Most recent ad hoc network research has focused on providing routing services without considering security. In this paper, we detail security threats against ad hoc routing protocols, specifically examining AODV and DSR. In light of these threats, we identify three different environments with distinct security requirements. We propose a solution to one, the managed-open scenario where no network infrastructure is pre-deployed, but a small amount of prior security coordination is expected. Our protocol, ARAN, is based on certificates and successfully defeats all identified attacks.

We introduce TinySec, the first fully-implemented link layer security architecture for wireless sensor networks. In our design, we leverage recent lessons learned from design vulnerabilities in security protocols for other wireless networks such as 802.11b and GSM. Conventional security protocols tend to be conservative in their security guarantees, typically adding 16--32 bytes of overhead. With small memories, weak processors, limited energy, and 30 byte packets, sensor networks cannot afford this luxury. TinySec addresses these extreme resource constraints with careful design; we explore the tradeoffs among different cryptographic primitives and use the inherent sensor network limitations to our advantage when choosing parameters to find a sweet spot for security, packet overhead, and resource requirements. TinySec is portable to a variety of hardware and radio platforms. Our experimental results on a 36 node distributed sensor network application clearly demonstrate that software based link layer protocols are feasible and efficient, adding less than 10% energy, latency, and bandwidth overhead.

In this paper we address the problem of secure communication and authentication in ad-hoc wireless networks. This is a difficult problem, as it involves bootstrapping trust between strangers. We present a user-friendly solution, which provides secure authentication using almost any established public-key-based key exchange protocol, as well as inexpensive hash-based alternatives. In our approach, devices exchange a limited amount of public information over a privileged side channel, which will then allow them to complete an authenticated key exchange protocol over the wireless link. Our solution does not require a public key infrastructure, is secure against passive attacks on the privileged side channel and all attacks on the wireless link, and directly captures users' intuitions that they want to talk to a particular previously unknown device in their physical proximity. We have implemented our system in Java for a variety of different devices, communication media, and key exchange protocols.

The recent proliferation of wireless local area networks (WLAN) has introduced new location privacy risks. An adversary controlling several access points could triangulate a client’s position. In addition, interface identifiers uniquely identify each client, allowing tracking of location over time. We enhance location privacy through frequent disposal of a client’s interface identifier. The described system curbs the adversary’s ability to continuously track a client’s position. Design challenges include selecting new interface identifiers, detecting address collisions at the MAC layer, and timing identifier switches to balance network disruptions against privacy protection. Using a modified authentication protocol, network operators can still control access to their network. An analysis of a public WLAN usage trace shows that disposing addresses before reassociation already yields significant privacy improvements.

This paper considers the problem of using wireless LAN locationsensing for security applications. Recently, Bayesian methods have been successfully used to determine location from wireless LAN signals, but such methods have the drawback that a model must first be built from training data. The introduction of model error can drastically reduce the robustness of the location estimates and such errors can be actively induced by malicious users intent on hiding their location. This paper provides a technique for increasing robustness in the face of model error and experimentally validates this technique by testing against unmodeled hardware, modulation of power levels, and the placement of devices outside the trained workspace. Our results have interesting ramifications for location privacy in wireless networks.

The 802.11 encryption standard Wired Equivalent Privacy (WEP) is still widely used today despite the numerous discussions on its insecurity. In this paper, we present a novel vulnerability which allows an attacker to send arbitrary data on a WEP network after having eavesdropped a single data packet. Furthermore, we present techniques for real-time decryption of data packets, which may be used under common circumstances. Vendor produced mitigation techniques which cause frequent WEP re-keying prevent traditional attacks, whereas our attack remains effective even in such scenarios. We implemented a fully automatic version of this attack which demonstrates its practicality and feasibility in real networks. As even rapidly re-keyed networks can be quickly compromised, we believe WEP must now be abandoned rather than patched yet again. 1.

this article. Problems With WEP WEP has several serious inherent problems. It does not meet its fundamental goals of wired-equivalent confidentiality. It also fails to meet the expected goals for integrity and authentication

In the EYES project (http://eyes.eu.org), we are investigating self-organizing, collaborative, energy-efficient sensor networks. This study is devoted to the security aspects of the project. Our contribution is three-fold: firstly, we present a survey, where we discuss the dominant issues of energy-security trade-off in the network protocol and key management design space. From there we set out future research directions for our security framework. Secondly, we propose an assessment framework based on system profile, with which we have managed to carve out manageable design spaces from the seemingly infinite possibilities of ad hoc mobile wireless networks. Finally, we have benchmarked some well-known cryptographic algorithms in search for the best compromise in security and energy-efficiency, on a typical sensor node. Our preliminary investigations also cover an important parameter in the design space: the resource requirements of the symmetric key algorithms RC5 and TEA.

As WEP has been shown to be vulnerable to multiple attacks, a huge effort has been placed on specifyin an access con trol mechan ism to be usedin wirelessin stallation s. However, properties of the wireless environment have been exploited to perform multiple DoS attacks against current solution s, such as 802.11/802.1X. In this paper we discuss the main wireless idiosyncrasies and then eed for taking them into account when design n an access control mechanism that can eusedin othwireless and wired networks. We present the design of a mobility-aware access control mechanism suitable for both wireless and wired environments and show how the DoS attacks discussed can be prevented by implementing secure association and other essential services. The architecture proposed here, composed of the SIAP and SLAP protocols, uses public keys together with the RSA and AES encryption algorithms to provide a flexible service.

As more criminals use encryption to conceal incriminating evidence, forensic examiners require practical methods for recovering some or all of the encrypted data. This paper presents lessons learned from investigations involving encryption in various contexts. By presenting successful and unsuccessful case examples, this paper gives forensic examiners a clearer understanding of the feasibility and limitations of various approaches to dealing with encryption. Additionally, by demonstrating how encryption has been successfully dealt with in past investigations, this paper provides examiners with techniques that we can apply in our work and encourages us to aggressively confront encryption. 1.0