research-article

ALPHA: an adaptive and lightweight protocol for hop-by-hop authentication

Authors:

Oscar Garcia Morchon,

Klaus WehrleAuthors Info & Claims

CoNEXT '08: Proceedings of the 2008 ACM CoNEXT Conference

Article No.: 23, Pages 1 - 12

https://doi.org/10.1145/1544012.1544035

Published: 09 December 2008 Publication History

Abstract

Wireless multi-hop networks are particularly susceptible to attacks based on flooding and the interception, tampering with, and forging of packets. Thus, reliable communication in such networks quintessentially depends on mechanisms to verify the authenticity of network traffic and the identity of communicating peers. A major challenge to achieve this functionality are the tight resource constraints of such devices as smartphones, mesh- and sensor nodes with regard to CPU, memory, and energy. Since existing approaches suffer from significant drawbacks related to functionality and efficiency, we present in this paper ALPHA, an Adaptive and Lightweight Protocol for Hop-by-hop Authentication. ALPHA establishes a verifiable notion of identity for network traffic, based on computationally cheap hash functions, enabling end-to-end as well as hop-by-hop integrity protection for unicast traffic. Our evaluation shows that ALPHA is a generic security mechanism that makes full traffic authentication and secure middlebox signaling viable in resource-constrainted multi-hop networks.

References

[1]

Akbani, R., Korkmaz, T., and Raju, G. HEAP: Hop-by-hop Efficient Authentication Protocol For Mobile Ad-hoc Networks. CNS 07 (2007).

[2]

Anderson, R., Bergadano, F., Crispo, B., Lee, J., Manifavas, C., and Needham, R. A new family of authentication protocols. Operating systems review 32, 4 (1998).

Digital Library

[3]

Bellare, M., Canetti, R., and Krawczyk, H. Keying hash functions for message authentication. CRYPTO 96 (1996).

Digital Library

[4]

Bergadano, F., Cavagnino, D., and Crispo, B. Chained Stream Authentication. Selected Areas in Cryptography: 7th Annual International Workshop, SAC 2000 (2000).

Digital Library

[5]

Cheung, S. An efficient message authentication scheme for link state routing. 13th Annual Computer Security Applications Conference (1997).

Digital Library

[6]

Gouda, M. G., Elnozahy, E. N., Huang, C.-T., and McGuire, T. M. Hop integrity in computer networks. IEEE/ACM Transactions on Networking 10 (2002).

Digital Library

[7]

Gura, N., Patel, A., Wander, A., Eberle, H., and Shantz, S. Comparing Elliptic Curve Cryptography and RSA on 8-Bit CPUs. Cryptographic Hardware and Embedded Systems: 6th International Workshop (2004).

[8]

Hauser, R., Przygienda, A., and Tsudik, G. Reducing the Cost of Security in Link State Routing. NDSS '97 (1997).

Digital Library

[9]

Hu, Y.-C., Perrig, A., and Johnson, D. Packet leashes: a defense against wormhole attacks in wireless networks. INFOCOM (2003).

[10]

Lamport, L. Password authentication with insecure communication. Commun. ACM, 11 (1981).

Digital Library

[11]

Liu, D., Ning, P., Zhu, S., and Jajodia, S. Practical broadcast authentication in sensor networks. MobiQuitous (2005).

Digital Library

[12]

Lu, B., and Pooch, U. W. A Light-weight Hop-by-hop Authentication Protocol for Mobile Ad Hoc Networks. International Journal of Information Technology 11, 2 (2005).

Digital Library

[13]

Matyas, S., Meyer, C., and Oseas, J. Generating strong one-way functions with cryptographic algorithm. IBM Technical Disclosure Bulletin 27, 10A (1985).

[14]

Merkle, R. C. A digital signature based on a conventional encryption function. In CRYPTO '87 (1988).

Digital Library

[15]

Merkle, R. C. A certified digital signature. In CRYPTO '89 (1990).

Digital Library

[16]

Moskowitz, R., Nikander, P., Jokela, P., and Henderson, T. Host identity protocol. RFC 5201, IETF, 2008.

