Distributed Certification Authority Generation to Enhance Autonomous Key Management for Group Communications in Mobile Ad-Hoc Networks

Abstract

A MANET is a collection of wireless mobile nodes dynamically forming a temporary network, without the use of fixed infrastructure, and this is exactly the environment envisioned for military operations by the Objective Force. Military command and control rely on secure group communications, therefore key management (KM) schemes that ensure secure communications under MANET constraints are required. However, without fixed infrastructure, e.g., Certification Authorities (CAs), and trusted third parties (TTPs), the design of KM becomes very difficult, since its most fundamental service entity authentication, privileges update/revocation - rely on these entities to establish trust among nodes, and terminate or renew participation to secure operations in a pre-agreed, global manner. Without this guarantee, all subsequent KM operations make no sense. So, it is of paramount importance to provide a secure authentication service that detects misbehavior and defends against dishonest users in the network. Thus, the challenge lies in dynamically generating mechanisms that provide individual nodes and KM groups with functionalities similar to those of the original CAs of fixed infrastructure. In this work, we develop distributed, scalable, and efficient mechanisms for dynamically generating CAs in MANETs, by distributing the tasks of a CA among legitimate members of existing KM groups (preferably hierarchical). We show how the features of our scheme render it superior in performance and resilience, and how group KM properties are exploited to avoid heavy bandwidth-delay solutions of other proposals in the literature.

Document Details

Document Type

Technical Report

Publication Date

Dec 01, 2004

Accession Number

ADA432129

Entities

Tags