A Study on High Secure and Efficient MANET Routing Scheme

Wu, Wei-Chen; Liaw, Horng-Twu

doi:https://doi.org/10.1155/2015/365863

Journal of Sensors

On this page

Abstract Introduction Literature Review Conclusions References Copyright Related Articles

Research Article | Open Access

Volume 2015 | Article ID 365863 | https://doi.org/10.1155/2015/365863

A Study on High Secure and Efficient MANET Routing Scheme

Wei-Chen Wu¹and Horng-Twu Liaw²

Academic Editor: Young-Sik Jeong

Received29 Nov 2014

Accepted15 Feb 2015

Published16 Aug 2015

Abstract

In mobile ad hoc networks (MANETs), the more applications we use, the more security is required. In this paper, we propose a high secure and efficient routing scheme that not only satisfies the properties of anonymity, security, authentication, nonrepudiation, and unforgeability that the previous paper achieved for ad hoc networks, but also satisfies other necessary properties such as confidentiality, traceability, and flexibility for multipaths in order to make the ad hoc environment more secure and practicable.

1. Introduction

In the near future, wireless networks will play an impartment role in information communication and transmission. Compared to wired network environments, wireless networks are more convenient for users in that users can connect to the Internet with mobility. Once the foundation equipment has been established, the user can use the mobile devices such as PDAs or notebooks to access resources on the Internet anywhere. Many practical daily problems can be solved in the mobile environment—for example, finding locations, booking seats on a plane, or finding the shortest path to a destination. Users can obtain answers to questions quickly in the mobile environment through the use of mobile devices and wireless networks [1]. The more applications are found for wireless networks, the more security issues are being discussed for wireless networks. In 2013, this paper proposed an anonymous authentication scheme which ensures user unlinkability. It is impossible for attackers to know that particular sessions, which have already occurred several times, are originated from one same user [2]. The findings in this paper are useful for identifying the factors that must be managed for NFC-based mobile payment services [3, 4]. In 2013, the paper proposed an energy efficient method for clustering the nodes in the network [5]. The paper proposed an ETSI complaint geonetworking protocol layer and discussed the architecture of our implementation [6]. This paper proposed a network-based handover scheme for Host Identity Protocol in the mobile networks, in which the access routers of the mobile node will establish a handover tunnel and will perform the route optimization for data transmission [7]. Recently, this paper proposed the security based algorithmic approach in the mobile ad hoc networks [8, 9].

Routing is an important networking function in mobile ad hoc networks [10, 11]. Therefore, an enemy can collapse a network operation easily by attacking the routing protocol. Many researchers have proposed secure routing protocols for ad hoc networks [12–15]. The security of those protocols has been analyzed by informal means or formal methods that have never been intended for the analysis of this kind of protocol [16]. Other attacks can be found in [12]. There are two functions for routing: route discovery and packet forwarding. Route discovery is concerned with discovering routes between nodes, and packet forwarding is concerned with sending data packets through the previously discovered routes. There are different types of ad hoc routing protocols. One can distinguish proactive (e.g., OLSR [13]) and reactive (e.g., AODV [17] and DSR [18]) protocols.

In previous studies, wireless security studies [11, 19–22], researchers have mainly proposed that security issues be considered in the wireless network. These researchers have suggested that there are two kinds of attack behavior: (1) passive attack behavior [23] and (2) active attack behavior [24]. Passive attacks involve attackers who do not transmit packets to attack the victim’s computer but rather eavesdrop on messages sent to/from the victim’s computer to affect the privacy and the anonymity between the sender and the receiver. Active attacks involve transmitting packets to attack and affect the operation of the victim’s computer. From the viewpoint of the user, there are two kinds of denial-of-service (DoS): (1) routing-disruption attacks, in which the attacker attempts to forge the legal packet that is transmitted, and (2) resource-consumption attacks, in which the attacker transmits mass meaningless packets to occupy the user’s bandwidth, waste memory and computing resources, and paralyze the service and operation ability of the computer.

2. Literature Review

Compared to wired networks, the wireless network is easy to attack because of its openness, its dynamic network topology, and its lack of the central monitoring and management. Security issues are becoming more and more important in wireless networks. Several wireless security studies [25–27] have discussed the properties of security, such as confidentiality, integrity, authentication, availability, fairness, anonymity, non-source-based routing, resilience against path hijacking, lack of source control over route length, and privacy. There are several properties of ad hoc routing security: reliability, confidentiality, integrity, and verification [28, 29].

Reliability. The attacker interferes with the physical layer and makes the data cannot be delivered. Or the attacker breaks down the network routing function and creates topology splits. Alternatively, the network could incur a DoS attack.

Confidentiality. Because the MANET was originally applied in military environments, not only the general information, but also the routing information must be kept confidential. If this is done, the enemy will be unable to find the target position through the routing information.

Integrity. To ensure that delivered data will not be forged or modified by the attacker, some secure methods can be applied to retain information integrity [30].

