SlideShare a Scribd company logo

A secure protocol for Spontaneous Wireless Ad Hoc Networks Creation

Download as PPTX, PDF
S
Sahil Bajaj

This document proposes a secure protocol for creating spontaneous wireless ad hoc networks. The key aspects of the protocol are: 1. It uses asymmetric cryptography for device identification and symmetric cryptography for exchanging session keys between nodes. 2. New devices authenticate by sending an identity card signed by a trusted node to validate network membership. This distributed validation avoids the need for a central authority. 3. The protocol establishes secure communication and resource/service sharing between mobile nodes in an ad hoc network without any existing infrastructure or centralized administration.

Education
1 of 33
Downloaded 11 times
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
A Secure Protocol for Spontaneous Wireless Ad Hoc Networks Creation SAHIL BAJAJ RAGHVENDRA YADAV
Ad-Hoc Networks  In Latin, ad hoc means “for this purpose only”  An ad-hoc network is a small network, in which some of network devices are part of the network that are part of network only for short duration  Peer to peer communication by use of Wi-Fi and Bluetooth technology  Devices or nodes in the network are mobile in nature  The wireless hosts in such networks, communicate with each other without the existing of a fixed infrastructure and without a central control
Ad Hoc Networks Wireless Network Topology
Characteristics  No Infrastructure needed  Can be deployed quickly, where there is no wireless communication infrastructure present  Can act as an extension to an existing networks  Cost effective  Nodes are mobile and hence have dynamic network topology  Nodes in ad hoc network play role of both router and terminal  It is self-configuring
Multi hop communication  May need to traverse multiple links to reach destination  Mobility causes route change
Examples  Classroom  Ad hoc network between student PDAs and workstation of the instructor  Large IT campus  Employees of a company moving within a large campus with PDAS, laptops and cell phones  Disaster response  A mobile network as big as needed  Vehicles  Communicating with other vehicles for safety purpose
Protocol  Creates a network which allows sharing resources and offering new services among users  Protocol includes all functions needed to operate without any external support  Provides access to information anywhere, user friendliness, and easy deployment  Builds a network consisting of mobile nodes that can communicate with each other, share resources, services during a limited period of time and in a limited space  Have little or no dependence on a centralized administration
 Enables the user to have instant service without any external infrastructure  Services in spontaneous networks depend significantly on network size, the nature of the participating nodes and running applications  Tasks to be performed include: user identification, their authorization, address assignment, and safety  Energy constraints, node variability, and bandwidth limitations mandate the design  Existing methods are not enough because they need an initial configuration (i.e., network configuration) or external authorities (for example, central authorities)
 The network and protocol proposed can establish a secure self-configured environment for distribution of data and sharing of resources and services among users.  A user is able to join the network because he/she knows someone that belongs to it, and hence in this way the certification authority is distributed between the users that trust the new user  The network management is also distributed, which allows the network to have a distributed name service  A mechanism is suggested which allows nodes to check the authenticity of their IP addresses while not generating duplicated IP addresses.  Asymmetric cryptography is applied for device identification , where each device has a public-private key pair and symmetric cryptography to exchange session keys between nodes
Secure Spontaneous Network  Network members and services may vary because devices are free to join or leave the network  Steps for the creation of a network  1. Joining Procedure  2. Services Discovery  3. Establishing trusted chain and changing trust level
Joining Procedure  System is based on the use of an IDentity Card (IDC) and a certificate  IDC contains public and private components  Public component contains a Logical Identity (LID), which is unique for each user and allows nodes to identify it  LID includes information such as name, photograph, user’s public key (Ki), the creation and expiration dates, an IP proposed by the user, and the user signature  The user signature is generated using the Secure Hash Algorithm (SHA-1) on the previous data to obtain the data summary  Data summary is signed with the user’s private key  Private component contains the private key (ki)
 Certificate Cij of the user i consists of a validated IDC, signed by a user j that gives its validity  No central certification authority is used to validate IDC  The certification authority for a node could be any of the trusted nodes  All nodes can be both clients and servers, can request or serve requests for information or authentication of other nodes  The first node creates the spontaneous network and generates a random session key, which will be exchanged with new nodes after the authentication phase
 When node B wants to join an existing network, it must choose a node within communication range to authenticate with(e.g., node A)  A will send its public key  Then, B will send its IDC signed by A’s public key  Next, A validates the received data  Finally, A will send its IDC data to B  This data will be signed by B’s public key will validate A’s IDC and will establish the trust  If A does not reply to the joining request, B must select another network node (if one exists)
 Symmetric key is used as a session key to cipher the confidential messages between trust nodes  It has less energy requirements than the asymmetric key  The asymmetric key encryption scheme is used for distribution of the session key and for the user authentication process
Services discovery  A user can ask other devices in order to know the available services.  It has an agreement to allow access to its services and to access the services offered by other nodes  The fault tolerance of the network has to be maintained  Services provided by B are available only if there is a path to B, and disappear when B leaves the network
Establishing trusted chain and changing trust level  There are only two trust levels  Node A either trusts node B  Node A does not trust node B.  If node A do not establish trust level with node B directly, it can be established through trusted chains  If A trusts C and C trusts B, then A may trust B  Trust relationship can be asymmetric  Trust level can change over time  Node A may decide not to trust node B although A still trusts C and C trusts B  It can also stop trusting if it discovers that previous trust chain does not exist anymore
Protocol and Network Management  Avoids the need for a central server, making the tasks of building the network and adding new members very easy  Each node is identified by an IP address  Services are shared using TCP connections  Short-range technology (Bluetooth) is used to allow authentication of nodes when they join the network  After the authentication process, each node learns the public information about other nodes
