Documents
Culture Documents
AbstractAn adhoc network is infrastructure less and selfconfiguring providing mobility. This mobility comes with
restrictions, making the entire process of adhoc communication
complex. All the routing actions are performed in accordance
with protocols like AODV.The two major concerns relating to
adhoc networks are Security and overhead of routing table
maintenance. Securing data in all forms whether it the
communication data or data as a message is of primary
importance. This paper emphasizes on implementation of
message integrity and authentication to make AODV protocol
more reliable and efficient for communication. In this
implementation, the nodes are authenticated before a route is
established. The information generated during the authentication
is encrypted using AES algorithm for confidentiality and
subsequently hashed using MD-5 for integrity.
Keywordssecurity, manet, AODV, OpenSSL, Diffie-Hellman,
encryption, decryption, hashing, MD-5, AES.
1. Introduction
Ad hoc networks are a temporary requirement based networks,
in which any node with a need for communication joins the
network which then uses other nodes as agents for forwarding
data packets it has generated. Since they are infrastructure less
networks, every node has a capability to move within the
range of the network and continue to have a seamless
communication. Every node maintains a Routing Table which
stores details of all the other nodes available for
communication. This is done with the help of Routing
Protocols like AODV.
Many of the implementations of this protocol are not secure.
Most of these ad-hoc routing protocols assume that there is an
implicit trust-your-neighbor relationship in which all the
neighboring nodes behave properly.
However, real MANETs are subject to attacks by malicious
users, who try to paralyze the network by manipulating the
messages. Adding security features like message integrity,
authentication of peer nodes will make this protocol more
reliable and efficient for communication.
The Key Exchange mechanism for secure transfer of public
keys is Diffie-Hellman. The public keys are used to generate
secret keys which are then used to encrypt packets using AES
encryption with OpenSSL [10] Tools.
2. Related works
2
Trusted Ad-hoc On-demand distance vector Routing
(TAODV) This is another way of Securing the AODV
Protocol.TAODV is secure routing protocol which uses
cryptography technologies and methodologies which are
recommended to take effect before nodes in the network
establish trust relationships among one another. The main
salient feature of TAODV is that it removes the reverification
of certificates which improves the efficiency and saves time.It
uses trust relationships among nodes, so there is no need for a
node to request and verify certificates all the time.
TAODV (Trusted AODV) has several important features:
a. Nodes perform trusted routing behaviours mainly according
to the trust relationships among them.
b. A node that performs malicious behaviours will eventually
be detected and denied or removed from the whole network.
c. The performance of system will be improved by avoiding
requesting ,verifying certificates at every routing step [3],[4].
Dahill et proposed ARAN, a routing protocol for ad hoc
networks that uses authentication and requires the use of a
trusted certificate server. In this ARAN, each and every node
that forwards a route discovery message or a route reply
message must also sign that message when transferring(which
is very computing power consuming and causes the size of the
routing messages to increase at each hop). In addition, it is
prone to reply attacks using error messages unless the nodes
have time synchronization [8].
Hash chains have been used as an efficient way to perform
authentication in several approaches that tried to secure the
routing protocols. They use the min order to provide delayed
key disclosure. Hash chains are mainly used to create one-time
signatures that can be verified immediately. The main
drawback of all the above approaches is that all of them
require clock synchronization [9].
3. Proposed methodology
In this section, we first provide a detailed description of the
flow and then we define and describe the key aspects of the
total process.
The first step involves the introduction of the term node. Node
with respect to this implementation will refer to a laptop on
which the protocol is implemented. Initially the nodes are
choreographed in an assumed topology. This topology can be
generic. The implementation uses an existing AODV protocol
which has been updated and tailored with respect to our
implementation for the Linux Kernel version 3.8. For ensuring
security, we use Diffie Hellman key Exchange along with
other hashing techniques.
The nodes have to be authenticated before a route can be
established between them The authentication is performed to
realize that the node is not an intruder. For this the HELLO
messages are exchanged between the nodes. These messages
contain the public key of corresponding nodes. Now each of
these nodes generates a secret key by using its own private
key. The secret keys generated must be matched upon which
the authentication is completed.
