Reducing the cost of security in link-state routing

Hauser, Ralf; Przygienda, Tony; Tsudik, Gene

doi:10.1109/ndss.1997.579226

Cited by 63 publications

(28 citation statements)

References 18 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Literature has many innovative methods [6,7,8] to ensure security for an ad hoc network. A suggestion is that there is a distinction between a network with an a priori trust relationship between nodes and one which lacks trust between nodes.…”

Section: Literature Reviewmentioning

confidence: 99%

An Statistical Technique to Mitigate Black Hole Attack in Wireless Network

Mahamuni¹,

Chandrasekar²

2012

IJCA

View full text Add to dashboard Cite

Network nodes function as routers in ad hoc networks forwarding data packets that had its genesis in other nodes for communication extending beyond transmission range. Usually, ad hoc network routing protocols are built to function well in non-adversarial surroundings. Routing protocol security is critical in settings where networks face attacks which disrupt communication.This paper proposes to simulate/study black hole attack impact in ad hoc networks with DSR routing protocol. The obtained output is the basis for a novel statistical method to identify black hole attack based on RREQ control packet sequence. The proposed method is able to identify black hole attacks in the network and avoid the node during new route discovery.

show abstract

Section: Literature Reviewmentioning

confidence: 99%

An Statistical Technique to Mitigate Black Hole Attack in Wireless Network

Mahamuni¹,

Chandrasekar²

2012

IJCA

View full text Add to dashboard Cite

show abstract

“…Addressing the cost of public key security in link state routing, Hauser, etc [10] present an efficient authentication mechanism with one-way hash chain function which was originally developed by Merkle, Lamport [6]. By hashing the time and a secrete number, each router generates two distinct hash chains with n distinct values for two link states, UP and DOWN, separately.…”

Section: Related Workmentioning

confidence: 99%

“…To solve the limitations mentioned in [10], Cheung [7] proposed an improved hash-chain authentication approach to efficiently protect the link state routing messages. After detecting the compromise, a bad routing update advertisement (BURA) including one bogus LSA with the smallest sequence number or largest checksum (s) is generated and signed with its private key, then flooded into the entire network.…”

Section: Related Workmentioning

confidence: 99%

An Integrated Solution to Protect Link State Routing against Faulty Intermediate Routers

Huang¹,

Wu²

2006

2006 IEEE/IFIP Network Operations and Management Symposium NOMS 2006

View full text Add to dashboard Cite

Abstract-The importance of the routers in the network and the vulnerability in the nature of the link state routing protocol highlight the necessity of effective routing protection against variant attacks. One of the severe attacks is from the faulty intermediate router (FIR) which intentionally compromises the LSA messages passing by and pollutes the routing tables of its downstream routers. Current security mechanisms are either too expensive or vulnerable to prevent this type of inside attack. To address the FIR attack, in this paper, we present a novel costreduced integrated solution which combines both fault-detection operations from routers and fault-tracing response from network management components. The significant properties of our system are the detectability of the abnormal behavior toward the LSAs and the traceability of the FIRs generating those bogus LSAs. The analysis of the memory requirement and the communication cost in our design demonstrate the feasibility and efficiency of our system.

show abstract

“…[19,12]), those in which skipping elements is rare (e.g. [8,13,33]), and those in which skipping elements is common (e.g. [27]).…”

Section: Verification Of One-way Chain Valuesmentioning

confidence: 99%

“…Lamport first proposed to use one-way chains for efficient authentication of one-time passwords [19], which Haller later refined to the S/KEY standard [12]. Since Lamport's work, many researchers proposed to use one-way chains as a basic building block for a variety of applications, for example for digital cash [2,14,26,30], for extending the lifetime of digital certificates [1,24], for constructing one-time signatures [10,22,23,31], for authenticating link-state routing updates [8,13,33], or for efficient packet authentication [27]. Despite the computational efficiency of one-way functions, one-way chains are still challenging to use in resource-constrained environments, such as on small mobile devices or sensor networks.…”

Section: Introductionmentioning

confidence: 99%

Efficient Constructions for One-way Hash Chains

Hu¹,

Jakobsson²,

Perrig³

2003

View full text Add to dashboard Cite

Public reporting burden for the collection of information is estimated to average 1 hour per response, including the time for reviewing instructions, searching existing data sources, gathering and maintaining the data needed, and completing and reviewing the collection of information. Send comments regarding this burden estimate or any other aspect of this collection of information, including suggestions for reducing this burden, to Washington Headquarters Services, Directorate for Information Operations and Reports, 1215 Jefferson Davis Highway, Suite 1204, Arlington VA 22202-4302. Respondents should be aware that notwithstanding any other provision of law, no person shall be subject to a penalty for failing to comply with a collection of information if it does not display a currently valid OMB control number. Keywords: One-way hash chains, efficient constructions, broadcast authentication. AbstractOne-way chains are an important cryptographic primitive in many security applications. Lamport first proposed to use one-way chains for one-time password authentication [19]. Subsequently, researchers proposed one-way chains as a basic building block for digital cash, for extending the lifetime of digital certificates, for constructing one-time signatures, for packet authentication, etc. As one-way chains are very efficient to verify, they recently became increasingly popular for designing security protocols for resource-constrained mobile devices and sensor networks, as their low-powered processors can compute a one-way function within milliseconds, but would require tens of seconds or up to minutes to generate or verify a traditional digital signature [6]. Recent sensor network security protocols thus extensively use one-way chains to design protocols that scale down to resource-constrained sensors [20,28]. Recently, researchers also proposed a variety of improvements to one-way hash chains to make storage and access more efficient [9,17,32], or to make setup and verification more efficient [16,20]. In this paper we present two new constructions for one-way hash chains, which significantly improve the efficiency of one-way chains. Our first construction, the Sandwich-chain, provides a smaller bandwidth overhead for one-way chain values, and enables efficient verification of one-way chain values if the trusted one-way chain value is far away. Our second construction, Comb Skipchain, features a new lower bound for one-way chains in terms of storage and traversal overhead. In fact previously, researchers [9] cite a lower bound of log 2 (n) for the product of per-value traversal overhead and memory requirements for onedimensional chains. We show that one can achieve a lower bound by considering multi-dimensional chains. In particular, our two-dimensional construction requires O(log(n)) memory and O(1) traversal overhead, thereby improving on the one-dimensional bound. In addition, the setup cost for the one-way chain is in contrast only O(n/ log(n)). Other benefits for both constructions include a faster verification s...

show abstract

Reducing the cost of security in link-state routing

Cited by 63 publications

References 18 publications

An Statistical Technique to Mitigate Black Hole Attack in Wireless Network

An Statistical Technique to Mitigate Black Hole Attack in Wireless Network

An Integrated Solution to Protect Link State Routing against Faulty Intermediate Routers

Efficient Constructions for One-way Hash Chains

Contact Info

Product

Resources

About