 Depending on the type of service, each node requests the services  From all the nodes that it trusts  From all nodes in the network  Request to multiple nodes is made through diffusion processes  Protocol prioritizes access to information through trusted nodes  When the information cannot be obtained through these nodes, it can then ask other nodes  Nodes may request information from other nodes  The node replying to this request must sign this data ensuring the authenticity
Network Creation  The first node in the network will be responsible for setting the global settings of the spontaneous network (SSID, session key, ...)  Each node must configure its own data (including the first node) such as IP, port, user data  This information will allow the node to become part of the network  After this data are set in the first node, it changes to standby mode  The second node first configures its user data
 Then, the greeting process starts  Find a device that will give trust to it  The node that belongs to the network, and is responsible for validating the new node’s data, will perform a diffusion process  These nodes will forward the received packets to their neighbours until the data reach all nodes in the network  This process verifies uniqueness of the new node’s data  It authenticates against the first node  Each additional node authenticates with any node in the network
Illustration  Steps for authentication of new device B  The receiver node A validates the received data  It then sends a broadcast message to check if these data are not used in the network (even the IP address)  This IP checking packet is sent randomly to all devices  When the authentication device receives the IP checking reply, it sends the authentication reply to the new device  If any step is wrong, an error message is sent to the new device  When the node is authenticated, it is able to perform several tasks
Tasks performed by authenticated node  The authenticated node can perform the following tasks  Display nodes  Modify trust of nodes  Update the information • Allows a node to learn about other nodes in the network • update could be for only one user or for all users in the network  Process an authentication request • Reply to an information request requested information will be sent directly to the requesting node or routed if the node is not on the communication range
 Forward an information request • The request will be forwarded if it is a broadcast message  Send data to one node • It can be sent symmetrically or asymmetrically encrypted, or unencrypted  Send data to all nodes • Done by flooding system • It can be sent symmetrically encrypted or unencrypted  Leave the network
Protocol Implementation  Developed 16 packets for the proper running of the protocol  To join a spontaneous network start the process by sending a Discovery request packet (01)  Contains the Logical IDentity of the user in order to let the destinations know the sender device  Receivers will reply with the Discovery reply packet (02)  Contains Logical Identity and their IP address  Authentication request packet (03) - used for the new device authentication
 Authentication reply packet (04) - confirms that the proposed IP and the email are unique, so the new device is authenticated  In case of duplication - error packet sent  IP and e-mail checking packet (05) – used by the authenticator device  verifies that no one in the network has the same email or IP address as the one proposed by the new device  IP and e-mail checking reply packet (06) - sent to authenticator device  verify that the IP and e-mail are unique
 If IP is duplicated, device must restart the authentication process after the generation of a new IP  Update request to one node (07) - to request information to a specific known node  Update reply from one node (08) - to reply with information requested by update request packet to one node  Update request to all network nodes packet(09) – request made from all nodes in the network, by flooding  Update reply to all network nodes packet (10) - reply with the information requested
 Certificate request to trusted nodes (11) - request the certificate from all trusted nodes  Certificate request to known nodes (12) - request the certificate from all known nodes  Certificate reply packet (13) – Reply to above two packets  Data are sent using the Packet for sending data (14)  Error packet (15) - to indicate that this operation is not possible  Authentication has failed  Node does not have the required data  Acknowledge packet(16) - to confirm to sender that the packet has arrived at its destination correctly
ID Packet Name Description 01 P_DISCOVERY Discovery request 02 R_DISCOVERY Discovery reply 03 P_AUTHENT Authentication request 04 R_AUTHENT Authentication reply 05 P_IP IP and Email checking 06 R_IP Ip and Email checking reply 07 P_ACTUALIZA Update request to one node 08 R_ACTUALIZA Update request from one node 09 P_BROADCAST Update request to all network node 10 R_BROADCAST Update reply to all network node 11 P_NODO_CONF Certificate request to trusted node 12 P_NODO Certificate request to known node 13 R_NODO Certificate reply 14 P_DATOS Packet for sending data 15 16 P_ERROR P_ACK Error Acknowledge
Session Key Revocation  Session key has an expiration time, so it is revoked periodically  A node that leaves the spontaneous network will keep the session key until it expires  It will let the user return to the network if it has joined previously(the spontaneous network is usually set up for a limited period of time)  However, if a node is disconnected from the network during the period of time when the session key has been renewed, it will not be able to access the network until it is authenticated again with someone from the network
PERFORMANCE ANALYSIS  Java programming  Protocol may work on devices with limited resources, Java 2 Platform, Micro Edition (J2ME) is used  Also has a small and fast virtual machine (KVM) that allows us to run the software without overloading the device  Devices must have a minimum of 160 KB memory to store theJava technology stack  It can run when there are computing and process limitations, and for low-power devices  Allows the implementation of communication protocols over both WiFi and Bluetooth technologies
CONCLUSION  We show the design of a protocol that allows the creation and management of a spontaneous wireless ad hoc network  A user without advanced technical knowledge can set up and participate in a spontaneous network  Storage and volatile memory needs are quite low and the protocol can be used in regular resource-constrained devices (cell phones, PDAs...)
References  [1].Raquel Lacuesta, Jaime Lloret, Miguel Garcia, Lourdes Pen ˜alver , “A Secure Protocol for Spontaneous Wireless Ad Hoc Networks Creation” IEEE TRANSACTIONS ON PARALLEL AND DISTRIBUTED SYSTEMS, VOL. 24, NO. 4, APRIL 2013  [2]. https://en.wikipedia.org/wiki/Wireless_ad_hoc_network  [3]. https://www.youtube.com/watch?v=Jmfd4KPGPp0  [4]. http://www.cs.jhu.edu/~cs647/intro_adhoc.pdf
A secure protocol for Spontaneous Wireless Ad Hoc Networks Creation

