Citation Context

...ol, on the other hand, nodes exchange routing information only when needed, with a node attempting to discover a route to some destination only when it has a packet to send to that destination (e.g., =-=[20, 30, 32]-=-). In addition, some ad hoc network routing protocols are hybrids of periodic and ondemand mechanisms (e.g., [12]). Proceedings of the Fourth IEEE Workshop on Mobile Computing Systems and Applications...

Citation Context

...well as physical radio propagation effects such as signal strength, interference, capture effect, and wireless propagation delay. Our propagation model is based on the two-ray ground reflection model =-=[38]-=-. The simulator also includes an accurate model of the IEEE 802.11 Distributed Coordination Function (DCF) wireless MAC protocol [18]. In our simulations, nodes moved according to the random waypoint ...

Citation Context

... In a periodic (or proactive) routing protocol, nodes periodically exchange routing information with other nodes in an attempt to have each node always know a current route to all destinations (e.g., =-=[4, 5, 8, 10, 21, 28, 31]-=-). In an on-demand (or reactive) protocol, on the other hand, nodes exchange routing information only when needed, with a node attempting to discover a route to some destination only when it has a pac...

Citation Context

...ation suggests that the receipt of a new sequence number also should cause a triggered update. The latter interpretation has been shown to outperform the former in detailed ad hoc network simulations =-=[6, 19]-=- and is referred to as DSDV-SQ (for sequence number) to distinguish it from the interpretation based only on metrics. 3. Assumptions As a matter of terminology in this paper, we use the acronym “MAC” ...

Citation Context

...ol, on the other hand, nodes exchange routing information only when needed, with a node attempting to discover a route to some destination only when it has a packet to send to that destination (e.g., =-=[20, 30, 32]-=-). In addition, some ad hoc network routing protocols are hybrids of periodic and ondemand mechanisms (e.g., [12]). Proceedings of the Fourth IEEE Workshop on Mobile Computing Systems and Applications...

Citation Context

...rtificates without relying on a trusted public key infrastructure [17]. Alternatively, a trusted node can securely distribute an authenticated hash chain element using only symmetric-key cryptography =-=[16, 36]-=- or non-cryptographic approaches [42]. Since in SEAD, a node uses elements from its one-way hash chain in groups of m (Section 5.2), we assume that a node generates its hash chain so that n is divisib...

Citation Context

...ot prevent a node from advertising a route that does not actually exist. Several researchers have proposed the use of asymmetric cryptography to secure both wired and ad hoc network routing protocols =-=[9, 22, 33, 43, 44]-=-. However, when the nodes in an ad hoc network are unable to verify asymmetric signatures quickly enough, these protocols may not be suitable and may create Denial-of-Service (DoS) attacks; these prot...

Citation Context

...onally infeasible in general to invert. A more formal definition of one-way hash functions is provided by Goldwasser and Bellare [11], and a number of such functions have been proposed, including MD5 =-=[40]-=- and SHA-1 [29]. To create a one-way hash chain, a node chooses a random initial value x ∈{0,1} ρ and computes the list of values h0, h1, h2, h3, ..., hn where h0 = x, andhi = H(hi−1) for 0 < i ≤ n, f...

Citation Context

...rtificates without relying on a trusted public key infrastructure [17]. Alternatively, a trusted node can securely distribute an authenticated hash chain element using only symmetric-key cryptography =-=[16, 36]-=- or non-cryptographic approaches [42]. Since in SEAD, a node uses elements from its one-way hash chain in groups of m (Section 5.2), we assume that a node generates its hash chain so that n is divisib...

Citation Context

...ublic key infrastructure [17]. Alternatively, a trusted node can securely distribute an authenticated hash chain element using only symmetric-key cryptography [16, 36] or non-cryptographic approaches =-=[42]-=-. Since in SEAD, a node uses elements from its one-way hash chain in groups of m (Section 5.2), we assume that a node generates its hash chain so that n is divisible by m. When a node first enters the...

Citation Context

... this paper. Use of spread spectrum has been studied for securing the physical layer against jamming [37]. MAC protocols that do not employ some form of carrier sense, such as ALOHA and Slotted ALOHA =-=[1]-=-, are less vulnerable to Denial-of-Service attacks, although they generally use the channel less efficiently. We assume that the wireless network may drop, corrupt, duplicate, or reorder packets. We a...

