GANDHI & DAVE : SECURITY IN MOBILE AD HOC NETWORKS |
339 |
4. SECURE ROUTING PROTOCOLS IN MANET
In this section we discuss secure routing protocols that have been designed with some of the above characteristics. 4.1. Security Aware Ad hoc Routing Protocol (SAR) This protocol [13] uses the concept of Trust Hierarchy [9] where the nodes are classified into different immutable trust levels. The main idea of the protocol is to prevent the route establishment itself. The sender ensures the “quality of protection” available to their data packets by embedding security attributes into the route discovery protocol itself. The trust level acts as a security metric introduced by the initiator of the route. Thus, no node with questionable trust level ever becomes the part of the route. Only nodes having minimum acceptable security level can participate in the route and other nodes drop the request packet. The trust can be realized by having the trusted nodes share a key. Those nodes that do not posses the key cannot decrypt the encrypted packet and have to drop the packet. The drawback of SAR is the lack of scalability in case of multiple trust levels, where, multiple keys need to be generated and distributed. 4.2. Secure Routing Protocol (SRP) This protocol [14] assumes the existence of
|
Security Association (SA) between the source and destination prior to the route initiation, without the intermediate node having to cryptographically validate the control traffic [10]. This attempts to guarantee that the node initiating the route discovery will be able to differentiate between legitimate and false topological information replies. The SA is achieved through a shared key between source and destination. SRP header has three important fields: Query Sequence Number, which increases monotonically for every route request generated by source for a destination, thus, preventing the replay of old outdated requests; Query Identifier used by intermediate nodes as means to identify the request, thus, helps to prevent the fabrication of request; and MAC (Message Authentication Code), which ensures the integrity of packets in transit. This protocol guarantees the discovery of correct route, even in the presence of malicious nodes. 4.3. Authenticated Routing for Ad hoc Networks (ARAN) This protocol [15] assumes that there is a managed
and open environment where nodes wishing to
communicate can exchange initialization parameters
beforehand. ARAN consists of two stages. The first
stage is the certification and end-to-end authentication
stage. The second stage is an optional stage, used to 4.4. Watchdog and Pathrater [16] These components are implemented on top of source routing protocols like DSR. They run on each node to detect malicious nodes in the network. Watchdog causes the nodes to listen to transmissions of their one-hop neighbours. Therefore, a node can keep track of packets that were successfully transmitted by the subsequent node and the packets that were not. Thus, a node dropping all the packets is considered malicious. Pathrater maintains a rating for every other node in the network. The pathrater assigns rates to the nodes between 0 and 1 with 0.5 being the neutral. |