More Related Content

PDF
privacy preserving abstract
muhammed jassim k
 
PDF
An authentication framework for wireless sensor networks using Signature Base...
ijsrd.com
 
PDF
Pervasive Device and Service Discovery Protocol in Interoperability XBee-IP N...
TELKOMNIKA JOURNAL
 
PDF
KEY GENERATION FRAMEWORK FOR MULTIPLE WIRELESS DEVICES USING MULTIPATH ROUTING
ecij
 
PDF
User defined privacy grid system for continuous location based services abstract
Softroniics india
 
PDF
User defined privacy grid system for continuous location-based services
LeMeniz Infotech
 
PDF
USER-DEFINED PRIVACY GRID SYSTEM FOR CONTINUOUS LOCATION-BASED SERVICES - IEE...
Nexgen Technology
 
PDF
G0421040042
ijceronline
 
privacy preserving abstract
muhammed jassim k
 
An authentication framework for wireless sensor networks using Signature Base...
ijsrd.com
 
Pervasive Device and Service Discovery Protocol in Interoperability XBee-IP N...
TELKOMNIKA JOURNAL
 
KEY GENERATION FRAMEWORK FOR MULTIPLE WIRELESS DEVICES USING MULTIPATH ROUTING
ecij
 
User defined privacy grid system for continuous location based services abstract
Softroniics india
 
User defined privacy grid system for continuous location-based services
LeMeniz Infotech
 
USER-DEFINED PRIVACY GRID SYSTEM FOR CONTINUOUS LOCATION-BASED SERVICES - IEE...
Nexgen Technology
 
G0421040042
ijceronline
 

What's hot (20)

