1 CHAPTER1 INTRODUCTION In our daily life, the importance of computer increases.Itcreatesnew demandsfor connectivity. Solutions of wired network have been around for a long time but there is increasing demand on working solutions of wireless network for connecting to the Internet. A mobile ad-hoc network (MANET) is a dynamic, wireless distributed network system which consists of various numbers of mobile devices that are free to move in any direction, independent of each other. The wireless nodes in MANET can communicate with each other through a direct wireless link or multi-hop routing within their communication range; whereas devices that are not in the communication range use intermediate node(s) to communicate with each other. In these two types of cases, all the nodes automatically participated in the communication to form a wireless network. Therefore, this wireless network can be seen as mobile ad hoc network. Mobilead-hoc networks (MANETs) are future wireless networks consisting entirely of mobile nodes that communicate on-the- move without base stations. A MANET is a network consisting
Transcript
1
CHAPTER1
INTRODUCTION
In our daily life, the importance of computer increases.Itcreatesnew demandsfor
connectivity. Solutions of wired network have been around for a long time but there is
increasing demand on working solutions of wireless network for connecting to the
Internet.
A mobile ad-hoc network (MANET) is a dynamic, wireless distributed network system
which consists of various numbers of mobile devices that are free to move in any
direction, independent of each other. The wireless nodes in MANET can communicate
with each other through a direct wireless link or multi-hop routing within their
communication range; whereas devices that are not in the communication range use
intermediate node(s) to communicate with each other. In these two types of cases, all the
nodes automatically participated in the communication to form a wireless network.
Therefore, this wireless network can be seen as mobile ad hoc network.
Mobilead-hoc networks (MANETs) are future wireless networks consisting entirely of
mobile nodes that communicate on-the-move without base stations. A MANET is a
network consisting of a set of mobile nodes capable of communicating with one another
while not facilitating the infrastructure of the network.
Figure 1.1: Mobile Ad hoc Network[28]
2
1.1Congestion Control
Congestion is a major issue in the MANET. Congestion occurs when the number of
packets is being transmitted through the network anddecreases the packet handling
capacity of the network. If the packet arrives is faster than the routing the packet, then
buffers will full and congestion occurs.
Congestion control is the process of controlling the traffic into the communication
networks. Congestion control concerns controlling traffic into a network, so as to avoid
or minimize interruption by either reducing the rate of sending packets or follows the
different path from source to destination for communication.The goal of congestion
control is to control the overflow of the buffer due to the congestion in the network and
minimize the delay. Congestion control mechanism provides efficiency in the network.
1.2Security
In recent years, security in MANET is expected as the pre-establishment of specific
information among the participating nodes, so that the future communication can be
secured through a newly designed protocol which deploys cryptographic mechanisms
over the pre-established information.
Cryptography is the technique of writing the message secretly code by changing message
into a kind of non-recognizable by its attackers. In cryptography, cryptography is the
technique of remodeling data by encryption formula (called cipher) to form it
undecipherable by anyone except those acquires special information, typically known as
a key. The output of this technique is encrypted data referred to as a cipher text. The
reverse of encoding in cryptography is the process that decrypts the encrypted data by
using key. Cryptography formula will be classified into radially symmetrical (single key)
and uneven (pair of keys) cryptography.
The sender node uses the key to encode the plain text (original) message into cipher text
(encoded)and sends cipher text to destination node. The destination node applies identical
key to decode the cipher text into plain text. The key ought to be strongly shared with
3
destination node before it starts its transmission. The strength of the symmetric key
encryption algorithm depends on the key size used[28].
There are principally five security services [3][7]:
Authentication: Authentication is the process of identifying an individual.
Authentication is the process of determining whether someone or something is, in fact,
who or what it is declared to be. Authentication would possibly involve confirming the
identity of an individual, tracing the source of a whole message.
Confidentiality: Message data is unbreakable, secure from unauthorized party.
Confidentiality is a set of rules that limits access or places restrictions.Confidentiality
refers to limiting information access and disclosure to authorized users and preventing
access by or disclosure to unauthorized ones.Confidentiality is related to the data privacy.
Integrity: Integrity refers to the trustworthiness of information resources.Message is
unedited throughout communication. Integrity is a concept of consistency of methods,
actions, principles, values, measures, expectations, and outcomes.Data cannot be changed
inappropriately either accidently or intentionally.
Non-repudiation: Non-repudiation means that the source of the message cannot deny
having consigned themessage.Non-repudiation is a way to guarantee that the sender of a
message cannot later deny having sent the message and that the recipient cannot deny
having received the message. Non-repudiation can be obtained through the use of digital
signatures.
