View metadata, citation and similar papers at core.ac.uk brought to you by CORE provided by ethesis@nitr A SECURE ZONE-BASED ROUTING PROTOCOL FOR MOBILE AD HOC NETWORKS A Thesis Report Submitted in Partial Fulfillment of the Requirements for the Degree of Master of Technology in Computer Science (Information Security) By Niroj Kumar Pani Department of Computer Science and Engineering National Institute of Technology, Rourkela Rourkela, Orissa 769008, India May 2009 A SECURE ZONE-BASED ROUTING PROTOCOL FOR MOBILE AD HOC NETWORKS A Thesis Report Submitted in Partial Fulfillment of the Requirements for the Degree of Master of Technology in Computer Science (Information Security) By Niroj Kumar Pani Under the Guidance of Dr. Ashok Kumar Turuk Department of Computer Science and Engineering National Institute of Technology, Rourkela Rourkela, Orissa 769008, India May 2009 National Institute Of Technology Rourkela CERTIFICATE This is to certify that the thesis entitled, “A Secure Zone-Based Routing Protocol for Mobile Ad Hoc Networks” submitted by Mr. Niroj Kumar Pani in partial fulfillment of the requirements for the award of Master of Technology Degree in Computer Science and Engineering with specialization in “Information Security” at National Institute of Technology, Rourkela is an authentic work carried out by him under my supervision and guidance. To the best of my knowledge, the matter embodied in the thesis has not been submitted to any other University / Institute for the award of any Degree or Diploma. Date: Dr. Ashok Kumar Turuk Assistant Professor Department of Computer Science and Engineering National Institute of Technology Rourkela-769008 - Dedicated to My Family ACKNOWLEDGEMENTS This project is by far the most significant accomplishment in my life and it would be impossible without the people who supported me and believed in me. I would like to express my sincere heartfelt gratitude to my honorable, esteemed supervisor Dr. Ashok Kumar Turuk, Assistant Professor, Department of Computer Science and Engineering for his kind and valuable guidance for the completion of the thesis work. His consistent support and intellectual guidance inspired me to innovate new ideas. I am glad to work under his supervision I am grateful to Dr. B. Majhi, Professor and Head, Department of Computer Science and Engineering for his excellent support during my work. I am also thankful to Dr. S. K. Jena, Dr. S. K. Rath, Dr. D. P. Mohapatra, Dr. R. Baliarsingh and Prof. B. D. Sahoo of CSE Department, for providing me support and advice in preparing my thesis work. Thanks all my friends and classmates for their love and support. I have enjoyed their company so much during my stay at NIT, Rourkela. I would like to thank all those who made my stay in Rourkela, an unforgettable and rewarding experience. Last, but not least I would like to thank my parents for supporting me to do complete my master’s degree in all ways. Niroj Kumar Pani CONTENTS List of Figures ix List of Tables x Abbreviations xi Abstract xiii 1. Introduction 1 1.1 Motivation . 4 1.2 Objective . 5 1.3 Organization of Thesis . 6 2. Ad Hoc Networking 7 2.1 Mobile Ad Hoc Networks . 8 2.1.2 Characteristics, Complexities and Design Constraints . 10 2.2 MANET Applications . 11 2.3 Routing Approaches in Mobile Ad Hoc Networks . 11 2.3.1 Optimized Link State Routing (OLSR) Protocol . 13 2.3.2 Ad hoc On Demand Distance Vector (AODV) Routing . 15 2.3.3 Zone Routing Protocol (ZRP) . 17 2.4 Conclusion . 20 3. Security in Mobile Ad Hoc Networks 21 3.1 Security Goals . 22 3.2 Issues and Challenges in Security Provisioning . 23 3.3 Security Attacks on Ad Hoc Routing Protocols . 24 3.3.1 Information Disclosure Attack . 25 3.3.2 Attacks using Impersonation . 25 3.3.3 Attacks using Modification . 26 vi 3.3.4 Attacks using Fabrication . 27 3.3.5 Replay Attacks . 28 3.4 Security Mechanisms and Solutions . 29 3.4.1 Message Encryption . 29 3.4.2 Digital signature and Hashing . 30 3.4.3 Key Management Approaches . 30 3.5 Secure Routing . 31 3.5.1 Requirements for a Secure Routing Protocol . 