ISSN: 2229-371X

All submissions of the EM system will be redirected to Online Manuscript Submission System. Authors are requested to submit articles directly to Online Manuscript Submission System of respective journal.

KEY MANAGEMENT WITH PAIRING IN MANETS

Ritu Nagpal*1 and Anil Kumar2
  1. Asst.Professor1 Department of Comp. Sc. & Engg Guru Jambheshwar University of Sc. & Tech.,Hisar
  2. 2M.Tech Department of Comp. Sc. Engg., Guru Jambheshwar University of Sc. & Tech.,Hisar
Corresponding Author: Ritu Nagpal, E-mail: ritu_nagpal22@yahoo.co.in
Related article at Pubmed, Scholar Google

Visit for more related articles at Journal of Global Research in Computer Sciences

Abstract

This paper presents the idea of authenticated key management with pairing in Mobile Ad hoc networks MANETs. A mobile ad hoc network is an autonomous collection of mobile devices (laptops, smart phones, sensors, etc.) that communicate with each other over wireless links and cooperate in a distributed manner in order to provide the necessary network functionality in the absence of a fixed infrastructure. Key agreement protocols are essential for secure communications in open and distributed environment. The study of tripartite key agreement has great theoretical and practical significance. Based on bilinear pairing and MA (message authentication) schemes, an improved secure tripartite authenticated key agreement protocol is proposed. In this paper we study proposed protocol and enhance the key strength according to simulation performed in MATLAB.

Keywords

Pairing, Key Agreement, Manets, Message Authentication

INTRODUCTION

A MANET is a most promising and rapidly growing technology which is based on a self-organized and rapidly deployed network [1]. Mobile Ad Hoc Networks (MANETS) are wireless mobile nodes that cooperatively form a network without infrastructure. In other words, ad hoc networking allows devices to create a network on demand without prior coordination or configuration. Thus, nodes within a MANET are involved in routing and forwarding information between neighbors, because there is no coordination or configuration prior to setup of a MANET. MANETs are self-configuring networks of mobile nodes without the presence of static infrastructure. They can also be heterogeneous, which means that all nodes don’t have the same capacity in term of resources (power consumptions, storage, computation, etc.). Due to its great features, MANET attracts different real world application areas where the networks topology changes very quickly.
A good example is given by military battlefield networks. In that case, mobile devices have different communications capability such as radio range, battery life, data transmission rate, etc.
MANETs have many potential applications in both military and civilian domains. Their self organized and adaptive form of node communications is particularly attractive in certain scenarios where communication infrastructures are either too expensive to build or too vulnerable to maintain. However, due to Manets’ characteristics, they are susceptible to many types of attacks [5]. Wireless communication, for example, is open to interference and interception, and malicious nodes might create, alter, or replay routing information to interrupt network operation. These nodes may also launch a Sybil attack, in which a single node presents multiple identities to others, or an identity replication attack, in which clones of a compromised node are put into multiple network places.
Moreover, malicious nodes may inject bogus data into the network to consume its scarce resources, and selfish nodes can drop data packets of other nodes.
Characteristics and complexities of mobile ad hoc networks [3]:
a. Autonomous and infrastructure less
b. Multi-hop routing
c. Dynamic network topology
d. Device heterogeneity
e. Energy constrained operation
f. Bandwidth constrained variable capacity links
g. Limited physical security
h. Network scalability i. Self-creation, self-organization and self administration
Key management can be defined as a set of techniques and procedures to support the establishment and maintenance of keying relationships between authorized parties [4][5]. A keying relationship is the process by which network nodes share keying material to be used by cryptographic mechanisms. The keying material can include public/private key pairs, secret keys, initialization parameters, and non secret parameters supporting key management in various instances. Key management should also define methods to revoke keys from compromised nodes and update keys from non-compromised ones.
Key management for MANETs must deal with dynamic topology that is self-organized and decentralized [1] [2]. It must also satisfy some requirements, such as:
a) Not having a single point of failure
b) Being compromise-tolerant; that is, the compromise of a certain number of nodes does not affect the security between non-compromised nodes c) Being able to efficiently and securely revoke keys of compromised nodes and update keys of non-compromised ones
`d) Being efficient in terms of storage, computation, and communication
In ID-based schemes the node or user identity, such as an email or IP address, is used to derive its public key, while the private key is generally provided by an external entity. ID-based key management has been gaining interest recently, and has been used by routing protocols, cooperation mechanisms, cryptographic systems, and others. The main advantages of IBC are the simple key management process and the reduced memory storage cost, compared with traditional public key methods. Nodes must maintain only the PKG parameters and not the public key of all other nodes.
The major problem with ID-based schemes is that the private key of all users must be known by the PKG. In conventional networks this is not an issue, but in MANETs in which the PKG must be distributed or emulated by an arbitrary entity, this might be a major issue. Identity-based schemes are normally specified by four randomized algorithms [5]:
i. Setup: takes security parameters as input and returns a master public/private key pair for the system. The master private key is only known by the PKG.
ii. Extract: takes the master private key and an identity of a node as input, and returns the personal private key of the node.
iii. Encrypt: takes the master public key, the public key of the destination node (derived from its identity), and the message as input, and returns the corresponding cipher text.
iv. Decrypt: takes the master public key, the private key of the node, and a cipher text as input and returns the decrypted message.

