Security for the Optimized Link- State Routing Protocol for Wireless Ad Hoc Networks Stephen...
-
Upload
thomas-brown -
Category
Documents
-
view
219 -
download
2
Transcript of Security for the Optimized Link- State Routing Protocol for Wireless Ad Hoc Networks Stephen...
![Page 1: Security for the Optimized Link- State Routing Protocol for Wireless Ad Hoc Networks Stephen Asherson Computer Science MSc Student DNA Lab 1.](https://reader036.fdocuments.net/reader036/viewer/2022062517/56649e845503460f94b8652f/html5/thumbnails/1.jpg)
Security for the Optimized Link-State Routing Protocol for Wireless Ad Hoc Networks
Stephen AshersonComputer ScienceMSc StudentDNA Lab
1
![Page 2: Security for the Optimized Link- State Routing Protocol for Wireless Ad Hoc Networks Stephen Asherson Computer Science MSc Student DNA Lab 1.](https://reader036.fdocuments.net/reader036/viewer/2022062517/56649e845503460f94b8652f/html5/thumbnails/2.jpg)
Outline Wireless Ad hoc Networks Wireless Ad hoc Routing Protocols
OLSR Routing Protocol Security of Wireless Networks Security of Ad hoc Routing Protocols MSc Project
Security for the OLSR Routing Protocol Implementation and Testing
2
![Page 3: Security for the Optimized Link- State Routing Protocol for Wireless Ad Hoc Networks Stephen Asherson Computer Science MSc Student DNA Lab 1.](https://reader036.fdocuments.net/reader036/viewer/2022062517/56649e845503460f94b8652f/html5/thumbnails/3.jpg)
Wireless Ad hoc Networks(1) Conventional wireless networks consist of
wireless clients talking to an Access Point (AP)
Wireless Ad hoc networks are decentralised Dynamic, nodes can join and leave at any time Nodes communicate directly with other nodes in
wireless range Out-of-range nodes are reached via intermediate
nodes in a multi-hop nature
3
![Page 4: Security for the Optimized Link- State Routing Protocol for Wireless Ad Hoc Networks Stephen Asherson Computer Science MSc Student DNA Lab 1.](https://reader036.fdocuments.net/reader036/viewer/2022062517/56649e845503460f94b8652f/html5/thumbnails/4.jpg)
Wireless Ad hoc Networks(2)
Regular Wireless Network Wireless Ad hoc Network
4
![Page 5: Security for the Optimized Link- State Routing Protocol for Wireless Ad Hoc Networks Stephen Asherson Computer Science MSc Student DNA Lab 1.](https://reader036.fdocuments.net/reader036/viewer/2022062517/56649e845503460f94b8652f/html5/thumbnails/5.jpg)
Wireless Ad hoc Networks(3)
If node A needs to reach node B, how does A know which path leads to B? This is the responsibility
of an Ad hoc Routing Protocol
5
![Page 6: Security for the Optimized Link- State Routing Protocol for Wireless Ad Hoc Networks Stephen Asherson Computer Science MSc Student DNA Lab 1.](https://reader036.fdocuments.net/reader036/viewer/2022062517/56649e845503460f94b8652f/html5/thumbnails/6.jpg)
Wireless Ad hoc Routing Protocols(1)
Nodes out of range communicate via intermediate nodes Serve as routers Perform data forwarding
Several routes may exist between any two nodes
A simple data multicast approach would work Highly inefficient Waste of network resources
6
![Page 7: Security for the Optimized Link- State Routing Protocol for Wireless Ad Hoc Networks Stephen Asherson Computer Science MSc Student DNA Lab 1.](https://reader036.fdocuments.net/reader036/viewer/2022062517/56649e845503460f94b8652f/html5/thumbnails/7.jpg)
Wireless Ad hoc Routing Protocols(2)
Ad hoc routing protocols attempt to discover optimal routes to all nodes
There is a large classification of wireless ad hoc routing protocols
Classified in two main categories Table-Driven (Proactive) On-Demand (Reactive)
7
![Page 8: Security for the Optimized Link- State Routing Protocol for Wireless Ad Hoc Networks Stephen Asherson Computer Science MSc Student DNA Lab 1.](https://reader036.fdocuments.net/reader036/viewer/2022062517/56649e845503460f94b8652f/html5/thumbnails/8.jpg)
Wireless Ad hoc Routing Protocols(3)
Proactive Protocols Rely on constant communications with other
