Cryptology ePrint Archive: Report 2007/324

Towards provable security for route discovery protocols in mobile ad hoc networks

Mike Burmester and Breno de Medeiros

Abstract: Mobile ad hoc networks (MANETs) are collections of wireless mobile devices with restricted broadcast range and resources, and no fixed infrastructure. Communication is achieved by relaying data along appropriate routes, that are dynamically discovered and maintained through collaboration between the nodes. Discovery of such routes is a major task, both from an efficiency and from a security point of view.

Recently, a security model tailored to the specific requirements of MANETs was introduced by Acs, Butty\'{a}n, and Vajda. Among the novel characteristics of this security model is that it promises security guarantees under concurrent executions, a feature of crucial practical implication for this type of distributed computation. A novel route discovery algorithm called endairA was also proposed, together with a claimed security proof within the same model. In this paper we show that the security proof for the route discovery algorithm endairA is flawed, and that moreover this algorithm is vulnerable to a {\em hidden channel} attack. We also analyze the security framework that was used for route discovery, and argue that composability is an essential feature for ubiquitous applications. We conclude by discussing some of the major security challenges for route discovery in MANETs.

Category / Keywords: Secure routing, MANET security, concurrent security, subliminal channels, universal composability, provably secure protocols.

Publication Info: Submitted to Transactions of Mobile Computing a few weeks ago.

Date: received 16 Aug 2007, last revised 24 May 2008

Contact author: burmesetr at cs fsu edu

Available format(s): PDF | BibTeX Citation

Note: Better motivation and some corrections.

Version: 20080524:214409 (All versions of this report)

Discussion forum: Show discussion | Start new discussion


[ Cryptology ePrint archive ]