PRELIMINARIES

Pairing: Let G1 be a cyclic additive group of prime order q, and G2 be a cyclic multiplicative group of the same order q, and e: G1×G1 −→ G2 be a pairing which satisfies the following properties [22], [23]:
a. Bilinear:
e(P1 + P2,Q) = e(P1,Q)e(P2,Q),
e(P,Q1 + Q2) = e(P,Q1)e(P,Q2),
e(aP, bQ) = e(P,Q)ab,
where for all P,P1, P2,Q,Q1,Q2 ∈ G1 and a, b ∈ Z*q
b. Non-degenerate: If P is generator of G1, then e(P,P) ≠ 1 c. Computable: There is an efficient algorithm to compute e(P,Q) for all P,Q ∈ G1.
The security of bilinear parings is based on difficulty of the computational Diffie-Hellman problem and bilinear Diffie- Hellman problem which are defined in the following subsection [22], [23].
Abelian Groups: An abelian group is a set, A, together with an operation "•" that combines any two elements a and b to form another element denoted a • b. The symbol "•" is a general placeholder for a concretely given operation. To qualify as an abelian group, the set and operation, (A, •), must satisfy five requirements known as the abelian group axioms:
a. Closure
For all a, b in A, the result of the operation a • b is also in A. b. Associativity For all a, b and c in A, the equation (a • b) • c = a • (b • c) holds. c. Identity element There exists an element e in A, such that for all elements a in A, the equation e • a = a • e = a holds. d. Inverse element For each a in A, there exists an element b in A such that a • b = b • a = e, where e is the identity element. e. Commutativity For all a, b in A, a • b = b • a.
More compactly, an abelian group is a commutative group. A group in which the group operation is not commutative is called a "non-abelian group" or "non-commutative group".
Cyclic Group: A group G is called cyclic if there exists an element g in G such that G = <g> = { gn | n is an integer }. Since any group generated by an element in a group is a subgroup of that group, showing that the only subgroup of a group G that contains g is G itself suffices to show that G is cyclic. For example, if G = { g0, g1, g2, g3, g4, g5 } is a group, then g6 = g0, and G is cyclic. In fact, G is essentially the same as (that is, isomorphic to) the set { 0, 1, 2, 3, 4, 5 } with addition modulo 6. For example, 1 + 2 = 3 (mod 6) corresponds to g1·g2 = g3, and 2 + 5 = 1 (mod 6) corresponds to g2·g5 = g7 = g1, and so on. One can use the isomorphism φ defined by φ(gi) = i. For every positive integer n there is exactly one cyclic group (up to isomorphism) whose order is n, and there is exactly one infinite cyclic group (the integers under addition). Hence, the cyclic groups are the simplest groups and they are completely classified. The name "cyclic" may be misleading: it is possible to generate infinitely many elements and not form any literal cycles; that is, every gn is distinct. (It can be said that it has one infinitely long cycle.) A group generated in this way is called an infinite cyclic group, and is isomorphic to the additive group of integers Z.
Computational Problems:
a. Discrete Logarithm Problem (DLP): Given P and Q ∈ G, to find an integer n ∈ Z , such that Q = nP. b. Decision Diffie-Hellman Problem (DDHP): Given P, aP, bP , and cP , to decide whether c = ab mod q, where a, b, and c ∈ Zp* c. Computational Diffie-Hellman Problem (CDHP): Given aP, and bP , to compute abP , where a, and b ∈ Zp*

