A Clean Slate Approach to Secure Wireless Networking

摘要

The design of secure protocols for wireless ad-hoc networks is an important problem in communication systems research. A seemingly fundamental limitation of the design process is that any new protocol only addresses the vulnerabilities detected in its predecessors, leaving the remaining vulnerabilities unaffected. Hence, the design process amounts to an arms race between more sophisticated attacks and protocol fixes. To change this situation, a framework is needed for secure protocol design that offers provable performance and security guarantees against all possible attacks on the network. This monograph proposes such a framework, contingent on some underlying model assumptions. The framework consists of a game defined between protocols and adversarial strategies in which the adversarial strategy is selected after the protocol has been revealed to all of the nodes. Each choice of protocol and adversarial strategy results in a payoff that corresponds to the functionality retained by the network, despite the adversarial activity. The design imperative is to choose the protocol that maximizes this payoff. Two scenarios are considered: networks in which the nodes are initially synchronized and unsynchronized respectively. In each scenario, a protocol is described and three results are proved. First, the protocol is max-min optimal with respect to the payoff. The max-min payoff is the best that can be achieved because the protocol is always known to the adversarial nodes before the adversarial strategy is chosen. Second, the protocol is min-max optimal; there is a Nash equilibrium in the space of protocols and adversarial strategies. By implication, the adversarial nodes gain no strategic advantage from knowing protocol a priori. Finally, the adversarial nodes are effectively confined to one of two behavior modes: either jam or conform to the protocol, neither of which can be prevented by any protocol.