International Journal of Emerging Technology and Advanced Engineering
Website: www.ijetae.com (ISSN 2250-2459,ISO 9001:2008 Certified Journal, Volume 3, Issue 1, January 2013)
426
Applying Security to Data Using Symmetric Encryption in
MANET
Amol Bhosle
1, Yogadhar Pandey
2Department of Computer science & Engineering,SIRT Bhopal
Abstract-- Mobile ad-hoc network is wireless network composed of different nodes communicate with each other without having to establish infrastructure. The security of such network is a major concern. To improve the security of such network, technique proposed here is securing routing protocol AODV through the use of Symmetric Encryption algorithm AES. This secures the data as well as preserves the confidentiality. Further future work to be carried as of node authentication using IP address and using the AODV routing protocol and digital signature scheme.
Keywords-- Mobile ad-hoc, symmetric encryption
algorithm, confidentiality, AODV, Digital signature, IP address
I. INTRODUCTION
Ad-hoc networks are characterized by dynamic topology, self-configuration, self-organization, restricted power, temporary network and lack of infrastructure. Characteristics of these networks lead to using them in disaster recovery operation, smart buildings and military battlefields. Routing protocol in ad-hoc networks are classified into three main categories, proactive , reactive and hybride. In proactive routing protocols, routing information of nodes is exchanged, periodically. In reactive routing protocol routing information of nodes gathered on time when needed. In hybride the combination of the two are used.
A mobile ad hoc network has following features:
A] Autonomous Terminal:
In MANET, each mobile terminal is an autonomous node, which may function as both a host and a router. Besides the basic processing ability as a host, the mobile nodes can also perform switching functions as a router. So usually endpoints and switches are indistinguishable in
MANET.
B] Distributed Operation:
For the central control of the network operations, the control and management of the network is distributed among the terminals.
The nodes involved in a MANET should collaborate amongst themselves and each node acts as a relay as needed, to implement functions e.g. security and routing.
C] Multihop Routing:
Basic types of ad hoc routing algorithms can be single-hop and multisingle-hop, based on different link layer attributes and routing protocols. Single-hop MANET is simpler than multihop in terms of structure and implementation, with the cost of lesser functionality and applicability. When delivering data packets from a source to its destination out of the direct wireless transmission range, the packets should be forwarded via one or more intermediate nodes
D] Light –weight Terminal:
In most cases, the MANET nodes are mobile devices with less CPU processing capability, small memory size, and low power storage. Such devices need optimized algorithms and mechanisms that implement the computing and communicating functions.
The cryptographic algorithms are classified into two different types such as symmetric and asymmetric.
International Journal of Emerging Technology and Advanced Engineering
Website: www.ijetae.com (ISSN 2250-2459,ISO 9001:2008 Certified Journal, Volume 3, Issue 1, January 2013)
427
In a public key environment you are assured that the public keys to which you are encrypting data is in fact the public key of the intended receiver. The identification of correct public key of proper person is more difficult without using any third party.
In mobile ad hoc network, each mobile node acts as a host as well as a router.Ad Hoc on Demand Distance Vector routing protocol is a reactive routing protocol which establish a route when a node requires sending data packets. It has the ability of unicast & multicast routing. It uses a destination sequence number (DestSeqNum) which makes it different from other on demand routing protocols. It maintains routing tables, one entry per destination and an entry is discarded if it is not used recently. It establishes route by using RREQ and RREP cycle. If any link failure occurs, it sends report and another RREQ is made.But in existing AODV, there is no reliable security provided for the transmission of the data.
Design Goal of routing algorithm
Design of secure routing algorithm has one or more goals
Optimality
Optimality refer to capability of routing algorithm to select best rout, which depends on the metrics and metric weighting used to make calculation , one routing algorithm may use number of hops and delay, but it may weight delay more heavily in calculation. Naturally, routing protocol must define their metric calculation algorithm strictly.
Simplicity and Low overhead
Routing algorithms also are designed to be simple as possible. In other word, the routing algorithm must offer is functionality efficiently, with minimum of software and utilization overhead.
Robustness and stability
Routing algorithm must be robust, which means that should perform correctly in the face of unusual or unforeseen circumstances, such as hardware failure, high load conditions and incorrect implementation. Because router is located at network junction point, they can cause considerable problem when they fail.
Rapid C bvonvergence
In addition routing algorithm must converge rapidly. Convergence is process of agreement, by all routers, on optimal router.
