Other nodes can simply stop honoring such rreqs by ig

Info icon This preview shows pages 70–72. Sign up to view the full content.

View Full Document Right Arrow Icon
, other nodes can simply stop honoring such RREQs (by ig- noring them) and thus avert DoS attacks. Ideally, if overhead is not an issue, RREQ packets should be authen- ticated using digital signatures or OTS so that all nodes in the subnet can verify the source and other fields of the RREQ packet specified by the source (like sequence number, destination, hop-limit). Note that TESLA is not suited for this purpose as TESLA authentication cannot be verified in- stantaneously. Fortunately, PU schemes are better suited for this purpose. Along with every RREQ, one value is released from the PU chain. Note Copyright © 2010. World Scientific Publishing Company. All rights reserved. May not be reproduced in any form without permission from the publisher, except fair uses permitted under U.S. or applicable copyright law. EBSCO Publishing : eBook Collection (EBSCOhost) - printed on 2/16/2016 3:46 AM via CGC-GROUP OF COLLEGES (GHARUAN) AN: 340572 ; Beyah, Raheem, Corbett, Cherita, McNair, Janise.; Security in Ad Hoc and Sensor Networks Account: ns224671
Image of page 70

Info icon This preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
58 M. Ramkumar that while attackers can still modify other fields of such subsequent RREQ packets (like destination, hop count) and render the RREQ useless, they cannot modify the source or increment the sequence number, thus prevent- ing RREQ floods. As mentioned earlier, OTSs can be used (infrequently) to authenticate commitments for PU chains. Obviously, such a strategy for restricting RREQ floods have to used with other strategies to ensure that malicious nodes cannot make illegal modifications to the RREQ. For DSR, where intermediate nodes are ex- pected to insert their ID / address, measures should be used to ensure that attackers cannot insert non-existent nodes in the path or remove nodes from the path. 24 For AODV, where every node is expected to increment the hop-count by one, measures are required to ensure that attackers can- not decrease the hop-count field, or send it unmodified, or increase it by more than one. However, such strategies do not require 25 the use of one- to-many schemes. 26 In DSR, as the destination will know the identities of every node in the path, and as every node in the path knows the ID of the destination (indicated in the RREQ), every intermediate node can also append an authentication (based on the pairwise secret shared with the destination) verifiable by the destination. 16 5.2.4. Link-State Protocols In link-state based proactive protocols the link-state packets (periodically) flooded by a node S should be authenticated such that every node in the subnet will be able to verify the source S , and integrity of the link-state packet. Thus one-to-many SAs are indeed mandatory for this purpose. Redundancy is automatically built into link-state protocols. Note that in a scenario where A sends a link-state packet indicating that B , C and D are its neighbors, the receiver will also receive link-state packets from B , C and D , each of them indicating that A is one of their neighbors.
Image of page 71
Image of page 72
This is the end of the preview. Sign up to access the rest of the document.

{[ snackBarMessage ]}

What students are saying

  • Left Quote Icon

    As a current student on this bumpy collegiate pathway, I stumbled upon Course Hero, where I can find study resources for nearly all my courses, get online help from tutors 24/7, and even share my old projects, papers, and lecture notes with other students.

    Student Picture

    Kiran Temple University Fox School of Business ‘17, Course Hero Intern

  • Left Quote Icon

    I cannot even describe how much Course Hero helped me this summer. It’s truly become something I can always rely on and help me. In the end, I was not only able to survive summer classes, but I was able to thrive thanks to Course Hero.

    Student Picture

    Dana University of Pennsylvania ‘17, Course Hero Intern

  • Left Quote Icon

    The ability to access any university’s resources through Course Hero proved invaluable in my case. I was behind on Tulane coursework and actually used UCLA’s materials to help me move forward and get everything together on time.

    Student Picture

    Jill Tulane University ‘16, Course Hero Intern