Contact at or 8097636691
Responsive Ads Here

Thursday, 22 February 2018

Efficient Public Key Certificate Management for Mobile Ad Hoc Networks(2011)

Efficient Public Key Certificate Management 

for Mobile Ad Hoc Networks(2011)

Mobile ad hoc networks involve communications over a shared wireless channel without any centralized infrastructure. Consequently, in an optimal solution, management and security services depend exclusively on network members. The main contribution of this paper is an efficient public key management scheme that is suitable for fully self-organized mobile ad hoc networks where all nodes play identical roles. Our approach implies that the operations of creating, storing, distributing, and revoking nodes’ public keys are carried out locally by the nodes themselves. The goal of the presented methods is the improvement in the process of building local certificate repositories of nodes. In order to do it, an authentication solution based on the web of trust concept is combined with an element of routing based on the multipoint relay concept introduced in the optimized link state routing protocol.
A Mobile Ad hoc Network (MANET) is a highly dynamic wireless network with no fixed infrastructure and heavy constraints in node capabilities. Such characteristics unable the use of the classical public key management paradigm based on a centralized Certification Authority (CA). Research on the deployment of a Public Key Infrastructure (PKI) in MANETs has been mainly two tiered so far. In particular, the two main approaches we can find in the bibliography are a distributed certification model and a self organized scheme. The methods here described and evaluated are aimed at improving the process of building the local certificate repository associated to each node in the self-organized model, which leads to a significant improvement in the efficiency of the whole model. Particularly, a considerable decrease in resource consumption while undertaking the verification process associated to authentication is obtained from the experiments. In order to achieve such improvement, we face the problem by combining typical authentication elements with common ideas used in routing protocols in MANETs.
            The application of the Multipoint Relay Technique in the update process of public key certificate repositories in MANETs has been evaluated in this work. For the assessment of this proposal, several experiments with an implementation developed in JAVA have been carried out. According to these experiments the presented alternative outperforms the original graph-based and self-organized model in several aspects. The most relevant improvements of the proposed MPR-based method are a higher certificate rate included in he repository and the shorter generated certificate chains. They result in a less need of interaction among nodes during the building process of an authentication chain and lead to a more efficient verification procedure. Our immediate goal is to adapt the developed implementation to a network simulator in order to evaluate the behavior of the method with different mobility models.
1)      Forming a random network.
2)      Connecting the network.
3)      Cluster formation.
4)      Generating public and secrete keys.
5)      Distribution of secrete key.
6)      Generation of certificates.
1. Forming a random network
          First we accept the number of nodes and place all the nodes on “work panel” randomly. Here we use a separate panel for placing these nodes. This panel will be added to the “main window” (Frame). Each device actual position will be taken into an array. This array will be used to identify the neighbors within its range.
2. Connecting the network:
            After placing the nodes in the network, all the nodes should be connected. To check this connection of nodes with in network we use dfs() method .In dfs() we visit all the nodes, if all nodes are visited, then we say that the network is connected. This process is done until each and every node in the network is connected. Since we are using connected dominating set mechanism to form cluster
3. Cluster formation:
                After the network is connected we start the cluster formation. Cluster formation will be done in three steps.
Step 1: mark process is done. In mark process we find the neighbors of the every node and if any node having greater than two neighbors and are disjoint, then it is selected as cluster head.
Step 2: Adjust process is done next. In this process, we reduce the cluster heads formed in mark process. For each cluster heads selected in step1 we check the neighbors of neighbors of cluster head and if there are at least two distinct neighbors which are not in the neighbor list of neighbors of cluster head, then cluster head is remains as cluster head otherwise it acts as normal node we check
if((highnbrs<2 && lownbrs<2))
if it is true then our cluster head becomes cluster head otherwise it will become ordinary node.
Step 3: step 1 and step 2 are done in continue process after that we take every node in the network and do this step. First we take node as parent node if parent node is head then we find the neighbors of parent node, we take each neighbor and check whether it is cluster head and its node number is not equal to parent node number then we find the nearest cluster head distance and we take node number as near index. If parent node does not contain any cluster heads in its neighbors then it will become the cluster head other wise near index node (the head node with lowest distance from the parent node) it will become the cluster head. And it will take all the neighbors and parent node as its cluster members.
If parent node is not a cluster head then we take all its neighbors and check for cluster with lowest distance then it will become as cluster head and all its members including parent node will become cluster members.
Finally the head nodes which are generated here will become the final cluster heads and properly they arrange their cluster members.

4. Generating public and secrete keys:
 The cluster head is responsible for generating the key pair (public/ secrete key).
                      pair = Utils.generateRSAKeyPair();
 The generated secrete key is now put in the form of polynomial equations. Polynomial equations are build by the function build secrete.
                public static Polynomial []get Polynomials(int cof[],Big Integer M,int n)
 In this function we take number of nodes in cluster and generate that number of polynomials.           
5.  Distribution of secrete key:
          Cluster head distributes the secrete key to all its members. Cluster head distributes the secrete key by send poly () function.       
                        public void sendPoly ()
In this function secrete keys which are in polynomial form are send to all the cluster member nodes.
6. Generation of certificates:
          Complete certificate is generated by the cluster head by combining all the partial secrete keys from k(threshold) no of nodes. First cluster head collects k no of polynomials from k nodes and solve those k polynomials by solvepoly (), and build Secret () functions. Based on key pair using k polynomial equations it solves and get the variable values and recover the secrete key. Cluster head now generates the certificate by using X509 certificate and sign that certificate with the recovered secrete key. This will be useful while we send the data to any node through the cluster head.
Send Data:
            Data is sending from one node other node in network using Dynamic Source Routing Protocol. The data is of any of the Route Request, Route Reply, and X509Certificate, Polynomial or Message type. If the data is of Message type then certificates will be verified by the cluster heads of source and destination nodes. If those certificates are valid then only data will be sent otherwise new certificates are requested from the CA nodes and data will be send. That certificate request will be taken place using sendCertReq () and issued by issue_Cert () methods in Node class.
Software Requirements
Ø  Operation System          :           Windows XP
Ø  Language used              :           Java (swings)
Hardware Requirements     
Ø  Processor                     :           Pentium IV
Ø  RAM                                :           512MB
Hard Disk                           :           40GB

No comments:

Post a Comment