Certificate management in ad hoc networks

Morogan, Matei Ciobanu; Muftic, Sead

doi:10.1109/saintw.2003.1210182

Cited by 13 publications

(10 citation statements)

References 6 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Examples of these schemes include [23][24][25][26]. Other proposals such as [27,28] make the assumption that periodic access to on-line CAs is available; therefore CRLs can be obtained from the CAs. Then there are proposals such as [29] which make provision for certificate revocation, and do not assume that on-line CAs are accessible; but they do not provide protection against certificates being wrongfully revoked through malicious accusations.…”

Section: Related Workmentioning

confidence: 99%

A localized certificate revocation scheme for mobile ad hoc networks

et al. 2008

View full text Add to dashboard Cite

Section: Related Workmentioning

confidence: 99%

A localized certificate revocation scheme for mobile ad hoc networks

et al. 2008

View full text Add to dashboard Cite

“…Remark: There are other methods proposed in [3,4,11] which suggest that neighboring nodes can exchange information periodically in order to obtain the updated CRL. We believe that this may induce a longer delay than flooding in getting the latest information.…”

Section: Existing Workmentioning

confidence: 99%

Performance evaluation on CRL distribution using flooding in mobile ad hoc networks (MANETs)

Chan

Dong

et al. 2005

Proceedings of the 43rd Annual Southeast Regional Conference - Volume 2

View full text Add to dashboard Cite

In PKI (Public Key Infrastructure), certificate revocation list (CRL) carries important information of the revoked certificates. Users need to check with this CRL frequently to make sure that the certificate in consideration is still valid and has not been revoked. In a wired network, this CRL is stored in a centralized Certificate Authority (CA) and can be accessed easily by users. However, in a mobile ad hoc network (MANET), which is characterized by its lack of infrastructure support, high node mobility, and the instability of communication links, we usually have to use multiple CAs. Users may not be able to connect to a particular CA, so distributing the latest version of CRL to all CAs becomes important. To solve this CRL distribution problem, a number of proposed solutions have been suggested. Most of these solutions are based on flooding. However, under what conditions flooding is a viable approach to distribute information in an ad hoc network has not been elaborated. In this paper, we take the first step to answer this question by simulation based on a realistic model. We identify some critical factors affecting the performance of flooding. And based on the simulation results, we provide useful insights on the minimum requirement for flooding to work smoothly in MANET.

show abstract

“…Fortunately, security strategies [2], [4], [5], [8], [9], [11]with certificate management have been introduced to * Corresponding author counter against malicious attacks in MANETs in which each node must have a valid certificate from a trusted CA prior to joining the networks and any node cannot communicate with neighboring nodes without a valid certificate. The certificate can be easily validated because each node has the pubic key of the CA.…”

Section: Introductionmentioning

confidence: 99%

A High-Performance Distributed Certificate Revocation Scheme for Mobile Ad Hoc Networks

Guo¹,

Xu²,

Ju³

et al. 2014

2014 IEEE 13th International Conference on Trust, Security and Privacy in Computing and Communications

View full text Add to dashboard Cite

Mobile ad hoc networks (MANETs) are wireless networks which have a wide range applications due to their dynamic topologies and easy to deployment. However, such networks are also more vulnerable to attacks compared with traditional wireless networks. Certificate revocation is an effective mechanism for providing network security services. Existing schemes are not well suited for MANETs because of incurring much overhead or bring low accuracy on certificate revocation. Therefore, we propose a high-performance distributed certificate revocation scheme in which certificates of malicious nodes will be revoked quickly and accurately. Certificate revocation is the result of the collaborative effect of multiple accusations. For diluting damages to networks, one accusation is enough to limit the accusation function of the accused node. To enhance the accuracy of certificate revocation, our scheme requires nodes just accepting those accusations in which trust levels of accuser nodes are not less than accused nodes'. To guarantee the rapidity, we restore accusation functions of the falsely accused nodes after revoking certificates of all malicious nodes who ever accused them. Moreover, we design one mechanism to reward nodes who ever accused those malicious nodes, and in return, accusations made by them will accelerate the certificate revocation processes of other malicious nodes. Simulation results demonstrate the effectiveness and efficiency of our scheme in certificate revocation. In addition, our scheme achieves a great improvement of just limiting accusation functions of malicious nodes.

show abstract

Certificate management in ad hoc networks

Cited by 13 publications

References 6 publications

A localized certificate revocation scheme for mobile ad hoc networks

A localized certificate revocation scheme for mobile ad hoc networks

Performance evaluation on CRL distribution using flooding in mobile ad hoc networks (MANETs)

A High-Performance Distributed Certificate Revocation Scheme for Mobile Ad Hoc Networks

Contact Info

Product

Resources

About