RELIABLE AND FULLY DISTRIBUTED TRUST MODEL FOR MANET

ByAnirudh Bhardwaj 1110/06 IT-1

CONTENTS
MANET Introduction. Two main approaches. Threshold Cryptography. Our Approach. Notations Used. Overview of the system. Initialization Phase.

Joining Phase. Partial certificate creation and exchange. Conclusion.

MANET (MOBILE AD HOC NETWORKS)

Local network. Work without any infrastructure. Dynamically topology and Node mobility. Constrained battery power. The possibility of problems like spoofing, eavesdropping, etc. increases.

TWO MAIN APPROACHES

Models based on TTP (Trusted Third Party). Through full self-organization.

THRESHOLD CRYPTOGRAPHY
Based on polynomial interpolation. A (t, n) threshold scheme (t <= n) is a cryptographic technique that allows to hide a secret S in n different shares Si (1 < i < n), so that the knowledge of at least t shares is required to recover the initial secret S.

FULLY DISTRIBUTED MODEL - OUR APPROACH

Originally in PGP and in several other trust models, an efficient theory of trust relationship is produced which is based on: if A trusts B and B trusts C, then A can trust C. The sensitive point of the trust chain is the principal B, in which if B will be compromised, all chains of trust that pass through B will be considered incorrect.

Robust trust relationship concept: if A trusts B and B trusts C, then A can trust C if some other (k-1) trusted entities trust C. In order to provide the trust sharing we employ a (k, n) threshold cryptography scheme, where n is the number of entities in the system and k < n is the trust threshold.

NOTATIONS USED

OVERVIEW OF THE SYSTEM

Users public/private keys are created by users themselves. Certificate is checked via chains of public key. Certificates are stored and distributed by nodes themselves. Threshold cryptography scheme is included to resist against any false public key certificate issued by any malicious node.

During network initialization, each node i holds a share Si of the private key K(-1)system which is kept secret at a special node system dealer. Instead of using private keys to sign certificates, nodes will use their private shares. Partial certificates chains in the system are represented by a directed graph G(V, E ).

INITIALIZATION PHASE
System dealer is introduced. Each node gets its private shares from system dealer. Private key of the system is kept secret with the system dealer. Each member generates a partial certificate to each other member it trusts in the system. This allows creating a particular trust graph composed of partial certificates.

JOINING THE SYSTEM STEP 1

A new node request current neighbor member node to request joining. This member node is called delegate node. First new node create its public/private keys. Then it sends its key as a trust evidence to get a certificate for systems private key.

Delegate node broadcast the request to other member nodes. This process is repeated till delegate node gets atleast k partial certificates (pc) and combine them to form a complete certificate for new node.

JOINING THE SYSTEM STEP 2

To complete the process the new member node must get its own private share to participate in trust establishment. Here (k, n) scheme is changed to (k, n+1). No delegate member is needed. Member i broadcast its request signed with its private key in the network.

Once member node j receives the request, it verifies the signature in order to authenticate the request, and then computes for it a partial private share Each member .partial private share to the new member which computes its own private share.

PARTIAL CERTIFICATE CREATION AND EXCHANGE

If user i believes that a given public key Kj belongs to a given user j, then user i creates a public key partial certificate in which Kj is bound to user j, and signs it using its private share. MANET allows nodes to recover knowledge about other nodes by exchanging the partial trust graph.

CONCLUSION
Fully distributed system for MANET do not provide any special characteristic to any node. All type of networking is done in collaboration with other nodes.

THANKS