Verification. In MANETs, each node plays the role of routing the path or verifying the data. Because the data must be delivered by trusted nodes, it is very important to verify whether the nodes are trusted.

In Boukerche’s scheme [31], an anonymous wireless protocol was proposed. The source generated a path discovery phase. The source sent a request packet with some information including a trust requirement, a one-time public/private key pair, and a destination identity. Each middle node had a mapping table to map the session and the session key that the node should use. If the middle node had received the request packet previously, it would ignore the packet. The node would decrypt the packet using the session key and forward the packet in the direction of the destination. Each middle node that received the packet would try to decrypt it using its own private key. Then it will forward the encrypted packets to its next hop.

Then the destination will collect all the identities and session keys, encrypt the information using each middle node’s session key, and forward the message back to the source. In the path reverse phase, the middle nodes in the reverse path will receive the packets. After that, each middle node will decrypt the packet using its privacy key and then will obtain the temporal privacy key. The middle node will decrypt and obtain the identities session key and random numbers of all the middle nodes. Then the receiver will compose the messages from the destination to the source; this includes all the random numbers and session keys. All the information will be encrypted by each node’s session key and operated using the next node’s random number sequentially. Thus, each node on the reverser path will execute an exclusive-OR (XOR) operation with its random number and obtain the session key. After the source obtains all the messages from the middle nodes, it will generate a mapping table through the middle node identity and the random number of each middle node identity and then will transmit the mapping table to its next node in the reserve path. Then, in the data transfer phase, it will use a secure forwarding protocol such as Onion [22]. After the source obtains the reserve path message and verifies that the message is correct, it will encrypt the message using the middle nodes’ session key sequentially. Each middle node simply needs to decrypt the message by its own session key and forward the message to its next node to the destination.

In this scheme, the packets are anonymous, secure, and private in the transmitting phase. The scheme can prevent the attacker from analyzing the network flow and provide the privacy of the sender and receiver. All the nodes can establish the location information and the anonymous routing paths by exchanging routing information. In the ad hoc environment, because of node mobility, it is difficult to establish all of the location information for all the nodes. Thus, the scheme proposes a distributed routing scheme to establish an anonymous routing path and achieve the security properties of non-source-based routing and resilience against path hijacking. But Boukerche’s scheme still has some aspects that could be improved, such as efficiency. Boukerche’s scheme uses lots of public key system operations, and this could lead to increased power consumption, wasted memory space, and increased operating time for each node. Wu et al.’s scheme [32] proposes a zone-based anonymous positioning routing protocol (ZAP) and includes three wireless transmitting systems with different degrees of anonymity. In this scheme, the client generates an anonymous zone (AZ) and sends a data request to the server. After the server receives the data request, it follows the three different anonymous systems to execute the wireless transmission. The following are the three anonymous wireless transmitting systems.

2.1. ZAP with Pseudo Destination (PD-ZAP)

The destination will generate a pseudo destination (PD) randomly, not far from the destination. The PD location will be marked in the packet and sent to the server. The server then sends the data packets in the direction of the pseudo destination. Finally, the data packets are sent to a node that is the closest node to the pseudo destination. Then the node is set as a proxy. The proxy broadcasts the data packets to its neighbors by its maximum transmission range. Because the real destination is not far from the pseudo destination, the real destination can receive the data packets.

2.2. Geocasting Anonymous Approach (G-ZAP)

The distance between the destination and the pseudo destination will not be too far. The node chooses a circle area as the destination-anonymous zone (D-AZ). The server sends the data to the center of the D-AZ, and the first node to receive the data in the circle will be the proxy. The proxy will flood the data to each node in the D-AZ.

2.3. ZAP with Route Redundancy (RR-ZAP)

As in the PD-ZAP, in the RR-ZAP, the destination generates a pseudo destination (PD) randomly, not far from the destination. But the distance between the destination and the pseudo destination, in this case, is kept for several hops, and the location of the destination is closer than that of the pseudo destination. Because Wu et al.’s scheme uses a DSR-like protocol [29], the server’s data has to pass the real destination to the pseudo destination, and the real destination can thus obtain the data.

Wu et al.’s scheme can only achieve anonymity for a destination; the server cannot be anonymous. Additionally, the degree of anonymity in Wu et al.’s system depends on the node numbers in the anonymity zone (AZ). We can estimate the approximate location of the destination because the scheme uses the greedy geoforwarding protocol. Every forwarder can know the approximate location of the client. Lastly, Wu et al.’s scheme has only one single path; if the path is jammed, it will cause a transmission delay, which is not flexible.

Furthermore, there are some aspects of Boukerche’s scheme that could be improved, such as efficiency. Boukerche’s scheme expends a large amount of computing resources to the nodes for public key system processing, and this also costs memory and consumes power. In the next section, we will introduce a new wireless ad hoc scheme with both security and efficiency properties. This scheme is adaptive to the real wireless environment.

