Authentication in distributed systems: theory and practice
ACM Transactions on Computer Systems (TOCS)
The official PGP user's guide
The &OHgr; key management service
Journal of Computer Security
Key Agreement in Dynamic Peer Groups
IEEE Transactions on Parallel and Distributed Systems
The quest for security in mobile ad hoc networks
MobiHoc '01 Proceedings of the 2nd ACM international symposium on Mobile ad hoc networking & computing
Information and Computation
Performance analysis of the CONFIDANT protocol
Proceedings of the 3rd ACM international symposium on Mobile ad hoc networking & computing
Handbook of Applied Cryptography
Handbook of Applied Cryptography
Ariadne: a secure on-demand routing protocol for ad hoc networks
Proceedings of the 8th annual international conference on Mobile computing and networking
Securing ad hoc routing protocols
WiSE '02 Proceedings of the 1st ACM workshop on Wireless security
COCA: A secure distributed online certification authority
ACM Transactions on Computer Systems (TOCS)
Cryptography and Network Security: Principles and Practice
Cryptography and Network Security: Principles and Practice
IPTPS '01 Revised Papers from the First International Workshop on Peer-to-Peer Systems
A Distributed Light-Weight Authentication Model for Ad-hoc Networks
ICISC '01 Proceedings of the 4th International Conference Seoul on Information Security and Cryptology
An Identity-Based Signature from Gap Diffie-Hellman Groups
PKC '03 Proceedings of the 6th International Workshop on Theory and Practice in Public Key Cryptography: Public Key Cryptography
Self-Organized Public-Key Management for Mobile Ad Hoc Networks
IEEE Transactions on Mobile Computing
Self-Securing Ad Hoc Wireless Networks
ISCC '02 Proceedings of the Seventh International Symposium on Computers and Communications (ISCC'02)
Recent-secure authentication: enforcing revocation in distributed systems
SP '95 Proceedings of the 1995 IEEE Symposium on Security and Privacy
Intrusion detection techniques for mobile wireless networks
Wireless Networks
A certificate revocation scheme for wireless ad hoc networks
Proceedings of the 1st ACM workshop on Security of ad hoc and sensor networks
Pilot: Probabilistic Lightweight Group Communication System for Ad Hoc Networks
IEEE Transactions on Mobile Computing
Distributed Computing
URSA: ubiquitous and robust access control for mobile ad hoc networks
IEEE/ACM Transactions on Networking (TON)
IEEE Network: The Magazine of Global Internetworking
Self-initialized Distributed Certificate Authority for Mobile Ad Hoc Network
ISA '09 Proceedings of the 3rd International Conference and Workshops on Advances in Information Security and Assurance
The fable of the bees: incentivizing robust revocation decision making in ad hoc networks
Proceedings of the 16th ACM conference on Computer and communications security
A self-organized mechanism for thwarting malicious access in ad hoc networks
INFOCOM'10 Proceedings of the 29th conference on Information communications
Efficient certification path discovery for MANET
EURASIP Journal on Wireless Communications and Networking
Review: Certification-based trust models in mobile ad hoc networks: A survey and taxonomy
Journal of Network and Computer Applications
Self-organizing life cycle management of mobile ad hoc networks
Security and Communication Networks
Safeguarding ad hoc networks with a self-organized membership control system
Computer Networks: The International Journal of Computer and Telecommunications Networking
| Hi-index | 0.01 |
Securing ad hoc networks is notoriously challenging, notably due to the lack of an online infrastructure. In particular, key management is a problem that has been addressed by many researchers but with limited results. In this paper, we consider the case where an ad hoc network is under the responsibility of a mother certification authority (mCA). Since the nodes can frequently be collectively isolated from the mCA (e.g., for a remote mission) but still need the access to a certification authority, the mCA preassigns a special role to several nodes (called servers) that constitute a distributed certification authority (dCA) during the isolated period. We propose a solution, called DICTATE (DIstributed CerTification Authority with probabilisTic frEshness), to manage the dCA. This solution ensures that the dCA always processes a certificate update (or query) request in a finite amount of time and that an adversary cannot forge a certificate. Moreover, it guarantees that the dCA responds to a query request with the most recent version of the queried certificate in a certain probability; this probability can be made arbitrarily close to 1, but at the expense of higher overhead. Our contribution is twofold: 1) a set of certificate management protocols that allow trading protocol overhead for certificate freshness or the other way around, and 2) a combination of threshold and identity-based cryptosystems to guarantee the security, availability, and scalability of the certification function. We describe DICTATE in detail and, by security analysis and simulations, we show that it is robust against various attacks.