Identity-based secure collaboration in wireless ad hoc networks
Introduction
Wireless ad hoc networks are self-organized systems without relying on any preexisting, fixed communication infrastructures, so any peer may assist the communication that is vital for other peers by relaying their packets. Ad hoc networks, which have attracted much attention in recent years [3], [4], are especially attractive when infrastructures are too expensive to build, or too vulnerable to maintain [1], [2]. Voluntary collaboration is often assumed among all involved peers, which is acceptable when these peers are genuine, collaborative, and under the control of a single authority. As indicated in [5], [6], [7], [8], [9], [10], [11], [12], the validity of this assumption is challenged when peers are autonomous, selfish, or malicious in large-scale, heterogeneous networks. For example, if battery-powered peers relay packets for others, they are one-step closer to running out of their energy, which is undesirable from a selfish standpoint, since later they may have insufficient energy for their own packets.
In this paper, we are interested in secure collaboration of selfish peers in energy-constrained wireless ad hoc networks. In our setting, a peer (e.g., a user carrying a battery-powered laptop computer with wireless LAN interfaces) joins a group of other peers. These peers may or may not have preestablished trustworthiness (e.g., in a public recreation park), or share any common goals (e.g., accessing the Internet or swapping files). A peer may raise the output power of its transmitter to communicate with intended peers directly; however, its capability to do so in practice is always limited by hardware design, and such a strategy may not be preferred by others (due to higher interference) or even by itself (due to higher energy consumption). Hence, collaborations among neighbor peers are essential in ad hoc networks.
The desire to collaborate in ad hoc networks faces many new challenges. First, peers have to be assured that they indeed exchange information with intended peers, even when they no longer communicate with each other directly. Second, as packets are relayed by peers without preestablished trustworthiness, peers have to be assured that the confidentiality, integrity, and authenticity of information exchange are not compromised. Third, selfish peers always want to take advantage of other peers, but hesitate to help others if their resources are sacrificed, so certain measures are required to stimulate and compensate favorable collaborations. Finally, the entire system should benefit from secure collaboration among selfish peers, and resist against malfunctioning or malicious peers; otherwise, peers tend to remain selfish.
In contrast to many existing approaches (see Section 6 for related work), we apply the latest advances in identity-based cryptography (IBC) [13] to ad hoc networks. IBC is a form of public-key cryptography (PKC). Unlike regular PKC systems in which the binding between the identity of an entity and its public-key should be certified by certificate authorities (CAs) or stored in central directories, such authorities and directories can be completely eliminated in IBC systems in which the public-key of an entity can be derived from its identity directly. This property is vitally important for ad hoc networks, where public-key infrastructures (PKIs) or CA hierarchies are also expensive to build and vulnerable to maintain in general. IBC is used to facilitate asymmetric encryption/decryption and signature/verification procedures; it can also be used to bootstrap their symmetric counterparts without prearranging pairwise shared secrets among all involved peers. Based on IBC, a lightweight and cheat-resistant micropayment scheme can be devised for ad hoc networks, which stimulates and compensates collaborative peers that sacrifice their resources to relay packets for others.
The remainder of this paper is organized as follows. In Section 2, we present the model of ad hoc networks and their security requirements. Identity-based key management is presented in Section 3. In Section 4, we design an IBC-based micropayment scheme to stimulate and compensate collaborative peers. Through the performance studies in Section 5, we demonstrate that profitable collaboration is a preferable strategy if it is properly enforced. Section 6 reviews related work, and Section 7 concludes this paper.