3. A High Secure and Efficient MANET Routing Scheme

In this section, a new wireless ad hoc scheme with both security and efficiency properties will be proposed. This scheme is adaptive to the real wireless environment. Our scheme not only satisfies the requirements of previous schemes, such as security, authentication, unforgeability, and nonrepudiation, but also includes source anonymity, destination anonymity, middle node anonymity, confidentiality, traceability, and flexibility for multipaths. It also offers improved efficiency in order to make the wireless environment more practical. There are four phases in the proposed secure routing scheme: (1) the transmitting request phase, (2) the request reply phase, (3) the data transmitting phase, and (4) the data transmitted phase. The details of this proposed secure routing scheme follow.

3.1. Transmitting Request Phase

(i) : , , . Firstly, the sender broadcasts the packets to others in the ad hoc networks to announce that he wants to transmit the data. The sender then generates a shared session key for the receiver , a shared pair public key for the receiver , a shared pair private key for the receiver , a random number chosen by the sender , the data transmitting serial number , and the identities of forwarding nodes on the sender’s routing table , , and .

Then, the sender signs the sender’s identity , the receiver’s identity , the transmit requesting time , the data size , and the sender’s random number by the sender’s private key and executes a XOR operation with the session key and the shared secret key . All the messages above would be encrypted by the receiver’s public key . Then the data is added by transmitting the serial number and the shared public key . All the messages are broadcasted throughout the wireless ad hoc networks. We would replace with Initial.

(ii) : , Initial, , . By broadcasting, a node at one hub distance from the sender uses the shared public key to encrypt the identity number of the , the time the receives the message , ’s random number , and the total forwarding time . The ciphertext above would add the original information: the data transmitting serial number and the shared public key . It then broadcasts the message continually to the node at two-hub distance from the sender . We would replace the ciphertext with .

(iii) : , Initial, , , . Then, the node would encrypt the identity number of the , the data received time of , the random number chosen by , and the total forwarding time . The messages above add the data transmitting serial number , the shared public key , and all the information about node1 . Then the message would be broadcasted continually to the node at three hubs away from the sender . We would replace the ciphertext with .

(iv) : , Initial, , , , . Finally, the receiver obtains the broadcasted message and decrypts the message Initial using the receiver’s secret key to obtain the transmitting request message from the sender . The receiver then verifies whether the message was sent from the sender using the sender’s public key and obtains the sender’s identity , the receiver’s identity , the transmit requesting time , the data size , and the sender’s random number .

3.2. Request Reply Phase

After the receiver obtains the sender’s random number , the receiver would execute a XOR operation , respectively, with the messages and to get the shared secret key and the session key . The receiver would decrypt the ciphertext including the information about the , by the shared secret key in order to obtain the identity of each node , the data transmitted time of each node , the random number chosen by each node , and the total forwarding time .

Receiver would establish the different path in routing table from the sender to the receiver . The receiver would decrypt in order to obtain the identity of each node and the total forwarding time to know the paths from the sender to the receiver . Because the total forwarding time for each path would be different, the receiver would choose the paths that have the different nodes for each path (without the same node in two paths).

Then the total forwarding time would be ordered from few to many and the sender could consider some issues in order to decide to receive the data. Considering the specific number of hub-count, wanting to finish the transmitting as soon as possible, wanting to save power, or wanting to avoid the malicious middle node, the receiver could choose a multipath. Considering reducing the traffic jam for a specific area/time slot in the ad hoc networks, the receiver could choose a multipath.

Figure 1 shows the environment of the ad hoc networks. For the secure reason, they are assumed to choose the multipath because there are two paths for the fewest number, the fewest number is 3, of the total forwarding time :: , : .

There is one path for the total forwarding time : : .

In order to avoid a malicious middle node to guess the hub-count range by the amounts of the value in the information path from the sender to the receiver , the pseudo values to would be added to confuse the malicious middle node. The pseudo value could be added arbitrarily. In , for avoiding the collusion of the middle nodes, the identity of each node would be replaced as follows: , , .

Therefore, as even the middle nodes collude, it is impossible to map out the same identity for the middle node in order to protect the receiver . In each path, the receiver would, respectively, choose a random number for his one-hub-count distance neighbor and a random number for his two-hub neighbor and then execute a XOR operation , for example, . Therefore, when the message from the receiver is sent back to the sender , because the middle nodes know their chosen random number , when the node executes a XOR operation with the message and his random number , the node can know what the identity is of the next node and forwards the message to the next node. For example, . Table 1 shows the routing table of receiver Routing_table computed by the receiver :(i): , , , , ,(ii): , , , , ,(iii): , , , , , .

The receiver would encrypt the sender’s identity , the receiver’s identity , the sender’s random number , the receiver’s random number , the data size , transmit requesting time time_S, data received time , and the routing table of receiver by the session key and would then execute a XOR operation with the sender’s random number . In , the middle nodes would execute a XOR operation with each node’s data transmitted time , the data transmitting serial number , and the . Therefore, only the node could know these messages by its random number and computes the next node in order to forward the message. shows that the receiver transmits the message to the and the could compute to obtain the message by its random number . After the confirms the data transmitted time and the data transmitting serial number , it could execute a XOR operation with the identity of by ’s random number : .