When the network event causes router to either go down or become available , router distribute routing update message that permeate network, stimulating recalculation of optimal routes and eventually causing all router to agree on these route. Routing algorithm that converges slowly can cause routing loop or network outages.[9]
Flexibility
Routing algorithm should also flexible, which means that they quickly and accurately adapt to variety of network circumstances. Routing algorithm can be programmed to adopt to change in network bandwidth, router queue size, and network delay, among other variable.
II. LITERATURE SURVEY
Shiva et al proposed [2] proposed the method that the digital signature based secure data transmission in wireless sensor networks. They used the asymmetric key crypto system (public) for the security. To generate the digital signature MD-5 hash function is used. Also RSA algorithm is used which provides digital signature as well as secrecy. The results are compared with AOMDV which is a extension of AODV protocol.
Changhui et al [1] proposed method that provide a scheme that with hash based message authentication code to overcome the shortcomings. Hash based message authentication code using cryptographic hash functionsuch as SHA-1 in combination with secret key.It provides the integrity of information transmitted over a unreliable mediun based on secret key.In this method HMAC checking and symmetric ecryption used to replace complicated ECC to achieve secure communication.
M.A.Matin et al [5] proposed a method on symmetric encryption technique with AES algorithm in MANET and WLAN. Symmetric encryption is faster and requires less computational processing time. The increase in key size as well as block size,the security gets enhanced and linear cryptanalysis and differential cryptanalysis require more time to break the proposed cipher here.
International Journal of Emerging Technology and Advanced Engineering
Website: www.ijetae.com (ISSN 2250-2459,ISO 9001:2008 Certified Journal, Volume 3, Issue 1, January 2013)
428
S.Thadvai et al. [3] proposed a method based on message recovery which includes message and the signature hence the communication cost is lower for the message recovery method.In this method they used the Authentication Encryption Scheme (AES) for message recovery.
Mare.S.F. et al. [6] proposed a method that uses AES, RSA for securing sensitive data that assures integrity, authenticity and security.
Luis et al.[8] proposed the method a pair-wise key based scheme for forming secured private clusters in mobile adhoc networks.The solution tackles the problem of node authentication combined with traffic encryption in relatively small adhoc networks using proactive neighbour discovery and authentication.
III. ANALYSIS OF AODVPROTOCOL
Adhoc-On demand distance vector (AODV) is an on demand routing protocol which is used to find a route between source node and destination node as needed. Figure 1. Shows the route discovery process[7]. It uses control messages such as Route Request (RREQ) and Route Reply (RREP) for establishing a route. The source node broadcasts an RREQ message. This message is propogated from source and received by neighbours i.e. intermediate nodes.These nodes then broadcasts RREQ message to their neighbours. This process continues until the packet is received by destination node
Figure1. Traversal of Control messages
Security Goals
In providing a secure networking environment some or all of the following service may be required
1. Authentication:This service verifies the identity of node or a user, and to be able to prevent impersonation.
In wired networks and infrastructure-based wireless networks, it is possible to implement a central authority at a point such as a router, base station, or access point. But there is no central authority in MANET, and it is much more difficult to authenticate an entity. Authentication can be providing using encryption along with cryptographic hash function, digital signature and certificates.
2. Confidentiality:Keep the information sent unreadable to unauthorized users or nodes. MANET uses an open medium, so usually all nodes within the direct transmission range can obtain the data. One way to keep information confidential is to encrypt the data, and another technique is to use directional antennas. It also ensures that the transmitted data can only be accessed by the intended receivers.
3. Integrity: Ensure that the data has been not altered during transmission. The integrity service can be provided using cryptography hash function along with some form of encryption. When dealing with network security the integrity service is often provided implicitly by the authentication service.
4. Availability: Ensure that the intended network security services listed above are available to the intended parties when required. The availability is typically endure by
redundancy, physical protection and other
non-cryptographic means, e.g. use of robust protocol.
5. Non-repudiation: Ensure that parties can prove the transmission or reception of information by another party, i.e. a party cannot falsely deny having received or sent certain data. By producing a signature for the message, the entity cannot later deny the message. In
public key cryptography, a node A signs the message using its private key. All other nodes can verify the signed message by using A’s public key, and A cannot deny that its signature is attached to the message.
6. Access Control:To prevent unauthorized use of network services and system resources. Obviously, access control is tied to authentication attributes. In general, access control is the most commonly thought of service in both network communications and individual computer systems.
