Two-Party Key Agreement Protocol Without Central Authority for Mobile Ad Hoc Networks

Two-Party Key Agreement Protocol Without Central Authority for Mobile Ad Hoc Networks

Asha Jyothi Ch (JNTUH College of Engineering, Jagtial, India) and Narsimha G. (JNTUH Hyderabad, Hyderabad, India)
Copyright: © 2019 |Pages: 21
DOI: 10.4018/IJISP.2019100105

Abstract

Key agreement (KA) without the use of a central authority is an elementary cryptographic problem to ensure security in MANETs because such networks consist of movable nodes with no fixed infrastructure or no central administration. The nodes communicate via wireless channels that are more prone to security attacks. A majority of the existing KA protocols assume the existence of central authority and hence, not perfectly suitable for a MANET environment. Proposed 2P-NCKA (Two-Party Non-Central authority KA) protocol creates a secret key between two users for a MANET which does not assume the use of a central authority and a prior password. It uses pairings, a verifiable secret sharing scheme and routing protocol. The AOPMDV protocol allows transmission of multiple packets across multiple node-disjoint paths in parallel so that one packet is in each path. This article also cryptanalyzes Li's KA protocol and has proven its vulnerability towards a man-in-the-middle (MITM) attack. The 2P-NCKA protocol is secure against MITM attacks and all known attacks and addresses problems of Li's protocol with a small increase in execution time.
Article Preview
Top

1. Introduction

To protect a network against attacks by using encryption, it is necessary that the nodes must share a secret key or have exchanged public keys. For unstable ad hoc networks, the encryption keys may have to be exchanged on demand without using previous negotiated secrets. Key establishment (Menezes, van Oorschot, & Vanstone, 1996) enables two or more users to get access to a common secret key, for later cryptographic use. Key transport or Key agreement methods are typically used to establish keys over electronic communications networks. When keys are transported, one entity generates the key to be shared, and the same is distributed to the other entity. When keys are agreed upon, both entities supply data that is used to determine a shared key so that no individual entity can predetermine it. The main focus of this paper is to develop 2P-NCKA (Two-Party Non-Central authority Key Agreement) protocol, applicable in situations where two users do not have contact to TTP and do not share any prior password or secret. On the other hand, MANET (Cheng et al., 2016; Swain, Pattanayak, & Pati, 2018) consists of several mobile nodes which communicate via wireless channels, and there exists no fixed infrastructure or centralized administration. Indeed, MANETs being a wireless network enables it more prone to active and passive attacks. Further to prevent these attacks the established key can act as symmetric key to ensure security services like integrity, confidentiality, and authentication. Lack of central administration nature of MANETs leads to the challenge of developing security protocols without support of central authority. The current protocol is very much appropriate for MANETs due to lack of central authority. It can also be used to establish a key between a user and TTP where Identity-based, certificateless protocols assume the presence of a secure channel between a user and TTP say private key generator (PKG).

The public key cryptography (PKC) protocols for key conformity, as shown in Fig. 1 can be of two kinds: Central Authority Dependent and Central Authority Independent. Central authority dependent AKAPs are further classified into Public Key Infrastructure (PKI), Identity Based Cryptography (IBC), Certificateless Cryptography (CLC) and Certificate Based Cryptography (CBC). All these techniques involve the use of TTP say PKI and CBC uses Certification Authority (CA), IBC and CLC uses Key Generation Centre (KGC). These protocols also use ECC (Elliptic Curve Cryptography) and pairing based arithmetic but with the support of central authority. Yet there are protocols with Password, ECC and pairing operations without the use of central authority and are called central authority independent AKAPs.

Conventional PKI (Wang & Cao, 2007) suffers from heavy certificate management involving certificate revocation whereas IBC suffer from the key escrow problem and CLC resolves these problems but requires a secret channel between user and KCG and CBC resolves all these issues. Alike PKI, CBC also suffers certificate managing but without certificate revocation; alike IBC, CBC derives the public key from user’s identity. However, as shown in Table 1, all these four kinds of AKAPs suffer from the use of central administration which is infeasible to establish in MANET environment.

Table 1.
Limitations of existing mechanisms
MechanismLimitations for Ad Hoc Networks
PKIUse of TTP called CA leading to cumbersome certificate management
IBC• Every user must totally trust the TTP called KCG
• Suffers from key escrow problem as the private key of a user is known not only to him but also to KCG
• If KCG is compromised the private keys of all registered user’s under that KCG are revealed to the unauthorized users.
• Existence of secure channels between KCG and participants or users for KCG to securely transmit the corresponding private key to each registered user.
CLCExcept key escrow problem, all other problems of IBC retain in this mechanism
CBCAlike PKI, use of CA leading to cumbersome certificate management
ECCAssume the presence of Secure channel during registration phase
PasswordPresence of pre-shared password and/or secure channel
Li (2011) PairingMan-in-the-middle attack in Sec. 4

Complete Article List

Search this Journal:
Reset
Open Access Articles
Volume 14: 4 Issues (2020): 1 Released, 3 Forthcoming
Volume 13: 4 Issues (2019)
Volume 12: 4 Issues (2018)
Volume 11: 4 Issues (2017)
Volume 10: 4 Issues (2016)
Volume 9: 4 Issues (2015)
Volume 8: 4 Issues (2014)
Volume 7: 4 Issues (2013)
Volume 6: 4 Issues (2012)
Volume 5: 4 Issues (2011)
Volume 4: 4 Issues (2010)
Volume 3: 4 Issues (2009)
Volume 2: 4 Issues (2008)
Volume 1: 4 Issues (2007)
View Complete Journal Contents Listing