PDF
UDP Pervasive Protocol Integration with IoT for Smart Home Environment using ...
IJECEIAES
 
PDF
Wireless lan intrusion detection by using statistical timing approach
eSAT Journals
 
PDF
Iot lecture notes_hyd
Kishore5511
 
PPTX
Cloud computing and Software defined networking
saigandham1
 
PDF
IRJET - Identification and Classification of IoT Devices in Various Appli...
IRJET Journal
 
PPT
A Complete Guide Cloud Computing
Sripati Mahapatra
 
PDF
mumble: Framework for Seamless Message Transfer on Smartphones
Anand Bhojan
 
DOCX
privacy-preserving and content-protecting location based queries
swathi78
 
PPTX
Analysis the Privacy preserving and content protecting location based on queries
kavidhapr
 
DOC
Privacy preserving and content-protecting location based queries
Papitha Velumani
 
DOCX
USER-DEFINED PRIVACY GRID SYSTEM FOR CONTINUOUS LOCATION-BASED SERVICES
nexgentechnology
 
PDF
Study of computer network issues and
ijfcstjournal
 
DOCX
Anonymity based privacy-preserving data
Kamal Spring
 
PDF
Internet 2.0
Chong Yee Er
 
PPT
Peer to Peer services and File systems
MNM Jain Engineering College
 
PDF
Internet layer security protocol & IPsec
Kirti Ahirrao
 
PDF
Privacy Preserving Data Leak Detection for Sensitive Data
paperpublications3
 
PPTX
Privacy preserving optimal meeting location determination on mobile devices
IGEEKS TECHNOLOGIES
 
PPT
Chapter#12
Syed Muhammad ALi Shah
 
PPTX
Wireless lan security(10.8)
SubashiniRathinavel
 
UDP Pervasive Protocol Integration with IoT for Smart Home Environment using ...
IJECEIAES
 
Wireless lan intrusion detection by using statistical timing approach
eSAT Journals
 
Iot lecture notes_hyd
Kishore5511
 
Cloud computing and Software defined networking
saigandham1
 
IRJET - Identification and Classification of IoT Devices in Various Appli...
IRJET Journal
 
A Complete Guide Cloud Computing
Sripati Mahapatra
 
mumble: Framework for Seamless Message Transfer on Smartphones
Anand Bhojan
 
privacy-preserving and content-protecting location based queries
swathi78
 
Analysis the Privacy preserving and content protecting location based on queries
kavidhapr
 
Privacy preserving and content-protecting location based queries
Papitha Velumani
 
USER-DEFINED PRIVACY GRID SYSTEM FOR CONTINUOUS LOCATION-BASED SERVICES
nexgentechnology
 
Study of computer network issues and
ijfcstjournal
 
Anonymity based privacy-preserving data
Kamal Spring
 
Internet 2.0
Chong Yee Er
 
Peer to Peer services and File systems
MNM Jain Engineering College
 
Internet layer security protocol & IPsec
Kirti Ahirrao
 
Privacy Preserving Data Leak Detection for Sensitive Data
paperpublications3
 
Privacy preserving optimal meeting location determination on mobile devices
IGEEKS TECHNOLOGIES
 
Chapter#12
Syed Muhammad ALi Shah
 
Wireless lan security(10.8)
SubashiniRathinavel
 
Ad

Similar to A secure protocol for Spontaneous Wireless Ad Hoc Networks Creation (20)

DOCX
A secure protocol for spontaneous wireless ad hoc networks creation
JPINFOTECH JAYAPRAKASH
 
PPTX
Final ppt ecommerce
priyanka Garg
 
PPTX
Insights of vpn
Harshika Rana
 
PPTX
Internet Networking with its working.pptx
Guna Dhondwad
 
PPTX
Basics concept of network and internet mansi
MansiGupta298
 
PPTX
IoT.pptx .in this we can see about more details
HEARTSPORTS
 
PPTX
CCNA CCNP Basics for your mid term vivaa
OnkarSingh642357
 
PDF
Hand Note On Mobile and Wireless Security
Samson Peters Adebowale
 
PPTX
Virtual Private Network- VPN
Nikhil Kumar
 
PPTX
A Deep Dive in the World of IT Networking (Part 2)
Tuan Yang
 
PPTX
Chapter No 1 Introduction to Network and Network Models.pptx
PoojaBahirat1
 
PPT
Shradhamaheshwari vpn
Shradha Maheshwari
 
PDF
DrShivashankar_Computer Net_Module-3.pdf
Dr. Shivashankar
 
PPTX
S5 MCE. UNIT 3 COMPUTER SCIENCE.pptx
CYIZAEmile
 
PPTX
A computer network is a system of interconnected devices that can share resou...
shivanichoubey2008
 
