SlideShare a Scribd company logo
1 of 37
AASR Authenticated Anonymous Secure 
Routing for MANETs in Adversarial 
Environments 
Guider 
Ms M. Nisha M.E; 
Assistant Professor 
Presented By 
SaravananAnnamalai 
(722013405016) 
II M.E Computer Science&Engineering 
9/8/2014 1
Introduction 
• A Mobile Ad hoc Network (MANET) is a continuously self-configuring, 
infrastructure-less network of mobile devices 
connected without wires. 
• Each device in a MANET is free to move independently in any 
direction, and will therefore change its links to other devices 
frequently. 
• Each must forward traffic unrelated to its own use, and 
therefore be a router. 
• The primary challenge in building a MANET is equipping 
each device to continuously maintain the information required 
to properly route traffic and security. 
9/8/2014 2
Objective 
• A routing protocol to provide anonymity and location privacy. 
• To defend the potential active attacks without unveiling the 
node identities using group signature. 
• To prevent intermediate nodes from inferring a real destination 
using onion routing. 
• Improve throughput in the presence of adversary attacks. 
• To reduce the packet loss. 
9/8/2014 3
On-demand Ad hoc Routing 
• Reactive protocols 
– Lower overhead since routes are determined on demand 
– Significant delay in route determination 
– Employ flooding (global search) 
– Control traffic may be difficult 
– Example: DSR, AODV etc 
9/8/2014 4
Trapdoor 
• A trapdoor is a common concept that defines a one-way 
function between two sets. 
• A global trapdoor is an information collection of mechanism in 
which intermediate nodes may add information elements, such 
as node IDs, into the trapdoor. 
• Only certain nodes, such as the source and destination nodes 
can unlock and retrieve the elements using pre-established 
secret keys. 
• The usage of trapdoor requires an anonymous end-to-end key 
agreement between the source and destination. 
9/8/2014 5
Group Signature 
• It provides authentication without disturbing the anonymity. 
• Every member in a group may have a pair of group public and 
private keys issued by the group trust authority (i.e., group 
manager). 
• The member can generate its own signature by its own private 
key, and such signature can be verified by other members in 
the group without revealing the signer’s identity. 
• Only the group trust authority can trace the signer’s identity 
and revoke the group keys. 
9/8/2014 6
Issues 
• The existing protocols are vulnerable to the attacks of fake 
routing packets or denial-of-service (dos) broadcasting. 
• Route anonymity for secure communication. 
• Location privacy for secure node movement. 
• Low throughput in the presence of adversaries. 
• Heavy packet loss 
9/8/2014 7
Literature Survey 
1) M. G. Reed, P. F. Syverson, and D. M. Goldschlag, 
“Anonymous Connections and Onion Routing,” IEEE Journal 
on Selcted Area in Comm., vol. 16, no. 4, pp. 482–494, May 
1998. 
2) D. Boneh, X. Boyen, and H. Shacham, “Short group 
signatures,” in Proc. Int. Cryptology Conf. (CRYPTO’04), 
Aug. 2004. 
3) J. Kong and X. Hong, “ANODR: ANonymous On Demand 
Routing with Untraceable Routes for Mobile Ad hoc 
networks,” in Proc. ACM MobiHoc’03, Jun. 2003, pp. 291– 
302. 
9/8/2014 8
Anonymous Connections and Onion Routing 
M. G. Reed, P. F. Syverson, and D. M. Goldschlag, “Anonymous 
Connections and Onion Routing,” IEEE Journal on Selcted Area in 
Comm., vol. 16, no. 4, pp. 482–494, May 1998. 
• Onion routing is an infra structure for private communication 
over public network. 
• An onion is a data structure that is treated as the destination 
address by onion routers – anonymous connection. 
• Onions themselves appear differently to each onion router as 
well as to network observers. 
• The same goes for data carried over the connections they 
establish. 
9/8/2014 9
Basic Configuration 
• Data stream never appears in the clear on the public network, 
this data may carry identifying information, but 
communication is still private. 
• The onion router at the originating protected site knows both 
the source and destination of a connection. 
• The use of anonymous connections between two sensitive sites 
that both control onion routers effectively hides their 
communication from outsiders. 
9/8/2014 10
How Onion Routing Works 
{{{m}3}4}1 1 2 
u d 
3 
4 
5 
1. u creates l-hop circuit through routers 
2. u opens a stream in the circuit to d 
3. Data are exchanged 
9/8/2014 11
How Onion Routing Works 
{{{m’}3}4}1 1 2 
u d 
3 
4 
5 
1. u creates l-hop circuit through routers 
2. u opens a stream in the circuit to d 
3. Data are exchanged 
9/8/2014 12
How Onion Routing Works 
u 
1 2 
3 
4 
5 
1. u creates l-hop circuit through routers 
2. u opens a stream in the circuit to d 
3. Data are exchanged. 
4. Stream is closed. 
5. Circuit is changed every few minutes. 
d 
9/8/2014 13
How Onion Routing Works 
u 
1 2 
3 
4 
5 
d 
u 1 2 
Theorem 1: Adversary can only determine parts of a 
circuit it controls or is next to. 
9/8/2014 14
Short Group Signatures 
D. Boneh, X. Boyen, and H. Shacham, “Short group signatures,” in Proc. 
Int. Cryptology Conf. (CRYPTO’04), Aug. 2004. 
• Group signatures provide anonymity for signers. 
• Signatures in our scheme are approximately the size of a 
standard RSA signature with the same security. 
• Security of our group signature is based on the Strong Diffie- 
Hellman assumption and a new assumption in bilinear groups 
called the Decision Linear assumption. 
• Proof of security of our system is given by the random oracle 
model 
9/8/2014 15
Strong Diffie-hellman Assumption 
• Let G1,G2 be cyclic groups of prime order p where possibly 
G1 = G2. 
• Let g1 be a generator of G1 and g2 a generator of G2. 
• Let say that the (q, t, )-SDH assumption holds in (G1,G2) if no 
t-time algorithm has advantage at least in solving the q-SDH 
problem in (G1,G2). 
• To gain confidence in the assumption prove that it holds in 
generic groups in the sense of Shoup. 
• The q-SDH assumption has similar properties to the Strong- 
RSA assumption. 
• Use these properties to construct our short group signature 
• scheme. 
9/8/2014 16
Decision Linear assumption 
• Let g1 ϵ G1 as above, along with arbitrary generators u, v, and 
h of G1 
• Given u, v, h, ua, vb, hc 2 G1 as input, output yes if a + b = c 
and no otherwise. 
• The (t, )-Decision Linear Assumption (LA) holds in G1 if no t-time 
algorithm has advantage at least in solving the Decision 
Linear problem in G1. 
9/8/2014 17
Group Signature Security 
Properties 
• Correctness, which ensures that honestly-generated signatures 
verify and trace correctly. 
• Full-anonymity, which ensures that signatures do not reveal 
