Information Technology Reference
In-Depth Information
(SPAAR) [ 5 ], Anonymous On-Demand Position-based Routing in Mobile Ad Hoc
Networks (AODPR) [ 20 ] and Secure Geographic Forwarding (SGF) [ 21 ].
SPAAR uses position information in order to improve the efficiency and security
of mobile Ad Hoc networks. It was designed for protecting position information in
managed-hostile environment where security is a primary concern and it uses
geographical information to make forwarding decisions, resulting in a significant
reduction in the number of routing messages. It uses asymmetric cryptography to
protect against malicious nodes (unauthorized nodes that attempt to disrupt the net-
work) and attempts to minimize the potential for damage of attacks from compromised
nodes (authorized nodes those have been overtaken by an adversary). When a node
sends a multi-hop message, like a route request or a route reply, this message must be
signed with its private key and encrypted with the public key of a neighbor. Every
node can verify that the message was sent by a one-hop neighbor, and the destination
can also verify that the sender is who it claims to be.
SPAAR achieves a high level of security by allowing nodes to only accept routing
messages from one-hop neighbors. This is done to prevent the invisible node attack
and the wormhole attack. To participate in SPAAR, each node requires a public/
private key pair, a certificate binding its identity to its public key (signed by a trusted
certificate server), and the public key of the trusted certificate server. Each node
periodically broadcasts a “table update” message to inform the neighbors of its
new position coordinates and transmission range. Each node maintains a neighbor
table that contains the identity and position information of each verified neighbor,
along with the cryptographic keys required for secure communication with each
neighbor; the used location service is all-for-some.
In addition to the neighbor table, each node maintains another one for the recent
destinations it has communicated with. The tables are very similar, except that the
destination table also contains information about the speed of the node, making it
possible to predict the next position of the node. If this is the source node's first
attempt at communication with a particular destination, the source may not have the
destination's position. In this situation, a location service may be used. If no loca-
tion service is available, a selective flooding algorithm may be used to reach the
destination and receive its position information.
To find a route to a specific destination, the source broadcasts a Route REQuest
(RREQ) encrypted with its group encryption key. An intermediate node checks to
see if it, or any of its neighbors, is closer to destination and it forwards the RREQ,
else the RREQ is dropped. Intermediate nodes record in their route cache the
address of the neighbor from which they received the RREQ, thereby establishing
a reverse path. This process is repeated until the destination is reached. Upon
receiving an RREQ, the destination constructs a Route REPly (RREP) signed with
its private key and encrypted with the public key of the neighbor it received the
RREQ from. The RREP propagates along the reverse path of the RREQ, being
verified at each hop.
The fact that SPAAR makes use of geographic routing helps in reducing the
overall overhead. It is also very efficient when talking about security issues; however,
it requires double processing time, since it uses asymmetric cryptography, not
Search WWH ::




Custom Search