Distributed symmetric key management for mobile ad hoc networks

Key management is an essential cryptographic primitive upon which other security primitives are built. However, none of the existing key management schemes are suitable for ad hoc networks. They are either too inefficient, not functional on an arbitrary or unknown network topology, or not tolerant to a changing network topology or link failures. Recent research on distributed sensor networks suggests that key pre-distribution schemes (KPS) are the only practical option for scenarios where the network topology is not known prior to deployment. However, all of the existing KPS schemes rely on trusted third parties (TTP) rendering them inapplicable in many ad hoc networking scenarios and thus restricting them from wide-spread use in ad hoc networks. To eliminate this reliance on TTP, we introduce distributed key pre-distribution scheme (DKPS) and construct the first DKPS prototype to realize fully distributed and self-organized key pre-distribution without relying on any infrastructure support. DKPS overcomes the main limitations of the previous schemes, namely the needs of TTP and an established routing infrastructure. It minimizes the requirements posed on the underlying networks and can be easily applied to the ad hoc networking scenarios where key pre-distribution schemes were previously inapplicable. Finally, DKPS is robust to changing topology and broken links and can work before any routing infrastructure has been established, thus facilitating the widespread deployment of secure ad hoc networks.