A Survey on Key Management of Identity-based Schemes in Mobile Ad Hoc Networks

Kuo Zhao, Longhe Huang, Hongtu Li, Fangming Wu, Jianfeng Chu, Liang Hu
2013 Journal of Communications  
In mobile ad hoc networks (MANETs), the research on key management of identity-based scheme is attracting more and more attention. In this paper, we study on four types of identity-based schemes which resist key escrow problem at different degrees, and introduce several schemes for each type. Then, we give an overview of the characteristics of their key management, and made a summary of key generation and distribution. Subsequently, to build a more secure identity-based scheme for MANET, we
more » ... mmend some techniques to improve security and availability of its key management. Finally, we point out some problems of identity-based schemes in MANETs, which are not addressed and we will explore in the future.  Index Terms-MANETs, identity-based cryptography, key management I. INTRODUCTION A mobile ad hoc network (MANET) is a cooperative wireless network of mobile hosts (which we call nodes or users) that can communicate with each other without any centralized administration or preexisting infrastructure [1], [2] . The nodes of network operate both as communication end points as well as routers, enabling multi-hop wireless communication. Because of the rapidity, self-organizing, self-configuring and low cost for forming network, MANETs have attracted a lot of attention from both the research and industry communities, which are extensively employed in military, vehicle networks, disaster relief and emergency, where geographical or terrestrial constraints demand totally distributed networks. However, due to the wireless, bandwidth-limited, resource-constrained, and dynamic nature, MANETs are more vulnerable to security attacks [3] than their wired counterparts. Wireless communication, for example, is open to interference and interception, and malicious nodes might create, alter, or replay routing information to interrupt network operation. Moreover, malicious nodes may inject bogus data into the network to consume its . Public Key Certificates (PKCs). [6] As a powerful alternative to certificate-based PKI, identity-based cryptography (IBC) [7], [8] allows public keys to be derived from entities' known identity information, thus there is no requirement of CA and PKCs. Recent decade, IBC has attracted more and more attention from researcher, and a number of identity-based schemes [9]- [12] have been proposed. The advantages of identity-based key management: reducing the cost of storage, computation and communication, make IBC more suitable for bandwidth-limited and resourceconstrained MANETs. An identity-based scheme needs a Private Key Generator (PKG) to identify the user's ID and compute private key, which results single point of failure. Furthermore, there exits key escrow problem (inherent in identity-based cryptosystems), since PKG knows the private keys of all nodes. Similar to the CA in PKI, once PKG is not credible, system won't be able to ensure communication non-repudiation if the compromised PKG pretends to be user to send messages. In order to 768
doi:10.12720/jcm.8.11.768-779 fatcat:frkaotni2bfi7lcldt27oun2a4