31 3.5.2 Authenticated Routing for Ad Hoc Networks (ARAN) . 32 3.6 Conclusion . 33 4. The Secure Zone Routing Protocol (SZRP) 34 4.1 Protocol Overview . 35 4.2 Certification Process . 38 4.3 Design of Secure Zone Routing Protocol (SZRP) . 39 4.3.1 Design Assumptions . .. 39 4.3.2 Architecture . 40 4.4 The Secure Routing Algorithm . 42 4.4.1 Secure Intra-Zone Routing . 43 4.4.2 Secure Inter-Zone Routing . 44 4.5 Proactive Route Computation . 48 4.6 Route Maintenance . .. 49 4.7 Analysis of Secure Zone Routing Protocol (SZRP) . 50 4.8 Conclusion . 52 5. Simulation of Secure Zone Routing Protocol (SZRP) 53 5.1 Simulation Setup . 54 5.1.1 Network Scenario . .. 55 5.1.2 Security Model . 55 5.2 Performance Metrics . 57 vii 5.2.1 Metrics used for a Non-Adversarial Environment . 57 5.2.2 Metrics used for a Hostile Network Setting . 58 5.3 Simulation Results and Analysis . 59 5.3.1 Average Packet Delivery Fraction . 59 5.3.2 Average Routing Load in Bytes . 60 5.3.3 Average Routing Load in Terms of Packets . 61 5.3.4 Average Route Acquisition Latency . 62 5.3.5 Percentage of Packets Dropped that Passed Through Malicious Nodes . 63 5.4 Conclusion . 64 6. Conclusion 65 6.1 Future Works . 67 Bibliography 68 viii LIST OF FIGURES 2.1 A Typical Mobile Ad Hoc Network . 9 2.2 Classifications of Ad Hoc Routing Protocols . 12 2.3 Multipoint Relays . 14 2.4 AODV route discovery . 16 2.5 Routing zone of node S with zone radius β =2 . 18 2.6 ZRP Architecture . 19 4.1 Certification Process in SZRP . 38 4.2 Architecture of SZRP . 40 4.3 Intrazone and Interzone destinations of node A (zone radius β = 2) . 42 4.4 Link state routing table maintained at each node . 49 4.5 SIARP routing table maintained at node A . 49 5.1 Transmission between 10 Nodes distributed over a 700m x 700m terrain . 56 5.2 Transmission between 20 Nodes distributed over a 1200m x 1200m terrain . 56 5.3 Simulation Results – Average Packet Delivery Fraction . 59 5.4 Simulation Results – Average Routing Load in Bytes . 60 5.5 Simulation Results – Average Routing Load in Terms of Packets . 61 5.6 Simulation Results – Average Route Acquisition Latency . 62 5.7 Simulation Results – Percentage of Packets Dropped that Passed Through Malicious Nodes . 63 ix LIST OF TABLES 4.1 Notations Used in the Proposed Protocol . 37 x ABBREVIATIONS MANET Mobile Ad Hoc Network MAC Medium Access Control DARPA Defense Advanced Research Projects Agency DSDV Destination-Sequenced Distance-Vector Routing CGSR Clustered Gateway Switch Routing WRP Wireless Routing Protocol OLSR Optimized Link State Routing DSR Dynamic Source Routing AODV Ad hoc On Demand Distance Vector Routing TORA Temporally Ordered Routing Algorithm ABR Associativity Based Routing ZRP Zone Routing Protocol ZHLS Zone-Based Hierarchal Link State Routing Protocol MRP Multipoint Relay RREQ Route Request RREP Route Reply IARP Intra-Zone Routing Protocol IERP Inter-Zone Routing Protocol NDP Neighbor Discovery Protocol BRP Bordercast Resolution Protocol CA Certification Authority CN Common Node ARAN Authenticated Routing for Ad Hoc Networks RDP Route Discovery Packet REP Reply Packet SZRP Secure Zone Routing Protocol xi KMP Key Management Protocol SIARP Secure Intra-Zone Routing Protocol SIERP Secure Inter-Zone Routing Protocol MBRP Modified Boarder Resolution Protocol SKREQ Session Key Request Packet SKREP Session Key Reply Packet SRD Secure Route Discovery Packet SRR Secure Route Reply Packet ERR Error Packet xii ABSTRACT An ad hoc network is the cooperative engagement of a collection of mobile nodes without the required intervention of any centralized access point or existing infrastructure. There is an increasing trend to adopt ad hoc networking for commercial uses; however, their main applications lie in military, tactical and other security-sensitive operations. In these and other applications of ad hoc networking, secure routing is an important issue. Designing a foolproof security protocol for ad hoc network is a challenging task due to its unique characteristics such as, lack of central authority, frequent topology changes, rapid node mobility, shared radio.