[17]

Perrig, A., Canetti, R., Song, D., and Tygar, J. Efficient and Secure Source Authentication for Multicast. NDSS '01 (2001).

[18]

Perrig, A., Canetti, R., Tygar, D., and Song, D. The TESLA broadcast authentication protocol. Cryptobytes 5 (2002).

[19]

Torvinen, V., and Ylitalo, J. Weak Context Establishment Procedure for Mobility Management and Multi-Homing. IFIP Conference on Communications and Multimedia Security (2004).

[20]

Weimerskirch, A., and Westhoff, D. Zero Common-Knowledge Authentication for Pervasive Networks. SAC '03 (2003).

[21]

Yao, T., Fukunaga, S., and Nakai, T. Reliable broadcast message authentication in wireless sensor networks. In EUC Workshops (2006).

Digital Library

[22]

Ye, F., Luo, H., Lu, S., and Zhang, L. Statistical En-Route Filtering of Injected False Data in Sensor Networks. IEEE Journal on Selected Areas in Communications 23 (2005).

Digital Library

[23]

Zhang, K. Efficient protocols for signing routing messages. NDSS '98 (1998).

[24]

Zhang, W., Subramanian, N., and Wang, G. Lightweight and compromise-resilient message authentication in sensor networks. INFOCOM 2008 (2008).

[25]

Zhu, S., Setia, S., Jajodia, S., and Ning, P. An interleaved hop-by-hop authentication scheme for filtering of injected false data in sensor networks. Security and Privacy (2004).

[26]

Zhu, S., Xu, S., Setia, S., and Jajodia, S. LHAP: a lightweight hop-by-hop authentication protocol for ad-hoc networks. Distributed Computing Systems Workshops, 2003 (2003).

Digital Library

Cited By

D'Arco PDe Prisco Rdel Pozo A(2024)Efficient and reliable post-quantum authenticationTheoretical Computer Science10.1016/j.tcs.2024.114597(114597)Online publication date: May-2024
https://doi.org/10.1016/j.tcs.2024.114597
Xiao HPei QSong XShi W(2022)Authentication Security Level and Resource Optimization of Computation Offloading in Edge Computing SystemsIEEE Internet of Things Journal10.1109/JIOT.2021.31392229:15(13010-13023)Online publication date: 1-Aug-2022
https://doi.org/10.1109/JIOT.2021.3139222
Alkhuder S(2018)Securing Ad-Hoc On-Demand Distance Vector Protocol in Wireless Sensor Networks: Working with What the Node Can Offer2018 International Conference on Computing Sciences and Engineering (ICCSE)10.1109/ICCSE1.2018.8374222(1-6)Online publication date: Mar-2018
https://doi.org/10.1109/ICCSE1.2018.8374222
Show More Cited By

Index Terms

ALPHA: an adaptive and lightweight protocol for hop-by-hop authentication
1. Hardware
  1. Communication hardware, interfaces and storage
2. Networks
  1. Network protocols

Recommendations

Hash chains to secure proactive protocols
CNS '13: Proceedings of the 16th Communications & Networking Symposium

Several secure extensions have been proposed to deal with the OLSR proactive routing protocol security, but they often involve a very high resource consumption that degrades network performances. The protocol ADVSIG is one of these extensions. It ...
HORSE: An Extension of an r-Time Signature Scheme With Fast Signing and Verification
ITCC '04: Proceedings of the International Conference on Information Technology: Coding and Computing (ITCC'04) Volume 2 - Volume 2

Source authentication of messages is a valuable tool incommunication networks where the source of a message caneasily be spoofed. Often, when two parties are communicating,a shared-key message authentication code is sufficientfor providing source ...
A non-interactive deniable authentication scheme based on designated verifier proofs

A deniable authentication protocol enables a receiver to identify the source of the given messages but unable to prove to a third party the identity of the sender. In recent years, several non-interactive deniable authentication schemes have been ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