Then would forward the message to . The pseudo values could be increased or decreased dynamically. The forwarding method for and is similar to that for . We would replace the message , with Back:(i): Back, , , ,(ii): Back, , , ,(iii): Back, , , , .

After receives the message from , would do the same thing to confirm the data transmitted time and the data transmitting serial number and would then obtain the message identity of in by executing a XOR operation with its random number and sending the message to . The method for and is similar to that for :(i): Back, , , ,(ii): Back, , , ,(iii): Back, , , , .

After receives the message from , would do the same thing to confirm the data transmitted time and the data transmitting serial number and then obtains the message identity of in by executing a XOR operation with its random number and sending the message to the sender . The method for and is similar to that for :(i): Back, , , , .(ii): Back, , , , .(iii): Back, , , , .

After all the messages of , , and have been received by the sender , the sender would execute a XOR operation with the sender’s random number and Back and then decrypt the ciphertext in order to obtain the sender’s identity , the receiver’s identity , the sender’s random number , the receiver’s random number , the random number of the middle nodes , the data size , the transmit requesting time , the data received time , and the routing table of receiver : , .

(i) : To Obtain the Information for Each Node, Executes a XOR Operation with to . The sender would, respectively, execute the XOR operation with the random number , to , for and the message on the routing table of the receiver’s , for and the message , to node 10 and the message , in order to obtain the identity of each middle node. For example, .

3.3. Data Transmitting Phase

could establish the different routing paths for different requirements. The sender would execute the one-way hash function for the , , and . The same method that the receiver uses in the request reply phase in order to avoid the guessing from the malicious middle node to know the possible range of the receiver and the sender and the pseudo values to would be added to expand the guessing range. The pseudo value could be added dynamically. For avoiding the collusion of the middle nodes, the sender would execute the one-way hash function for the , , and .

Even though the middle nodes collude to guess for the sender , they could not find the same identity for the sender . In each path, the sender would, respectively, choose a random number for his one-hub-count distance neighbor and a random number for his two-hub neighbor and would then execute a XOR operation , for example, . Therefore, when the message from the sender transmits to the receiver , because all the middle nodes know their random number , the middle nodes execute a XOR operation with the message. Table 2 shows the routing table of sender computed by the sender . For example, :(i): , , , ,(ii): , , , ,(iii): , , , , .

When the sender starts to transmit the data by , it would encrypt , the transmit requesting time , the data transmitted time , the sender’s random number , the receiver’s random number , and the data transmitting serial number by the session key . The ciphertext above would execute a XOR operation with the receiver’s random number and then the ciphertext would execute a XOR operation with each node’s random number , respectively. Finally, all the messages would be transmitted to . and on would do the same thing to execute the similar operation and forward the message to the receiver . The nodes in and would do the same thing to execute the similar operation and forward the message to the receiver .

(i) : . If the receiver does not obtain all the data from the sender , the receiver would encrypt the sender’s identity , the receiver’s identity , the sender’s random number , the receiver’s random number , the data transmitting serial number , the data transmitted time , and the resend request by the session key to request that the sender resend the lacking data.

3.4. Transmitted Finish Phase

(i) : . Finally, after all of the data has been transmitted to the receiver , the receiver would encrypt the , the transmit requesting time , the data transmitted time , the sender’s random number , the receiver’s random number , and the acknowledgment information by the session key . Then, the ciphertext above would execute a XOR operation with the receiver’s random number , added the path information , and transmitted it to the sender to inform that the data transmitting is finished.

4. Security and Property Analysis

In this section, we analyze the property of security and the function for the proposed scheme.

4.1. Anonymity

4.1.1. Source Anonymity

In Boukerche’s path discovery phase, the source ID had been encrypted by its session key and the source’s session key had been encrypted by the destination’s public key; only the destination can be decrypted and obtains the source’s session key by its secret key and the destination can be decrypted and obtain the source ID by the source’s session key. In the scheme of PD-ZAP, G-ZAP, and RR-ZAP, because the packets do not add the destination ID information and the node mobility property in a mobile ad hoc environment, even the proxy has changed, the broadcasting or flooding area has changed, and the destination area still can be found and the data can be obtained.

In the transmitting request phase of our scheme, because the sender’s identity is encrypted by the receiver’s public key, only the receiver in can decrypt the message by using the receiver’s secret key. Therefore, the sender’s identity is anonymous. In the request reply phase, because the sender’s identity is encrypted by the session key , in , , and , and executed a XOR operation with the receiver’s random number , the sender’s identity is therefore anonymous.

4.1.2. Destination Anonymity

In the path discovery phase of Boukerche’s scheme, the destination ID would be encrypted by the destination public key and the destination can decrypt and obtain the destination ID by using its secret key.

