J van der Merwe, "Key Management in Mobile Ad Hoc Networks," MScEng dissertation, in School of Electrical, Electronic and Computer Engineering, University of KwaZulu-Natal (UKZN), South-Africa, 2005.
Mobile ad hoc networks (MANETs) eliminate the need
for pre-existing infrastructure by relying on the nodes to
perform all network services. The connectivity between the
nodes is sporadic due to the shared, error-prone wireless
medium and frequent route failures caused by node mobility.
Fully self-organized MANETs are created solely by
the end-users for a common purpose in an ad hoc fashion. Forming peer-to-peer security associations in
MANETs is more challenging than in conventional networks
due to the lack of central authority.
This thesis is mainly concerned with peer-to-peer key management in fully self-organized MANETs. A key management protocol's primary function is to bootstrap and maintain the security associations in the network, hence to create, distribute and revocate (symmetric or asymmetric) keying material as needed by the network security services. The fully self-organized feature means that the key management protocol cannot rely on any form of off-line or on-line trusted third party (TTP).
The first part of the thesis gives an introduction to MANETs and highlights MANETs' main characteristics and applications. The thesis follows with an overall perspective on the security issues in MANETs and motivates the importance of solving the key management problem in MANETs.
The second part gives a comprehensive survey on the existing key management protocols in MANETs. The protocols are subdivided into groups based on their main characteristic or design strategy. We discuss and provide comments on the strategy of each group separately. The discussions give insight into the state of the art and show researchers the way forward.
The third part of the thesis proposes a novel peer-to-peer key management scheme for fully self-organized MANETs, called Self-Organized Peer-to-Peer Key Management (SelfOrgPKM). The scheme has low implementation complexity and provides self-organized mechanisms for certificate dissemination and revocation without the need for any form of off-line or on-line authority.
The fully distributed scheme is superior in communication and computational overhead with respect to its counterparts. All nodes send and receive the same number of messages and complete the same amount of computation. SelfOrgPKM therefore preserves the symmetric relationship between the nodes. Each node is its own authority domain which provides an adversary with no convenient point of attack.
SelfOrgPKM solves the classical routing-security interdependency problem and mitigates impersonation attacks by providing a strong one-to-one binding between a user's certificate information and public key. The proposed scheme uses a novel certificate exchange mechanism that exploits user mobility but does not rely on mobility in anyway. It enables nodes to setup security associations on the network layer in a localized fashion without any noticeable time delay.
The thesis also introduces two generic cryptographic building blocks as the basis of SelfOrgPKM: 1) A variant on the ElGamal type signature scheme developed from the generalized ElGamal signature scheme introduced by Horster et al. The modified scheme is one of the most efficient ElGamal variants, outperforming most of the other variants; and 2) A subordinate public key generation scheme.
The thesis introduces the novel notion of subordinate public keys, which allows the users of SelfOrgPKM to perform self-organized, self-certificate revocation without changing their network identifiers/addresses. Subordinate public keys therefore eliminate the main weakness of previous efforts to solve the address ownership problem in Mobile IPv6. Furthermore, the main weakness of previous efforts to break the routing-security interdependence cycle in MANETs is also eliminated by a subordinate public key mechanism.
The presented ElGamal signature variant are proved secure in the Random Oracle and Generic Security Model (ROM+GM) without making any unrealistic assumptions. It is shown how the strong security of the signature scheme supports the security of the proposed subordinate key generation scheme. Based on the secure signature scheme we provide a security arguement for SelfOrgPKM with respect to a general, active insider adversary model.
The only operation of SelfOrgPKM affecting the network is the pairwise exchange of certificates. The cryptographic correctness, low implementation complexity and effectiveness of SelfOrgPKM were verified though extensive simulations using ns-2 and OpenSSL. Thorough analysis of the simulation results shows that the localized certificate exchange mechanism on the network layer have negligible impact on network performance. The simulation results also correlate with efficiency analysis on SelfOrgPKM in an ideal network setting, hence assuming guaranteed connectivity. The simulation results furthermore demonstrate that network layer certificate exchanges can be triggered without extending routing protocol control packets.
Download the final version of the MSc in Electronic Engineering thesis here in pdf.
J van der Merwe, "Security Mechanisms for Distributed Communication Systems," PhD dissertation, in School of Electrical, Electronic and Computer Engineering, University of KwaZulu-Natal (UKZN), South-Africa, 2010.
In this thesis we study security mechanisms related to distributed communication systems within
the context of peer-to-peer and group communication. These mechanisms include authority-based
peer-to-peer key management, group key management, distributed-key management and thresholdmultisignature
schemes. The thesis is comprised of four parts.
The first part of the thesis proposes a peer-to-peer key management scheme for authority-based mobile ad hoc networks. The key management scheme bootstraps and maintains the security associations in the network, that is, it creates, distributes and revokes keying material as needed by the networking services. The proposed key management scheme breaks the routing-security interdependency cycle and exploits the unpredictable and dynamic network topology to the advantage of security.
The second part of the thesis presents a group key management scheme for dynamic peer groups that is suitable for ad hoc networks. The group key management scheme exploits the dynamic group membership and network topology to assist with the bootstrapping of security associations for the group communication system protocols. These protocols include unicast routing, group membership service, multicasting, group key agreement and data sharing. We also show how to bootstrap the group communication system by proposing a progressively robust, primary-partition group membership service. The membership service exploits the inherent capability of the group communication system to mitigate the impact of frequent membership changes and routing failures.
The third part of the thesis considers distributed-key (secret sharing) management mechanisms for generic, distributed communication systems. Specific attention is given to secret sharing in a setting without any form of online authority. The proposed Distributed-Key Management Infrastructure (DKMI) gives group members the capability to share, update and redistribute a secret in support of a threshold cryptosystem.
The fourth part of the thesis presents a threshold-multisignature scheme that allows group signatures to be generated in a collaborative fashion. The proposed scheme guarantees the signature verifier that at least a defined threshold of group members participated in the generation of the group-oriented signature and that the identities of the signers are traceable. The characteristics of secure and robust threshold-multisignature schemes are defined and it is shown that the proposed scheme satisfies these properties.
Finally, the thesis analyzes the proposed schemes from a performance and security perspective in widely acceptable system and adversary models.
Download the final version of PhD in Electronic Engineering thesis here in pdf.
Back to Johann's page.