Availability: Availability of a system is typically measured as a factor of its reliability -
as reliability increases, so does availability. An information system that is not available
when you need it is almost as bad as none at all. Availability of a system may also be
increased by the strategy on focusing of increasing testability & maintainability.
4
1.3Proposed Goals
The objectives of this dissertation are:
Design and implementation of MANETs.
Performing the shortest path from source to destination using existing algorithm.
Implementation of proposed algorithm in MANETs.
Analyzing the delay time in MANETs after including security in existing
algorithm.
Analyzing the throughput of MANETs after including security in existing
algorithm.
1.4Research Methodology
The aim of the proposed work is to implement secure congestion control algorithm on
MANET. In this, MATLAB (R2010b) is used as the tool for successful implementation
of the secure congestion control algorithm as a proposed work.
DES is a block cipher with key length 56 bits.Encryption of a block of message takes
place in 16 rounds. From the key of input, 48 bit size of 16 keys are created, one for each
round. In each round, S-boxes are created. These S-boxes are setup in the specification of
the standard. Using the S-boxes, collections of six bits are mapped to groups of four bits.
The contents of these S-boxes have been defined by the U.S. National Security Agency
(NSA).
The block of the message is divided into two halves. The right half is spread from 32 to
48 bits using another fixed table. The result is combined with the sub-key for that round
by using the XOR operation. Using the S-boxes, the 48 bits of the result are then
transformed again to 32 bits, which are permutated again subsequently byusing another
fixed table. This by now thoroughly shuffled right half is now attached with the left half
using the XOR operation. In the next round, this combination can be used as the new left
half [9].
5
1.5Dissertation Outline
In this chapter, we gives an overview of the proposed goals and research methodology of
the proposed algorithm on MANET and a brief introduction of MANET, Congestion
Control and Security in MANET.
Chapter 2 (BACKGROUND): In this chapter, we describe different security algorithms
for MANET and analysis of security in MANET.
Chapter 3 (LITERATURE REVIEW):In this chapter, weprovide previous research on
MANET, design characteristics in MANET, various different types of security aspects
and security approach in MANET.
Chapter 4 (SECURE CONGESTION CONTROL ALGORITHM): In this chapter,
wedescribe the algorithm on which this dissertation works. Description of security with
congestion control in MANET is the main aim of this chapter.
Chapter 5 (IMPLEMENTATION): This chapter includes the actual implementation of
the simulation a secure congestion control algorithm in MANET to send secure data.
Chapter 6 (RESULTS AND ANALYSIS): In this chapter, we generate the results of the
actual implementation and analyze the performance of the MANET.
Chapter 7 (CONCLUSION AND FUTURE SCOPE): This chapter describes the
conclusion of the work done in this dissertation. In this chapter, we also provide the
future perspective of the work done.
6
CHAPTER 2
BACKGROUND
Mobile ad-hoc network is a self-configuring, infrastructure less, decentralized network
that desires a strong dynamic routing protocol. To accommodate the requirements of
communication for mobile ad-hoc network several routing protocols are planned. A
mobile ad-hoc network is a collection of mobile devices connected by wireless link.
Since every device in a mobile ad-hoc network is to move independently in any direction.
Every device continuously maintains the data needed to properly route traffic that is the
primary challenge in building a mobile ad-hoc networks. Such networks could operate by
themselves or is also connected to the larger network [4].
2.1 Security algorithms in MANET
2.1.1 RSA
RSA is an algorithm for public-key cryptography.RSA stands for Ron Rivest, Adi Shamir
and Leonard Adleman.
RSA uses a public key and a private key. The public key distributed over network and is
used for encrypting messages. Messages which are encrypted by the public key can only
be decrypted by using the private key [5].
The RSA algorithm involves following three steps:
Step 1: Key Generation:
RSA algorithm is generated the keys as following way:
Choose two distinct prime numbers p and q.For security purposes, theinteger’s p and q
should be chosen uniformly at random and should be of similar bit-length. Prime integers
can be efficiently found using a preliminarytest.
Step 1: Compute n = p.q,
n is used as the modulus for both the public and private keys.
7
Step 2: Compute φ(pq) = (p − 1)(q − 1).
Step 3: Choose an integer e such that 1 < e < φ(pq), and e and φ(pq) share no
divisors other than 1 (i.e. e and φ(pq) are co-prime).
e is released as the public key exponent.
e having a short bit-length and small Hamming weight results in more
efficient encryption. However, small values of e(such as e = 3) have been
shown to be less secure in some settings.
