Adversary models

In Section 2.6.2 we have mentioned adversary models that are commonly used to prove security of cryptographic protocols. Adversary models reflect certain capa- bilities of an attacker, and a protocol is secure in an adversary model if it can resist any attack within the defined attacker’s capabilities. Adversary models therefore provide a framework for clearly defining the security properties of protocols, which is crucial in the complex environment of MANETs.

Attackers vary in their capabilities, and an adversary model might contain a certain percentage of different classes of attacker. The concrete categorisation of attackers depends on the respective protocol. General classes of attacker are passive attackers, active attackers and Byzantine attackers. In an adversary model, the adversary is an abstract entity that controls a certain number of attacking nodes. We will stick to these terms, i.e., an adversary is the abstract entity and an attacker or attacking node is the physical entity that runs the attack. We give a rough categorisation of adversaries that needs to be refined depending on the respective protocol.

• A passive adversary (also called honest-but-curious) will only eavesdrop on the network communication.

• An active adversary may use the corrupted nodes to prevent the normal func- tioning of the network via snooping, dropping, modifying, and/or fabricating network messages. Nodes that are actively involved in such attacks and the corresponding faults are called malicious or Byzantine.

• A combined adversary controls a number of nodes that only eavesdrop as well as another set of nodes that runs active attacks.

2.7 Summary

A further categorisation of the adversaries might be required due to different node capabilities. An assumption that holds in many MANET environments is that at- tacking nodes have the same computational and communicational capabilities as the honest nodes. Unless otherwise defined, we assume in this thesis that attackers have the same capabilities as honest nodes; in particular, we think of malicious nodes as compromised nodes which consequently have the same capabilities as honest nodes.

2.7

Summary

In this chapter we have given an overview and discussed the challenges of design- ing distributed protocols for MANETs. We started by defining the specific type of MANETs we focus on in this thesis, so called Tactical MANETs, which have high se- curity requirements but typically benefit from pre-configuration. We have identified the characteristics of symmetric and asymmetric key cryptography which facilitate the development of efficient protocols suitable for power-constrained devices. The distribution of symmetric and asymmetric key material is a major issue in MANETs; we have given an overview of existing key distribution techniques and have shown the importance of distributed trust authorities. After an overview of distributed trust authorities, we introduced the concept of secret sharing which provides the basis for the development of secure distributed protocols. Finally, we have reviewed the most important attacks in MANETs.

Chapter 3

Simulation environment for Tacti-

cal MANETs

Contents

3.1 Modelling the physical layer . . . 54 3.1.1 Mobility model . . . 55 3.1.2 Ray-optical propagation model . . . 62 3.2 Simulation scenarios . . . 71 3.2.1 Overview and purpose of simulation scenarios . . . 71 3.2.2 Application of simulation scenarios . . . 72 3.2.3 Detailed description of simulation scenarios . . . 73 3.3 Summary . . . 76

In this chapter we discuss the challenges in developing simulators for MANETs. We introduce two extensions to the physical layer of the network simulator NS-2: a lightweight ray optical radio propagation model and a group mobility model. We furthermore define simulation scenarios that are used in Part I of the thesis to investigate and validate network protocols.

Simulations are an important tool to evaluate the performance and reliability of network protocols in MANETs, where topology changes and their impact on protocols are unpredictable. Ongoing changes in communication protocols (e.g.,

3.1 Modelling the physical layer

802.11) and new capabilities of network devices require the continuous adaptation of network simulation tools.

The main challenge in developing network simulators is modelling the physical layer. As soon as the physical layer is simulated, protocols from all higher levels can be correctly implemented in exactly the same way as they are implemented on real devices. Results from network simulators have to be handled with care. The simulation of the physical layer can only provide an approximation of reality. Mistakes that are made in simulating the physical layer may cause amplified mistakes in the network layer, and so on throughout the network stack. Factors that need to be simulated in the physical layer are the movement of the nodes and the transmission of radio waves used for wireless communication. Taken together, these factors yield an approximate model for the physical layer. In Section 3.1 we introduce our extensions of the physical layer in NS-2, which allow us to implement the simulation scenarios defined in Section 3.2. We use these simulation scenarios to validate the efficiency and reliability of the network protocols investigated in Part I of this thesis.

3.1

Modelling the physical layer

As stated above, the main factors that need to be modelled in the physical layer are the movement of the network nodes and the radio wave propagation.

The movement of the nodes in mobile networks is simulated by mobility models. Mobility models are typically separated from network simulators, so that each mo- bility model can be used for several network simulators. In Section 3.1.1 we discuss why most of the mobility models used in today’s simulations are unsuitable to give a good approximation of a military network, and we develop a new group mobility model suitable for Tactical MANETs.

3.1 Modelling the physical layer

In Section 3.1.2 we introduce our radio propagation model, which is particularly suitable to model urban environments. The interested reader can find a comprehen- sive overview of network simulators and their usage in [79].