their signer’s identity. 
• Full-traceability, which ensures that all signatures, even those 
created by the collusion of multiple users and the group 
manager, trace to a member of the forging coalition. 
9/8/2014 18
ANODR: ANonymous On Demand Routing with Untraceable 
Routes for Mobile Ad hoc networks 
J. Kong and X. Hong, “ANODR: ANonymous On Demand Routing with 
Untraceable Routes for Mobile Ad hoc networks,” in Proc. ACM 
MobiHoc’03, Jun. 2003, pp. 291–302. 
• The design of ANODR is based on - broadcast with trapdoor 
information 
• Un-traceability: ANODR dissociates ad hoc routing from the 
design of network member’s identity/pseudonym. 
• Intrusion tolerance: ANODR ensures there is no single point of 
compromise in ad hoc routing. 
• Un-linkability: Anonymity in terms of un-linkability is defined 
as un-linkability of an IOI and a pseudonym. 
9/8/2014 19
Routing Attacks in MANET 
• Location privacy attack 
– Correlate a mobile node with its locations (at the 
granularity of adversary’s adjustable radio receiving range) 
– Counting/analyzing mobile nodes in a cell 
• Route tracing attack 
– Visualizing ad hoc routes 
• Motion inference attack 
– Visualizing motion patterns of mobile nodes 
– Deducing motion pattern of a set of nodes 
• Other traffic analysis 
– Analyzing packet flow metrics (as in Internet traffic 
analysis) 
9/8/2014 20
Adversary in Mobile Ad Hoc 
Networks 
• External adversary: wireless link intruder 
– Eavesdropper 
– Traffic analyst (not necessary to break cryptosystem) 
– Unbounded interception: adversary can sniff anywhere 
anytime 
• Internal adversary: mobile node intruder 
– Capture, compromise, tamper 
– Passive internal adversary is hard to detect due to lack of 
exhibition of malicious behavior 
– Bounded: otherwise secure networking is impossible 
9/8/2014 21
Framework of Anonymous Route 
Discovery (between source and destination) 
• Similar to existing on demand routing schemes 
– Route-REQuest 
RREQ,seqnum,to_be_opened_by_destanonymous_trapdoor 
– Route-REPly 
RREP, presented_by_destanonymous_proof 
• A global trapdoor can only be opened by dest 
– Not required to know where dest is 
– destination can present an anonymous proof of door opening 
• Need more design to address per-hop 
9/8/2014 22
Make On demand Routes Untraceable 
• ANODR-TBO is robust against node intrusion 
– Fully anonymous: no node identity revealed 
– Fully distributed control: avoid single point of compromise 
– Multiple paths feasible: avoid single point of failure 
• So far anonymous only, and symmetric key only 
– More complexity in realizing untraceability to hide side channels & 
resist traffic analysis 
• Protect RREP flow 
– Need an asymmetric secret channel 
• Modified RREQ: Embed a temporary asymmetric key ecpk1 
RREQ, ecpk1, seqnum, open_by_E, onion 
• Modified RREP: Exchange a secret seed Nym Kseed 
RREP, ecpk1(Kseed), Kseed (proof_from_E, onion) 
9/8/2014 23
Make Routes Untraceable (cont’d) 
• Protect reused route pseudonyms 
– Using Kseed to do self-synchronized route pseudonym 
update 
– So far all pseudonyms/aliases are one-time aliases! 
• Playout “Mixing” 
– Resist traffic analysis: 
Time correlation 
Content correlation 
Buffer, Re-order, Batch send, 
Insert dummy/decoy packets 
Alice Bob 
MIX 
Eve 
9/8/2014 
24
Existing System 
• The existing protocols are vulnerable to the attacks of fake 
routing packets or denial-of-service (DoS) broadcasting, even 
the node identities are protected by pseudonyms. 
• A number of anonymous secure routing protocols have been 
proposed, the requirement is not fully satisfied.
Disadvantages 
• Many Anonymous routing protocols are available. But it does 
not detect the active attackers effectively. 
• Low Throughput in the presence of adversaries. 
• Heavy Packet Loss 
• High delay
Proposed Work 
• The route request packets are authenticated by a group 
signature, to defend the potential active attacks without 
unveiling the node identities. 
• The key-encrypted onion routing with a route secret 
verification message, is designed to prevent intermediate nodes 
from inferring a real destination.
Route Discovery 
• The source node broadcasts an RREQ packet to every node in 
the network. 
• If the destination node receives the RREQ to itself, it will 
reply an RREP packet back along the incoming path of the 
RREQ. 
• In order to protect the anonymity when exchanging the route 
information, the packet formats are to be redesigned, and 
modify the related processes.
Route Discovery Contd. 
• Source Node: We assume that S initially knows the 
information about D, including its pseudonym, public key, and 
destination string. 
• The destination string dest is a binary string, which means 
“You are the destination” and can be recognized by D. 
• If there is no session key, S will generate a new session key 
KSD for the association between S and D.
Route Discovery Contd.
Route Discovery Contd.
Intermediate Node 
I has already established the neighbor relationship with S 
and J. I knows where the RREQ packet comes from.
Intermediate Node Contd. 
1. I receives the RREQ packet, it will verify the packet with its 
group public key GT+. 
• I can obtain the packet information. 
• Otherwise, such an RREQ packet will be marked as malicious 
and dropped. 
2. I checks the Nsq and the timestamp in order to determine 
whether the packet has been processed before or not. 
If the Nsq is not known in the routing table, it is a new 
RREQ request. 
– If the Nsq exists in the table but with an old timestamp, it 
has been processed before and will be ignored; 
– if the Nsq exist with a fresh timestamp, then the RREQ is a 
repeated request and will be recognized as an attack.
Intermediate Node contd 
• I tries to decrypt the part of VD with its own private key. 
• In case of decryption failure, I understands that it is not the 
destination of the RREQ. 
• I will assemble and broadcast another RREQ packet in the 
following format: 
• I → ∗ : [RREQ,Nsq, VD, VSD,Onion(I)]GI−
Intermediator’s Onion key & RT
Destination Node 
• When the RREQ packet reaches D, D validates it similarly to 
the intermediate nodes I or J. 
• Since D can decrypt the part of VD, it understands that it is the 
destination of the RREQ. 
• D can obtain the session key KSD, the validation nonce Nv, 
and the validation key Kv. Then D is ready to assemble an 
RREP packet to reply the S’s route request.
Advantages 
• It gives high anonymity protection 
• AASR provides higher throughput 
• Lower packet loss ratio in different mobile scenarios in the 
presence of adversary attacks. 
• It also provides better support for the secure communications.