In the scheme of PD-ZAP, the closest node to the destination will be chosen as a proxy and it will broadcast the data to its neighbors. Because the destination is not far from the pseudo destination, the destination still can receive the data. But the malicious node can realize that the destination is near the proxy if it detects that a proxy broadcasts data.

For the G-ZAP scheme, the first node that receives the data will be the proxy in the destination-anonymous zone. The proxy will flood the data to every node in the anonymous zone. Because the destination is not far from the pseudo destination, the malicious node will in the distance of Proxy’s maximum transmitting range.

For the RR-ZAP scheme, the destination will generate a pseudo destination (PD) randomly and place itself in the middle between the source and the pseudo destination. The destination will keep several hops of distance from the pseudo destination. Wu et al.’s scheme uses the GPRS-likescheme as its routing protocol; therefore, when the source sends the data to the pseudo destination, the data must pass the real destination. So the malicious node can still know that the destination is in the path from the source to the pseudo destination.

In the transmitting request phase of our scheme, because the receiver’s identity is encrypted by the receiver’s public key , only the receiver in can decrypt the message by using the receiver’s secret key. Therefore, the receiver’s identity is anonymous. In the request reply phase, because the receiver’s identity is encrypted by the session key , in , , and , and has been executed by a XOR operation with the receiver’s random number , the receiver’s identity is therefore anonymous.

4.1.3. Middle Node Anonymity

In the path discovery phase of Boukerche’s scheme, whatever node obtained the temporal secret key can decrypt the data forwarded from the other node. And the node will know that the data is coming from the destination and which nodes are the forwarding nodes.

In the PD-ZAP scheme, the middle node will choose a next forwarding node by exchanging the location information. And each node has the neighbors list so a node can obtain some information about other middle nodes.

The G-ZAP and RR-ZAP scheme are just like PD-ZAP and the middle node will obtain a neighbors list by exchanging the location information. So it can obtain some information of other middle nodes.

In and , the middle nodes to use the common secret key to encrypt the data and only the source and the receiver in have the common secret key , so the middle nodes to are anonymous. For the identity of any middle node, besides the source and receiver, only the middle node has its own random number , so the middle node can decrypt the —for example, .

4.2. Security

In Boukerche’s scheme, PD-ZAP, G-ZAP, and RR-ZAP schemes all use both the symmetrical encryption system and asymmetrical encryption system. So they all are satisfied with the security property.

In , , , and , the messages transmitted to each node are based on the public cryptosystem; in the equations , , , , , , , , , , , , and , the messages transmitted to each node are based on the session key cryptosystem and random number . Therefore, the property of the security of the messages could be satisfied.

4.3. Confidentiality

In the path discovery phase of Boukerche’s scheme, the message is encrypted by the symmetric cryptosystem and asymmetric cryptosystem. In the path reverse phase and data transfer phase of Boukerche’s scheme, the message is encrypted by the symmetric cryptosystem.

In the PD-ZAP, G-ZAP, and RR-ZAP schemes, the destination will generate a symmetric key first and encrypt the request message and the symmetric key with the server’s public key. Then, the destination will send the encrypted message to the server. After the server obtains the symmetric key, all the messages will be encrypted with the symmetric key.

In our scheme, the equations , , , and are encrypted/decrypted by the symmetric cryptosystem, to ensure data confidentiality. The , , , , , , , , , , , and are encrypted/decrypted by the session key cryptosystem, to ensure data confidentiality, and only node and receiver know the node’s random number , so only the previous node will know the identity for its next node on the forwarding path. Other nodes on the path cannot know the identity . In , the other nodes only know that there are some messages that need to be forwarded. By the receiver’s routing table , there are some extra pseudo values , so the middle nodes do not know exactly how many middle nodes exist on the forwarding path, not to mention the identity of the sender and receiver.

4.4. Authentication

In the path discovery phase, the sender will encrypt the symmetric key with the receiver’s public key and sends it to the receiver. After the receiver obtains the symmetric key, it can obtain and verify the identity of the sender. The message is signed by the sender’s secret key, so the receiver can verify the message.

In the schemes of PD-ZAP, G-ZAP, and RR-ZAP, there is the HMAC from destination, and the server can verify all the data by the HMAC. Only the destination and server have the symmetric key, so if some packets can be decrypted by the symmetric key, each of them can confirm that the packets do come from the other.

In , the message would be signed by the sender’s private key ; in the request reply phase, the receiver could authenticate whether these messages are from the sender by the sender’s public key . The sender could not deny the messages. Therefore, the property of nonrepudiation could be satisfied. In the request reply phase, because the receiver has the receiver’s routing table , there are the random numbers for each node in the message Back. Each node could not deny the messages for the sender and the receiver , and only the sender and the receiver have the session key , the sender’s identity , the receiver’s identity , the sender’s identity , the receiver’s identity , the transmit requesting time , and the data received time . Therefore, both the sender and the receiver could not deny the messages.