CoNEXT '08: Proceedings of the 2008 ACM CoNEXT Conference

December 2008

526 pages

ISBN:9781605582108

DOI:10.1145/1544012

Conference Chairs:
Arturo Azcorra
IMDEA Networks and University Carlos III of Madrid, Spain
,
Gustavo de Veciana
University Texas at Austin
,
Program Chairs:
Keith W. Ross
Polytechnic University
,
Leandros Tassiulas
University of Thessaly, Greece

Copyright © 2008 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 09 December 2008

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Acceptance Rates

Overall Acceptance Rate 198 of 789 submissions, 25%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

29
Total Citations
View Citations
345
Total Downloads

Downloads (Last 12 months)6
Downloads (Last 6 weeks)0

Reflects downloads up to 01 Mar 2025

Other Metrics

View Author Metrics

Citations

Cited By

D'Arco PDe Prisco Rdel Pozo A(2024)Efficient and reliable post-quantum authenticationTheoretical Computer Science10.1016/j.tcs.2024.114597(114597)Online publication date: May-2024
https://doi.org/10.1016/j.tcs.2024.114597
Xiao HPei QSong XShi W(2022)Authentication Security Level and Resource Optimization of Computation Offloading in Edge Computing SystemsIEEE Internet of Things Journal10.1109/JIOT.2021.31392229:15(13010-13023)Online publication date: 1-Aug-2022
https://doi.org/10.1109/JIOT.2021.3139222
Alkhuder S(2018)Securing Ad-Hoc On-Demand Distance Vector Protocol in Wireless Sensor Networks: Working with What the Node Can Offer2018 International Conference on Computing Sciences and Engineering (ICCSE)10.1109/ICCSE1.2018.8374222(1-6)Online publication date: Mar-2018
https://doi.org/10.1109/ICCSE1.2018.8374222
Sagirlar GCarminati BFerrari E(2018)Decentralizing privacy enforcement for Internet of Things smart objectsComputer Networks: The International Journal of Computer and Telecommunications Networking10.1016/j.comnet.2018.07.019143:C(112-125)Online publication date: 9-Oct-2018
https://dl.acm.org/doi/10.1016/j.comnet.2018.07.019
D’Arco PDe Prisco RPerez del Pozo A(2018)An Efficient and Reliable Two-Level Lightweight Authentication ProtocolCyberspace Safety and Security10.1007/978-3-030-01689-0_14(168-180)Online publication date: 23-Sep-2018
https://doi.org/10.1007/978-3-030-01689-0_14
Zhu LYu FTang TNing B(2016)An Integrated Train–Ground Communication System Using Wireless Network Virtualization: Security and Quality of Service ProvisioningIEEE Transactions on Vehicular Technology10.1109/TVT.2016.259715365:12(9607-9616)Online publication date: Dec-2016
https://doi.org/10.1109/TVT.2016.2597153
Taha SCéspedes SShen XKhan SMauri J(2014)Mutual Authentication in IP Mobility-Enabled Multihop Wireless NetworksSecurity for Multihop Wireless Networks10.1201/b16754-7(101-124)Online publication date: 25-Mar-2014
https://doi.org/10.1201/b16754-7
Changiz RHalabian HRichard Yu FLambadaris ITang H(2014)Trust establishment in cooperative wireless relayingnetworksWireless Communications & Mobile Computing10.1002/wcm.227114:15(1450-1470)Online publication date: 25-Oct-2014
https://dl.acm.org/doi/10.1002/wcm.2271
Cespedes STaha SShen X(2013)A Multihop-Authenticated Proxy Mobile IP Scheme for Asymmetric VANETsIEEE Transactions on Vehicular Technology10.1109/TVT.2013.225293162:7(3271-3286)Online publication date: Sep-2013
https://doi.org/10.1109/TVT.2013.2252931
Zhu LYu FNing BTang T(2013)Joint security and QoS provisioning in cooperative vehicular ad hoc networks2013 IEEE International Conference on Communications (ICC)10.1109/ICC.2013.6654742(1594-1598)Online publication date: Jun-2013
https://doi.org/10.1109/ICC.2013.6654742
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Figures

Tables

Media

View Table of Conten