Section snippets
Ad hoc networks
As shown in Fig. 1, wireless ad hoc networks are fully-distributed systems of self-organizing peers that wish to exchange information over-the-air but do not rely on any preexisting infrastructures [1], [2], [3], [4]. Mobile peers (e.g., laptop computers, shown as dots, with wireless interfaces) can join or leave such systems (depicted by a large dashed circle, e.g., a recreation park) at any time. Only peers require keying have to pass by an offline authority regularly (e.g., a ticketing booth
Identity-based key management
The concept of identity-based cryptography (IBC) was first introduced by Shamir two decades ago [15]; however, non-mediated IBC-based encryption (IBE) is very challenging, and it is only recently that practical IBE schemes appeared. The first efficient and secure IBE scheme (BF-IBE) was given in 2001 by Boneh and Franklin, which employs Weil pairing on elliptic curves [16]; its security is based on the bilinear Diffie–Hellman problem (BDHP), which is considered secure in the random oracle model
Secure peer collaboration
With IBC-based schemes, peers in ad hoc networks can communicate securely without relying on PKIs, CA hierarchies, key directories, online authorities, or pairwise prearranged secrets among all involved peers. Our next step is to stimulate selfish peers to collaborate (i.e., relaying for others), and compensate them if they do so. Here, we focus on a destination-payer model; other payment models (e.g., source-payer) can be accommodated by prefixing application-layer payments (i.e., sources pay
Evaluation approach
We consider a wireless ad hoc network with the topology shown in Fig. 4(a), where N peers are randomly located on a ring of radius R. With an intentionally-rounded topology, peers have no location disadvantages when compared with peers at any other locations (in contrast, peers close to the border of networks with a finite topology tend to have greater distances to most other peers). This approach allows us to exclusively investigate the performance impact of collaboration strategies in ad hoc
Related work
Ad hoc networks have attracted intensive attention in recent years [1], [2], [3], [4]. Their intrinsic vulnerabilities due to the lack of communication and security infrastructures, secured media, trusted peers, and stable states have geared considerable research efforts toward securing information exchange in such systems [14], [19], [21], [22], [23], [24], [25], [26]. Also, the assumption of voluntary collaboration in ad hoc networks begins to be challenged.
Watchdog and pathrater with
Conclusions
Peer collaborations are essential in wireless ad hoc networks due to the lack of infrastructure support; however, voluntary collaboration is found to be too optimistic in practice. In this paper, based on the latest advances in IBC to ensure information confidentiality, integrity, and authenticity, we have designed a hash-chain-based micropayment scheme to stimulate and compensate collaborative peers. The profitability principle and the decomposition approach are generic, and can be applied to
Acknowledgement
This work has been supported by the Natural Sciences and Engineering Research Council of Canada (NSERC).
Jianping Pan is currently an assistant professor of computer science at the University of Victoria, British Columbia, Canada. He received his Bachelor’s and Ph.D. degrees in computer science from Southeast University, Nanjing, China in 1994 and 1998, respectively. From 1999 to 2001, he was a postdoctoral fellow and then a research associate at the University of Waterloo, Ontario, Canada; from 2001 to 2005, he was a member of research staff at Fujitsu Labs and then a research scientist at NTT
References (30)
- et al.
Wireless Ad hoc Networks
- et al.
A brief overview of ad hoc networks: challenges and directions
IEEE Commun. Mag.
(2002) IEEE J. Selected Areas Commun.
(1999)- S. Micali, T. Giuli, K. Lai, M. Baker, Mitigating routing misbehavior in mobile ad hoc networks, in: Proceedings of the...
- Y. Zhang, W. Lee, Intrusion detection in wireless ad-hoc networks, in: Proceedings of the 6th ACM MobiCom, 2000, pp....
- L. Buttyan, J.-P. Hubaux, Enforcing service availability in mobile ad-hoc WANs, in: Proceedings of the 1st ACM MobiHoc,...
- S. Buchegger, J. Le Boudec, Performance analysis of the confidant protocol: cooperation of nodes – fairness in...
- P. Michiardi, R. Movla, Core: a collaborative reputation mechanism to enforce node cooperation in mobile ad hoc...
- M. Jakobsson, J.-P. Hubaux, L. Buttyan, A micropayment scheme encouraging collaboration in multi-hop cellular networks,...
Identity-based encryption: a survey
RSA Labs Cryptobytes
Cited by (0)
Jianping Pan is currently an assistant professor of computer science at the University of Victoria, British Columbia, Canada. He received his Bachelor’s and Ph.D. degrees in computer science from Southeast University, Nanjing, China in 1994 and 1998, respectively. From 1999 to 2001, he was a postdoctoral fellow and then a research associate at the University of Waterloo, Ontario, Canada; from 2001 to 2005, he was a member of research staff at Fujitsu Labs and then a research scientist at NTT MCL in Silicon Valley, California, USA. His area of specialization is distributed systems and computer networks, and his recent research interests include protocols for advanced networking, performance analysis of networked systems, and applied network security. He is a member of the ACM and the IEEE.