Step 4:Determine d (using modular arithmetic) which satisfies the congruence
relation.
de ≡ 1 mod (φ(pq))
Stated differently, ed − 1 can be evenly divided by the quotient (p−1)(q−1)
This is often computed using the extended Euclidean algorithm.
d is kept as the private key exponent.
The public key consists of the modulus n and the public (or encryption) exponent e.The
private key consists of the private (or decryption) exponent d which must be kept secret.
Step 2:Encryption
Destination node transmits its public key (n,e) to source node and keeps the private key
secret. Then, source wants to send message M to Destination. It first turns M into an
integer 0 < m < n by using an agreed-upon reversible protocol known as a padding
scheme. It then computes the cipher text c corresponding to:
C = me mod n.
Source device then transmits c to Destination device.
Step 3: Decryption
Destination node can regenerate m from C by using her private key (n, d) by the
following computation:
D = Cd mod n.
8
2.1.2 Key Distribution
Nowaday, researches show that MANETs are highly vulnerable to various security
threats due to their inherent characteristics. This leaves ad-hoc key management and key
distribution as a wide open problem.In powerful management of keys, keeping the keys is
one of the key factors for the successful diffused deployment of keys of the
cryptography[6].
ID-based cryptography (IBC) has been getting encouragement in recent years. The idea
of identity based cryptosystem was first proposed by Shamir [16] to simplify the
conventional public key cryptosystem, and make the key management easier[17]. Khalili,
et. al introduced a protocol for management and authentication in the ad-hoc network that
is based on an ID-based scheme[18].
2.1.3 Symmetric encryption - DES
Symmetric cryptography is a cryptographic technique using a single key for both
encoding and decoding. A single key is use to make the process of decoding simple
reverse process of encoding. Thus, both sender and recipient choose a key of a given
length and use it to encode and decode message over the network[9][11].
Figure 2.1: Symmetric key encryption & decryption process
Data Encryption Standard (DES)has been a worldwide standard for data encryption for
more than two decades before. On May 15, 1973, National Institute for Security
Technologies (NIST) issued a public request for a data encryption algorithm. This request
eventually resulted in the DES implementation. DES was officially endorsed by the U.S.
government in 1977 as an encryption standard. Although it was originally developed
9
byIBM (who holds the patent for DES). DES is the best-known and most widely used
cryptosystem in the world[10][20].
The algorithm is designed to encode and decode the blocks of data consisting of 64 bits
under control of a 64-bit key. Decoding must be accomplished by using the same key as
for encoding, but with the schedule of addressing the key bits altered so that the decoding
process is the reverse of the encoding process. A block to be encoded is subjected to an
initial permutation (IP), then to a complex key-dependent computation and finally to a
permutation which is the inverse of the IP[21].
Figure 2.2: DES Algorithm
10
Encoding
The input block is of 64 bits that is to be encoded are first subjected to the 64 bits
permutation, is known as the initial permutation i.e. IP:
Table 2.1: Initial Permutation
5850
4234
2618
10 2
6052
4436
2820
12 4
6254
4638
3022
14 6
6456
4840
3224
16 8
5749
4133
2517
9 1
5951
4335
2719
11 3
6153
4537
2921
13 5
6355
4739
3123
1 7
That is the permuted input has 58th bit of the input as the first bit of the IP, 50th bit as its
second bit, and so on with bit 7 as its last bit. Then, IP input block is the input to a
complex key-dependent computation.
The output of that computationsubjected to the following permutation which is the IP -1
(inverse of the initial permutation):
Table 2.2: Inverse of Initial Permutation
40 84
816
5
624
6
432
39 74
715
5
523
6
331
38 6 4 14 5 22 6 30
11
6 4 2
37 54
513
5
321
6
129
36 44
412
5
220
6
028
35 34
311
5
119
5
927
34 24
210
5
018
5
826
33 14
19
4
917
5
725
Theoutput of the algorithm has 40th bit of the IP-1as its first bit, 8th bit as its second bit,and
so on, until 25th bit of the IP-1 block is the last bit of the output.
The computation which uses the permuted input block as the input of the algorithm to
produce the IP block consists, but for a final exchange of blocks of 16 rounds of a
calculation that is described below in terms of the cipher function f which operates on
two blocks, one of 32 bits and one of 48 bits, and produces a block of 32 bits. The 64 bits
of the input block provided to a round consist of a 32 bit block L followed by a 32 bit
block R.
Using the notation defined in the introduction, the input block is then LR.
