Nov.6, 2002

Secure Routing Protocolfor Ad Hoc Networks

Li Xiaoqi

Outline Introduction to Ad Hoc Networks Overview of Ad hoc On-demand

Distance Vector (AODV) Routing Protocol

Attacks to AODV Ad Hoc Networks Securing AODV Routing Protocol Flaws of SAODV Future Works

Ad Hoc Networks “Infrastructureless” Networks without fixed

infrastructure such as base stations or access points

Multi-hop routing when nodes are not in each other’s radio range

Nodes are mobile Underlying communication medium is wireless Each node acts as a router Useful in:

personal area networking, meeting rooms, disaster relief, battlefield operations, etc.

Motivation Applications such as military exercises,

disaster relief, and mine site operation need more secure and reliable communication

Prior routing protocols generally assume a trusted environment with non-adversarial settings

Securing routing protocols for ad hoc networks are needed

AODV Routing Protocol (Ad Hoc On-Demand Distance Vector)

Establish or maintain routes only when nodes need to communicate

Each node maintains a monotonically increasing sequence number to ensure loop free routing

Only one mutable field “Hop Count” in routing messages which implies the distance from the originator. Hop Count is increased by one at each hop.

Four types of routing messages: RREQ: Route Request RREP: Route Reply RERR: Route Error RREP-ACK: Route Reply Acknowledgement

Routing Discovery in ADOV

Laptop

PDA

PDA

PDA

Laptop

Laptop

LaptopRREQ

RREPRREP

BroadCast

S

D

Attacks on Mobile Networks

Eavesdropping Confidentiality Disclosure Confidentiality Masquerading Authenticity Modification Integrity

Man-In-Middle Attack Drop / Replay / Delay Integrity Flooding Availability

Denial of Service Attack

Actual Attacks on AODV(one malicious node)

Forge a RREQ with its address as the

originator address. Forge a RREP with its address as the

destination address Does not increase the hop count, even reduce it

when forwarding a RREQ Increase destination sequence number “fresher”

enough in order to update the intermediate nodes’ route table

Does not forward certain RREQ, RREP and certain data messages

S DM

RREQ

S DM

RREP

Actual Attacks on AODV(more malicious nodes)

Tunneling Attacks Two malicious nodes simulate that they

have a link between them By tunneling messages between them Achieve having certain traffic through them Do any type of attacks one malicious node

can do Hard to detect and prevent so far,

even in SAODV mentioned below

SAODV Routing Protocol(WiSe’02 by SigMobile)

Focus on Protecting only Routing messages Mainly Concerning Authentication & Integrity Situation of One malicious node More routing protocol than key management

Two Main Ideas Hash chains to secure the Hop Count information,

the only mutable information in the messages Integrity

Digital signatures to authenticate the non-mutable fields of the messages Authenticity

SAODV Hash Chains

Attackers often decrease Hop Count of a RREQ to increase the life of this message, thus gain more time to analyze the communication

Hash chains are used to protect this Hop Count field A hash chain is formed by applying a one-way hash

function (h) repeatedly to a seed.

When a node originates a RREQ or a RREP message, it performs the following operations:

SAODV Hash Chains Algorithm

1. Generates a random number (seed)2. Sets field

Max_Hop_Count = TTL3. Sets field

Hash = seed4. Sets field

Hash_Function = h, - h is the hash function which is going be used

5. Calculates field Top_Hash by hashing seed Max_Hop_Count times.Top_Hash = h Max_Hop_Count (seed)

- hi(x) is the result of applying the function h to x i times.

6. When a node receives a RREQ or a RREP message, it will verify if Top_Hash == h Max_Hop_Count – Hop_Count (Hash)

- Hop_Count is the number of hops this message has passed.

7. Before rebroadcasting a RREQ of forwarding a RREP, a node doHash = h(Hash)

SAODV Digital Signatures Digital Signatures are used to protect the integrity of the

non-mutable data in RREQ and RREP messages Sign every field of the message except the Hop Count

and hash chain fields Extend original AODV routing protocol’s headers Secure AODV protocol has six types of messages

RREQ (Single) Signature Message RREQ Double Signature Message RREP (Single) Signature Message RREP Double Signature Message RERR Signature Message RREP-ACK Signature Message

SAODV Digital Signatures

An originator sends a RREQ double signature message including the RREP flags every time

An intermediate node, if it hasn’t the destination’s route entry, rebroadcasts RREQ with double signatures, one of which is needed for RREP

An intermediate node, if it has the destination’s route entry, sends a RREP with double signatures, one of which is get from the RREP flags it reserved

A destination node sends a RREP single signature message when replying a RREQ

S DA B

RREQ Double Signature Message

RREQ Double Signature Message

RREP Double Signature Message

RREP Single Signature Message

Key Management of Securing Ad Hoc Routing protocol

Symmetric VS Asymmetric Cryptography Symmetric: everybody that wants to participate in

this network has to know the secret key. Maybe not suitable

Asymmetric: everybody can participate freely. The originator of the route messages signs the messages when using an asymmetric cryptosystem. Maybe feasible.

SAODV assumes that each ad hoc node has a signature key pair from a suitable asymmetric cryptosystem.

Flaws of SAODV

Does not consider how to protect data messages

Can not solve attacks performed by more coordinated malicious nodes

More emphasis on secure routing protocol and has not its own key management mechanism

Future Work On This Topic

To realize security in Ad Hoc Networks Intrusion Prevention

Design a secure routing protocol Design a efficient and effective key

management mechanism Intrusion Detection

Study more attacks to AODV and SAODV routing protocol

Q & AQ & A