Lin Cai received the M.A.Sc. and Ph.D. degrees (with Outstanding Achievement in Graduate Studies Award) in electrical and computer engineering from the University of Waterloo, Waterloo, Canada, in 2002 and 2005, respectively. Since July 2005, she has been an Assistant Professor in the Department of Electrical and Computer Engineering at the University of Victoria, British Columbia, Canada. Her research interests span several areas in wireless communications and networking, with a focus on network protocol and architecture design supporting emerging multimedia traffic over wireless, mobile, ad hoc, and sensor networks. She serves as the Associate Editor for EURASIP Journal on Wireless Communications and Networking, and International Journal of Sensor Networks (IJSNet). She is a member of IEEE and ACM.
Xuemin (Sherman) Shen received the B.Sc. (1982) degree from Dalian Maritime University (China) and the M.Sc. (1987) and Ph.D. degrees (1990) from Rutgers University, New Jersey (USA), all in electrical engineering. From September 1990 to September 1993, he was first with the Howard University, Washington D.C., and then the University of Alberta, Edmonton (Canada). Since October 1993, he has been with the Department of Electrical and Computer Engineering, University of Waterloo, Canada, where he is a Professor. His research focuses on mobility and resource management in interconnected wireless/wireline networks, UWB wireless communications systems, wireless security, and ad hoc and sensor networks. He is a coauthor of two books, an editor of 10 journal Special issues, and has published more than 150 papers in wireless communications and networks, control and filtering.
He was the Technical Co-Chair for IEEE Globecom’03 Symposium on Next Generation Networks and Internet, and ISPAN’04. He serves as the Associate Editor for IEEE Transactions on Wireless Communications; IEEE Transactions on Vehicular Technology; ACM Wireless Networks; Computer Networks; Dynamics of Continuous, Discrete and Impulsive – Series B: Applications and Algorithms; Wireless Communications and Mobile Computing (Wiley); and International Journal Computer and Applications. He also serves as Guest Editor for IEEE JSAC, IEEE Wireless Communications, and IEEE Communications Magazine. He received the Premier’s Research Excellence Award (PREA) from the Province of Ontario, Canada for demonstrated excellence of scientific and academic contributions in 2003, and the Distinguished Performance Award from the Faculty of Engineering, University of Waterloo, for outstanding contribution in teaching, scholarship and service in 2002. He is a senior member of the IEEE, and a registered Professional Engineer of Ontario, Canada.
Jon W. Mark received the B.A.Sc. degree from the University of Toronto in 1962, and the M.Eng. and Ph.D. degrees from McMaster University in 1968 and 1970, respectively, all in electrical engineering. From 1962 to 1970, he was an engineer and then a senior engineer at Canadian Westinghouse Co. Ltd., Hamilton, Ontario, Canada. In September 1970 he joined the Department of Electrical and Computer Engineering, University of Waterloo, Waterloo, Ontario, where he is currently a Distinguished Professor Emeritus. He served as the Department Chairman during the period July 1984–June 1990. In 1996 he established the Centre for Wireless Communications (CWC) at the University of Waterloo and is currently serving as its founding Director. He had been on sabbatical leave at the following places: IBM Thomas J. Watson Research Center, Yorktown Heights, NY, as a Visiting Research Scientist (1976–77); AT&T Bell Laboratories, Murray Hill, NJ, as a Resident Consultant (1982–83); Laboratoire MASI, Universit Pierre et Marie Curie, Paris France, as an Invited Professor (1990–91); Department of Electrical Engineering, National University of Singapore, as a Visiting Professor (1994–95). He has previously worked in the areas of adaptive equalization, image and video coding, spread spectrum communications, computer communication networks, ATM switch design and traffic management. His current research interests are in broadband wireless communications, resource and mobility management, and cross domain interworking. He recently co-authored the text entitled Wireless Communications and Networking, Prentice-Hall 2003. A Life Fellow of IEEE, he is the recipient of the 2000 Canadian Award for Telecommunications Research and the 2000 Award of Merit of the Education Foundation of the Federation of Chinese Canadian Professionals. He was an editor of IEEE Transactions on Communications (1983–1990), a member of the Inter-Society Steering Committee of the IEEE/ACM Transactions on Networking (1992–2003), a member of the IEEE Communications Society Awards Committee (1995–1998), an editor of Wireless Networks (1993–2004), and an associate editor of Telecommunication Systems (1994–2004).