Lightweight Secure IP Address Auto-Configuration ...

21 downloads 280 Views 216KB Size Report
operate in a standalone fashion, or may be connected to the larger Internet [1]. ... So far, MANET protocols in general allow any node to participate in the .... 1 ms [11]. Thus an application of a hash function is faster .... Conference on Information and Communication Technologies: IS. A,. JS. B ,. Node. Node. K. I. A. I. SHE. ],)([.
Lightweight Secure IP Address Auto-Configuration Based On VASM

Majid Tajamolian

Majid Taghiloo

Mahnaz Tajamolian

Islamic Azad University, Taft Branch, Taft, Yazd, Iran [email protected]

Amirkabir University of Technology, Tehran, Iran [email protected]

Sharif University of Technology, Tehran, Iran [email protected]

Abstract Mobile ad hoc networks allow to create very dynamic communication systems, which are independent from any fixed infrastructure. One of the most important issues regarding the management of an ad hoc network is the configuration of the system according to the way users move. Since a centralized control structure does not exist, we need to determine how the IP addresses must be assigned to the nodes in the network. In this paper we add a security mechanism to VASM protocol based on zero knowledge approach. A hash function has very low running time. So this so this scheme is very light-weight. The VASM protocol uses coordinate value of point in main address sheet for generating addresses. The performances of this solution are evaluated through the Behavioral simulation, which allowed us to check the correctness of the protocol and to estimate the control traffic generated under different operating conditions. Keywords— Ad Hoc Networks, IP Address, Configuration, Authentication, Security, MANET.

Auto-

1. Introduction A mobile ad-hoc network (MANET) is a kind of wireless ad-hoc network, and is a self-configuring network of mobile routers (and associated hosts) connected by wireless links. The routers are free to move randomly and organize themselves arbitrarily; thus, the network's wireless topology may change rapidly and unpredictably. Such a network may operate in a standalone fashion, or may be connected to the larger Internet [1]. Ad-hoc networks and even more intrinsic pervasive networks face huge security lacks. Such a network may operate in a stand-alone fashion, or may be connected to the larger Internet. In the most general case entities need to be able to establish well-defined security associations without any pre-established secret or common security infrastructure. Unlike in military or closed networks where there is a single logical and commonly agreed trust

authority we cannot assume such a situation in the general case. Security threat is a cross layer issue that affects the entire protocol stack. A self-organizing ad hoc network needs more protections than cryptography. We have extensively studied low-cost underwater denial-of-service attacks [3]. The result is disastrous for multi-hop packet delivery, distributed localization, and time-synchronization. One area which will definitely require revisiting (with respect to prior work in ad hoc and ground sensor networks) is vulnerability to security threats. To realize a scalable ad hoc network, nodes must be low-cost and economically viable. They are limited in energy, computation, and communication capabilities. Nevertheless, a self-organizing ad hoc network needs more protections than cryptography. Many security attacks continue to threaten ad hoc networks even when an ideal cryptosystem is efficiently protecting the network. A significant security issue is that of maintaining the confidentiality and the integrity of some data being exchanged between communication end-points in the MANET (e.g. between a server and a client). This task is equivalent to that of ensuring end-to-end security in other types of networks, and existing techniques are therefore applicable. An orthogonal issue with respect to securing MANET protocols is ensuring network integrity. So far, MANET protocols in general allow any node to participate in the network - the assumption being that all nodes are wellbehaving and welcome. If that assumption fails, i.e. if the network may count malicious nodes, the integrity of the network may fail. Specific malicious behavior include, but are not limited to, jamming (resulting in DoS), incorrect traffic generation (e.g. server, router or address spoofing), incorrect traffic relaying (e.g. "man in the middle"), or replay attacks. Most of these threats are already taken into account in RFC 3756, RFC 3971, and the security sections of RFC 4861 and RFC 3315 [2].