ELLIPTIC CURVE CRYPTOGRAPHY BASED ON GROUP THEORY

ECC [21] [24] has become the cryptographic choice for ad hoc networks and communication devices due to its size and efficiency benefits. Elliptic curve cipher uses very small keys and is computationally very efficient, which makes it ideal for the smaller, less powerful devices being used today by majority of individuals to access network services. The elliptic curve crypto system (ECCS) is a crypto-algorithm method of utilizing a discrete logarithm problem (DLP) over the points on an elliptic curve. Groups which also obey commutative or symmetric property are known as Abelian groups. Abelian groups are extensively used in cryptography, as the order of the sender-receiver transmission should not confuse the common key.
The abelian group of points of an elliptic curve, due to the smaller key size (and hence lower,number of members of the closed set), that is much smaller in size, at the same time maintains the same level of security. Closure, a fundamental property of groups, is used. The modulo (n) operation causes the domain to have finite number of members. This ensures the problem is solvable for the valid receiver, as well as for the problem to be hard eg: discrete log (for Diffie-Hellman, or Elliptic Curves, and prime factorisation for RSA). We note that for a non-group say, y = xa, which is not limited (not closed), but over infinite real numbers, or integers. It is easy for an intruder over time to map, or guess, the exponential pattern, from the random samples eavesdropped.
If we modify this to y = xa mod(n), where a, x, y, n are integers and x, and y values now becomes more random, and hence it becomes much harder for an intruder to guess any pattern. At the same time, given y, and n, publicly known values in public key cryptography, it becomes very difficult to guess x. This is due to the hardness of the discrete log problem which is due to the group closure requirements The typical representation of an elliptic curve is y2 = x3+ax+b with a,b are integers. (x,y) are the points on x and y coordinates. We avoid curves where points (x,y), such that, x, and/or y is irrational, or transcendental. In cryptography, elliptic curves restricted over the domain of rational numbers (Q), is found to provide sufficient hardness in the discrete logarithm problem. For k to be an integer, we have to allow the coordinates of points (x,y) to be rational numbers. Thus points M, and P on the elliptic curves are allowed to take (x, y) values in rational numbers, such that M = kP where this operation is called scalar multiplication.
The much smaller size keys, makes ECC very promising for the wireless, smaller size, smaller memory, bandwidth and power limited devices. 160 bit keys in elliptic curves provide same levels of security as 1024 bit RSA. Likewise 224 bit key in elliptic curve provide same levels of security as 2048 bit key in RSA.

PROTOCOL

Diffie-Hellman key exchange: One application of CDH is the Diffie-Hellman key exchange protocol [14] [15]. Suppose two people, traditionally named Alice and Bob, want to share a secret key (which is a random element in some group). Sharing this secret needs to be done by communicating over an insecure channel and should not require any prior interaction between the two parties. Assuming the agreement between the two parties on a group G of large prime order with generator g, and also the hardness of CDH in G, the sharing of a secret key can be done in one round using the following steps:
a. Alice generates a random positive integer a, which should be less than the group order. The Information she sends to Bob is: ga The integer a kept private.
b. Bob also generates a random positive integer b, which should be less than the group order. The information he sends to Alice is: gb
The integer b is kept private.
After these two steps Alice computes (gb)a = gab and Bob computes (ga)b = gab. This shared secret gab cannot be recovered without solving CDH in G, because any eavesdropper watching the insecure channel only has the following information: G; g; ga and gb