4. Implementation
For the purpose of encryption, decryption and hashing we use
OpenSSL [10]. The AES algorithm is used for encryption
and MD-5 is used for Hashing installation of OpenSSL [10]
libcdev is the prerequisite for the process to take place.
3
hashed value is stored in a string which is then encapsulated in
a structure along with the original encrypted message.
SAODV Implementation
Request Graph
5. Performance Analysis
A series of experiments were conducted with two computers
acting as nodes. A third computer was used for monitoring
purposes. For the monitoring purpose, wireshark is used. The
distance between the two nodes is about 40 meters .The
experiments are done for a span of 10 minutes. The following
information is obtained.
Figure 3
Reply Graph
AODV Implementation
Request Graph
Figure 1
Figure 4
Reply Graph
Figure 2
The average packets sent per second is found to be 4.178 for
route request and 1.202 for route reply.
The experimental results are presented in Table 1.
From the two tables we can infer that though there is not much
deviation in the performance parameters, the number of
packets sent in SAODV is slightly less when compared to
AODV . This is attributed to the extra processing required for
the encryption.
Traffic
Request
Reply
Traffic
Request
Reply
Packets
2421
681
Packets
1944
834
Avg Packets/sec
4.178
1.202
Avg Packets/sec
3.203
1.386
122 bytes
118 bytes
122 bytes
118 bytes
Avg Mbit/sec
0.004
0.001
Avg Mbit/sec
0.003
0.001
Table 1
Table 2
6. Conclusion
Initially it was thought that there would be performance
deviation in terms of time, size and other parameters, but from
the data collected, it can be concluded that there is negligible
difference in the parameters i.e., there is very less overhead
involved in the encryption and decryption process.
7. Acknowledgement
This work is funded in part by the Defence Research and
Development Organization under grant no:
ERIP/ER/1203090/M/01/1474.
8. References
Shilpa S G, Mrs. N.R. Sunitha, B.B. Amberker, A Trust
Model for Secure and QoS Routing in MANETS,
INTERNATIONAL JOURNAL OF INNOVATIVE
TECHNOLOGY & CREATIVE ENGINEERING
(ISSN:2045-8711) VOL.1 NO.5MAY 2011, pp 22-31.
2. Victor, C., Francisco, J., Pedro, M. 2009, Simulationbased Study of Common Issues in VANET Routing
Protocols. IEEE 69th Vehicular Technology Conference,
VTC2000.
3. R. S. Mangrulkar, Pallavi V Chavan and S. N. Dagadkar,
Improving Route Selection Mechanism using Trust
Factor in AODV Routing Protocol for MaNeT,
International Journal of Computer Applications (0975
8887) Volume 7 No.10, October 2010, pp 36-39.
4. Ming Yu, Mengchu Zhou, and Wei Su, A Secure
Routing Protocol against Byzantine Attacks for
MANETs in Adversarial Environments, IEEE
TRANSACTIONS ON VEHICULAR TECHNOLOGY,
VOL. 58, NO. 1, JANUARY 2009.
5. P.Papadimitratos and Z.J.Haas. Secure routing for mobile
adhoc networks. SCS Communication Networks and
Distributed Systems Modeling and Simulation
Conference (CNDS2002) , Jan2002.
6. S. Marti, T. J. Giuli, K. Lai, and M. Baker. Mitigating
routing misbehavior in mobile ad hoc networks. In
Proceedings of the 6th Annual International Conference
on Mobile Computing And Networking, pages 255265,
2000.
7. L. Zhou and Z. J. Haas. Securing ad hoc networks. IEEE
Network Magazine, 13(6):2430, November/December
1999.
8. B. Dahill, B. N. Levine, E. Royer, and C. Shields. A
secure routing protocol for ad hoc networks. Technical
Report UM-CS-2001-037, University of Massachusetts,
Department of Computer Science, Aug. 2001.
9. K. Zhang, Efficient protocols for signing routing
messages, in Proceedings of the Symposium on
Network and Distributed Systems Security (NDSS98),
July 2001
10. http://en.wikipedia.org/wiki/OpenSSL
1.