Citation Context

...ent by a node. We assume that nodes in the ad hoc network may be resource constrained. Thus, in securing our distance vector ad hoc network routing protocol SEAD, we use efficient one-way hash chains =-=[24]-=- rather than relying on expensive asymmetric cryptographic operations. Especially on CPUlimited devices, symmetric cryptographic operations (such as block ciphers and hash functions) are three to four...

Citation Context

... In a periodic (or proactive) routing protocol, nodes periodically exchange routing information with other nodes in an attempt to have each node always know a current route to all destinations (e.g., =-=[4, 5, 8, 10, 21, 28, 31]-=-). In an on-demand (or reactive) protocol, on the other hand, nodes exchange routing information only when needed, with a node attempting to discover a route to some destination only when it has a pac...

Citation Context

...ot prevent a node from advertising a route that does not actually exist. Several researchers have proposed the use of asymmetric cryptography to secure both wired and ad hoc network routing protocols =-=[9, 22, 33, 43, 44]-=-. However, when the nodes in an ad hoc network are unable to verify asymmetric signatures quickly enough, these protocols may not be suitable and may create Denial-of-Service (DoS) attacks; these prot...

Citation Context

... In a periodic (or proactive) routing protocol, nodes periodically exchange routing information with other nodes in an attempt to have each node always know a current route to all destinations (e.g., =-=[4, 5, 8, 10, 21, 28, 31]-=-). In an on-demand (or reactive) protocol, on the other hand, nodes exchange routing information only when needed, with a node attempting to discover a route to some destination only when it has a pac...

Citation Context

...ation suggests that the receipt of a new sequence number also should cause a triggered update. The latter interpretation has been shown to outperform the former in detailed ad hoc network simulations =-=[6, 19]-=- and is referred to as DSDV-SQ (for sequence number) to distinguish it from the interpretation based only on metrics. 3. Assumptions As a matter of terminology in this paper, we use the acronym “MAC” ...

Citation Context

... some destination only when it has a packet to send to that destination (e.g., [20, 30, 32]). In addition, some ad hoc network routing protocols are hybrids of periodic and ondemand mechanisms (e.g., =-=[12]-=-). Proceedings of the Fourth IEEE Workshop on Mobile Computing Systems and Applications (WMCSA’02) 0-7695-1647-5/02 $17.00 © 2002 IEEEEach style of ad hoc network routing protocol has advantages and ...

Citation Context

... In a periodic (or proactive) routing protocol, nodes periodically exchange routing information with other nodes in an attempt to have each node always know a current route to all destinations (e.g., =-=[4, 5, 8, 10, 21, 28, 31]-=-). In an on-demand (or reactive) protocol, on the other hand, nodes exchange routing information only when needed, with a node attempting to discover a route to some destination only when it has a pac...

Citation Context

...ce of each routing update message in SEAD must also be authenticated, since otherwise, an attacker may be able to create routing loops. Any efficient broadcast authentication mechanism, such as TESLA =-=[34]-=-, HORS [39], or TIK [35], can be used to authenticate the neighbor. The drawbacks of these approaches are that they require synchronized clocks, and that they incur either an authentication delay or a...

Citation Context

...ot prevent a node from advertising a route that does not actually exist. Several researchers have proposed the use of asymmetric cryptography to secure both wired and ad hoc network routing protocols =-=[9, 22, 33, 43, 44]-=-. However, when the nodes in an ad hoc network are unable to verify asymmetric signatures quickly enough, these protocols may not be suitable and may create Denial-of-Service (DoS) attacks; these prot...

Citation Context

...sy to implement, require relatively little memory or CPU processing capacity compared to other types of routing protocols, and are widely used in networks of moderate size within the (wired) Internet =-=[14, 25, 26]-=-. A number of proposed periodic ad hoc network routing protocols are based on adapting the basic distance vector routing protocol design for use in mobile wireless ad hoc networks, including PRNET [21...

Citation Context

...chniques do not apply well in an ad hoc network since they require knowledge of which links are possible, whereas in an ad hoc network, any pair of nodes could be within range and form a link. Zapata =-=[43]-=- proposes security extensions to AODV, using a new one-way hash chain for each Route Discovery to secure the metric field in an RREQ packet. Our protocol uses a single hash chain for a node’s routing ...