Let K be a block of 48 bits chosen from the 64-bit key. Then the output L'R' of iteration
with input LR is defined by:
L' = R
R' = L Ө f(R,K)
Where, Ө denotes bit-by-bit addition modulo 2.
12
The input of the first iteration of the calculation is the inverted input block. If L'R' is the
output of the 16thiteration. Then R'L' is the IP block. At each iteration, a different block K
of key bits is chosen from the 64-bit key designated by KEY.
Decoding
The permutation IP-1 applied to the IP block is the inverse of the IP applied to the input.
Further, from (1) it follows that:
R = L'
L = R' Ө f(L',K)
Consequently, the same algorithm is to be applied to decode the encoded message block.
The same block of key bits K is used at each round of the computation during decoding
as was used during the encoding of the block.
Using the notation, this can be expressed by the equations:
Rn-1 = Ln
Ln-1 = Rn Өf(Ln,Kn)
Where R16L16 is inverted input block for the decoding calculation and L0R0 is the IP
block. That is, for the decoding calculation with R16L16 as the permuted input, K16 is used
in the first round, K15 in the second, and so on, with K1 used in the 16th round.
The Cipher Function f
A sketch of the calculation of f(R,K) is given in
13
Figure 2.3: Calculation of f(R, K)
Let E denote a function which takes a 32 bits block as input and yields a 48 bits block as
output. Let E be such that the 48 bits of its output, inscribed as 8 blocks of 6 bits each, are
acquired by selecting the bits in its inputs in order according to the following table:
Table 2.3: E Bit Selection
32 1 2 3 4 5
4 5 6 7 8 9
8 9 10 11 1
2
13
12 1
3
14 15 1
6
17
16 1 18 19 2 21
14
7 0
20 2
1
22 23 2
4
25
24 2
5
26 27 2
8
29
28 2
9
30 31 3
2
1
Thus the first three bits of E(R) are the bits in positions 32, 1 and 2 of R while the last 2
bits of E(R) are the bits in positions 32 and 1. Each of the unique selection functions
S1,S2...S8 takes a 6-bit block as input and yields a 4-bit block as output and is illustrated
by using a table containing the recommended S1:
Table 2.4: S-1
Column No.
Row No. 0 1 2 3 4 5 6 7 8 9 10 11 1
2
13 14 15
0 1
4
4 13 1 2 15 11 8 3 10 6 12 5 9 0 7
1 0 15 7 4 1
4
2 13 1 1
0
6 12 11 9 5 3 8
2 4 1 14 8 1
3
6 2 11 1
5
12 9 7 3 10 5 0
3 1
5
12 8 2 4 9 1 7 5 11 3 14 1
0
0 6 13
If S1 is the function defined in this table and B is a 6-bits block, then S1(B) is defined as
follows: The first bit and last bit of B represent in base 2 a number in the range 0 to 3.
15
Let that number be i. The middle 4 bits of B represent in base 2 a number in the range 0
to 15.
Let that number be j. Look up in the table the number in the row i and column j. It is a
number in the range of 0 to 15 and is uniquely represented by a 4 bit of block. That block
is the output S1(B) of S1 for the input B.
The permutation function P yields an output of 32-bit from an input of 32-bit by
permuting the bits of the input. Such a function is defined by the following table:
Table 2.5: P
16 7 20 21
29 12 28 17
1 15 23 26
5 18 31 10
2 8 24 14
32 27 3 9
19 13 30 6
22 11 4 25
The output P(L) for the function P determined by this table is obtained from the input L
by taking the 16th bit of L as the first bit of P(L), the 7th bit as the second bit of P(L),
and so on until the 25th bit of L is taken as the 32nd bit of P(L).
Now let S1,...,S8 be eight distinct functions to select, let P be the permutation function
and let E be the function defined above.
To define f(R,K) firstly define B1,...,B8 to be blocks of 6 bits each for which
B1B2...B8 = K Ө E(R)
The block f(R,K) is then defined to be
P(S1(B1)S2(B2)...S8(B8))
16
As output.
Thus K Ө E(R) is first divided into the 8 number of blocks. Then each Bi is taken as an
input to Si and the 8 blocks S1(B1),S2(B2),...,S8(B8) of 4 bits each are unified into a
single block of 32 bits which forms the input to P.
2.2 Analysis of Security
Several attacks are designed to analysis the security of the key exchange protocol, as the
follows[6]:
2.2.1 Prevention from brute-force attacks
Attack 1:If an attacker can derive the private key d from the public key of the key
generator by computing d = e-1 mod ᶲ(n), then he can obtain gj by computing gi = IDid
mod n; thus he can play the role of Uito forge (IDj, yi ,ti, si, Tj). However derive the
private key d using the operation d = e-1mod f (n) needs to factor the large integer n.