nodes to maintain an overview of networks routes
High overhead; Readily available routes
Reactive Protocols Initiate route discovery only when a route to
a node is required More efficient; Delay in establishing route
8
![Page 9: Security for the Optimized Link- State Routing Protocol for Wireless Ad Hoc Networks Stephen Asherson Computer Science MSc Student DNA Lab 1.](https://reader036.fdocuments.net/reader036/viewer/2022062517/56649e845503460f94b8652f/html5/thumbnails/9.jpg)
The OLSR Routing Protocol(1)
The Optimized Link-State Routing (OLSR) protocol is a proactive routing protocol for wireless ad hoc networks
OLSR consists of the following main tasks: Link and Neighbour detection Multi-Point Relay Selection Topology information diffusion
9
![Page 10: Security for the Optimized Link- State Routing Protocol for Wireless Ad Hoc Networks Stephen Asherson Computer Science MSc Student DNA Lab 1.](https://reader036.fdocuments.net/reader036/viewer/2022062517/56649e845503460f94b8652f/html5/thumbnails/10.jpg)
The OLSR Routing Protocol(2) Link and neighbour
detection through periodic emission of “Hello” messages
Topology information is diffused using topology control (TC) messages via multi-point relay nodes
10
![Page 11: Security for the Optimized Link- State Routing Protocol for Wireless Ad Hoc Networks Stephen Asherson Computer Science MSc Student DNA Lab 1.](https://reader036.fdocuments.net/reader036/viewer/2022062517/56649e845503460f94b8652f/html5/thumbnails/11.jpg)
The OLSR Routing Protocol(3)
Generic Packet Format
11
![Page 12: Security for the Optimized Link- State Routing Protocol for Wireless Ad Hoc Networks Stephen Asherson Computer Science MSc Student DNA Lab 1.](https://reader036.fdocuments.net/reader036/viewer/2022062517/56649e845503460f94b8652f/html5/thumbnails/12.jpg)
The OLSR Routing Protocol(4) Messages are processed and transmitted from
source to destination independently of one another
The generic OLSR packet is simply a point-to-point carrier for the messages between two immediate neighbours
12
![Page 13: Security for the Optimized Link- State Routing Protocol for Wireless Ad Hoc Networks Stephen Asherson Computer Science MSc Student DNA Lab 1.](https://reader036.fdocuments.net/reader036/viewer/2022062517/56649e845503460f94b8652f/html5/thumbnails/13.jpg)
Security in Wireless Networks(1)
Wireless networks are highly vulnerable due to the open nature of the technology
Authenticity, confidentiality, and integrity mechanisms are essential Eavesdropping Spoofing Data modification
13
![Page 14: Security for the Optimized Link- State Routing Protocol for Wireless Ad Hoc Networks Stephen Asherson Computer Science MSc Student DNA Lab 1.](https://reader036.fdocuments.net/reader036/viewer/2022062517/56649e845503460f94b8652f/html5/thumbnails/14.jpg)
Security in Wireless Networks(2)
The IEEE 802.11i standard is a security amendment for the IEEE 802.11 wireless standard
IEEE 802.11i specifies the security mechanisms offered in the Medium Access Control (MAC) layer Point-to-point security association between
two entities
14
![Page 15: Security for the Optimized Link- State Routing Protocol for Wireless Ad Hoc Networks Stephen Asherson Computer Science MSc Student DNA Lab 1.](https://reader036.fdocuments.net/reader036/viewer/2022062517/56649e845503460f94b8652f/html5/thumbnails/15.jpg)
Security in Wireless Networks(3)
In a multi-hop environment, MAC layer security is not enough
End to end security may require security mechanisms employed higher up in the stack
15
![Page 16: Security for the Optimized Link- State Routing Protocol for Wireless Ad Hoc Networks Stephen Asherson Computer Science MSc Student DNA Lab 1.](https://reader036.fdocuments.net/reader036/viewer/2022062517/56649e845503460f94b8652f/html5/thumbnails/16.jpg)
Security in Wireless Networks(4)
16
![Page 17: Security for the Optimized Link- State Routing Protocol for Wireless Ad Hoc Networks Stephen Asherson Computer Science MSc Student DNA Lab 1.](https://reader036.fdocuments.net/reader036/viewer/2022062517/56649e845503460f94b8652f/html5/thumbnails/17.jpg)