4.5. Traceability

In the path discovery phase of Boukerche’s scheme, each middle node will transmit its own identity to receiver, so the receiver will know who the exact forwarding nodes between source and receiver are. In the path reverse phase and data transfer phase, the replied messages from the receiver do not include the identity of the middle nodes, but rather the session keys of the middle nodes, so the resource cannot know who the middle nodes are.

In the schemes of PD-ZAP, G-ZAP, and RR-ZAP, although the middle node has exchanged information with its neighbors and has a neighbors list, it does not transmit its own identity information when forwarding the data, so the server and destination cannot know who the middle nodes are.

In , the sender’s identity , the receiver’s identity , the data request time , the data size , and the sender random number will be signed by the sender’s secret key and encrypted by the receiver’s public key , so the receiver in the request reply phase can verify if the forwarding data in multipath from , , and is correct or not.

4.6. Nonrepudiation

In Boukerche’s phase of Boukerche’s scheme, because the source has signed with the sender’s secret key, the source cannot deny it does not send the data. The middle node also signs the data it has received before and forwards the data, so the middle node cannot deny that it does not receive the data. In the path reverse phase, because the source can obtain the encrypted session key and it sends the source session key to the receiver in the path discovery phase, the receiver cannot deny that it does not transmit the data, similarly to the middle nodes.

In the schemes of PD-ZAP, G-ZAP, and RR-ZAP, the destination has encrypted and sent the data to the server, but there is no identity of destination, destination signature, or identity-verified information, so the destination can deny that it does not receive the forwarding message. The middle node is only in charge of forwarding the data encrypted by the symmetric key, so the middle node can deny that it does not receive the forwarding data. The server encrypted by with the symmetric key and sent the data to the destination, so the server cannot deny that it does not receive the destination’s request message and has forwarded the data to the destination.

In , the message has been signed with the source’s secret key. In the request reply phase, the receiver can verify if the data came from the sender with the sender’s public key , and the sender cannot deny that it does not transmit the data. In the request reply phase, because the receiver has the receiver routing table and the back has a lot of middle nodes’ random numbers to , each middle node cannot deny that it does not forward the data for the source and receiver. Because of the session key , sender’s identity , receiver’s identity , and the sender’s random number which only the sender and receiver can own, the sender and receiver cannot deny that they have not sent the messages.

4.7. Unforgeability

In the path discovery phase of Boukerche’s scheme, because the message has been signed by the sender’s secret key and the message has been encrypted by the receiver’s public key, the malicious node, the middle nodes, and the receiver cannot forge the message. The malicious node and the middle node obtain the temporal public key, encrypt the message with it, and attach the hash-verified data to the message, so the malicious node and other middle nodes cannot forge the message, for example, the identity ID and the key . Because the middle node has attached the hash-verified data to the message in the path reverse phase, the malicious node and other middle nodes cannot forge the message, for example, the identity ID and the key .

In the schemes of PD-ZAP, G-ZAP, and RR-ZAP, the destination does not attach any identity information, for example, the signature or identity.

The server sends the data to the destination encrypted with the symmetric key, so the server cannot deny that it does not receive the destination’s request message and has sent to the destination.

In , the messages , and the sender’s random numbers have been signed by the sender’s secret key , so the request reply phase cannot be forged; the nodes will generate a random number depending on different source and destination, so each node’s transmitting message cannot be forged. In the equations , , , and , only the sender and receiver have the session key , so, in the request reply phase, the encrypted value Back cannot be forged. If someone wants to replace or forge the value Back, the sender can send the sender’s random number and the session key to know that the value Back has been replaced or forged.

4.8. Uncounterfeit

In the path discovery phase of Boukerche’s scheme, because the sender’s messages have been signed with its secret key and encrypted with the receiver’s public key, the malicious node cannot counterfeit the sender. The middle node has signed the hash value with its secret key before it forwards the packets, so the malicious node cannot counterfeit the middle node. In the path discovery phase, because the receiver’s and middle node’s messages have a hash value and the middle node has signed the hash value before forwarding the message, the malicious node cannot counterfeit the middle nodes or the receiver.

In the schemes of PD-ZAP, G-ZAP, and RR-ZAP, the destination has encrypted the message with the server’s public key and sent the message to the server, but there is no information about the destination-verifying message, signature, or identity. The malicious node can counterfeit the destination and request the server to broadcast messages into any area the malicious node wants.

4.9. Flexibility for Multipaths

In Boukerche’s scheme, there is only one forwarding path, and it does not consider electricity consumption or the traffic-load balance by multipath. The schemes of PD-ZAP, G-ZAP, and RR-ZAP do not consider electricity consumption or the traffic-load balance by multipath but just forward the message with the GPRS [33]. In our scheme, after the receiver decrypts the value , the receiver could know the identity number of the node between the sender and the receiver and the total forwarding time from different paths. Because the different path has the different total forwarding time , the receiver would choose the path with unique identity number of node and sort the order for each path by the total forwarding time . Then, the sender would decide to forward the data with single path or multipath with the consideration of the sender . For example, if the sender wants to finish the transition faster, saving each node’s power, or to avoid a malicious node between the sender and the receiver , it would choose the multipath; if the sender wants to reduce the traffic flow for the area/duration, the sender would choose lesser paths or even single path. The comparison of secure functions is in Table 3.