DOCX
Virtual Private Network
Richa Singh
 
PDF
Lan Virtual Networks
Nicole Gomez
 
DOC
Virtual private network
Parth Akbari
 
PPTX
Open Systems Interconnections Model - 7 layers
pawan13061996
 
PDF
Performance and Simulation Study of TheProposed Direct, Indirect Trust Distri...
CSEIJJournal
 
A secure protocol for spontaneous wireless ad hoc networks creation
JPINFOTECH JAYAPRAKASH
 
Final ppt ecommerce
priyanka Garg
 
Insights of vpn
Harshika Rana
 
Internet Networking with its working.pptx
Guna Dhondwad
 
Basics concept of network and internet mansi
MansiGupta298
 
IoT.pptx .in this we can see about more details
HEARTSPORTS
 
CCNA CCNP Basics for your mid term vivaa
OnkarSingh642357
 
Hand Note On Mobile and Wireless Security
Samson Peters Adebowale
 
Virtual Private Network- VPN
Nikhil Kumar
 
A Deep Dive in the World of IT Networking (Part 2)
Tuan Yang
 
Chapter No 1 Introduction to Network and Network Models.pptx
PoojaBahirat1
 
Shradhamaheshwari vpn
Shradha Maheshwari
 
DrShivashankar_Computer Net_Module-3.pdf
Dr. Shivashankar
 
S5 MCE. UNIT 3 COMPUTER SCIENCE.pptx
CYIZAEmile
 
A computer network is a system of interconnected devices that can share resou...
shivanichoubey2008
 
Virtual Private Network
Richa Singh
 
Lan Virtual Networks
Nicole Gomez
 
Virtual private network
Parth Akbari
 
Open Systems Interconnections Model - 7 layers
pawan13061996
 
Performance and Simulation Study of TheProposed Direct, Indirect Trust Distri...
CSEIJJournal
 
Ad

Recently uploaded (20)

PPTX
Microbial diseases, their pathogenesis and prophylaxis
DevlinaSengupta
 
PPTX
master seminar digital applications in india
ananyaray35
 
PPTX
Pharmacology of Heart Failure /Pharmacotherapy of CHF
Rajshri Ghogare
 
PDF
Chapter 2 Heredity, Prenatal Development, and Birth.pdf
MarjorieLopezTiu
 
PDF
3rd Neelam Sanjeevareddy Memorial Lecture.pdf
Academy of Grassroots Studies and Research of India (AGRASRI)
 
PDF
STATICS OF THE RIGID BODIES Hibbelers.pdf
pascualasturiaskaye4
 
PDF
A systematic review of self-coping strategies used by university students to ...
CleeveMoralde1
 
PPTX
Institutional Correction lecture only . . .
limvtheghins
 
PDF
Module 4: Burden of Disease Tutorial Slides S2 2025
Jonathan Hallett
 
PDF
Saundersa Comprehensive Review for the NCLEX-RN Examination.pdf
sreejithcareers
 
PPTX
GDM (1) (1).pptx small presentation for students
shrawanbpkihs
 
PPTX
Cell Structure & Organelles in detailed.
DHANASHREESIVAKUMAR
 
PPTX
school management -TNTEU- B.Ed., Semester II Unit 1.pptx
NihumathunnisaH
 
PDF
ANTIBIOTICS.pptx.pdf………………… xxxxxxxxxxxxx
HakHe
 
PDF
O7-L3 Supply Chain Operations - ICLT Program
labyankof
 
PDF
Black Hat USA 2025 - Micro ICS Summit - ICS/OT Threat Landscape
Chris Sistrunk
 
PPTX
1st Inaugural Professorial Lecture held on 19th February 2020 (Governance and...
kawisojames10
 
PDF
OBE - B.A.(HON'S) IN INTERIOR ARCHITECTURE -Ar.MOHIUDDIN.pdf
ArchitectAFMMohiuddi
 
