Information Technology Reference
In-Depth Information
inherited from the VHR approach it uses. First, nodes can be hashed to a distant
VHR, leading to increased communication and time complexity, as well as prob-
lems if the VHR of a node cannot be reached. Second, since an Ad Hoc network is
dynamic, it might be difficult to guarantee that at least one position server will be
present in a given Ad Hoc network [
6
].
4.3.16
SGF
In [
21
] Secure Geographic Forwarding (SGF) mechanism was proposed. It provides
source authentication, neighbor authentication, and message integrity. SGF mecha-
nism incorporates both the Hashed Message Authentication Code (MAC) [
32
] and
the Timed Efficient Stream Loss-tolerant Authentication (TESLA) [
33
] with Instant
Key disclosure (TIK) [
34
] protocol. The MAC is computed over the non-mutable
part (e.g., location information of a destination) of unicast messages with the pair-wise
shared secret key between the source and destination. Moreover, they proposed the
usage of a reputation system, LRS, to detect and isolate message tampering and
dropping attackers instead of signing the non-mutable parts of all data and control
messages which may introduce too much overhead. In LRS, each node only needs
to manage the reputation information of its local neighbors and periodically sends
the reputation information report to its neighbors by using the HELLO messages.
The TIK protocol with tight time synchronization is used to authenticate a previous
forwarding node to prevent malicious users from joining a path and to avoid a mes-
sage replay attack. Finally, when the destination receives a message, it can verify
the authenticity of the message by comparing the received MAC to the MAC value
that is computed over the received message with the secret key it shares with the
source node.
In combination with SGF, a Secure Grid Location Service (SGLS) was proposed
by combining SGF with the Grid Location Service (GLS) [
35
] so that any receiver
can verify the correctness of location messages. The general concept of the proposed
SGF can generally be applied to any unicast message of GLS such as location query
and location reply. So the one-hop neighbor's location information can be verified
by using a location verification technique [
36
], and the TIK protocol can be used
for neighbor authentication. TESLA broadcast authentication method is used to
verify the location information of two-hop neighboring nodes.
Although several forwarding strategies exist, they all forward a given message
to only one optimal neighboring node based on their optimization criterion.
Therefore, SGF can be applied to any of these forwarding schemes without any
modification.
Simulation results in [
21
] showed that SGLS can operate efficiently by using
effective cryptographic mechanisms. Results also showed that LRS effectively detects
and isolates message-dropping attackers from the network. On the other hand, their
simulations showed that the average end-to-end delay for SGLS is slightly higher
Search WWH ::
Custom Search