An Authentication Service Based on Trust and Clustering in Mobile Ad Hoc Networks

Wireless ad hoc network is a collection of mobile nodes dynamically forming a temporary network without a centralized administration. This kind of network has been applied for both civilian and military purposes. However, security in wireless ad hoc networks is hard to achieve due to the vulnerability of the links, the limited physical protection of the nodes, and the absence of a certification authority or centralized management point. Consequently, novel approaches are necessary to address the security problem and to corporate with the properties of wireless ad hoc network. Similar to other distributed systems, security in wireless ad hoc networks usually relies the use of different key management mechanisms. In this paper, we present a public key authentication service to protect security in the network with malicious nodes. Nodes originally trustable in the network may be compromised after the attacks. These malicious nodes can harm the authentication service by signing false certificates, so adequate measure is essential to protect the network security. We develop a novel authentication service based on trust and clustering. It involves a well-defined network model and a trust model. These models allow nodes in the network to monitor and rate each other with an authentication metric. We also propose a new public key certificate operation, and corporate with a trust value update algorithm in public key authentication. Our authentication service is able to discover and isolate malicious nodes in the network. Finally, we perform security evaluation on the proposed solution through simulation. We simulate the network with malicious nodes and measure a number of metrics. In addition, comparison and analysis are made between our approach and the Pretty Good Privacy with distributed certificate repository to demonstrate the effectiveness of the