One approach to authenticate ls packets is using

Info icon This preview shows pages 71–73. Sign up to view the full content.

View Full Document Right Arrow Icon
One approach to authenticate LS packets is using TESLA. LS packets are authenticated using a TESLA HMAC employing a secret from the hash chain, which will be released in a few seconds or milliseconds (follows the LS packet with a small delay). The TESLA commitments could themselves be authenticated using OTS. Alternately, if the delay in verification is unacceptable, the source and sequence number of LS packets could be authenticated using IS hash chain. The integrity of other contents of the LS packet (like the list of neighbors and age of the packet) could be preserved by using one-hop and two-hop authentication. Copyright © 2010. World Scientific Publishing Company. All rights reserved. May not be reproduced in any form without permission from the publisher, except fair uses permitted under U.S. or applicable copyright law. EBSCO Publishing : eBook Collection (EBSCOhost) - printed on 2/16/2016 3:46 AM via CGC-GROUP OF COLLEGES (GHARUAN) AN: 340572 ; Beyah, Raheem, Corbett, Cherita, McNair, Janise.; Security in Ad Hoc and Sensor Networks Account: ns224671
Image of page 71

Info icon This preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
Key Distribution 59 It is important to see why the OTS-TESLA combination cannot be used for authenticating rows of the DV table. TESLA is acceptable for authenticating LS packets as a packet sent by a node S will be immediately flooded over the entire subnet and will thus reach all nodes before the TESLA time-interval. Now consider a scenario with DV, ( D · · · Q S R ) - where Q and S are neighbors, and R is a neighbor of S and a two- hop neighbor of Q . A row corresponding to a destination D , authenticated by Q , and sent to S may be sent by S onwards to R after a considerable delay (up to one update period), thus rendering TESLA unsuitable for this purpose. 5.3. Protocol Independent Authentication Apart from protocol specific strategies seen thus far, cryptographic au- thentication is also required for some purposes that do not depend on the specific routing protocol used. Recall that secrets assigned to nodes confer eligibility to take part in the network. More specifically, the secrets provide to nodes confer the eligibility for some finite duration. However, there will always be scenarios where after some node is conferred the privilege till time T , the network operator may desire to revoke the privilege (before time T ). Revocation is achieved by broadcasting revocation lists authenticated by the KDC or the certificate authority. Once the latest revocation list has been provided to all nodes, packets from revoked nodes will simply be disregarded by other nodes. Obviously it is impractical for the KDC to individually authenticate the revocation list to every node. Thus, one- to-many schemes are essential for this purpose. However as revocation messages will be created infrequently, one-time signatures are ideally suited for this purpose.
Image of page 72
Image of page 73
This is the end of the preview. Sign up to access the rest of the document.

{[ snackBarMessage ]}

What students are saying

  • Left Quote Icon

    As a current student on this bumpy collegiate pathway, I stumbled upon Course Hero, where I can find study resources for nearly all my courses, get online help from tutors 24/7, and even share my old projects, papers, and lecture notes with other students.

    Student Picture

    Kiran Temple University Fox School of Business ‘17, Course Hero Intern

  • Left Quote Icon

    I cannot even describe how much Course Hero helped me this summer. It’s truly become something I can always rely on and help me. In the end, I was not only able to survive summer classes, but I was able to thrive thanks to Course Hero.

    Student Picture

    Dana University of Pennsylvania ‘17, Course Hero Intern

  • Left Quote Icon

    The ability to access any university’s resources through Course Hero proved invaluable in my case. I was behind on Tulane coursework and actually used UCLA’s materials to help me move forward and get everything together on time.

    Student Picture

    Jill Tulane University ‘16, Course Hero Intern