PRACTICAL CONSIDERATION

We consider the following scenario. Assume that Alice selects a random nonce a ∈ Zp* and computes aP. Alice wishes to send the message aP to Bob, Bob is able to ascertain that a P is not modified or fabricated and the original sender is indeed Alice. Let Alice has the public key certificate Cert A, containing her long-term public key Ya = Xa P and her long term private key Xa. Let H1 be a public cryptographic hash function H1: {0,1}* G1 where. We describe the message authentication scheme [18] as follows (depicted in Fig. 1).
image
(1) Alice selects a random nonce a ∈ Zq* and computes X1=aP, Q = X1 (H1) , X2 = xA Q then sends (X1, X2) to Bob; (2) Upon receipt of (X1, X2), Bob can compute e (P,X2) and e(YA , H1 (X1)) ,then verify whether they are equal. If they are equal, then the authentication is successful, otherwise, is failed.
Proposed Scheme:
Setup: Let A, B and C be parties and H be cryptographic hash function. Choose group G1 and G2 of prime order q such that an admissible pairing [6] e: G1 × G1 G2 can be constructed and pick a generator P of G1. Let H1 be a cryptographic hash function where H1:{0,1}* G1, and H2 be a key derivation function where H2:{0,1}* {0,1}K and k is a security parameter. The public parameters are <G1 ,G2 ,P , q, e, k, H1 ,H2 > and k is a security parameter. Let A, B and C be parties who participate in this protocol. Let IDA, IDB and IDC denote the identities of A, B and C respectively. Each party has his own private key x and the public key Y = xP . Assume that the broadcast channel is available and “Broadcasting ” is denoted by “”.
Key Agreement Party A selects a random number a ∈ Zq* and computes: X1=aP , QA = H1 (XA || IDA) , and RA = xA QA. Then A broadcasts (XA ,RA ,IDA) , Similarly, B broadcasts (XB ,RB ,IDB) and C broadcasts (XC ,RC ,IDC). Key Computation Upon receipt of (XB,RB,IDB) and (XC ,RC ,IDC). , A can compute QB = H1 (XB || IDB) and QC = H1 (XC || IDC) , then verify whether e(P ,RB ) = e (YB,QB) and e(P,RC)= e(YC ,QC ) If the equalities do not hold, A terminates the protocol. Otherwise, A can compute the session key SKA = H2(e(XB ,XC)a ||IDA ||IDB ||IDC ) Similarly, B can compute the session key SK and C can compute the session key SKC .
image
Experimental Results and Analysis:
Simulation with MATLAB: This simulation runs over following scenarios:
a. Network establishment.
b. Network scenarios.
c. Variable initialization.
d. Parameter initialization.
e. Simulation of Network.
f. Encrypting the data packets, it is done on the basis of random generator.
g. Public key is randomly chosen and private key is changed according to change in node position.(Peer to peer connection)
h. Formulas used to generate key and key strength is improved on the basis of group changing. i. Network data flow and nodes linking is analyzed. This is done to show the efficiency of data and key strength.
j. Time or simulation time is increased up to 0.5% and key strength improved.
These steps are performed in simulation using MATLAB. Results are shown in the following figures:
image
image'
image
Steps 8 and 9 are performed in Fig. 5, 8, 9. Final results are shown in Fig. 9. In this figure key strength is improved.

CONCLUSIONS

This paper presents the simulation of a key distribution scheme over mobile ad hoc network, based on the message authentication scheme using bilinear pairing. From the simulation result, it is found out that scheme works extremely well in a small size of MANET. It improves the key strength efficiency and slightly increases the simulation time (0.5%). This scheme also ensures that system can work on self-organized networks after the initiation.