More Related Content

What's hot

Tor network seminar by 13504
Tor network seminar  by 13504 Tor network seminar  by 13504
Tor network seminar by 13504 Prashant Rana
 
Darknets - Introduction & Deanonymization of Tor Users By Hitesh Bhatia
Darknets - Introduction &  Deanonymization of Tor Users By Hitesh BhatiaDarknets - Introduction &  Deanonymization of Tor Users By Hitesh Bhatia
Darknets - Introduction & Deanonymization of Tor Users By Hitesh BhatiaOWASP Delhi
 
Hacking Tor ( How does Tor work ?)
Hacking Tor ( How does Tor work ?)Hacking Tor ( How does Tor work ?)
Hacking Tor ( How does Tor work ?)Saprative Jana
 
Tor Project and The Darknet
Tor Project and The DarknetTor Project and The Darknet
Tor Project and The DarknetAhmed Mater
 
Acpe 2014 Internet Anonymity Using Tor
Acpe 2014  Internet Anonymity Using TorAcpe 2014  Internet Anonymity Using Tor
Acpe 2014 Internet Anonymity Using TorJack Maynard
 
Onion protocol
Onion protocolOnion protocol
Onion protocolAnshu Raj
 
Tor - Using alternative networks to protect your online privacy, by Tobias Cl...
Tor - Using alternative networks to protect your online privacy, by Tobias Cl...Tor - Using alternative networks to protect your online privacy, by Tobias Cl...
Tor - Using alternative networks to protect your online privacy, by Tobias Cl...Thoughtworks
 
Encryption and decryption in TOR
Encryption and decryption in TOREncryption and decryption in TOR
Encryption and decryption in TORanjalika sinha
 
Tor: The Second Generation Onion Router
Tor: The Second Generation Onion RouterTor: The Second Generation Onion Router
Tor: The Second Generation Onion RouterMohammed Bharmal
 
Anonymous Connections And Onion Routing
Anonymous Connections And Onion RoutingAnonymous Connections And Onion Routing
Anonymous Connections And Onion RoutingAli Habeeb
 
TOR Packet Analysis - Locating Identifying Markers
TOR Packet Analysis - Locating Identifying MarkersTOR Packet Analysis - Locating Identifying Markers
TOR Packet Analysis - Locating Identifying MarkersBrent Muir
 

What's hot (19)

Tor browser
Tor browserTor browser
Tor browser
 
Tor network seminar by 13504
Tor network seminar  by 13504 Tor network seminar  by 13504
Tor network seminar by 13504
 
Darknets - Introduction & Deanonymization of Tor Users By Hitesh Bhatia
Darknets - Introduction &  Deanonymization of Tor Users By Hitesh BhatiaDarknets - Introduction &  Deanonymization of Tor Users By Hitesh Bhatia
Darknets - Introduction & Deanonymization of Tor Users By Hitesh Bhatia
 
Hacking Tor ( How does Tor work ?)
Hacking Tor ( How does Tor work ?)Hacking Tor ( How does Tor work ?)
Hacking Tor ( How does Tor work ?)
 
Tor Project and The Darknet
Tor Project and The DarknetTor Project and The Darknet
Tor Project and The Darknet
 
Acpe 2014 Internet Anonymity Using Tor
Acpe 2014  Internet Anonymity Using TorAcpe 2014  Internet Anonymity Using Tor
Acpe 2014 Internet Anonymity Using Tor
 
Onion protocol
Onion protocolOnion protocol
Onion protocol
 
Tor - Using alternative networks to protect your online privacy, by Tobias Cl...
Tor - Using alternative networks to protect your online privacy, by Tobias Cl...Tor - Using alternative networks to protect your online privacy, by Tobias Cl...
Tor - Using alternative networks to protect your online privacy, by Tobias Cl...
 
Encryption and decryption in TOR
Encryption and decryption in TOREncryption and decryption in TOR
Encryption and decryption in TOR
 
Tor: The Second Generation Onion Router
Tor: The Second Generation Onion RouterTor: The Second Generation Onion Router
Tor: The Second Generation Onion Router
 
Tor the onion router
Tor   the onion routerTor   the onion router
Tor the onion router
 
Introduction to Tor
Introduction to TorIntroduction to Tor
Introduction to Tor
 
Tor Pivoting Networks Share
Tor Pivoting Networks Share Tor Pivoting Networks Share
Tor Pivoting Networks Share
 
Anonymous Connections And Onion Routing
Anonymous Connections And Onion RoutingAnonymous Connections And Onion Routing
Anonymous Connections And Onion Routing
 
Tor Presentation
Tor PresentationTor Presentation
Tor Presentation
 
Tor
TorTor
Tor
 
Tor Network
Tor NetworkTor Network
Tor Network
 
TOR NETWORK
TOR NETWORKTOR NETWORK
TOR NETWORK
 
TOR Packet Analysis - Locating Identifying Markers
TOR Packet Analysis - Locating Identifying MarkersTOR Packet Analysis - Locating Identifying Markers
TOR Packet Analysis - Locating Identifying Markers
 

Viewers also liked (20)

Deep web
Deep webDeep web
Deep web
 
Deep web
Deep webDeep web
Deep web
 
Deep Web
Deep WebDeep Web
Deep Web
 
Darknet
DarknetDarknet
Darknet
 
Deep web
Deep webDeep web
Deep web
 
Network Security‬ and Big ‪‎Data Analytics‬
Network Security‬ and Big ‪‎Data Analytics‬Network Security‬ and Big ‪‎Data Analytics‬
Network Security‬ and Big ‪‎Data Analytics‬
 
Darknet
DarknetDarknet
Darknet
 
Darknet
DarknetDarknet
Darknet
 
Darknet
DarknetDarknet
Darknet
 
Deep web (Dark side)
Deep web (Dark side)Deep web (Dark side)
Deep web (Dark side)
 
Deep or dark web
Deep or dark webDeep or dark web
Deep or dark web
 
Deepweb and darkweb vinodkumar ancha
Deepweb and darkweb vinodkumar anchaDeepweb and darkweb vinodkumar ancha
Deepweb and darkweb vinodkumar ancha
 
The Dark Net
The Dark NetThe Dark Net
The Dark Net
 
Deep web
Deep webDeep web
Deep web
 
Deep Web & Dark Web
Deep Web & Dark WebDeep Web & Dark Web
Deep Web & Dark Web
 
Deep web power point presentation
Deep web power point presentationDeep web power point presentation
Deep web power point presentation
 
Deep Web - what to do and what not to do
Deep Web - what to do and what not to do	Deep Web - what to do and what not to do
Deep Web - what to do and what not to do
 
The Deep Web, TOR Network and Internet Anonymity
The Deep Web, TOR Network and Internet AnonymityThe Deep Web, TOR Network and Internet Anonymity
The Deep Web, TOR Network and Internet Anonymity
 
The Deep Web
The Deep WebThe Deep Web
The Deep Web
 
Darknet
DarknetDarknet
Darknet
 

Similar to AASR Authenticated Anonymous Secure Routing for MANETs in Adversarial Environments-First review

Secure Routing for MANET in Adversarial Environment
Secure Routing for MANET in Adversarial EnvironmentSecure Routing for MANET in Adversarial Environment
Secure Routing for MANET in Adversarial EnvironmentIJCERT
 
Securing Data Communication for Node Anonymization Using Location Information
Securing Data Communication for Node Anonymization Using  Location InformationSecuring Data Communication for Node Anonymization Using  Location Information
Securing Data Communication for Node Anonymization Using Location InformationIJMER
 