5. Efficiency Analysis

Table 4 is the efficiency comparison table for each scheme. Boukerche’s scheme and Wu et al.’s scheme do not consider the confirming process after the data transmission is finished. But, in our scheme, we have considered that. In Table 4, the efficiency in our scheme is better than that of Boukerche’s. Although it is worse than Wu et al.’s scheme, but the efficiency and security could be tradeoff, and we think that security is more important. In the near future, with the improvement of CPU operation speed and the memory space, the operation speed for asymmetric encryption system could be decreased soon.

6. Conclusions

The proposed scheme is real and practical for the ad hoc environment. Its routing rule and transmission scheme are not only satisfied with the security properties of previous schemes, but also satisfied with the efficiency property. The proposed scheme is satisfied with the security properties of source anonymity, destination anonymity, middle node anonymity, security, confidentiality, authentication, traceability, nonrepudiation, unforgeability, uncounterfeit, and flexibility for multipaths.

Conflict of Interests

The authors declare that there is no conflict of interests regarding the publication of this paper.

References

C. E. Perkins, “Ad hoc networking: an introduction,” in Ad hoc Networking, pp. 1–28, 2001.
View at: Google Scholar
Y. Chung, S. Choi, and D. Won, “Lightweight anonymous authentication scheme with unlinkability in global mobility networks,” Journal of Convergence, vol. 4, pp. 23–29, 2013.
View at: Google Scholar
S.-W. Park and I.-Y. Lee, “Anonymous authentication scheme based on NTRU for the protection of payment information in NFC Mobile environment,” Journal of Information Processing Systems, vol. 9, no. 3, pp. 461–476, 2013.
View at: Publisher Site | Google Scholar
J.-S. Oh, C.-U. Park, and S.-B. Lee, “NFC-based mobile payment service adoption and diffusion,” Journal of Convergence, vol. 5, pp. 8–14, 2014.
View at: Google Scholar
A. Sinha and D. K. Lobiyal, “Performance evaluation of data aggregation for cluster-based wireless sensor network,” Human-Centric Computing and Information Sciences, vol. 3, pp. 1–17, 2013.
View at: Google Scholar
Z. C. Taysi and A. G. Yavuz, “ETSI compliant GeoNetworking protocol layer implementation for IVC simulations,” Human-centric Computing and Information Sciences, vol. 3, pp. 1–12, 2013.
View at: Publisher Site | Google Scholar
M. Gohar and S.-J. Koh, “A network-based handover scheme in HIP-based mobile networks,” Journal of Information Processing Systems, vol. 9, no. 4, pp. 651–659, 2013.
View at: Publisher Site | Google Scholar
B. Sharma and A. K. Singh, “A token based protocol for mutual exclusion in mobile ad hoc networks,” Journal of Information Processing Systems, vol. 10, pp. 36–54, 2014.
View at: Google Scholar
R. Singh, P. Singh, and M. Duhan, “An effective implementation of security based algorithmic approach in mobile adhoc networks,” Human-Centric Computing and Information Sciences, vol. 4, article 7, 2011.
View at: Publisher Site | Google Scholar
A. Avižienis, J. C. Laprie, B. Randell, and C. Landwehr, “Basic concepts and taxonomy of dependable and secure computing,” IEEE Transactions on Dependable and Secure Computing, vol. 1, no. 1, pp. 11–33, 2004.
View at: Publisher Site | Google Scholar
M. N. Lima, A. L. D. Santos, and G. Pujolle, “A survey of survivability in mobile Ad hoc Networks,” IEEE Communications Surveys & Tutorials, vol. 11, no. 1, pp. 66–77, 2009.
View at: Publisher Site | Google Scholar
L. Buttyán and I. Vajda, “Towards provable security for Ad hoc routing protocols,” in Proceedings of the 2nd ACM Workshop on Security of Ad Hoc and Sensor Networks (SASN '04), pp. 94–105, 2004.
View at: Google Scholar
B. Kannhavong, H. Nakayama, Y. Nemoto, N. Kato, and A. Jamalipour, “SA-OLSR: security aware optimized link state routing for mobile ad hoc networks,” in Proceedings of the IEEE International Conference on Communications (ICC '08), pp. 1464–1468, May 2008.
View at: Publisher Site | Google Scholar
J. Kim and G. Tsudik, “SRDP: secure route discovery for dynamic source routing in MANETs,” Ad Hoc Networks, vol. 7, no. 6, pp. 1097–1109, 2009.
View at: Publisher Site | Google Scholar
