The major security requirements of MANETs are secure linking, secure routing and secure data transmission or secure data packet forwarding.
Both proactive and reactive approaches are needed.
The disadvantages of the mobile design, like: limited cpu, memory and battery, may let MANETs face more security chanllegnes, which include both
active and passive attacks, the problems of dynamic topology, routing protocol and mobile environment, specially the packets missing, data changed
and node failures will make users lose trust of it, most of the secure routing protocols are designed with certain known attacks in mind. When an
unknown attack is encountered, these protocols may collapse, but achieving higher security usually requires more computation on each mobile node.
2. Explain ¿½-TESLA and compare it with TESLA?
TESLA means Time Efficient Stream Loss-tolerant Authentication, ¿½-TESLA is a micro version of TESLA, or we can consider it as an adoption of
TESLA for WSNs. Althugh TESLA and ¿½-TESLA are multicast stream authenticaiton protocols, both have different ways in key discloure and authentication.
” ¿½-TESLA is used in authentication of message broadcasts from Base Station(BS), from nodes (through BS), and also to authenticate route update broadcasts.
BS works as the key distribution center.” ( Taken From Chapter 3, Course slides.) This means ¿½-TESLA allows the receivers broadcast authenticated data
due to node to node key agreement. Receiver do not share a key with other receivers. But TESLA sender uses digital signature for the intial packet authenticaiton
and broadcasts it over the whole WSN, the receiver knows the key disclosing schedule, when the key is disclosed, receiver will check its correctness and
authenticates the buffered packets.
3. Gather information about the key Management protocols in MANETs. And explain
In MANETs, Key management is actually considered as the base for every cryptographic system, it’s a combination of cryptographic algorithms and
on-demand dynamic routing protocols, because the networking security in many cases dependent on proper key management, the tranditional centralized
approach in key management does not work out here, therefore, several methods are usually applied in the key management system in MANETs, such as:
Secret Sharing Methods, Distributed CA Method, Error-code based methods and Byzantine Resilient Method. Even so, KM system still faces the many Challenges
like: Dynamic topology and environment, Lack of trust, Node failures, Bounded computational and operational power, Connectivity problems and Node
autonomity, etc because you don’t know if any one entity is dishonest, that entity may be exposed.
4. Explain SEAD, SAR and SPAAR routing protocols in more details.
SEAD is a secure table- driven routing protocol based on the existing DSDV(Destination-Sequenced Distance-Vector) routing protocol. It uses
a one-way-hash function and asymmetric cryptography operations. Although SEAD defends against several types of DoS ( Denial-of-Service attacks),
it cannot prevent the wormhole attack.To avoid long time running routing loops and to defend against the replay attack, SEAD uses destination numbers to
to ensure that the information originates from the correct node. Authentication is also used in SEAD. Each node uses a specific authentic element
from its one-way hash chain in each routing update that it sends about itself. The source must be authenticated using some kind of broadcast authentication
mechanism, such as: TESLA. Apart from the hash functions used, SEAD doesn’t use average settling time for sending triggered updates.This disadvantage
makes SEAD face the chanellege of clock synchronization in order to function properly.
SAR stands for Security-Aware Ad Hoc Routing, which applied for on-demand secure routing protocols. When a packet is sent, it need be assigned a trust
value and certain security attributes, like: time stamp, sequence number, authentication, integrity, SAR introduces a negociable metrics to discover secure
routes that are embedded into RREQ packets. And this packet can be processed or forwarded only if the node can provide the required security. The problem
of SAR is you don’t know whether or not the value assigned is true and the invisible node attack can not detected and treated in SAR.
SPAAR (Secure Position Aided Ad hoc Routing) is a position based system and uses the location information to increase the security and performance.
All nodes in SPAAR are required to know their own locations, for eaxmple, GPS system tells you where you are. SPAAR is also designed to provide
authentication, non-repudiation, confidentiality and integrity for the security environment.
5. Explain Secure Message Transmission Protocol ( SMT) in MANETs.
The major job of SMT (Secure Message Transmission) protocol is to secure the data transmission or data forwarding on already discovered routes no matter
whether or not these routes have malicious nodes. SMT protocol does not deal with route discovery. It only demands a secure relationship between the source
and destination by allowing one node know the public key of the other node. No cryptographic operation is needed between the nodes because the
communication is usually done over the node disjoint paths, every piece of message is authenticated and verified through a Message Authentication Code.
The destination doesn¿½t need all the pieces of a message to understand it. It can reconstruct the message when enough pieces have been received.
This implies that even if there are malicious nodes in a few paths that drop the message or if there are unavailable routes, the message can still be received.
If the destination didn¿½t receive enough pieces to construct the message, the source will send out the remaining pieces over a different set of paths.
Otherwise the source continues with the next message transmission.
6. Give numberical examples for EL Gamal-TC (4,6) and RSA-TC(4,6). An investigate whether
Elliptic Curve Crypto(ECC) could be used for TC?
