International Association for Cryptologic Research

International Association
for Cryptologic Research

CryptoDB

Paper: Towards Provable Security for Routing Protocols in Mobile ad Hoc Networks

Authors:
Mike Burmester
Breno de Medeiros
Download:
URL: http://eprint.iacr.org/2007/324
Search ePrint
Search Google
Abstract: Mobile ad hoc networks (MANETs) are collections of wireless mobile devices with restricted broadcast range and resources, and no fixed infrastructure. Communication is achieved by relaying data along appropriate routes. Discovering such routes however is a major task, both from an efficiency point of view and from a security point of view. In particular, it is important that the route discovered is not controlled by the adversary. Several route discovery protocols have been proposed in the literature that address the particular requirements of a MANET, but as we demonstrate in this paper their security is still analyzed in weak models and cannot tolerate certain classes of attack. Recently, a security framework tailored to the specific requirements of MANETs was presented and a route discovery algorithm, endairA, was proposed that was ``proven'' secure in this framework. In this paper we show that the security proof for endairA is flawed, and that the proposed route discovery algorithm is vulnerable to a {\em hidden channel} attack. We then analyze the security framework used for route discovery and argue that composability is an essential feature for ubiquitous applications. We conclude by discussing some of the main issues that must be addressed for secure route discovery.
BibTeX
@misc{eprint-2007-13604,
  title={Towards Provable Security for Routing Protocols in Mobile ad Hoc Networks},
  booktitle={IACR Eprint archive},
  keywords={foundations / Provably secure protocols, secure route discovery, universal composability, information hiding},
  url={http://eprint.iacr.org/2007/324},
  note={Submitted to Transactions of Mobile Computing a few weeks ago. burmester@cs.fsu.edu 13746 received 16 Aug 2007, last revised 20 Aug 2007},
  author={Mike Burmester and Breno de Medeiros},
  year=2007
}