References

  1. Samba Sessay, Zongkai Yang and Jianhua He,”A Survry on Mobile Ad Hoc Wireless Network,” Information Technology Journal 3(2):168-175, 2004.
  2. Van der Merwe, J., Dawoud, D., and McDonald, “A survey on peer-to-peer key management for mobile ad hoc networks,” ACM Comput. Surv. 39, 1, Article 1, April 2007.
  3. Jeroen Hoebeke, Ingrid Moerman, Bart Dhoedt and Piet Demeester,” An Overview of Mobile Ad Hoc Networks: Applications and Challenges,”
  4. Anne Marie Hegland, Eliwinjum, Stig F. Mjølsnes, Chunming Rong, Øivind Kure, and Pål Spilling,” A Survey of Key Management in Ad Hoc Networks, ” IEEE Communications Surveys & Tutorials, VOLUME 8, NO. 3, 3RD QUARTER 2006.
  5. Eduardo Da Silva, Aldri L. Dos Santos, and Luiz Carlos P. Albini,” Identity-based Key Management in Mobile Ad hoc Networks: Techniques and Applications,” IEEE Wireless Communications, 1536-1284, Aug. 2008.
  6. Cheng-Chi Lee and Chin-Ling Chen,” Authenticated Multiple Keys Exchange Protocol based on Bilinear Pairings,” International Conference on E-Business and EGovernment, 978-0-7695-3997, Oct. 3, 2010.
  7. Wan An Xiong, Bin Tang,” A Secure and Highly Efficient Key Management Scheme for MANET,” Advances on Information Sciences and Service Sciences. Volume 3, Number 2, March 2011.
  8. Yanchao Zhang, Wei Liu, Wenjing Lou, Yuguang Fang, and Younggoo Kwon,” AC-PKI: Anonymous and Certificateless Public-Key Infrastructure for Mobile Ad Hoc Networks , ” IEEE 0-7803-8939, May 5, 2005.
  9. Renu Dalal, Yudhvir Singh, and Manju Khari,” A Review on Key Management Schemes in MANET, ” International Journal of Distributed and Parallel Systems (IJDPS) Vol.3, No.4, July 2012.
  10. Pin-Chang Su,” New Authenticated Key Exchange Using Pre-shared Key Model for Ad-hoc Networks,” JOURNAL OF C.C.I.T., VOL.37, NO.1, NOV., 2008.
  11. Johann van der Merwe, Dawoud Dawoud and Stephen Mc Donald,” A Survey on Peer-to-Peer Key Management for Military Type Mobile Ad Hoc Networks,” Armaments Corporation of South Africa, 2005.
  12. YANG Ya-tao, ZENG Ping, FANG Yong, CHI Ya-Ping,” A Feasible Key Management Scheme in Adhoc Network , ” Eighth ACIS International Conference on Software Engineering, Artificial Intelligence, Networking,and Parallel/Distributed Computing, IEEE, 0-7695-2909,July 7, 2007.
  13. [13]. Rakesh Chandra Gangwar and Anil K. Sarje,” Secure and Efficient Dynamic Group Key Agreement Protocol for an Ad Hoc Network,” IEEE, 1-4244-0731,june 1, 2006.
  14. Hongji Wang, Gang Yao, Qingshan Jiang,” An Identity-Based Group Key Agreement Protocol from Pairing,” Third International Conference on Availability, Reliability and Security, IEEE, 0-7695-3102, Aug. 4, 2008.
  15. Gang Yao, Hongji Wang, and Qingshan Jiang,” An Authenticated 3-Round Identity-Based Group Key Agreement Protocol,” Third International Conference on Availability, Reliability and Security, IEEE, 0-7695-3102, Aug. 4, 2008.
  16. Zhenfei Zhang, Willy Susilo, and Raad Raad,” Mobile Ad-hoc Network Key Management with Certificateless Cryptography,” IEEE, 978-1-4244-4242, Aug. 3, 2008.
  17. Daisuke MORIYAMA, and Hiroshi DOI,” Efficient ID-based Key Agreement Protocol under the DLDH Assumption Without Random Oracles ,” International Symposium on Information Theory and its Applications(ISITA) ,Auckland, New Zealand, 7-10, December, 2008.
  18. Peng HE, Qiuliang XU, and Ruiguang LIU,” An Improved Tripartite Authenticated Key Agreement Protocol From Pairings,” Second International Workshop on Education Technology and Computer Science, IEEE, 978-0-7695-3987, oct. 4, 2010.
  19. Chen Yixiang,” Certificateless Key Agreement Protocol,” IEEE, 978-1-4244-5895, Dec., 2010.
  20. S. Tapaswi1, Virendra Singh Kushwah,” Securing Nodes in MANETs Using Node Based Key Management Scheme,” International Conference on Advances in Computer Engineering, IEEE, 978-0-7695-4058, Dec., 2010.
  21. K.Muthumayil, Dr.V.Rajamani, Dr.S.Manikandan, and M.Buvana,” A Group Key Agreement Protocol based on stability and power using Elliptic curve cryptography,” ICETECT, IEEE, 978-1-4244-7926, Nov. 9, 2011.
  22. Amit K Awasthi and Sunder Lal,” ID-based Ring Signature and Proxy Ring Signature Schemes from Bilinear Pairings , ” arXiv:cs/0504097V1[cs.CR],Apr. 23, 2005.
  23. Dan Boneh and Matthew Franklin,” Identity-Based Encryption from the Weil Pairing,” SIAM J. of Computing, Vol. 32, No. 3, pp. 586-615, 2003.
  24. Mengbo Hou and Qiuliang Xu,” An Efficient and Secure One-Round Authenticated Key Agreement Protocol without Pairings, ” IEEE, 978-1-61284-774, Nov., 2011.