Group Protocols for secure wireless Ad-hoc netoworks(Aparna Kasturi, Swethana Pagadala, Sree Chand Kamisetty, Srikanth Nannapaneni)Abstract—In this paper we address the problem of key distribution over multi hopwireless Ad-hoc networks. Key management is an essential cryptographic primitive uponwhich other security primitives are built. However, none of the existing key managementschemes are suitable for ad hoc networks. They are either too inefficient, not functionalon an arbitrary or unknown network topology, or not tolerant to a changing networktopology or link failures. Recent research on distributed sensor networks suggests thatkey pre-distribution schemes (KPS) are the only practical option for scenarios where thenetwork topology is not known prior to deployment. However, all of the existing KPSschemes rely on trusted third parties (TTP) rendering them inapplicable in many ad hocnetworking scenarios and thus restricting them from wide-spread use in adhoc networks.To eliminate the reliance on TTP , we address Key Distribution patterns, KDP. KDPmainly over comes the need of TTP and established routing infrastructure. However.KDP assumes there exits secure point to point connection for all the nodes in thenetwork.This can be achieved using Blooms key distribution scheme. KDP guaranties that thenetwork is secure even though t nodes are compromised (event of node captured).Introduction—Ad hoc networks are a new paradigm of wireless communication for mobile hosts (whichwe call nodes). In an ad hoc network, there is no fixed infrastructure such as base stationsor mobile switching centers. Mobile nodes that are within each other’s radio rangecommunicate directly via wireless links, while those that are far apart rely on other nodesto relay messages as routers. Node mobility in an ad hoc network causes frequentchanges of the network topology. Figure 1 shows such an example: initially, nodes A andD have a direct link between them. When D moves out of A’s radio range, the link isbroken. However, the network is still connected, because A can reach D through C, E,and F.Figure 1Military tactical operations are still the main application of ad hoc networks today. Forexample, military units (e.g., soldiers, tanks, or planes), equipped with wirelesscommunication devices, could form an ad hoc network when they roam in a battlefield.Ad hoc networks can also be used for emergency, law enforcement, and rescue missions.Since an ad hoc network can be deployed rapidly with relatively low cost, it becomes anattractive option for commercial uses such as sensor networks or virtual classrooms.Security is an important issue for ad hoc networks, especially for those security-sensitiveapplications. To secure an ad hoc network, we consider the following attributes:availability, confidentiality, integrity, authentication, and non-repudiation.Availability ensures the survivability of network services despite denial of serviceattacks. A denial of service attack could be launched at any layer of an ad hoc network.On the physical and media access control layers, an adversary could employ jamming tointerfere with communication on physical channels. On the network layer, an adversarycould disrupt the routing protocol and disconnect the network. On the higher layers, anadversary could bring down high-level services. One such target is the key managementservice, an essential service for any security framework.Confidentiality ensures that certain information is never disclosed to unauthorizedentities. Network transmission of sensitive information, such as strategic or tacticalmilitary information, requires confidentiality. Leakage of such information to enemiescould have devastating consequences. Routing information must also remain confidentialin certain cases, because the information might be valuable for enemies to identify and tolocate their targets in a battlefield.Integrity guarantees that a message being transferred is never corrupted. A message couldbe corrupted because of benign failures, such as radio propagation impairment, orbecause of malicious attacks on the network.Authentication enables a node to ensure the identity of the peer node it is communicatingwith. Without authentication, an adversary could masquerade a node, thus gainingunauthorized access to resource and sensitive information and interfering with theoperation of other nodes.Finally, non-repudiation ensures that the origin of a message cannot deny having sent themessage. Non-repudiation is useful for detection and isolation of compromised nodes.When a node A receives an erroneous message from a node B, non-repudiation allows Ato accuse B using this message and to convince other nodes that B is compromised.The salient features of ad hoc networks pose both challenges and opportunities inachieving these security goals.First, use of wireless links renders an ad hoc network susceptible to link attacks rangingfrom passive eavesdropping to active impersonation, message replay, and messagedistortion. Eavesdropping might give an adversary access to secret information, violatingconfidentiality. Active attacks might allow the adversary to delete messages, to injecterroneous messages, to modify messages, and to impersonate a node, thus violatingavailability, integrity, authentication, and non-repudiation. The three main security goalsrequired in ad-hoc group communication are Session secrecy: Compromise of temporarily leaving nodes cannot discover the common key of the new groupForward secrecy: Compromise of permanently leaving nodes cannot discover the common keys of all future groups.Backward secrecy: If a new node joins the network it cannot discover the common keysof all previous groups.Secondly, nodes, roaming in a hostile environment (e.g., a battlefield) with relativelypoor physical protection, have non-negligible probability of being compromised.Therefore, we should not only consider malicious attacks from outside a network, butalso take into account the attacks launched from within the network by compromisednodes. Therefore, to achieve high survivability, ad hoc networks should have a