PDF
Supply Chain Operations Speaking Notes -ICLT Program
labyankof
 
PPTX
Cell Types and Its function , kingdom of life
ClaireMangundayao1
 
Microbial diseases, their pathogenesis and prophylaxis
DevlinaSengupta
 
master seminar digital applications in india
ananyaray35
 
Pharmacology of Heart Failure /Pharmacotherapy of CHF
Rajshri Ghogare
 
Chapter 2 Heredity, Prenatal Development, and Birth.pdf
MarjorieLopezTiu
 
3rd Neelam Sanjeevareddy Memorial Lecture.pdf
Academy of Grassroots Studies and Research of India (AGRASRI)
 
STATICS OF THE RIGID BODIES Hibbelers.pdf
pascualasturiaskaye4
 
A systematic review of self-coping strategies used by university students to ...
CleeveMoralde1
 
Institutional Correction lecture only . . .
limvtheghins
 
Module 4: Burden of Disease Tutorial Slides S2 2025
Jonathan Hallett
 
Saundersa Comprehensive Review for the NCLEX-RN Examination.pdf
sreejithcareers
 
GDM (1) (1).pptx small presentation for students
shrawanbpkihs
 
Cell Structure & Organelles in detailed.
DHANASHREESIVAKUMAR
 
school management -TNTEU- B.Ed., Semester II Unit 1.pptx
NihumathunnisaH
 
ANTIBIOTICS.pptx.pdf………………… xxxxxxxxxxxxx
HakHe
 
O7-L3 Supply Chain Operations - ICLT Program
labyankof
 
Black Hat USA 2025 - Micro ICS Summit - ICS/OT Threat Landscape
Chris Sistrunk
 
1st Inaugural Professorial Lecture held on 19th February 2020 (Governance and...
kawisojames10
 
OBE - B.A.(HON'S) IN INTERIOR ARCHITECTURE -Ar.MOHIUDDIN.pdf
ArchitectAFMMohiuddi
 
