An authentication service against dishonest users in mobile ad hoc networks

A mobile ad hoc network is a collection of wireless mobile nodes, dynamically forming a temporary network without the use of any existing network infrastructure or centralized administration. It is an emerging technology for civilian and military applications. However, security in mobile ad hoc networks is hard to achieve due to the vulnerability of the links, the limited physical protection of the nodes, and the absence of a certification authority or centralized management point. Similar to other distributed systems, security in mobile ad hoc networks usually relies on the use of different key management mechanisms. We exploit characteristics of an ad hoc network and present our authentication service to protect network security in the presence of dishonest users. Nodes originally trustable in the network may become malicious due to sudden attacks, so an adequate security support for authentication to deal with dishonest users who issue false public key certificates is crucial. We describe a new authentication service with a well-defined network model and a trust model. These models allow nodes in the network to monitor and rate each other with an authentication metric. We also propose a novel public key certificate operation, incorporating with a trust value update algorithm in public key authentication. The authentication service we propose is able to discover and isolate dishonest users in the network. Finally, we evaluate the proposed solution through simulation to demonstrate the effectiveness of the scheme.