2. Related Works Some proposed paper [5],[6],[7], do not support security in process of address allocation. The researches on security of MANET address Auto-Configuration is still in early stage. Currently, few papers presented in this area [8],[9],[10]. In [5], by using one-way hash operation, it binds a node’s address with a public key. It assumes the node in the MANET keep loose time synchronization. In this approach each node generates the public and private key pair, and then chooses its address based on cryptographic hash function of the public key. It doesn’t entirely solve the key setup problem. In [6], the algorithm employs the concept of challenge which obliges a node to answer a question to prove its identity. The main disadvantage of this protocol is that the number of address-reallocation is high in merging time, because only one network nodes should keep theirs address and others must reallocate their address again and discard old address. Because of the limitation of resources, asymmetric cryptography is not proper for ad hoc networks. So, the using of light weight security protocol is critically needed.

3. Summery of Virtual Mapping (VASM) protocol

Address

Space

In this protocol [1], nodes are classified into four categories: •

Allocator: Maintain the address space. They allocate new addresses for joining nodes. • Initiator: An intermediate node which stands between Allocators and Requester node and exchange all messages between them. • Requester: new node that needs to get IP address in order to join the network. • Normal: all other nodes are in this category. According to this protocol, when a new node goes into ad-hoc mode, it sends a single-hop INITIATOR_SEARCH message, in order to find an Initiator. If there is no reply for this packet, the node assumes that it is the only node in that network and starts the network setup process. If the joining node gets more than one response, it selects the sender of the first arrived packet as Initiator and sends him an address request packet. The main task of Initiator is to obtain a new IP address from its Allocator and assign it to the requesting node (Requester). If the received response was from an Allocator, select this node as its Allocator and asks for a new address immediately. As mentioned before, in this protocol, each network has at least one Allocator. Each Allocator contains an address

space used for assigning unique IP addresses for the newly joined nodes. Method of choosing nodes as Allocator and the way address space is assigned for that node is the chief task of this protocol. In addition to generating unique IP addresses, an Allocator can create another Allocator in the network for balancing the overhead of protocol traffic and minimizing the time of address assignment for new nodes. For efficient management of network merging and partitioning process, each Allocator holds a list of all Allocators in the network. The number of Allocators in each network is limited. Thus the size of Allocators’ list will be very small. The main difference between this protocol and other stateful protocols is in its bottom-up approach for address space distribution. VASM aims at mapping one point from virtual address sheet to exactly one new node using a virtual address space. The reason for using “virtual” word in this article is that the whole corresponding address space is 2D flat sheet and each point of this sheet is virtually mapped to one node in MANET. Address space of each Allocator maps to a square in the address sheet. Hence, every Allocator in the network has a mutually exclusive set of addresses. Address allocation process should be done in a way that minimizes the address conflict and also prevents wasting of address space. The advantage of the proposed protocol, unlike [6], is that its Allocators hold some property of their corresponding square. The properties include coordination of bottom left corner, and last allocated point. Fig.1. shows the algorithm of address allocation in allocator nodes. The simplest way to allocating a new address is selecting points from bottom left corner of the square to top right corner. But the probability of selecting the same square is higher than selecting the same point in the address sheet. The protocol has devised a method for solving this problem. For this purpose, STEP variable is used by setting its bits to one in a randomly fashion.

message, in order to find an Initiator. If there is no reply for this packet, the node assumes that it is the only node in that network and starts the network setup process. If the joining node gets more than one response, it selects the sender of the first arrived packet as Initiator and sends him an address request packet. The main task of Initiator is to obtain a new IP address from its Allocator and assign it to the requesting node (Requester). If the received response was from an Allocator, select this node as its Allocator and asks for a new address immediately. As mentioned before, in this protocol, each network has at least one Allocator. Each Allocator contains an address space used for assigning unique IP addresses for the newly joined nodes. Method of choosing nodes as Allocator and the way address space is assigned for that node is the chief task of this protocol. In addition to generating unique IP addresses, an Allocator can create another Allocator in the network for balancing the overhead of protocol traffic and minimizing the time of address assignment for new nodes. For efficient management of network merging and partitioning process, each Allocator holds a list of all Allocators in the network. The number of Allocators in each network is limited. Thus the size of Allocators’ list will be very small. The main difference between this protocol and other stateful protocols is in its bottom-up approach for address space distribution. Fig. 1. Algorithm of Address selection in allocator