Supply Chain Operations Speaking Notes -ICLT Program
labyankof
 
Cell Types and Its function , kingdom of life
ClaireMangundayao1
 

A secure protocol for Spontaneous Wireless Ad Hoc Networks Creation

  • 1. A Secure Protocol for Spontaneous Wireless Ad Hoc Networks Creation SAHIL BAJAJ RAGHVENDRA YADAV
  • 2. Ad-Hoc Networks  In Latin, ad hoc means “for this purpose only”  An ad-hoc network is a small network, in which some of network devices are part of the network that are part of network only for short duration  Peer to peer communication by use of Wi-Fi and Bluetooth technology  Devices or nodes in the network are mobile in nature  The wireless hosts in such networks, communicate with each other without the existing of a fixed infrastructure and without a central control
  • 3. Ad Hoc Networks Wireless Network Topology
  • 4. Characteristics  No Infrastructure needed  Can be deployed quickly, where there is no wireless communication infrastructure present  Can act as an extension to an existing networks  Cost effective  Nodes are mobile and hence have dynamic network topology  Nodes in ad hoc network play role of both router and terminal  It is self-configuring
  • 5. Multi hop communication  May need to traverse multiple links to reach destination  Mobility causes route change
  • 6. Examples  Classroom  Ad hoc network between student PDAs and workstation of the instructor  Large IT campus  Employees of a company moving within a large campus with PDAS, laptops and cell phones  Disaster response  A mobile network as big as needed  Vehicles  Communicating with other vehicles for safety purpose
  • 7. Protocol  Creates a network which allows sharing resources and offering new services among users  Protocol includes all functions needed to operate without any external support  Provides access to information anywhere, user friendliness, and easy deployment  Builds a network consisting of mobile nodes that can communicate with each other, share resources, services during a limited period of time and in a limited space  Have little or no dependence on a centralized administration
  • 8.  Enables the user to have instant service without any external infrastructure  Services in spontaneous networks depend significantly on network size, the nature of the participating nodes and running applications  Tasks to be performed include: user identification, their authorization, address assignment, and safety  Energy constraints, node variability, and bandwidth limitations mandate the design  Existing methods are not enough because they need an initial configuration (i.e., network configuration) or external authorities (for example, central authorities)
  • 9.  The network and protocol proposed can establish a secure self-configured environment for distribution of data and sharing of resources and services among users.  A user is able to join the network because he/she knows someone that belongs to it, and hence in this way the certification authority is distributed between the users that trust the new user  The network management is also distributed, which allows the network to have a distributed name service  A mechanism is suggested which allows nodes to check the authenticity of their IP addresses while not generating duplicated IP addresses.  Asymmetric cryptography is applied for device identification , where each device has a public-private key pair and symmetric cryptography to exchange session keys between nodes
  • 10. Secure Spontaneous Network  Network members and services may vary because devices are free to join or leave the network  Steps for the creation of a network  1. Joining Procedure  2. Services Discovery  3. Establishing trusted chain and changing trust level
  • 11. Joining Procedure  System is based on the use of an IDentity Card (IDC) and a certificate  IDC contains public and private components  Public component contains a Logical Identity (LID), which is unique for each user and allows nodes to identify it  LID includes information such as name, photograph, user’s public key (Ki), the creation and expiration dates, an IP proposed by the user, and the user signature  The user signature is generated using the Secure Hash Algorithm (SHA-1) on the previous data to obtain the data summary  Data summary is signed with the user’s private key  Private component contains the private key (ki)
  • 12.  Certificate Cij of the user i consists of a validated IDC, signed by a user j that gives its validity  No central certification authority is used to validate IDC  The certification authority for a node could be any of the trusted nodes  All nodes can be both clients and servers, can request or serve requests for information or authentication of other nodes  The first node creates the spontaneous network and generates a random session key, which will be exchanged with new nodes after the authentication phase
  • 13.  When node B wants to join an existing network, it must choose a node within communication range to authenticate with(e.g., node A)  A will send its public key  Then, B will send its IDC signed by A’s public key  Next, A validates the received data  Finally, A will send its IDC data to B  This data will be signed by B’s public key will validate A’s IDC and will establish the trust  If A does not reply to the joining request, B must select another network node (if one exists)
  • 14.  Symmetric key is used as a session key to cipher the confidential messages between trust nodes  It has less energy requirements than the asymmetric key  The asymmetric key encryption scheme is used for distribution of the session key and for the user authentication process
  • 15. Services discovery  A user can ask other devices in order to know the available services.  It has an agreement to allow access to its services and to access the services offered by other nodes  The fault tolerance of the network has to be maintained  Services provided by B are available only if there is a path to B, and disappear when B leaves the network
  • 16. Establishing trusted chain and changing trust level  There are only two trust levels  Node A either trusts node B  Node A does not trust node B.  If node A do not establish trust level with node B directly, it can be established through trusted chains  If A trusts C and C trusts B, then A may trust B  Trust relationship can be asymmetric  Trust level can change over time  Node A may decide not to trust node B although A still trusts C and C trusts B  It can also stop trusting if it discovers that previous trust chain does not exist anymore
  • 17. Protocol and Network Management  Avoids the need for a central server, making the tasks of building the network and adding new members very easy  Each node is identified by an IP address  Services are shared using TCP connections  Short-range technology (Bluetooth) is used to allow authentication of nodes when they join the network  After the authentication process, each node learns the public information about other nodes
