Integrating trust establishment into routing protocols of today's MANETs

摘要

Conventional network protocols and its security mechanisms fail to cope with arising challenges in trust. Well known concepts from the domain of Trusted Computing can be applied to the example of mobile ad-hoc networks (MANETs) in order to establish extended trust capabilities between devices. The approach of such an anchor of trust in MANETs shows interesting possibilities since no central instances such as Access Points are involved in those networks. The communication between directly connected devices of the network is protected by a cryptographic protocol making use of a Trusted Platform Module (TPM) that serves as root-of-trust on each device. Such a hardware chip allows devices to attest the local system state and assess states of remote systems. Building on this, transmission of routing and payload data can be restricted to devices in trustworthy states. The resulting mobile ad-hoc network, by using this protocol, is protected against many of today's security threats. Single malicious devices are automatically recognised and excluded from participation in the network by all devices. Especially the dissemination of misleading routing information, which affects the availability of the whole network, is effectively prevented by the developed protocol. Thus, it is shown that the device itself is secured by a hardware TPM. Also the communication is secured, by verifying the device's state between the counterparts.