International Journal of Engineering Research and Development
International Journal of Engineering Research and DevelopmentInternational Journal of Engineering Research and Development
International Journal of Engineering Research and DevelopmentIJERD Editor
 
DESIGN OF A SCHEME FOR SECURE ROUTING IN MOBILE AD HOC NETWORKS
DESIGN OF A SCHEME FOR SECURE ROUTING IN MOBILE AD HOC NETWORKSDESIGN OF A SCHEME FOR SECURE ROUTING IN MOBILE AD HOC NETWORKS
DESIGN OF A SCHEME FOR SECURE ROUTING IN MOBILE AD HOC NETWORKScscpconf
 
Survey on Efficient and Secure Anonymous Communication in Manets
Survey on Efficient and Secure Anonymous Communication in ManetsSurvey on Efficient and Secure Anonymous Communication in Manets
Survey on Efficient and Secure Anonymous Communication in ManetsEditor IJCATR
 
SRAAA – Secured Right Angled and Ant Search Hybrid Routing Protocol for MANETs
SRAAA – Secured Right Angled and Ant Search Hybrid Routing Protocol for MANETsSRAAA – Secured Right Angled and Ant Search Hybrid Routing Protocol for MANETs
SRAAA – Secured Right Angled and Ant Search Hybrid Routing Protocol for MANETsAM Publications,India
 
SECURE LOCATION BASED ROUTING FOR MANETS
SECURE LOCATION BASED ROUTING FOR MANETSSECURE LOCATION BASED ROUTING FOR MANETS
SECURE LOCATION BASED ROUTING FOR MANETSAnkur Singhal
 
A adaptive neighbor analysis approach to detect cooperative selfish node in m...
A adaptive neighbor analysis approach to detect cooperative selfish node in m...A adaptive neighbor analysis approach to detect cooperative selfish node in m...
A adaptive neighbor analysis approach to detect cooperative selfish node in m...Jyoti Parashar
 
Secure dynamic source routing protocol for defending black hole attacks in mo...
Secure dynamic source routing protocol for defending black hole attacks in mo...Secure dynamic source routing protocol for defending black hole attacks in mo...
Secure dynamic source routing protocol for defending black hole attacks in mo...nooriasukmaningtyas
 
Introduction to cyber forensics
Introduction to cyber forensicsIntroduction to cyber forensics
Introduction to cyber forensicsAnpumathews
 
“Reducing packet loss in manet”
“Reducing packet loss in manet”“Reducing packet loss in manet”
“Reducing packet loss in manet”Alexander Decker
 

Similar to AASR Authenticated Anonymous Secure Routing for MANETs in Adversarial Environments-First review (20)

Secure Routing for MANET in Adversarial Environment
Secure Routing for MANET in Adversarial EnvironmentSecure Routing for MANET in Adversarial Environment
Secure Routing for MANET in Adversarial Environment
 
Securing Data Communication for Node Anonymization Using Location Information
Securing Data Communication for Node Anonymization Using  Location InformationSecuring Data Communication for Node Anonymization Using  Location Information
Securing Data Communication for Node Anonymization Using Location Information
 
B43040610
B43040610B43040610
B43040610
 
International Journal of Engineering Research and Development
International Journal of Engineering Research and DevelopmentInternational Journal of Engineering Research and Development
International Journal of Engineering Research and Development
 
Wormhole attack
Wormhole attackWormhole attack
Wormhole attack
 
SZRP.pdf
SZRP.pdfSZRP.pdf
SZRP.pdf
 
Onion Routing.ppt
Onion Routing.pptOnion Routing.ppt
Onion Routing.ppt
 
3. WIRELESS_PROTOCOLS.pptx
3. WIRELESS_PROTOCOLS.pptx3. WIRELESS_PROTOCOLS.pptx
3. WIRELESS_PROTOCOLS.pptx
 
Aa04404164169
Aa04404164169Aa04404164169
Aa04404164169
 
DESIGN OF A SCHEME FOR SECURE ROUTING IN MOBILE AD HOC NETWORKS
DESIGN OF A SCHEME FOR SECURE ROUTING IN MOBILE AD HOC NETWORKSDESIGN OF A SCHEME FOR SECURE ROUTING IN MOBILE AD HOC NETWORKS
DESIGN OF A SCHEME FOR SECURE ROUTING IN MOBILE AD HOC NETWORKS
 
Survey on Efficient and Secure Anonymous Communication in Manets
Survey on Efficient and Secure Anonymous Communication in ManetsSurvey on Efficient and Secure Anonymous Communication in Manets
Survey on Efficient and Secure Anonymous Communication in Manets
 
SRAAA – Secured Right Angled and Ant Search Hybrid Routing Protocol for MANETs
SRAAA – Secured Right Angled and Ant Search Hybrid Routing Protocol for MANETsSRAAA – Secured Right Angled and Ant Search Hybrid Routing Protocol for MANETs
SRAAA – Secured Right Angled and Ant Search Hybrid Routing Protocol for MANETs
 
ant2
ant2ant2
ant2
 
SECURE LOCATION BASED ROUTING FOR MANETS
SECURE LOCATION BASED ROUTING FOR MANETSSECURE LOCATION BASED ROUTING FOR MANETS
SECURE LOCATION BASED ROUTING FOR MANETS
 
Non Path-Based Mutual Anonymity Protocol for Decentralized P2P System
Non Path-Based Mutual Anonymity Protocol for Decentralized P2P SystemNon Path-Based Mutual Anonymity Protocol for Decentralized P2P System
Non Path-Based Mutual Anonymity Protocol for Decentralized P2P System
 
A adaptive neighbor analysis approach to detect cooperative selfish node in m...
A adaptive neighbor analysis approach to detect cooperative selfish node in m...A adaptive neighbor analysis approach to detect cooperative selfish node in m...
A adaptive neighbor analysis approach to detect cooperative selfish node in m...
 
01438360
0143836001438360
01438360
 
Secure dynamic source routing protocol for defending black hole attacks in mo...
Secure dynamic source routing protocol for defending black hole attacks in mo...Secure dynamic source routing protocol for defending black hole attacks in mo...
Secure dynamic source routing protocol for defending black hole attacks in mo...
 
