Our security protocol derives inspiration from the MIT-Kerberos authentication scheme in which a client who wants to communicate with some service server, needs a session key and ticket for that particular session. The principles of key distribution is used to provide authentication. Security of transmitted data is achieved using encryption and decryption algorithms. Here we propose to use the RSA algorithm to generate the public and private keys for each session inorder to fulfil the needs of secure transmission. In this project, we aim at developing a security protocol independent of the routing protocol for Mobile Adhoc Networks with added infrastructure to facilitate the key distribution. Here, apart from the issues in traditional wired networks, we take into consideration few more criteria like mobility of the nodes and increased vulnerability to attacks by malicious intruders owing to a single communication channel. The work described achieves secure initial contact between the mobile node and Key Distribution Center. Another achievement of the proposed protocol is that the mobile nodes paying for security are assigned authentication keys dynamically thus, overcoming the problems associated with static passwords in traditional schemes. For this purpose we use Artificial Intelligence puzzles to provide improved authentication. 1.

In this paper we present a novel architecture to protect the location and the identification of a mobile user. This architecture, called “Share the Secret-STS”, simply divides the secret i.e., the location of a user, and uses totally un-trusted entities to distribute portions of this anonymous location information. STS avoids cryptography methods. As a lightweight scheme it can be applied to network of nodes illustrating low processing and computational power, such as nodes of an ad-hoc network and sensors. 1.

We describe and evaluate options for providing anonymous IP service, argue for the further investigation of local anonymity, and sketch a framework for the implementation of locally anonymous networks. 1 Introduction Anonymity is not the same as confidentiality. Existing systems such as IPSEC can ably protect the contents of IP-based communication [Atk95, Pos81b], making it impractical for network eavesdroppers to deduce the purpose of observed traffic. However, the fact of the traffic itself is not hidden; the sender and receiver of each packet is clearly visible in the packet headers even when the packet is end-to-end encrypted. Such information should sometimes be protected as well. Suppose that Alice, the CEO of Apricot, decides to buy out the publicly-traded firm Banananon. When other Apricot officers learn of the plans, the subsequent flurry of connections from the executive suite to the Banananon's web site could betray Alice's intent. If Alice's network administrator Eve react...

SECURITY IN WIRELESS NETWORKS. (December 2001) Baranidharan Raman, B.E., University of Madras

IP network that provides privacy protection by hiding the user’s real IP addresses, email addresses, and other personal identifying information from communication partners and eavesdroppers. The following paper describes a set of protocol extensions to the Freedom System architecture to permit a mobile node to seamlessly roam among IP subnetworks and media types while remaining untraceable and pseudonymous. These extensions make it possible to support transparency above the IP layer, including the maintenance of active TCP connections and UDP port bindings in the same way that MobileIPv4 does but with the addition that the home and foreign network are unlinkable. We call this extension the Flying Freedom System. I.

Systems that provide network traffic anonymity typically focus on wide-area network topologies, and exploit the infeasibility of eavesdropping on all links to prevent attackers from determining communication peers. This approach is inappropriate for high-security wireless localarea networks, since it does not obscure the traffic volume, allowing attackers to identify critical nodes (e.g., a military HQ) and, given the ability of an attacker to obtain a global view of all communications, the relative ease of identifying the source and destination of traffic flows. These weaknesses derive from the fact that, whereas in wide-area networks the sender, the receiver and the adversary are on different physical links, in wireless networks they may share a single broadcast link. Moreover, the adversary can easily find the physical location of the transmitter and thereby identify the entity sending the traffic, not just its network identity. We introduce Wireless Anonymous Routing (war), an approach to achieve anonymity in a broadcast network. We describe a formal threat model for war and compare it to the traditional anonymity approaches. We show that these are inadequate when applied to the broadcast model, and describe new protocols that preserve security with better performance, adequately addressing the requirements of security-critical environments. We provide analytical and some preliminary experimental evidence that our protocols achieve anonymity at a reasonable cost.

We imagine the future with ubiquitous software agents, intelligently assisting people in their daily lives. We think that very important property of these agents is their ability to autonomously move from one device to another (mobility). Mobile agents proved many advantages but the major obstacle to their widespread adoption are problems related to their security. Thus continuous work on improving security of the agents must be conducted. This is where we concentrated our research effort. As the result we can propose an architecture supporting anonymity of agent owners. In this paper we concentrate on its core module – the infrastructure of untraceability protocol, which we implemented as a JADE add-on and shared with JADE community. 1

Abstract not found