The benefit of this method is that it decreases the probability of address conflict during network merging as the same square from two Allocators in separate networks may have been be assigned. Initially, all 8 bits in STEP variable are “0”. A random number from 1 to 8 is selected and the corresponding bit in STEP variable is sets to “1”. The resulting value of STEP is assigned to CURRENT_STEP. At the next iteration, another bit from the 7 remaining bits is set to 1 in order to assign a new value to CURRENT_STEP. This process will continue until all 8 bits of STEP are set to 1. For address allocation, Allocator first starts from the CURRENT_STEPth point in its square and then, it adds eight to the last allocated point for allocating the next address. If the coordination of the new point is out of range, Allocator will continue with the next iteration to generate another STEP value. CURRENT_STEP is embedded in four most significant bits of ALLOC_STATE. If the FREE_ADDR_LIST is not empty, it is better to use IP address of depart nodes. It helps solving address exhaustion problem. According to this protocol, when a new node goes into ad-hoc mode, it sends a single-hop INITIATOR_SEARCH

4. Security Model A hash function has very low running time. For example, the SHA-1 implementation in [11] obtains hashing speeds of 48.7 Mbit/s whereas an RSA verification (which is the most e_cient signature verification scheme) runs in roughly 1 ms [11]. Thus an application of a hash function is faster than RSA verification. This scheme is based on a zero knowledge approach.It onlyrequiresone-wayhash-functionsandaseedvalue. The seed value can be generated randomly. As shown in Fig.2., After generation of the preliminary seed, for accomplishing a first connection in order to exchanging basic information between nodes A and B. node A, I

computes the value of E[ H ( S A ) , I ] K , where E is symmetric cryptographic function and H is secure one-way hash function, for large random I and then send it to node B. Node B for another large random number J, calculates E[ H ( S B ) J , J ] K and sends it back to node A. K is secret key and cryptographic operation is only used once in the start of connections to avoid Man in Middle attacks.

SA, I

SB , J

α1 = E[ H ( S A ) I , I ]K

α1 , I

β1 = E[ H ( S B ) J , J ]K

β1 , J

α 2 = H ( S A )t

β 2 = H (S B )r

t = SA

r = sB

t = t +1 ?

β1 = H ( β 2 ) J −(t − S

r = r +1

A)

?

α1 = H (α 2 ) I −( r − S

B)

Fig. 2. VASM Security message exchange for authentication

For authentication of both nodes in next connections, it is enough to do as follow; at the start of next connection, node A selects

t = s A , t = t + 1 and sends the result of

H ( S A ) t to B and then node B selects r = s B , r = r + 1 H ( S B ) r to node A. Node A applies the hash function J − (t − s A ) times to the its and sends the result of

received value and also node B applies the hash function

I − (r − s B ) times to the its received value. If the achieved value was equal to the value received at the first, then the corresponding node is successfully authenticated. Also for establishing next communication, in order to do authentication, only node needs to increment its seed value with one and then repeats above operations again. Since this protocol is based on zero knowledge, it will be protected from Reply attacks. The security of this scheme is as sound as the security of the underlying one-way hash-function.