  • 18.  Depending on the type of service, each node requests the services  From all the nodes that it trusts  From all nodes in the network  Request to multiple nodes is made through diffusion processes  Protocol prioritizes access to information through trusted nodes  When the information cannot be obtained through these nodes, it can then ask other nodes  Nodes may request information from other nodes  The node replying to this request must sign this data ensuring the authenticity
  • 19. Network Creation  The first node in the network will be responsible for setting the global settings of the spontaneous network (SSID, session key, ...)  Each node must configure its own data (including the first node) such as IP, port, user data  This information will allow the node to become part of the network  After this data are set in the first node, it changes to standby mode  The second node first configures its user data
  • 20.  Then, the greeting process starts  Find a device that will give trust to it  The node that belongs to the network, and is responsible for validating the new node’s data, will perform a diffusion process  These nodes will forward the received packets to their neighbours until the data reach all nodes in the network  This process verifies uniqueness of the new node’s data  It authenticates against the first node  Each additional node authenticates with any node in the network
  • 21. Illustration  Steps for authentication of new device B  The receiver node A validates the received data  It then sends a broadcast message to check if these data are not used in the network (even the IP address)  This IP checking packet is sent randomly to all devices  When the authentication device receives the IP checking reply, it sends the authentication reply to the new device  If any step is wrong, an error message is sent to the new device  When the node is authenticated, it is able to perform several tasks
  • 22. Tasks performed by authenticated node  The authenticated node can perform the following tasks  Display nodes  Modify trust of nodes  Update the information • Allows a node to learn about other nodes in the network • update could be for only one user or for all users in the network  Process an authentication request • Reply to an information request requested information will be sent directly to the requesting node or routed if the node is not on the communication range
  • 23.  Forward an information request • The request will be forwarded if it is a broadcast message  Send data to one node • It can be sent symmetrically or asymmetrically encrypted, or unencrypted  Send data to all nodes • Done by flooding system • It can be sent symmetrically encrypted or unencrypted  Leave the network
  • 24. Protocol Implementation  Developed 16 packets for the proper running of the protocol  To join a spontaneous network start the process by sending a Discovery request packet (01)  Contains the Logical IDentity of the user in order to let the destinations know the sender device  Receivers will reply with the Discovery reply packet (02)  Contains Logical Identity and their IP address  Authentication request packet (03) - used for the new device authentication
  • 25.  Authentication reply packet (04) - confirms that the proposed IP and the email are unique, so the new device is authenticated  In case of duplication - error packet sent  IP and e-mail checking packet (05) – used by the authenticator device  verifies that no one in the network has the same email or IP address as the one proposed by the new device  IP and e-mail checking reply packet (06) - sent to authenticator device  verify that the IP and e-mail are unique
  • 26.  If IP is duplicated, device must restart the authentication process after the generation of a new IP  Update request to one node (07) - to request information to a specific known node  Update reply from one node (08) - to reply with information requested by update request packet to one node  Update request to all network nodes packet(09) – request made from all nodes in the network, by flooding  Update reply to all network nodes packet (10) - reply with the information requested
  • 27.  Certificate request to trusted nodes (11) - request the certificate from all trusted nodes  Certificate request to known nodes (12) - request the certificate from all known nodes  Certificate reply packet (13) – Reply to above two packets  Data are sent using the Packet for sending data (14)  Error packet (15) - to indicate that this operation is not possible  Authentication has failed  Node does not have the required data  Acknowledge packet(16) - to confirm to sender that the packet has arrived at its destination correctly
  • 28. ID Packet Name Description 01 P_DISCOVERY Discovery request 02 R_DISCOVERY Discovery reply 03 P_AUTHENT Authentication request 04 R_AUTHENT Authentication reply 05 P_IP IP and Email checking 06 R_IP Ip and Email checking reply 07 P_ACTUALIZA Update request to one node 08 R_ACTUALIZA Update request from one node 09 P_BROADCAST Update request to all network node 10 R_BROADCAST Update reply to all network node 11 P_NODO_CONF Certificate request to trusted node 12 P_NODO Certificate request to known node 13 R_NODO Certificate reply 14 P_DATOS Packet for sending data 15 16 P_ERROR P_ACK Error Acknowledge
  • 29. Session Key Revocation  Session key has an expiration time, so it is revoked periodically  A node that leaves the spontaneous network will keep the session key until it expires  It will let the user return to the network if it has joined previously(the spontaneous network is usually set up for a limited period of time)  However, if a node is disconnected from the network during the period of time when the session key has been renewed, it will not be able to access the network until it is authenticated again with someone from the network
  • 30. PERFORMANCE ANALYSIS  Java programming  Protocol may work on devices with limited resources, Java 2 Platform, Micro Edition (J2ME) is used  Also has a small and fast virtual machine (KVM) that allows us to run the software without overloading the device  Devices must have a minimum of 160 KB memory to store theJava technology stack  It can run when there are computing and process limitations, and for low-power devices  Allows the implementation of communication protocols over both WiFi and Bluetooth technologies
  • 31. CONCLUSION  We show the design of a protocol that allows the creation and management of a spontaneous wireless ad hoc network  A user without advanced technical knowledge can set up and participate in a spontaneous network  Storage and volatile memory needs are quite low and the protocol can be used in regular resource-constrained devices (cell phones, PDAs...)
  • 32. References  [1].Raquel Lacuesta, Jaime Lloret, Miguel Garcia, Lourdes Pen ˜alver , “A Secure Protocol for Spontaneous Wireless Ad Hoc Networks Creation” IEEE TRANSACTIONS ON PARALLEL AND DISTRIBUTED SYSTEMS, VOL. 24, NO. 4, APRIL 2013  [2]. https://en.wikipedia.org/wiki/Wireless_ad_hoc_network  [3]. https://www.youtube.com/watch?v=Jmfd4KPGPp0  [4]. http://www.cs.jhu.edu/~cs647/intro_adhoc.pdf