Transcript Document

Routing Security in
Ad Hoc Networks
Justin Lomheim
Shirshanka Das
Outline
Ad Hoc Networks
 DSR Review
 AODV Review
 Specific Attacks on DSR and AODV
 ARAN Protocol (e.g. secure AODV)
 Questions
 References

Ad Hoc Networks







infrastructureless
dynamic topologies (in mobile ad hoc nets)
variable capacity, limited bandwidth links
energy constrained operation
unicast, multicast, broadcast traffic
physical security considerations
currently AODV & DSR routing under
consideration for IETF MANET specification
Ad Hoc On Demand Distance
Vector (AODV) Review
distance vector algorithm using sequence
numbers for updates (based on DSDV)
 generates routes on-demand, reducing
total number of broadcasts required
 classified as a pure on-demand scheme,
since nodes not involved in routing do not
maintain routing info or participate in table
exchanges

Dynamic Source Routing (DSR)
Review




on-demand protocol based upon source routing
designed for scenarios where only a few source
nodes flow to a few destination nodes
source and destination nodes gather routing info
into caches, through exchange of flooded query
and reply packets with full routing information
once discovered, routes are as needed until they
fail due to lost message transmissions
AODV and DSR Route Discovery
RREQ
RREQ
No Route
To D !!
RREQ
RREP
RREP
RREP
S
RREP
RREQ
RREP
RREQ
I
Cache Hit !!
D
AODV Link Failure Mgmt



infinite metric assigned to broken links
if a node along a route moves, its upstream
neighbor detects it and forwards a notification
message (RREQ w/ infinite metric)
link breakage triggers notification back to users
of formerly active links until source is reached,
which may then re-initiate route discovery.
AODV versus DSR
Both use a similar mechanism of RREP ,
RREQ and route caching
 AODV : maintains DV type next hop
forwarding tables
 DSR : relies on source routing

Specific Attacks on AODV & DSR

modification






impersonation
fabrication




sequence numbers
hop counts
source routes
tunneling
error messages
source routes (cache poisoning)
DoS
trivial DoS*
Modification of Sequence Numbers

In AODV
a
malicious node may divert traffic through
itself by advertising a route (via a RREP) with
a much higher sequence number than actual
RREP
Modification of Hop Counts

In AODV
 since
routing decisions can involve hop count
metric, a malicious node can request the hop
count to zero so make itself more likely to be
chosen along the path to the destination
 A selfish node could use a high hop count to
ensure no one routes through it in case it
wants to save power
Modification of Source Routes

In DSR
 as
packets are delivered, a malicious node
can simply remove necessary source route
entries in the packet header
 malicious node can drop any error messages
coming back along the path
Tunneling
Falsely
tunneled path
M2
M1
Encap
S
Decap
D
Impersonation to create loops
A
D
M
B
C
E
X
Impersonation to create loops
A
D
M
B
C
E
X
Impersonation to create loops
A
D
M
B
C
E
X
Impersonation to create loops
A
D
B
C
E
M
X
Fabrication Attacks
False route error messages in AODV and
DSR
 Route Cache poisoning

Challenges
No centrally administered secure routers
 No strict security policies
 Highly dynamic nature of mobile ad hoc
networks
 Current ad hoc routing protocols trust all
participating nodes

Problem

Secure ad hoc routing protocols are
difficult to design:
- Existing protocols are optimized to
spread routing information quickly as the
network changes
- Security mechanisms consume
resources and can delay or even prevent
successful exchanges of routing
information
Specific attacks




Location disclosure: reveals information
regarding the location of nodes, or the structure
of the network
Black hole: an attacker advertises a zero metric
for all destinations causing all nodes around it to
route packets towards it
Replay attack: an attacker sends old
advertisements to a node causing it to update its
routing table with stale routes
Wormhole: an attacker records packets at one
location in the network, and tunnels them to
another location, routing can be disrupted when
only routing control messages are tunneled
Requirements for a secure ad hoc
routing protocol








Prevents the exploits discussed
Route signaling cannot be spoofed
Fabricated routing messages cannot be injected
Routing messages cannot be altered in transit except in
accordance with the functionality of the routing protocol
Routing loops cannot be formed through malicious action
Routes cannot be redirected from the shortest path
Unauthorized nodes should be excluded from route
computation and discovery
Network topology should not be exposed neither to
adversaries not to authorized nodes
Authenticated Routing for Ad Hoc
Networks (ARAN) Protocol
Effectively basic AODV, except route
discovery/setup/maintenance are
authenticated
 Utilizes public-key cryptography to verify
hop-by-hop all route request “RDP” &
route reply “REP” packets
 Eliminates most routing security problems
except for tunneling & trivial DoS attacks

ARAN – Initial Setup
Public Key A
IP Address A
Create Time
Expiry Time
Signature by T
Certificate A
Certificate B
Certificate C
A
B
C
Certificate D
Trusted certificate server T
D
ARAN – Route Discovery
IP Address D
Certificate A
Initial RDP packet
Nonce A
Create Time
Signature by A
RDP: A -> D
A
B
C
D
ARAN – Route Discovery
Intermediate RDP Packet
RDP: A -> D
Signature by B
Certificate B
RDP: A -> D
verified
A
B
C
D
ARAN – Route Discovery
RDP: A -> D
Signature by C
Certificate C
verified
A
RDP: A -> D
verified
B
C
D
ARAN – Route Setup
Initial REP packet
IP Address A
Certificate D
Nonce A
Create Time
Signature by D
REP: A->D
verified
A
verified
verified
B
C
D
*Replies to first RDP packet*
ARAN – Route Setup
Intermediate REP Packet
REP: A -> D
Signature by C
CertificateC
REP: A->D
verified
A
verified
verified
verified
B
C
D
ARAN – Route Setup
REP: A -> D
Signature by B
CertificateB
REP: A->D
verified
verified
A
verified
verified
verified
B
C
D
ARAN – Route Complete
A
verified
verified
verified
verified
B
verified
verified
C
D
ARAN – Route Maintenance
IP Address A
IP Address D
Certificate C
Nonce C
Create Time
Signature by C
ERR: A->D
A
B
C
D
Link broken!
Questions
Conflict between small weight nodes,
cryptography – is there any reason to
implement ARAN?
 Any way to avoid centralized trust
certificate server T?
 Key revocation issues…
 Sensor network security?
