Abstract
The implementation of a standard PKI in a mobile ad hoc network (MANET) is not practical for several reasons: (1) lack of a fixed infrastructure; (2) a centralized certification authority (CA) represents a single point of failure in the network; (3) the relative locations and logical assignments of nodes vary in time; (4) nodes often have limited transmission and computational power, storage, and battery life. We propose a practical distributed CA-based PKI scheme for MANETs based on Elliptic Curve Cryptography (ECC) that overcomes these challenges. In this scheme, a relatively small number of mobile CA servers provide distributed service for the mobile nodes. The key elements of our approach include the use of threshold cryptography, cluster-based key management with mobile CA servers, and ECC. We show that the proposed scheme is resistant to a wide range of security attacks and can scale easily to networks of large size.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Asokan, N., Ginzboorg, P.: Key Agreement in Ad-hoc Networks. In: Northsec 1999, Sweden (1999)
Bellovin, S.M., Merrit, M.: Encrypted Key Exchange: Password-based protocols secure against dictionary attacks. In: Proceedings of the IEEE Symposium on Research in Security and Privacy (1992)
Lucks, S.: Open Key Exchange: How to defeat dictionary attacks without encrypting public Keys. In: Security Protocol Workshop 1997, Ecole Normale Suprieure, Paris (1992)
Jablon, D.P.: Extended password key exchange protocols immune to dictionary attack. In: Proceedings of the WETICE 1997 Workshop on Enterprise Security, Cambridge, MA, USA (1998)
Wu, T.: The secure remote password protocol. In: Symposium on Network and Distributed Systems Security (NDSS 1998), pp. 97–111. Internet Society, San Diego (1998)
Hubaux, J.P., Buttyan, L., Capkun, S.: The quest for security in mobile ad hoc networks. In: Proceedings of the ACM Symposium on Mobile Ad Hoc Networking and Computing (MobiHoc) (2001)
Capkun, S., Buttyan, L., Hubaux, J.-P.: Self-Organized Public-Key Management for Mobile Ad Hoc Networks. Technical Report EPFL/IC/200234, Swiss Federal Institute of Technology, Lausanne (June 2002)
Zhou, L., Haas, Z.J.: Securing Ad Hoc Networks. IEEE Network Magazine (1999)
Yi, S., Kravets, R.: Key Management for Heterogeneous Ad Hoc Wireless Networks. Technical Report UIUCDCS-R-2002-2290/UILU-ENG-2002-1734, University of Illinois at Urbana-Champaign (July 2002)
Zhou, L., Schneider, F., van Renesse, R.: COCA: A Secure Distributed On-line Certification Authority. Technical Report, Cornell University (2000) (revised 2002)
Basu, P., Khan, N., Little, T.D.: A Mobility Based Metric for Clustering in Mobile Ad Hoc Networks. In: Proceedings of Distributed Computing Systems Workshop (2001)
Banerjee, S., Khuller, S.: A Clustering Scheme for Hierarchical Control in Multi-hop Wireless Networks. In: Proc. of IEEE INFOCOM, pp. 1028–1037 (2001)
Lin, C.R., Gerla, M.: Adaptive Clustering for Mobile Wireless Networks. IEEE Journal of Selected Areas in Communications 15(7), 1265–1275 (1997)
Krishna, P., Vaidya, N., Chatterjee, M., Pradhan, D.: A cluster-based approach for routing in dynamic networks. In: Proc. of ACM SIGCOMM Computer Communication, April 1997, pp. 49–65 (1997)
Herzberg, A., Jarecki, S., Krawczyk, H., Yung, M.: Proactive Secret Sharing or: How to Cope with Perpetual Leakage. In: Coppersmith, D. (ed.) CRYPTO 1995. LNCS, vol. 963, pp. 339–352. Springer, Heidelberg (1995)
Jarecki, S.: Proactive Secret Sharing and Public Key Cryptosystems. Master’s Thesis, Department of Electrical Engineering and Computer Science, Massachusetts Institute of Technology, Cambridge, MA (September 1995)
Hankerson, D., Menezes, A., Vanstone, S.: Guide to Elliptic Curve Cryptography. Springer, New York (2004)
Desmedt, Y., Frankel, Y.: Threshold cryptosystems. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol. 435, pp. 307–315. Springer, Heidelberg (1990)
Feldman, P.: A practical scheme for non-interactive verifiable secret sharing. Proc. of IEEE Fund. Of Comp., Sci., pp. 427–437 (1987)
Zouridaki, C.: Evaluation of the Proactive Public Key and Signature System and a new implementation based on Elliptic Curves. M.S. Thesis, Dept. of ECE, George Mason University (2002)
Rankl, W., Effing, W.: Smart Card Handbook, 2nd edn. John Wiley & Sons, Ltd., Chichester (2000)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2004 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Zouridaki, C., Mark, B.L., Gaj, K., Thomas, R.K. (2004). Distributed CA-based PKI for Mobile Ad Hoc Networks Using Elliptic Curve Cryptography. In: Katsikas, S.K., Gritzalis, S., López, J. (eds) Public Key Infrastructure. EuroPKI 2004. Lecture Notes in Computer Science, vol 3093. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-25980-0_19
Download citation
DOI: https://doi.org/10.1007/978-3-540-25980-0_19
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-22216-3
Online ISBN: 978-3-540-25980-0
eBook Packages: Springer Book Archive