Introduction to cyber forensics
Introduction to cyber forensicsIntroduction to cyber forensics
Introduction to cyber forensics
 
“Reducing packet loss in manet”
“Reducing packet loss in manet”“Reducing packet loss in manet”
“Reducing packet loss in manet”
 

More from AAKASH S

Detecting of routng misbehavion in hybrid wireless networks used and acknowle...
Detecting of routng misbehavion in hybrid wireless networks used and acknowle...Detecting of routng misbehavion in hybrid wireless networks used and acknowle...
Detecting of routng misbehavion in hybrid wireless networks used and acknowle...AAKASH S
 
A secure qos distributed routing protocol for hybrid wireless networks
A secure qos distributed routing protocol for hybrid wireless networksA secure qos distributed routing protocol for hybrid wireless networks
A secure qos distributed routing protocol for hybrid wireless networksAAKASH S
 
Enhanced Adaptive ACKnowledgment (EAACK)
Enhanced Adaptive ACKnowledgment (EAACK)Enhanced Adaptive ACKnowledgment (EAACK)
Enhanced Adaptive ACKnowledgment (EAACK)AAKASH S
 
A SECURE QOS ROUTING PROTCOL FOR HYBRID WIRELESS NETWORKS
A SECURE QOS ROUTING PROTCOL FOR HYBRID WIRELESS NETWORKSA SECURE QOS ROUTING PROTCOL FOR HYBRID WIRELESS NETWORKS
A SECURE QOS ROUTING PROTCOL FOR HYBRID WIRELESS NETWORKSAAKASH S
 
Intrusion detection system
Intrusion detection systemIntrusion detection system
Intrusion detection systemAAKASH S
 
QOD PHASE-1 FINAL PPT
QOD PHASE-1 FINAL PPTQOD PHASE-1 FINAL PPT
QOD PHASE-1 FINAL PPTAAKASH S
 
QOD routing protocols : phase 1 ppt
QOD routing  protocols : phase 1 pptQOD routing  protocols : phase 1 ppt
QOD routing protocols : phase 1 pptAAKASH S
 
Qo s oriented distributed routing protocols : anna university 2nd review ppt
Qo s   oriented  distributed routing  protocols : anna university 2nd review pptQo s   oriented  distributed routing  protocols : anna university 2nd review ppt
Qo s oriented distributed routing protocols : anna university 2nd review pptAAKASH S
 
CP7301 Software Process and Project Management notes
CP7301 Software Process and Project Management   notesCP7301 Software Process and Project Management   notes
CP7301 Software Process and Project Management notesAAKASH S
 
Capability Maturity Model Integration
Capability Maturity Model IntegrationCapability Maturity Model Integration
Capability Maturity Model IntegrationAAKASH S
 
Network simulator 2
Network simulator 2Network simulator 2
Network simulator 2AAKASH S
 
Network simulator 2
Network simulator 2Network simulator 2
Network simulator 2AAKASH S
 
Network simulator 2
Network simulator 2Network simulator 2
Network simulator 2AAKASH S
 
OSI model (7 LAYER )
OSI model (7 LAYER )OSI model (7 LAYER )
OSI model (7 LAYER )AAKASH S
 
A QoS oriented distributed routing protocol for Hybrid Wireless Network :Firs...
A QoS oriented distributed routing protocol for Hybrid Wireless Network :Firs...A QoS oriented distributed routing protocol for Hybrid Wireless Network :Firs...
A QoS oriented distributed routing protocol for Hybrid Wireless Network :Firs...AAKASH S
 
Meeting Deadlines of Scientific Workflows in Public Clouds with Tasks Replica...
Meeting Deadlines of Scientific Workflows in Public Clouds with Tasks Replica...Meeting Deadlines of Scientific Workflows in Public Clouds with Tasks Replica...
Meeting Deadlines of Scientific Workflows in Public Clouds with Tasks Replica...AAKASH S
 
Hybrid wireless network -0th review
Hybrid wireless network -0th review Hybrid wireless network -0th review
Hybrid wireless network -0th review AAKASH S
 

More from AAKASH S (17)

Detecting of routng misbehavion in hybrid wireless networks used and acknowle...
Detecting of routng misbehavion in hybrid wireless networks used and acknowle...Detecting of routng misbehavion in hybrid wireless networks used and acknowle...
Detecting of routng misbehavion in hybrid wireless networks used and acknowle...
 
A secure qos distributed routing protocol for hybrid wireless networks
A secure qos distributed routing protocol for hybrid wireless networksA secure qos distributed routing protocol for hybrid wireless networks
A secure qos distributed routing protocol for hybrid wireless networks
 
Enhanced Adaptive ACKnowledgment (EAACK)
Enhanced Adaptive ACKnowledgment (EAACK)Enhanced Adaptive ACKnowledgment (EAACK)
Enhanced Adaptive ACKnowledgment (EAACK)
 
A SECURE QOS ROUTING PROTCOL FOR HYBRID WIRELESS NETWORKS
A SECURE QOS ROUTING PROTCOL FOR HYBRID WIRELESS NETWORKSA SECURE QOS ROUTING PROTCOL FOR HYBRID WIRELESS NETWORKS
A SECURE QOS ROUTING PROTCOL FOR HYBRID WIRELESS NETWORKS
 
Intrusion detection system
Intrusion detection systemIntrusion detection system
Intrusion detection system
 
QOD PHASE-1 FINAL PPT
QOD PHASE-1 FINAL PPTQOD PHASE-1 FINAL PPT
QOD PHASE-1 FINAL PPT
 
QOD routing protocols : phase 1 ppt
QOD routing  protocols : phase 1 pptQOD routing  protocols : phase 1 ppt
QOD routing protocols : phase 1 ppt
 
Qo s oriented distributed routing protocols : anna university 2nd review ppt
Qo s   oriented  distributed routing  protocols : anna university 2nd review pptQo s   oriented  distributed routing  protocols : anna university 2nd review ppt
Qo s oriented distributed routing protocols : anna university 2nd review ppt
 
CP7301 Software Process and Project Management notes
CP7301 Software Process and Project Management   notesCP7301 Software Process and Project Management   notes
CP7301 Software Process and Project Management notes
 
Capability Maturity Model Integration
Capability Maturity Model IntegrationCapability Maturity Model Integration
Capability Maturity Model Integration
 
Network simulator 2
Network simulator 2Network simulator 2
Network simulator 2
 
Network simulator 2
Network simulator 2Network simulator 2
Network simulator 2
 
Network simulator 2
Network simulator 2Network simulator 2
Network simulator 2
 
OSI model (7 LAYER )
OSI model (7 LAYER )OSI model (7 LAYER )
OSI model (7 LAYER )
 
A QoS oriented distributed routing protocol for Hybrid Wireless Network :Firs...
A QoS oriented distributed routing protocol for Hybrid Wireless Network :Firs...A QoS oriented distributed routing protocol for Hybrid Wireless Network :Firs...
A QoS oriented distributed routing protocol for Hybrid Wireless Network :Firs...
 
Meeting Deadlines of Scientific Workflows in Public Clouds with Tasks Replica...
Meeting Deadlines of Scientific Workflows in Public Clouds with Tasks Replica...Meeting Deadlines of Scientific Workflows in Public Clouds with Tasks Replica...
Meeting Deadlines of Scientific Workflows in Public Clouds with Tasks Replica...
 
Hybrid wireless network -0th review
Hybrid wireless network -0th review Hybrid wireless network -0th review
Hybrid wireless network -0th review
 

Recently uploaded

Dairy management system project report..pdf
Dairy management system project report..pdfDairy management system project report..pdf
Dairy management system project report..pdfKamal Acharya
 
Multivibrator and its types defination and usges.pptx
Multivibrator and its types defination and usges.pptxMultivibrator and its types defination and usges.pptx
Multivibrator and its types defination and usges.pptxalijaker017
 
Artificial Intelligence Bayesian Reasoning
Artificial Intelligence Bayesian ReasoningArtificial Intelligence Bayesian Reasoning
Artificial Intelligence Bayesian Reasoninghotman30312
 
Quiz application system project report..pdf
Quiz application system project report..pdfQuiz application system project report..pdf
Quiz application system project report..pdfKamal Acharya
 
Introduction to Artificial Intelligence and History of AI
Introduction to Artificial Intelligence and History of AIIntroduction to Artificial Intelligence and History of AI
Introduction to Artificial Intelligence and History of AISheetal Jain
 
School management system project report.pdf
School management system project report.pdfSchool management system project report.pdf
School management system project report.pdfKamal Acharya
 
Teachers record management system project report..pdf
Teachers record management system project report..pdfTeachers record management system project report..pdf
Teachers record management system project report..pdfKamal Acharya
 
BRAKING SYSTEM IN INDIAN RAILWAY AutoCAD DRAWING
BRAKING SYSTEM IN INDIAN RAILWAY AutoCAD DRAWINGBRAKING SYSTEM IN INDIAN RAILWAY AutoCAD DRAWING
BRAKING SYSTEM IN INDIAN RAILWAY AutoCAD DRAWINGKOUSTAV SARKAR
 
Lab Manual Arduino UNO Microcontrollar.docx
Lab Manual Arduino UNO Microcontrollar.docxLab Manual Arduino UNO Microcontrollar.docx
Lab Manual Arduino UNO Microcontrollar.docxRashidFaridChishti
 
Intelligent Agents, A discovery on How A Rational Agent Acts
Intelligent Agents, A discovery on How A Rational Agent ActsIntelligent Agents, A discovery on How A Rational Agent Acts
Intelligent Agents, A discovery on How A Rational Agent ActsSheetal Jain
 
Paint shop management system project report.pdf
Paint shop management system project report.pdfPaint shop management system project report.pdf
Paint shop management system project report.pdfKamal Acharya
 
BURGER ORDERING SYSYTEM PROJECT REPORT..pdf
BURGER ORDERING SYSYTEM PROJECT REPORT..pdfBURGER ORDERING SYSYTEM PROJECT REPORT..pdf
BURGER ORDERING SYSYTEM PROJECT REPORT..pdfKamal Acharya
 
ChatGPT Prompt Engineering for project managers.pdf
ChatGPT Prompt Engineering for project managers.pdfChatGPT Prompt Engineering for project managers.pdf
ChatGPT Prompt Engineering for project managers.pdfqasastareekh
 
Attraction and Repulsion type Moving Iron Instruments.pptx
Attraction and Repulsion type Moving Iron Instruments.pptxAttraction and Repulsion type Moving Iron Instruments.pptx
Attraction and Repulsion type Moving Iron Instruments.pptxkarthikeyanS725446
 
Arduino based vehicle speed tracker project
Arduino based vehicle speed tracker projectArduino based vehicle speed tracker project
Arduino based vehicle speed tracker projectRased Khan
 
Natalia Rutkowska - BIM School Course in Kraków
Natalia Rutkowska - BIM School Course in KrakówNatalia Rutkowska - BIM School Course in Kraków
Natalia Rutkowska - BIM School Course in Krakówbim.edu.pl
 
2024 DevOps Pro Europe - Growing at the edge
2024 DevOps Pro Europe - Growing at the edge2024 DevOps Pro Europe - Growing at the edge
2024 DevOps Pro Europe - Growing at the edgePaco Orozco
 
Construction method of steel structure space frame .pptx
Construction method of steel structure space frame .pptxConstruction method of steel structure space frame .pptx
Construction method of steel structure space frame .pptxwendy cai
 
"United Nations Park" Site Visit Report.
"United Nations Park" Site  Visit Report."United Nations Park" Site  Visit Report.
"United Nations Park" Site Visit Report.MdManikurRahman
 
Seismic Hazard Assessment Software in Python by Prof. Dr. Costas Sachpazis
Seismic Hazard Assessment Software in Python by Prof. Dr. Costas SachpazisSeismic Hazard Assessment Software in Python by Prof. Dr. Costas Sachpazis
Seismic Hazard Assessment Software in Python by Prof. Dr. Costas SachpazisDr.Costas Sachpazis
 

Recently uploaded (20)

Dairy management system project report..pdf
Dairy management system project report..pdfDairy management system project report..pdf
Dairy management system project report..pdf
 
Multivibrator and its types defination and usges.pptx
Multivibrator and its types defination and usges.pptxMultivibrator and its types defination and usges.pptx
Multivibrator and its types defination and usges.pptx
 
Artificial Intelligence Bayesian Reasoning
Artificial Intelligence Bayesian ReasoningArtificial Intelligence Bayesian Reasoning
Artificial Intelligence Bayesian Reasoning
 
Quiz application system project report..pdf
Quiz application system project report..pdfQuiz application system project report..pdf
Quiz application system project report..pdf
 
Introduction to Artificial Intelligence and History of AI
Introduction to Artificial Intelligence and History of AIIntroduction to Artificial Intelligence and History of AI
Introduction to Artificial Intelligence and History of AI
 
School management system project report.pdf
School management system project report.pdfSchool management system project report.pdf
School management system project report.pdf
 
Teachers record management system project report..pdf
Teachers record management system project report..pdfTeachers record management system project report..pdf
Teachers record management system project report..pdf
 
BRAKING SYSTEM IN INDIAN RAILWAY AutoCAD DRAWING
BRAKING SYSTEM IN INDIAN RAILWAY AutoCAD DRAWINGBRAKING SYSTEM IN INDIAN RAILWAY AutoCAD DRAWING
BRAKING SYSTEM IN INDIAN RAILWAY AutoCAD DRAWING
 
Lab Manual Arduino UNO Microcontrollar.docx
Lab Manual Arduino UNO Microcontrollar.docxLab Manual Arduino UNO Microcontrollar.docx
Lab Manual Arduino UNO Microcontrollar.docx
 
Intelligent Agents, A discovery on How A Rational Agent Acts
Intelligent Agents, A discovery on How A Rational Agent ActsIntelligent Agents, A discovery on How A Rational Agent Acts
Intelligent Agents, A discovery on How A Rational Agent Acts
 
Paint shop management system project report.pdf
Paint shop management system project report.pdfPaint shop management system project report.pdf
Paint shop management system project report.pdf
 
BURGER ORDERING SYSYTEM PROJECT REPORT..pdf
BURGER ORDERING SYSYTEM PROJECT REPORT..pdfBURGER ORDERING SYSYTEM PROJECT REPORT..pdf
BURGER ORDERING SYSYTEM PROJECT REPORT..pdf
 
ChatGPT Prompt Engineering for project managers.pdf
ChatGPT Prompt Engineering for project managers.pdfChatGPT Prompt Engineering for project managers.pdf
ChatGPT Prompt Engineering for project managers.pdf
 
Attraction and Repulsion type Moving Iron Instruments.pptx
Attraction and Repulsion type Moving Iron Instruments.pptxAttraction and Repulsion type Moving Iron Instruments.pptx
Attraction and Repulsion type Moving Iron Instruments.pptx
 
Arduino based vehicle speed tracker project
Arduino based vehicle speed tracker projectArduino based vehicle speed tracker project
Arduino based vehicle speed tracker project
 
Natalia Rutkowska - BIM School Course in Kraków
Natalia Rutkowska - BIM School Course in KrakówNatalia Rutkowska - BIM School Course in Kraków
Natalia Rutkowska - BIM School Course in Kraków
 
2024 DevOps Pro Europe - Growing at the edge
2024 DevOps Pro Europe - Growing at the edge2024 DevOps Pro Europe - Growing at the edge
2024 DevOps Pro Europe - Growing at the edge
 
Construction method of steel structure space frame .pptx
Construction method of steel structure space frame .pptxConstruction method of steel structure space frame .pptx
Construction method of steel structure space frame .pptx
 
"United Nations Park" Site Visit Report.
"United Nations Park" Site  Visit Report."United Nations Park" Site  Visit Report.
"United Nations Park" Site Visit Report.
 
Seismic Hazard Assessment Software in Python by Prof. Dr. Costas Sachpazis
Seismic Hazard Assessment Software in Python by Prof. Dr. Costas SachpazisSeismic Hazard Assessment Software in Python by Prof. Dr. Costas Sachpazis
Seismic Hazard Assessment Software in Python by Prof. Dr. Costas Sachpazis
 

AASR Authenticated Anonymous Secure Routing for MANETs in Adversarial Environments-First review

