Number of neighbors are typically small

Info icon This preview shows pages 69–71. Sign up to view the full content.

View Full Document Right Arrow Icon
number of neighbors are typically small, authenticating the routing table to all neighbors can be easily accomplished by appending individual HMACs for each neighbor. In other words, one-to-many SAs are not necessary for this purpose. To reduce the freedom of attackers to send misleading information, it is desirable to carry over authentication. For each row of the table, one HMAC may be appended using the two-hop group secret. More specifi- cally, when S receives a routing table update from Q , it includes a row corresponding to a node D (four hops away from Q and five hops from D ), and a HMAC appended by Q for verification by other neighbors of S (or two-hop neighbors of Q ). Similarly when D sends a table that includes Copyright © 2010. World Scientific Publishing Company. All rights reserved. May not be reproduced in any form without permission from the publisher, except fair uses permitted under U.S. or applicable copyright law. EBSCO Publishing : eBook Collection (EBSCOhost) - printed on 2/16/2016 3:46 AM via CGC-GROUP OF COLLEGES (GHARUAN) AN: 340572 ; Beyah, Raheem, Corbett, Cherita, McNair, Janise.; Security in Ad Hoc and Sensor Networks Account: ns224671
Image of page 69

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
Key Distribution 57 the row D it encloses the HMAC appended by Q , which will be verified by neighbors of S , and a HMAC appended by S , which will be verified by two-hop neighbors of S . It is important to note that carrying over authentication, while neces- sary to ensure that nodes cannot misrepresent routing information without colluding with other nodes, goes against the very spirit of DV protocols. DV is in general more efficient than LS approaches as nodes do not need to know the entire topology of the network. For the basic DV protocol, nodes need to know only the next hop to reach any destination. When au- thentication is carried over to two hops, every node will learn the identities of the next two nodes in the path to every destination. Obviously, while carrying over authentication to more hops may be more desirable from a security standpoint, such an approach may reduce the very appeal of DV based approaches. Perhaps, carrying over authentication to two-hops (and not-three) is a reasonable trade-off. 5.2.3. On-Demand Protocols In on-demand protocols, where a source S sends a RREQ to find a path (in DSR) or route (in AODV) to a destination D , one important requirement is to address RREQ flooding attacks . 9 From the point of view of attackers, the ability to send an unlimited number of supercilious RREQ packets is an efficient way of perpetrating denial of service (DoS) attacks, as a single packet sent by the attacker will require every node to flood the packet. Obviously, authentication of RREQ is an important requirement. More specifically, a minimum requirement is for every node to establish the source of the RREQ packet. If authentication of RREQ packets is not mandated, an attacker (say C ) can send RREQs impersonating different sources (say X , Y , Z ) at will. However, if source authentication is mandated, the at- tacker C cannot impersonate other nodes. If too many RREQs are sent from node C
Image of page 70
Image of page 71
This is the end of the preview. Sign up to access the rest of the document.

{[ snackBarMessage ]}

What students are saying

  • Left Quote Icon

    As a current student on this bumpy collegiate pathway, I stumbled upon Course Hero, where I can find study resources for nearly all my courses, get online help from tutors 24/7, and even share my old projects, papers, and lecture notes with other students.

    Student Picture

    Kiran Temple University Fox School of Business ‘17, Course Hero Intern

  • Left Quote Icon

    I cannot even describe how much Course Hero helped me this summer. It’s truly become something I can always rely on and help me. In the end, I was not only able to survive summer classes, but I was able to thrive thanks to Course Hero.

    Student Picture

    Dana University of Pennsylvania ‘17, Course Hero Intern

  • Left Quote Icon

    The ability to access any university’s resources through Course Hero proved invaluable in my case. I was behind on Tulane coursework and actually used UCLA’s materials to help me move forward and get everything together on time.

    Student Picture

    Jill Tulane University ‘16, Course Hero Intern