Research On Route Authentication For Mobile Ad Hoc Network

As a kind of network entity authentication,routing authentication is one of the important measures to guarantee the network transmission security and network information security,especially the security of MANET(Mobile Ad hoc Network).Due to the lack of sufficient security considerations in the design of routing protocols of networks such as MANET,the existing networks are subject to various attacks such as black hole attack,wormhole attack,and impersonation attack in various applications today.It is necessary to study the secure route authentication mechanism to resist these attacks.The AODV(Ad hoc on-demand Distance Vector)routing protocol is a primary on-demand routing protocol specially used for MANET.Many MANET protocols are variants and improvements based on AODV.Over the last decade,various improvements to AODV have failed to effectively defend against a variety of network attacks,particularly against black holes.Therefore,this thesis makes the following contributions to establish a new mechanism for route authentication.Firstly,this thesis analyzes the security vulnerability of AODV protocol,and then proposes a way to improve the original AODV routing control message by adding authentication extension domain field,and takes the AODV protocol of the new model as the application and verification in case of routing authentication theory and method.Secondly,the node status value is generated with the security parameters pre-configured in the network node and with the security recursive function principle,and combined with the node status value and the routing control message,a Node Authentication Code(NAC)similar to the Message Authentication Code(MAC)is formed and assigned to the Authentication extension domain field.Thirdly,to construct a secure NAC,the stream cipher mechanism is adopted to realize the fusion of key,node identity data,and packet control data.Fourth,to form a whole authentication for the route(i.e.,the authenticated chain of nodes),the features of secure recursive functions,namely the shift register sequences and of the linear complexity are used to forms a unique and directed association among the nodes.Finally,still according to the features of state transition of shift register sequence,ensure that each time the node authenticates the next hop node,there is no need to increase the length of NAC,it leads that the data re-expansions would not be a problem during the authentication from the source node to the destination node,and thus provides a new method to solve the authentication feasibility problem caused by the authentication data expansion which has not been solved by any other known node chain authentication technology.In this thesis,the NS-2 system is used for the simulation experiment of the proposed routing authentication technology.Both the AODV protocol and the improved AODV protocol are implemented on NS-2,and the performance is compared in the case of the black hole attack on the uncertain malicious nodes.The results show that the new scheme proposed in this thesis can effectively defend the black hole attacking without weakening or reducing other capabilities of the AODV protocol.