IV. PROBLEM STATEMENT
International Journal of Emerging Technology and Advanced Engineering
Website: www.ijetae.com (ISSN 2250-2459,ISO 9001:2008 Certified Journal, Volume 3, Issue 1, January 2013)
429
(a)A security association must exist between network
members, these security associations ensure
authentication and non repudiation for trusted nodes.
(b)Sensitive information must be exchanged
confidentially between the nodes in the network.
(c)Integrity of the information exchanged within the
network has to be maintained so that corrupted messages are detected and blocked.
Hongbo Zhou [4] proposed the method that serves the uniqueness of address allocation and secure distribution of the public key. It used DAD message format which includes hash value of IP address, IP address signed with private key. The authentication and confidentiality was not provided here.The security of data is very important aspect in transmission of data.
In Murthy et al. [2] they used digital signature and protocol used is EENDMRP which is a proactive routing protocol which uses multipath routing and used in Wireless sensor network. Here they compared their results with plain AOMDV protocol.
V. PROPOSED METHODOLOGY
As symmetric cipher algorithm allows us to store the data in a compressed encryption form which results in a small size database. Also it performs faster encryption/ decryption. Due to these advantages we are using symmetric cipher algorithm to perform data encryption and decryption. This will also serve confidentiality
This method is applied on AODV protocol for securing the data. And results are compared with the normal AODV and this secured.
First we find the route to the node to which we wish to communicate. For this we use the concept the broadcast the control message using AODV routing protocol. i.e.
With the routing protocol AODV we search for the required node. When we found the node the receiving node sends route reply message.
If any malicious node attempts to establish the connection then with the help of IP address we come to know about it and we can divert the traffic towards receiver through another route.
We can vary the keys sizes in AES algorithm.
VI. SIMULATION RESULT
The figure shows the working of our method. We have first established the route using AODV.
Then the encrypted data is send over the channel through AES symmetric encryption algorithm using key size 128 bits. The encrypted data is then received by receiver and again decrypted by the receiver using same key.
[image:4.612.323.567.210.371.2]In this way the data is secured over the channel in routing protocol AODV.
Figure 2. Data encryption and decryption
The main advantage is that the confidentiality is preserved in this method. And also symmetric key cryptography is faster.
VII. CONCLUSION
In this method the normal working of AODV is modified by using the symmetric key cryptography,to improve the security of such network through the use of Symmetric Encryption algorithm AES. This secures the data as well as preserves the confidentiality.
VIII. FUTURE SCOPE
The modification can be done in this method using the public key cryptography and digital signature to authenticate the participating nodes in the communication network. This will preserve the integrity as well as authentication and non repudiation. And the performance can be measured in terms of the metrics as End to End delay and throughput.
International Journal of Emerging Technology and Advanced Engineering
Website: www.ijetae.com (ISSN 2250-2459,ISO 9001:2008 Certified Journal, Volume 3, Issue 1, January 2013)
430
REFERENCES
[1 ] Changhui Hu,Tat Wing Chim,S.M. Yiu,Lucas C.K. Hui, Victor O.K.Li “Efficient HMAC-based secure communication for VANETs” Computer Networks 56, Elsevier 2012.
[2 ] Shiva Murthy G.Robert John D’Souza, Golla Varaprasad “Digital Signature-Based Secure Node Disjoint Multipath Routing Protocol for Wireless Sensor Networks” IEEE sensors Journal vol.12.No.10, October2012.
[3 ] S.Thadvai, D.N.Tiwari, D.Jena, M.Ma ”A novel authenticated encryption scheme with convertibility” Mathematical And Computer Modelling, Elsevier(2012)
[4 ] Hongbo Zhou,Matt Mutak,Lionel Ni “Secure autoconfiguration and Public key Distribution for Mobile Ad-hoc Networks” IEEE 2009
[5 ] M.A.Matin,Md.Mohir Hossain et al ”Performance Evaluation of Symmetric Encryption Algorithm in MANET and WLAN” IEEE Technical postgraduates 2009 International conferernce.
[6 ] Mare,S.F. “Secret data communication system using steganography, AES and RSA” SIITME IEEE (2011)
[7 ] Lakshmi et al “Modified AODV protocol against blackhole attacks in MANET” International Journal of Engineering and Technology Vol.2 (6), 2010, 444-449
[8 ] Luis Sanchez, Jorge Lanza,Luis Munoz,Kimmo Ahola,alution “Securing the communication in Private Heterogeneous Mobile Adhoc Networks”,Springer (2008)
