## Cryptology ePrint Archive: Report 2004/159

Provably Secure On-demand Source Routing in Mobile Ad Hoc Networks

Gergely Acs and Levente Buttyan and Istvan Vajda

Abstract: Routing is one of the most basic networking functions in mobile ad hoc networks. Hence, an adversary can easily paralyze the operation of the network by attacking the routing protocol. This has been realized by many researchers, and several secure'' routing protocols have been proposed for ad hoc networks. However, the security of those protocols have mainly been analyzed by informal means only. In this paper, we argue that flaws in ad hoc routing protocols can be very subtle, and we advocate a more systematic way of analysis. We propose a mathematical framework in which security can be precisely defined, and routing protocols for mobile ad hoc networks can be analyzed rigorously. Our framework is tailored for on-demand source routing protocols, but the general principles are applicable to other types of protocols too. Our approach is based on the simulation paradigm, which has already been used extensively for the analysis of key establishment protocols, but to the best of our knowledge, it has not been applied in the context of ad hoc routing so far. We also propose a new on-demand source routing protocol, called endairA, and we demonstrate the usage of our framework by proving that it is secure in our model.

Category / Keywords: cryptographic protocols / provable security, routing protocols, wireless ad hoc networks

Publication Info: Preliminary results have been published at the ACM Workshop on Security in Ad Hoc and Sensor Networks, October 2004

Date: received 8 Jul 2004, last revised 24 Apr 2005

Contact author: buttyan at crysys hu

Available format(s): Postscript (PS) | Compressed Postscript (PS.GZ) | PDF | BibTeX Citation

Note: This technical report is an updated version of our earlier report that appeared on IACR ePrint. In this new version, we extend the adversary model to Active-y-x adversaries and we allow multiple parallel protocol runs. We also slightly modify the endairA protocol, and we propose a few variants of it.

Short URL: ia.cr/2004/159

[ Cryptology ePrint archive ]