A Study on Certificate Revocation in Mobile Ad Hoc Networks

Certificate revocation is an important security component in mobile ad hoc networks (MANETs). Owing to their wireless and dynamic nature, MANETs are vulnerable to security attacks from malicious nodes. Certificate revocation mechanisms play an important role in securing a network. When the certificate of a malicious node is revoked, it is denied from all activities and isolated from the network. The main challenge for certificate revocation is to revoke the certificates of malicious nodes promptly and accurately. In this paper, we build upon our previously proposed scheme, a clustering-based certificate revocation scheme, which outperforms other techniques in terms of being able to quickly revoke attackers´ certificates and recover falsely accused certificates. However, owing to a limitation in the scheme´s certificate accusation and recovery mechanism, the number of nodes capable of accusing malicious nodes decreases over time. This can eventually lead to the case where malicious nodes can no longer be revoked in a timely manner. To solve this problem, we propose a new method to enhance the effectiveness and efficiency of the scheme by employing a threshold based approach to restore a node´s accusation ability and to ensure sufficient normal nodes to accuse malicious nodes in MANETs. Extensive simulations show that the new method can effectively improve the performance of certificate revocation.