  • 1. AASR Authenticated Anonymous Secure Routing for MANETs in Adversarial Environments Guider Ms M. Nisha M.E; Assistant Professor Presented By SaravananAnnamalai (722013405016) II M.E Computer Science&Engineering 9/8/2014 1
  • 2. Introduction • A Mobile Ad hoc Network (MANET) is a continuously self-configuring, infrastructure-less network of mobile devices connected without wires. • Each device in a MANET is free to move independently in any direction, and will therefore change its links to other devices frequently. • Each must forward traffic unrelated to its own use, and therefore be a router. • The primary challenge in building a MANET is equipping each device to continuously maintain the information required to properly route traffic and security. 9/8/2014 2
  • 3. Objective • A routing protocol to provide anonymity and location privacy. • To defend the potential active attacks without unveiling the node identities using group signature. • To prevent intermediate nodes from inferring a real destination using onion routing. • Improve throughput in the presence of adversary attacks. • To reduce the packet loss. 9/8/2014 3
  • 4. On-demand Ad hoc Routing • Reactive protocols – Lower overhead since routes are determined on demand – Significant delay in route determination – Employ flooding (global search) – Control traffic may be difficult – Example: DSR, AODV etc 9/8/2014 4
  • 5. Trapdoor • A trapdoor is a common concept that defines a one-way function between two sets. • A global trapdoor is an information collection of mechanism in which intermediate nodes may add information elements, such as node IDs, into the trapdoor. • Only certain nodes, such as the source and destination nodes can unlock and retrieve the elements using pre-established secret keys. • The usage of trapdoor requires an anonymous end-to-end key agreement between the source and destination. 9/8/2014 5
  • 6. Group Signature • It provides authentication without disturbing the anonymity. • Every member in a group may have a pair of group public and private keys issued by the group trust authority (i.e., group manager). • The member can generate its own signature by its own private key, and such signature can be verified by other members in the group without revealing the signer’s identity. • Only the group trust authority can trace the signer’s identity and revoke the group keys. 9/8/2014 6
  • 7. Issues • The existing protocols are vulnerable to the attacks of fake routing packets or denial-of-service (dos) broadcasting. • Route anonymity for secure communication. • Location privacy for secure node movement. • Low throughput in the presence of adversaries. • Heavy packet loss 9/8/2014 7
  • 8. Literature Survey 1) M. G. Reed, P. F. Syverson, and D. M. Goldschlag, “Anonymous Connections and Onion Routing,” IEEE Journal on Selcted Area in Comm., vol. 16, no. 4, pp. 482–494, May 1998. 2) D. Boneh, X. Boyen, and H. Shacham, “Short group signatures,” in Proc. Int. Cryptology Conf. (CRYPTO’04), Aug. 2004. 3) J. Kong and X. Hong, “ANODR: ANonymous On Demand Routing with Untraceable Routes for Mobile Ad hoc networks,” in Proc. ACM MobiHoc’03, Jun. 2003, pp. 291– 302. 9/8/2014 8
  • 9. Anonymous Connections and Onion Routing M. G. Reed, P. F. Syverson, and D. M. Goldschlag, “Anonymous Connections and Onion Routing,” IEEE Journal on Selcted Area in Comm., vol. 16, no. 4, pp. 482–494, May 1998. • Onion routing is an infra structure for private communication over public network. • An onion is a data structure that is treated as the destination address by onion routers – anonymous connection. • Onions themselves appear differently to each onion router as well as to network observers. • The same goes for data carried over the connections they establish. 9/8/2014 9
  • 10. Basic Configuration • Data stream never appears in the clear on the public network, this data may carry identifying information, but communication is still private. • The onion router at the originating protected site knows both the source and destination of a connection. • The use of anonymous connections between two sensitive sites that both control onion routers effectively hides their communication from outsiders. 9/8/2014 10
  • 11. How Onion Routing Works {{{m}3}4}1 1 2 u d 3 4 5 1. u creates l-hop circuit through routers 2. u opens a stream in the circuit to d 3. Data are exchanged 9/8/2014 11
  • 12. How Onion Routing Works {{{m’}3}4}1 1 2 u d 3 4 5 1. u creates l-hop circuit through routers 2. u opens a stream in the circuit to d 3. Data are exchanged 9/8/2014 12
  • 13. How Onion Routing Works u 1 2 3 4 5 1. u creates l-hop circuit through routers 2. u opens a stream in the circuit to d 3. Data are exchanged. 4. Stream is closed. 5. Circuit is changed every few minutes. d 9/8/2014 13
  • 14. How Onion Routing Works u 1 2 3 4 5 d u 1 2 Theorem 1: Adversary can only determine parts of a circuit it controls or is next to. 9/8/2014 14
  • 15. Short Group Signatures D. Boneh, X. Boyen, and H. Shacham, “Short group signatures,” in Proc. Int. Cryptology Conf. (CRYPTO’04), Aug. 2004. • Group signatures provide anonymity for signers. • Signatures in our scheme are approximately the size of a standard RSA signature with the same security. • Security of our group signature is based on the Strong Diffie- Hellman assumption and a new assumption in bilinear groups called the Decision Linear assumption. • Proof of security of our system is given by the random oracle model 9/8/2014 15
  • 16. Strong Diffie-hellman Assumption • Let G1,G2 be cyclic groups of prime order p where possibly G1 = G2. • Let g1 be a generator of G1 and g2 a generator of G2. • Let say that the (q, t, )-SDH assumption holds in (G1,G2) if no t-time algorithm has advantage at least in solving the q-SDH problem in (G1,G2). • To gain confidence in the assumption prove that it holds in generic groups in the sense of Shoup. • The q-SDH assumption has similar properties to the Strong- RSA assumption. • Use these properties to construct our short group signature • scheme. 9/8/2014 16
  • 17. Decision Linear assumption • Let g1 ϵ G1 as above, along with arbitrary generators u, v, and h of G1 • Given u, v, h, ua, vb, hc 2 G1 as input, output yes if a + b = c and no otherwise. • The (t, )-Decision Linear Assumption (LA) holds in G1 if no t-time algorithm has advantage at least in solving the Decision Linear problem in G1. 9/8/2014 17
  • 18. Group Signature Security Properties • Correctness, which ensures that honestly-generated signatures verify and trace correctly. • Full-anonymity, which ensures that signatures do not reveal their signer’s identity. • Full-traceability, which ensures that all signatures, even those created by the collusion of multiple users and the group manager, trace to a member of the forging coalition. 9/8/2014 18
  • 19. ANODR: ANonymous On Demand Routing with Untraceable Routes for Mobile Ad hoc networks J. Kong and X. Hong, “ANODR: ANonymous On Demand Routing with Untraceable Routes for Mobile Ad hoc networks,” in Proc. ACM MobiHoc’03, Jun. 2003, pp. 291–302. • The design of ANODR is based on - broadcast with trapdoor information • Un-traceability: ANODR dissociates ad hoc routing from the design of network member’s identity/pseudonym. • Intrusion tolerance: ANODR ensures there is no single point of compromise in ad hoc routing. • Un-linkability: Anonymity in terms of un-linkability is defined as un-linkability of an IOI and a pseudonym. 9/8/2014 19
  • 20. Routing Attacks in MANET • Location privacy attack – Correlate a mobile node with its locations (at the granularity of adversary’s adjustable radio receiving range) – Counting/analyzing mobile nodes in a cell • Route tracing attack – Visualizing ad hoc routes • Motion inference attack – Visualizing motion patterns of mobile nodes – Deducing motion pattern of a set of nodes • Other traffic analysis – Analyzing packet flow metrics (as in Internet traffic analysis) 9/8/2014 20
  • 21. Adversary in Mobile Ad Hoc Networks • External adversary: wireless link intruder – Eavesdropper – Traffic analyst (not necessary to break cryptosystem) – Unbounded interception: adversary can sniff anywhere anytime • Internal adversary: mobile node intruder – Capture, compromise, tamper – Passive internal adversary is hard to detect due to lack of exhibition of malicious behavior – Bounded: otherwise secure networking is impossible 9/8/2014 21
  • 22. Framework of Anonymous Route Discovery (between source and destination) • Similar to existing on demand routing schemes – Route-REQuest RREQ,seqnum,to_be_opened_by_destanonymous_trapdoor – Route-REPly RREP, presented_by_destanonymous_proof • A global trapdoor can only be opened by dest – Not required to know where dest is – destination can present an anonymous proof of door opening • Need more design to address per-hop 9/8/2014 22
  • 23. Make On demand Routes Untraceable • ANODR-TBO is robust against node intrusion – Fully anonymous: no node identity revealed – Fully distributed control: avoid single point of compromise – Multiple paths feasible: avoid single point of failure • So far anonymous only, and symmetric key only – More complexity in realizing untraceability to hide side channels & resist traffic analysis • Protect RREP flow – Need an asymmetric secret channel • Modified RREQ: Embed a temporary asymmetric key ecpk1 RREQ, ecpk1, seqnum, open_by_E, onion • Modified RREP: Exchange a secret seed Nym Kseed RREP, ecpk1(Kseed), Kseed (proof_from_E, onion) 9/8/2014 23
  • 24. Make Routes Untraceable (cont’d) • Protect reused route pseudonyms – Using Kseed to do self-synchronized route pseudonym update – So far all pseudonyms/aliases are one-time aliases! • Playout “Mixing” – Resist traffic analysis: Time correlation Content correlation Buffer, Re-order, Batch send, Insert dummy/decoy packets Alice Bob MIX Eve 9/8/2014 24
  • 25. Existing System • The existing protocols are vulnerable to the attacks of fake routing packets or denial-of-service (DoS) broadcasting, even the node identities are protected by pseudonyms. • A number of anonymous secure routing protocols have been proposed, the requirement is not fully satisfied.
  • 26. Disadvantages • Many Anonymous routing protocols are available. But it does not detect the active attackers effectively. • Low Throughput in the presence of adversaries. • Heavy Packet Loss • High delay
  • 27. Proposed Work • The route request packets are authenticated by a group signature, to defend the potential active attacks without unveiling the node identities. • The key-encrypted onion routing with a route secret verification message, is designed to prevent intermediate nodes from inferring a real destination.
  • 28. Route Discovery • The source node broadcasts an RREQ packet to every node in the network. • If the destination node receives the RREQ to itself, it will reply an RREP packet back along the incoming path of the RREQ. • In order to protect the anonymity when exchanging the route information, the packet formats are to be redesigned, and modify the related processes.
  • 29. Route Discovery Contd. • Source Node: We assume that S initially knows the information about D, including its pseudonym, public key, and destination string. • The destination string dest is a binary string, which means “You are the destination” and can be recognized by D. • If there is no session key, S will generate a new session key KSD for the association between S and D.
  • 32. Intermediate Node I has already established the neighbor relationship with S and J. I knows where the RREQ packet comes from.
  • 33. Intermediate Node Contd. 1. I receives the RREQ packet, it will verify the packet with its group public key GT+. • I can obtain the packet information. • Otherwise, such an RREQ packet will be marked as malicious and dropped. 2. I checks the Nsq and the timestamp in order to determine whether the packet has been processed before or not. If the Nsq is not known in the routing table, it is a new RREQ request. – If the Nsq exists in the table but with an old timestamp, it has been processed before and will be ignored; – if the Nsq exist with a fresh timestamp, then the RREQ is a repeated request and will be recognized as an attack.
  • 34. Intermediate Node contd • I tries to decrypt the part of VD with its own private key. • In case of decryption failure, I understands that it is not the destination of the RREQ. • I will assemble and broadcast another RREQ packet in the following format: • I → ∗ : [RREQ,Nsq, VD, VSD,Onion(I)]GI−
  • 36. Destination Node • When the RREQ packet reaches D, D validates it similarly to the intermediate nodes I or J. • Since D can decrypt the part of VD, it understands that it is the destination of the RREQ. • D can obtain the session key KSD, the validation nonce Nv, and the validation key Kv. Then D is ready to assemble an RREP packet to reply the S’s route request.
  • 37. Advantages • It gives high anonymity protection • AASR provides higher throughput • Lower packet loss ratio in different mobile scenarios in the presence of adversary attacks. • It also provides better support for the secure communications.