Cybersecurity Ad Hoc Network

Ad Hoc networks provide particular challenges in cybersecurity

• They are usually temporary
• They tend to have little or no security
• Members of the network may join and leave frequently
• They may become fragmented into multiple networks
• Some ad hoc networks will allow anyone to join the network
• Link quality may be sporadic requiring frequent rejoining

• Battery life may be limited

  Ad Hoc networks have some benefits

• They can be set up where and when required
• Members can be mobile and stay connected
• They provide redundancy of communication links
• No wiring of links required
• Members can easily join and rejoin the network
• Topology may vary – change frequently – fragment

Wireless communication uses TCP

• TCP does not deal with interference or lost packets very efficiently
• Contending for the communication channel slows down the network
• Efficiency of communications within a localised area is more efficient
• RTS / CTS implementation is more efficient on a busy channel

Communication:

• Nodes communicate through other nodes if not in range
• Multi-hop communication means the message is passing through other
• nodes which may be malicious
• May not pass on the message
• May try to read or alter the message
• May give false routing information
  • I am the shortest path to the destination

Ad hoc networks must:

• Cope with changing structure – topology
• Cope with bottlenecks in communication
• Cope with rapidly changing routes from node to node
  • Mobility
  • Joining & leaving
• Scale to the number of nodes both more and fewer

Routing

• Proactive vs Reactive
• Routing table from node to node?
• Route discovery for every message?
• Different topology may have different requirements
• Mobility vs static network
• Finding the shortest path accounting for ‘cost’
• Dykstra’s algorithm

We need security in a network to:

• Monitor behaviour
• Eject misbehaving nodes
• Keep messages confidential between a set of nodes if required
• CIA - cryptography
• If we allow any node (computer) to join, how is security applied?
• No prior planning
• No prior installation of cryptographic keys or certificates

1 key for the entire network

• Who creates the key?
• How is the key exchanged?
• If a node leaves, do we rekey?
• Encryption Key Management
• All messages will be able to be read by all nodes within range of the
• communication
• Forwards secrecy
• Backwards secrecy

Key pairs for every node

• 2 nodes = 1 key (a-b)
• 3 nodes = 3 keys (a-b, a-c, b-c)
• 4 nodes = 6 keys + ( a-d, b-d, c-d)
• 5 nodes = 10 keys + (a-e, b-e, c-e, d-e)
• 6 nodes = 15 keys + (a-f, b-f, c-f, d-f, e-f)
• Pattern – each additional node requires the number of nodes in the network -1 added to the keys n=n+(n-1)
• n=(n(n-1))/2 so 50 nodes = (50x49)/2 = 1225 key pairs
•  This gets to a large number of keys quickly

This solves the problem of a node leaving

• That key can easily be deleted
• Advise network that node 30 has left
• Delete node 30’s key
• How do we broadcast a message?
• 50 nodes means thousands of encryptions and decryptions as the message propagates through the network
• Messages may need to be resent if not all nodes receive the message
• Why? Route has changed? Reroute?

Implementation of security in ad hoc and mesh networks is difficult

• Each network may have a different topology
• IoT – node connected to a hub
• Mesh – no centre of the network ad hoc and mesh – all nodes equal
• Simplest method for manufacturers is to ignore security
• Let user assume the risk
• Other methods may or may not be possible
• VPN etc