Elliptic Curve Crypto(ECC) could be used for TC, I got this idea from the article ” ECC Based Threshold Cryptography
for Secure Data Forwarding and Secure Key Exchange in MANET “written by Levent Ertaul and Weimin Lu, 2005,
The two authors say in this way:” … We combine Elliptic Curve Cryptography and Threshold Cryptosystem to securely
deliver messages in n shares. As long as the destination receives at least k shares, it can recover the original message.
We explore seven ECC mechanisms, El-Gamal, Massey-Omura, Diffie-Hellman, Menezes-Vanstone, Koyama-Maurer
-Okamoto-Vanstone, Ertaul, and Demytko. For secure data forwarding, we consider both splitting plaintext before
encryption, and splitting ciphertext after encryption. Also we suggest to exchange keys between a pair of mobile nodes
using Elliptic Curve Cryptography Diffie-Hellman. We did performance comparison of ECC and RSA to show ECC
is more efficient than RSA.”
7. Hacking technique and counter Measures
Please find the usage and the required counter measures to avoid effects of the below commands. This
commands fall into a catergory called Discovering Wireless Networks.
Actually inSSIDer is a replacement for NetStumbler, it is a free Wi-Fi network scanner for Windows Vista and windows XP, it can inspect your WLAN
and surrounding networks to troubleshoot competing access points, it works with internal Wi-Fi radio, Wi-Fi network information, such as: SSID, MAC,
Access point vendor, data rate, signal strength, security, etc. Graph signal strength over time, is also can show how Wifi networks overlap and provides an
open source code service since the Apache License, Version 2.0, it also can support GPS and export to Netstumbler(*.ns1) files, because of the open source
service, the intruders may take advantages of it to attack your personal information. The best way to avoid inssider command is to give it no permission to
access WLAN. I consider IEEE802.1x and IEEE802.11i protocols should be applied, and the specific mechanisms, like: WEP, TKIP, CCMP, MIC,
Counter-MOde-CBC-MAC Mode, WPA and WPA2 should be got involved.
b. Visit following web site: http://renderlab.net/projects/WPA-tables
And give me the brief desription of this site.
After visiting this website, a Church of Wifi WPA-PSK Rainbow Tables displays, this page is to give a little more insight into the methodology
and logic behind concieving and building the CoWF WPA-PSK Rainbow Tables, actually they are lookup tables. From my point of view, this website
tries to show you the result of the project that is done at renderlab, this project is testing how much possibilities the password will be cracked. On
WPA-tables, WPA-PSK was vulnerable to brute force attack, cryptographists use the tools like Aircrack and coWPAtty to take advantage of this weakness
and provided a way to test keys against dictionaries. They found that in fact the cracking process is very slow . Each passphrase is hashed
4096 times with SHA-1 and 256 bits of the output is the resulting hash. This is then compared to the hash generated in the initial key exchange. A lot
of computing power is required for this. If the SSID and the SSID length is seeded into the passphrase hash, the passphrase of ‘password’ will be hashed
differently on a network with the SSID of ‘linksys’ than it will on a network with the SSID of ‘default’. For the War driving, attacking a series of access
points to connect to a server behind it, each one’s security was stronger than the previous. They also found the application of the Time-Memory trade-off
is particularly useful in password cracking and cryptography. How to prevent it from attack? They think it’s impossible to create a lookup table for all
possible keys. Because the seeding of the algorithm with the SSID and SSID length, they have to compute all possible keys against all possible SSID’s,
the limlited storage space doesn’t allow them to do calculation. Instead they quickly check WPA-PSK networks against known english words
and known passwords quickly, while still leaving the option open for brute forcing the rest of the keyspace. Selecting the most effecient dictionary and SSID’s
computed became the focus.Size was also a concern. Even if they want to break the password, they still do not want the key size beyond the storage capacity
of most users. They list some common passwords from Websters dictionary and compute them by sorting all passphrases in the range 8 bits and 64 bits, both
max and min passphrases are taken off. The result shows 52% of SSID are at Wigle database of 5 million access points and on the top 1000 lists. This means
at least 2.7 million access points are known. This renderlab project found a way to speed up WPA-PSK cracking, but it does not mean that it has been broken.
Those experts also use coWPAtty and other similar tools to test the other dumb passphrases. The test result shows the minimum number of characters for a
WPA-PSK passphrase is 8 and the maximum is 63. In reality, very few users actually use more than about 20 characters, in most cases, people choose known
words and phrases, likely to be in a dictionary. So, to get decent protection from WPA-PSK, you should use a very long, very random, alphanumeric string
longer than 20 characters, or to protect yourself further, particularly against the WPA-PSK hashtables, you should use a SSID not on the top 1000 list because
this will force the attacker to compute thier own list, rather than use one of the CoWF tables.
Cite This Work
To export a reference to this article please select a referencing stye below:
Related ServicesView all
DMCA / Removal Request
If you are the original writer of this essay and no longer wish to have your work published on UKEssays.com then please: