Key Management Towards the Design of Secure, Efficient and Lightweight Framwork for Secure Group Communications in Large Mobile Ad Hoc Network
October 01, 2006
Securing group communications in resource constrained, infrastructure-less environments such as Mobile Ad Hoc Networks (MANETs) is a very challenging research direction in the area of wireless networking and security. This is true as MANETs are emerging as the desired environment for an increasing number of civilian, commercial and military applications, addressing an increasing number of users. Most of these applications are sensitive and require specific security guarantees. The inherent limitations of MANETs impose major difficulties in establishing a suitable secure group communications framework. Key Management (KM) is the operation that enables and supports the secure exchange of data and ensures the capability of members’ secure cooperation as a group. KM protocols provide a common symmetric group key to all group members, and ensure that only legitimate members have access to a valid group key at any instance. Our work focuses on the design of efficient, robust, novel or improved group KM schemes, capable of distributed operation where key infrastructure components are absent or inaccessible, that accomplish the following: (a) better performance than this of existing schemes for similar environments, (b) successfully handle network dynamics and failures, in networks with large number of nodes. Our protocols address Flat or Hierarchical MANETs separately. Our solution for Flat MANETs involves the design of two new Octopus protocols, and the adaptation of the original to MANETs. We introduced algorithms for handling membership changes, disruptions and failures with low overhead for initial key establishment or steady state for all three protocols. In an effort to reduce their suboptimal performance when executed without topological considerations, underlying routing is integrated into the design by the definition of topology oriented communication schedules via lightweight heuristics. In addition, we integrated a lightweight leader election algorithm with the proposed protocols, used Elliptic Curve Cryptography to reduce certain costs further, and investigated the effects of a number of mobility models in the performance of our schemes. For Hierarchical MANETs, we designed a 2-level Hybrid scheme that supports various combinations of protocols to improve metrics of interest. This scheme exploits battlefield diversity, and links key distribution to network topology and nodes’ mobility.