Citation Context

...ange to avoid collisions [18]. Network physical layer and MAC layer attacks are beyond the scope of this paper. Use of spread spectrum has been studied for securing the physical layer against jamming =-=[37]-=-. MAC protocols that do not employ some form of carrier sense, such as ALOHA and Slotted ALOHA [1], are less vulnerable to Denial-of-Service attacks, although they generally use the channel less effic...

Citation Context

...ot prevent a node from advertising a route that does not actually exist. Several researchers have proposed the use of asymmetric cryptography to secure both wired and ad hoc network routing protocols =-=[9, 22, 33, 43, 44]-=-. However, when the nodes in an ad hoc network are unable to verify asymmetric signatures quickly enough, these protocols may not be suitable and may create Denial-of-Service (DoS) attacks; these prot...

Citation Context

...rify that the the incoming network interface is the expected interface and that the IP TTL of the packet is 255. In a wireless network, this technique cannot be used. Heffernan [15] and Basagni et al =-=[3]-=- use shared keys to secure routing communication, which is vulnerable to some single-node compromises. Perrig et al [36] use symmetric primitives to secure routing only between nodes and a trusted bas...

Citation Context

... In a periodic (or proactive) routing protocol, nodes periodically exchange routing information with other nodes in an attempt to have each node always know a current route to all destinations (e.g., =-=[4, 5, 8, 10, 21, 28, 31]-=-). In an on-demand (or reactive) protocol, on the other hand, nodes exchange routing information only when needed, with a node attempting to discover a route to some destination only when it has a pac...

Citation Context

... and a trusted base station. As mentioned in Section 3, some researchers have explored the establishment of trust relationships and authenticated keys in ad hoc networks [16, 17, 36, 42]. Marti et al =-=[27]-=- consider the problem of detecting intermediate nodes that do not forward packets. However, their scheme is limited to certain types of network Medium Access Control layers and may trigger false alarm...

Citation Context

...y enough, these protocols may not be suitable and may create Denial-of-Service (DoS) attacks; these protocols also generally require more network bandwidth than does SEAD with its hash values. Cheung =-=[7]-=- and Hauser et al [13] describe symmetric-key approaches to the authentication of updates in link state protocols, but neither work discusses the mechanisms for detecting the status of these links. In...

Citation Context

...routing update message in SEAD must also be authenticated, since otherwise, an attacker may be able to create routing loops. Any efficient broadcast authentication mechanism, such as TESLA [34], HORS =-=[39]-=-, or TIK [35], can be used to authenticate the neighbor. The drawbacks of these approaches are that they require synchronized clocks, and that they incur either an authentication delay or a relatively...

Citation Context

...andom x, generate a new hash chain from this x, and send the new generated hn value to a trusted entity or an alternative authentication and distribution service, as described above. 4. Attacks Kumar =-=[23]-=- and Smith et al [41] discuss attacks against distance vector routing protocols. In addition, in prior work we presented some attacks against ad hoc network routing protocols [16]. In this section, we...

Citation Context

...cols may not be suitable and may create Denial-of-Service (DoS) attacks; these protocols also generally require more network bandwidth than does SEAD with its hash values. Cheung [7] and Hauser et al =-=[13]-=- describe symmetric-key approaches to the authentication of updates in link state protocols, but neither work discusses the mechanisms for detecting the status of these links. In wired networks, a com...

Citation Context

...ew hash chain from this x, and send the new generated hn value to a trusted entity or an alternative authentication and distribution service, as described above. 4. Attacks Kumar [23] and Smith et al =-=[41]-=- discuss attacks against distance vector routing protocols. In addition, in prior work we presented some attacks against ad hoc network routing protocols [16]. In this section, we summarize relevant a...

Citation Context

...by short circuiting the normal flow of routing packets, and the attackers may also create a virtual vertex cut of nodes in the network that they control. We describe the wormhole attack and solutions =-=[35]-=- and we give more details on the vertex cut and other attackers [16] elsewhere. An attacker may be a compromised node. If so, it will have access to all cryptographic keys of that compromised node, an...

Citation Context

... In a periodic (or proactive) routing protocol, nodes periodically exchange routing information with other nodes in an attempt to have each node always know a current route to all destinations (e.g., =-=[4, 5, 8, 10, 21, 28, 31]-=-). In an on-demand (or reactive) protocol, on the other hand, nodes exchange routing information only when needed, with a node attempting to discover a route to some destination only when it has a pac...