Security of Ad hoc Routing Protocols(1)
Ad hoc routing protocols are generally designed with efficiency as a priority Security adds overhead Security is often neglected in the initial
design
There is an implicit assumption that nodes are trustworthy
17
![Page 18: Security for the Optimized Link- State Routing Protocol for Wireless Ad Hoc Networks Stephen Asherson Computer Science MSc Student DNA Lab 1.](https://reader036.fdocuments.net/reader036/viewer/2022062517/56649e845503460f94b8652f/html5/thumbnails/18.jpg)
Security in the OLSR Protocol(1)
The project aim Incorporate end to end security mechanisms
for each control message Authentication Integrity Replay protection – timestamps Mutable field protection
Optional encryption/decryption of OLSR packets between neighbouring points
18
![Page 19: Security for the Optimized Link- State Routing Protocol for Wireless Ad Hoc Networks Stephen Asherson Computer Science MSc Student DNA Lab 1.](https://reader036.fdocuments.net/reader036/viewer/2022062517/56649e845503460f94b8652f/html5/thumbnails/19.jpg)
Security in the OLSR Protocol(2)
Application level security
19
![Page 20: Security for the Optimized Link- State Routing Protocol for Wireless Ad Hoc Networks Stephen Asherson Computer Science MSc Student DNA Lab 1.](https://reader036.fdocuments.net/reader036/viewer/2022062517/56649e845503460f94b8652f/html5/thumbnails/20.jpg)
Security in the OLSR Protocol(3)
Security-aware OLSR control message
20
![Page 21: Security for the Optimized Link- State Routing Protocol for Wireless Ad Hoc Networks Stephen Asherson Computer Science MSc Student DNA Lab 1.](https://reader036.fdocuments.net/reader036/viewer/2022062517/56649e845503460f94b8652f/html5/thumbnails/21.jpg)
Signature Schemes
Two signature schemes have been used in the implementation Shamir’s Identity-based scheme One-time Signature scheme known as Hash
to Obtain Random Subset(HORS)
Aim was to perform a comparison of the two schemes when used to sign OLSR messages
21
![Page 22: Security for the Optimized Link- State Routing Protocol for Wireless Ad Hoc Networks Stephen Asherson Computer Science MSc Student DNA Lab 1.](https://reader036.fdocuments.net/reader036/viewer/2022062517/56649e845503460f94b8652f/html5/thumbnails/22.jpg)
Shamir’s Identity-based scheme
Based on RSA public key system Like RSA, is computationally expensive A user’s public key is derived from public
knowledge of the user, such as it’s IP address or email address
Prevents the need for public key distribution amongst nodes
22
![Page 23: Security for the Optimized Link- State Routing Protocol for Wireless Ad Hoc Networks Stephen Asherson Computer Science MSc Student DNA Lab 1.](https://reader036.fdocuments.net/reader036/viewer/2022062517/56649e845503460f94b8652f/html5/thumbnails/23.jpg)
Hash To Obtain Random Subset(HORS) one-time signature scheme
Based on the use of one-way functions Fast and efficient signature creation and
verification Public/Private key pair limited to a few
signatures Large key and signature sizes Public key distribution complexities
23
![Page 24: Security for the Optimized Link- State Routing Protocol for Wireless Ad Hoc Networks Stephen Asherson Computer Science MSc Student DNA Lab 1.](https://reader036.fdocuments.net/reader036/viewer/2022062517/56649e845503460f94b8652f/html5/thumbnails/24.jpg)
Implementation and Testing
Signature schemes and security extension implemented in C OLSRd implementation from www.olsr.org
Test the overhead incurred by the security Traffic, delay, and processing overhead Delay in route establishment
Testing will be done on 10 node indoor wireless testbed
24
![Page 25: Security for the Optimized Link- State Routing Protocol for Wireless Ad Hoc Networks Stephen Asherson Computer Science MSc Student DNA Lab 1.](https://reader036.fdocuments.net/reader036/viewer/2022062517/56649e845503460f94b8652f/html5/thumbnails/25.jpg)
The End
Thank you!
25