Abstract
Many secure mobile ad hoc networks (MANETs) and wireless sensor networks (WSNs) use techniques of applied cryptography. Numerous security routing protocols and key management schemes have been designed based on public key infrastructure (PKI) and identity-based cryptography. Some of these security protocols are fully adapted to fit the limited power, storage, and CPUs of these networks. For example, one-way hash functions have been used to construct disposable secret keys instead of creating public/private keys for the public key infrastructure. In this survey of MANET and WSN applications we present many network security schemes using cryptographic techniques and give three case studies of popular designs.
TopCryptography Techniques Of Secure Manets/Wsns Design
Security is the combination of processes, procedures, and systems used to ensure confidentiality, authentication, integrity, availability, access control, and non-repudiation.
Key Terms in this Chapter
Certificate Authority: A certificate authority is an entity that issues digital certificates for use by other parties.
Hash tree: It was originally invented to support the handling of many Lamport one-time signatures. At the top of a hash tree there is a top hash or master hash. Nodes higher in the tree are the hashes of their respective children.
Symmetric cryptography: The encryption key is closely related or identical to the decryption key. In practice, keys represent a shared secret between two or more parties that can be used to maintain private communication.
HMAC message authentication code: This type of message authentication code is calculated using a hash function in combination with a secret key. Usually in MANETs/WSNs, the hash functions chosen are mostly MD5 or SHA-1. It can also be used to ensure that an unencrypted message retains its original content by calculating the message HMAC using a secret key.
Hash chain: It is generated by a successive application of a hash function to a string. Due to the one-way property of secure hash functions, it is impossible to reverse the hash function. A hash chain is a method to produce many one-time keys from a single key, and keys are used in the reversed order of generation.
Batch verification with ID-based signature: Although there are advantages to ID-based cryptography signature schemes based on pairing, the signature verifications are at least ten times slower than that of DSA or RSA. The batch verification of many signatures increases efficiency.
Random nonce: In the network, a timestamp or random number (nonce) is used to make packets fresh and prevent a replay attack. Cryptographic pseudo random generators typically have a large pool of seed values.
Asymmetric cryptography: In public key or asymmetric cryptography, there is a pair of public/private keys. The private key is known only to the owner, while the public key is shared with others. One of the earliest public-key cryptographic techniques, known as RSA, was developed in the 1970s.
Digital signature based on RSA/DSA: The ElGamal signature is based on the difficulty of breaking the discrete log problem. DSA is an updated version of the ElGamal digital signature scheme published in 1994 by FIPS and was chosen as the digital signature standard (DSS). Digital signature, using the RSA/DSA algorithm, is popular for authentication or confirming the message’s integrity. A digital signature scheme typically consists of three algorithms: a key generation algorithm, a signing algorithm, and a signature verifying algorithm.
Shared key: Less computationally intense symmetric key algorithms are used more often than asymmetric algorithms. In practice, asymmetric algorithms are hundreds of times slower than symmetric key algorithms. The most common are AES, RC4 and IDEA.
Identity-based cryptography: This is a type of public-key cryptography. The first identity-based cryptography, developed by Adi Shamir in 1984, uses the identity of the user as a public key. Modern schemes include Boneh/Franklin’s pairing-based encryption scheme.