5. Simulation Experiments Simulation experiments were performed using the behavioral analyzing to evaluate the performance of the protocol in terms of overhead and latency. The random waypoint mobility model was used. The speed of nodes in the network was selected randomly between 1 to 15 meters per second and the pause time was 10 seconds. The simulation duration was 3600 seconds. The JOINING_PKT_RETR threshold was 2, and the SQUARE_SIDE and SHEET_SIDE were set to 0x8 and 0xFFFF respectively. The network area was a square of 670m × 670m. Transmission range of the nodes selected randomly from 150 to 300. Using time parameters for protocol analyzing purpose is not precise metric, because it depends on the environment

configuration of simulator and simulation scripts. In each auto-configuration protocol, the number of hops that packets traverse in network can be very useful and realistic parameter for performance analyzing purpose if the mobility model and link breakage (packet loss) be correctly added to the simulation. Average Latency (Hops)

Node

Node

15 10 5 0 25 50 75 100 125 150 175

Number of nodes Fig. 3. VASM Auto-Configuration average latency in resolving address

In this experiment, we have used this parameter to show performance of the protocol. Fig.3. shows the average latency of address resolving for different number of nodes in VASM protocol. It denotes that the growing of nodes number has not salient affect into the latency.

6. Conclusions In this paper, we presented a distributed protocol for dynamic configuration of nodes in MANETs with security capability. We have addressed the issue of secure unique IP address assignments to nodes in the absence of any static configuration or central servers. This approach uses cryptography functions (one-way hash function and symmetric cryptography) to encountering of the all possible address auto-configuration attacks. The key management and distribution is future research work. The protocol assumes each node has pre-distributed secret key. Currently we are working on the key distribution system.

10. References [1] Jane K., Kirk M., “Environmental Sensor Networks: A revolution in the earth system science?”, Earth-Science Reviews, Volume 78, Issues 3-4, October 2006, Pages 177-191. [2] Baccelli, E., Mase, K., Ruffino, S., and S. Singh, “Address Autoconfiguration for MANET: Terminology and Problem Statement”, draft-ietf-autoconf-statement-04, February 2008. [3] Taghiloo M., Dehghan M., Taghiloo J., Fazio M., “New Approach for Address Auto-Configuration in MANET Based on Virtual Address Space Mapping (VASM), ” International Conference on Information and Communication Technologies:

from Theory to Applications (IEEE ICTTA 2008), Damascus, Syria, 7-11 Apr. 2008.

[8] Pan Wang, Douglas S. Reeves, Peng Ning, “Secure Address Auto-configuration for Mobile Ad Hoc Networks”, MOBIQUITOUS 2005, p 519-522.

[4] K. Weniger, M. Zitterbart, “Address Autoconfiguration in Mobile Ad Hoc Networks: Current Approaches and Future Directions”, IEEE Network Magazine Special issue on Ad Hoc Networking , July 2004.

[9] Ana Cavalli, Jean-Marie Orset, “Secure hosts autoconfiguration in mobile ad hoc networks”, ICDCSW.2004, p 809-814.

[5] M. Gunes, J. Reibel, “An IP Address Configuration Algorithm for Zeroconf Mobile Multihop Ad Hoc etworks”, Proc. Int’l.Wksp. Broadband Wireless Ad Hoc Networks and Services, Sophia Anipolis, France, September 2002.

[10] Shenglan Hu, Chris J. Mitchell, “Improving IP address autoconfiguration security in MANETs using trust modelling”, Mobile Ad-hoc and Sensor Networks – First International Conference, MSN 2005, p 83-92.

[6] S. Nesargi, R. Prakash, “MANETconf: Configuration of Hosts in a Mobile Ad Hoc Network”, Proc. IEEE INFOCOM 2002, New York, NY, June 2002.

[11] FIPS PUB 180-1, Secure Hash Standard, SHA-1. http://www.itl.nist.gov/fipspubs/fip180-1.htm. M. Jakobsson, T. Leighton, S. Micali, and M. Szydlo. Fractal Merkle Tree Representation and Traversal. Proceedings of CTRSA, 2003.

[7] M. Mohsin, R. Prokash, “IP Address Assignment in a Mobile Ad Hoc Network”, Proc. IEEE MILCOM 2002, Anaheim, CA, October 2002.