M. Yoon, Y.-K. Kim, and J.-W. Chang, “An energy-efficient routing protocol using message success rate in wireless sensor networks,” Journal of Convergence, vol. 4, pp. 15–22, 2013.
View at: Google Scholar
M. Burrows, M. Abadi, and R. M. Needham, “A logic of authentication,” Proceedings of the Royal Society of London Series A: Mathematical and Physical Sciences, vol. 426, pp. 233–271, 1989.
View at: Google Scholar
C. E. Perkins and E. M. Royer, “Ad-hoc on-demand distance vector routing,” in Proceedings of the 2nd IEEE Workshop on Mobile Computing Systems and Applications (WMCSA '99), pp. 90–100, New Orleans, La, USA, Febuary 1999.
View at: Publisher Site | Google Scholar
D. B. Johnson and D. A. Maltz, “Dynamic source routing in ad hoc wireless networks,” in Mobile Computing, vol. 353 of The Kluwer International Series in Engineering and Computer Science, pp. 153–181, Springer, New York, NY, USA, 1996.
View at: Publisher Site | Google Scholar
F. Adelstein, S. K. S. Gupta, G. Richard, and L. Schwiebert, Fundamentals of Mobile and Pervasive Computing, McGraw-Hill, 2005.
D. Djenouri, L. Khelladi, and N. Badache, “A survey of security issues in mobile ad hoc and sensor networks,” IEEE Communications Surveys and Tutorials, vol. 7, no. 4, pp. 2–28, 2005.
View at: Publisher Site | Google Scholar
P. Papadimitratos and Z. Haas, “Handbook of ad hoc wireless networks,” in Securing Mobile Ad Hoc Networks, CRC Press, 2002.
View at: Google Scholar
M. G. Reed, P. F. Syverson, and D. M. Goldschlag, “Anonymous connections and onion routing,” IEEE Journal on Selected Areas in Communications, vol. 16, no. 4, pp. 482–493, 1998.
View at: Publisher Site | Google Scholar
L. Zhou and Z. J. Haas, “Securing ad hoc networks,” IEEE Network, vol. 13, no. 6, pp. 24–30, 1999.
View at: Publisher Site | Google Scholar
H. Yang, H. Luo, F. Ye, S. Lu, and L. Zhang, “Security in mobile ad hoc networks: challenges and solutions,” IEEE Wireless Communications, vol. 11, no. 1, pp. 38–47, 2004.
View at: Publisher Site | Google Scholar
P. G. Argyroudis and D. O'Mahony, “Secure routing for mobile ad hoc networks,” IEEE Communications Surveys and Tutorials, vol. 7, no. 3, pp. 2–21, 2005.
View at: Publisher Site | Google Scholar
R. B. Bobba, L. Eschenauer, V. Gligor, and W. Arbaugh, “Bootstrapping security associations for routing in mobile ad-hoc networks,” in Proceedings of the IEEE Global Telecommunications Conference, pp. 1511–1515, December 2003.
View at: Google Scholar
Y.-C. Hu, A. Perrig, and D. B. Johnson, “Ariadne: a secure on-demand routing protocol for ad hoc networks,” Wireless Networks, vol. 11, no. 1-2, pp. 21–38, 2005.
View at: Publisher Site | Google Scholar
B. Awerbuch, R. Curtmola, D. Holmer, C. Nita-Rotaru, and H. Rubens, “ODSBR: an on-demand secure Byzantine resilient routing protocol for wireless ad hoc networks,” ACM Transactions on Information and System Security, vol. 10, no. 4, article 6, 2008.
View at: Publisher Site | Google Scholar
M. G. Zapata, “Secure ad hoc on-demand distance vector routing,” ACM SIGMOBILE Mobile Computing and Communications Review, vol. 6, no. 3, pp. 106–107, 2002.
View at: Publisher Site | Google Scholar
A. Shamir, “How to share a secret,” Communications of the ACM, vol. 22, no. 11, pp. 612–613, 1979.
View at: Publisher Site | Google Scholar | MathSciNet
A. Boukerche, K. El-Khatib, L. Xu, and L. Korba, “An efficient secure distributed anonymous routing protocol for mobile and wireless ad hoc networks,” Computer Communications, vol. 28, no. 10, pp. 1193–1203, 2005.
View at: Publisher Site | Google Scholar
X. Wu, J. Liu, X. Hong, and E. Bertino, “Anonymous geo-forwarding in MANETs through location cloaking,” IEEE Transactions on Parallel and Distributed Systems, vol. 19, no. 10, pp. 1297–1309, 2008.
View at: Publisher Site | Google Scholar
B. Karp and H. T. Kung, “GPSR: greedy perimeter stateless routing for wireless networks,” in Proceedings of the 6th Annual International Conference on Mobile Computing and Networking (MOBICOM '00), pp. 243–254, ACM, August 2000.
View at: Google Scholar

Copyright

Copyright © 2015 Wei-Chen Wu and Horng-Twu Liaw. This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.

PDF Download Citation

Download other formats

Order printed copies

Views

1371

Downloads

1447

Citations