Attack 2: The user Ui picks out a number R such that IDj (IDi, Re )mod n, where
gcd(R,n)=l, and computes the private information of Uj using gj = ID jd = IDi
d.R = gi.Rmod
n, then he can play the role of U j to develop (IDj,yj,tj,sj,Tj). However, before picks out the
number R, the security key d is required for the operation of R =( IDjIDi
)d mod n as Attack
1, he still needs to factor n.
2.2.2 Prevention of replay attacks
In each of the communication sessions during key exchange, “two-way” authentication
has been adopted to prevent the replaying attack. During key exchange process, user foils
the replay attack by checking the freshness of datum using random number and
timestamp.
2.2.3 Prevention of man-in-the-middle attacks
17
The proposed scheme avoids Man-in-the-middle attack. When U isending (IDjyi, ti,si,Tj) to
Uj, an adversary can intercept the datum from the public channel, then plays the role of U i
to cheat Ujor another users using (IDj yi, ti, si, Tj).Both the timestamp Tiand the
identification information IDj are inputs of the one-way function h() and used in the
operation of si = gi .rih ( yi ,ti ,Ti , IDj)mod n.
18
CHAPTER 3
LITERATURE REVIEW
H. Zare, F. Adibnia, V. Derhami (2013) proposed “A Rate based Congestion
Control Mechanism using Fuzzy Controller in MANETs”[22].
The traditional congestion control mechanism TCP performs very poorly in MANETs.
Because there are a number of new challenges such as wireless link error, medium
contention and frequent route failures in this kind of networks. In this paper, the authors
proposed a fuzzy ad-hoc rate-based congestion control (FARCC) to enhance the
efficiency of network in MANETs. In FARCC, they use a rate-based transmission
scheme using two fuzzy controller of zero order Takagi Sugeno Kang (TSK) model to
congestion detection and congestion control. The FARCC sender adjusts data rate by
receiving a feedback packet from FARCC destination. In this research, NS2-based
simulation results showed that FARCC outperforms ITP and ATP to achieve, in terms of
throughput and fair resource allocation in ad-hoc networks under random topology.
Chun-Ta Li, Chi-Yao Weng et al. (2013) introduced “Security Flaws of a Password
Authentication Scheme for Hierarchical WSNs”[23].
With the growing popularity of sensor-based monitoring devices, sensor networks are
becoming an essential part of wireless heterogeneous networks and numerous researches
have been widely studied in recent years. Recently, Das et al. proposed a dynamic
password-based user authentication scheme with dynamic node addition for hierarchical
wireless sensor networks (WSNs). They claimed that their scheme achieves better
security as compared to those for other existing password-based user authentication
approaches. However, the authors observed that Das et al.'s scheme is vulnerable to smart
card breach attack, privileged-insider attack, and many logged-in users' attack and is not
easily reparable. By adopting power analysis attacks, they found their protocol may suffer
from off-line password guessing attacks, impersonation attacks, compromised cluster
19
head attacks and any attacker who possesses the legitimate user's smart card can easily
launch a many logged-in users' attack.
Dr.U.Karthikeyan , R.Aravindhan,(2013) worked on “ Secured Data Delivery for
Mobile Ad-hoc Networks”[24].
Mobile ad-hoc Network is an infrastructure less and decentralized network which needs a
robust dynamic routing protocol. To accommodate the needs of communications for
Mobile ad-hoc Network many routing protocols have been proposed. In this research,
there is problem in delivering data packets for highly dynamic mobile ad hoc networks in
a reliable and timely manner. The existing ad hoc routing protocols are susceptible to
node mobility for the large scale networks. An efficient Position-based Opportunistic
routing protocol was introduced for this issue. It takes advantage of the stateless property
of geographic routing and the broadcast nature of wireless medium. Some of the neighbor
nodes that have overheard the transmission will serve as forwarding candidates when a
data packet is sent out and forward the packet if it is not relayed by the specific best
forwarder within a certain period of time.
Mr. Abhishek Bande & Mr. Gaurav Deshmukh (2012) worked on “An
Improvement in Congestion Control Using Multipath Routing in MANET”[25].
In ad-hoc network nodes are movable and there is no centralized management. Routing
is an important factor in mobile ad hoc network which not only works well with a small
network, but also it can also work well if network get expanded dynamically. Routing in
MANETS is a main factor considered among all the issues. Mobile nodes in MANET
have limited transmission capacity; they intercommunicate by multi hop relay. Multi hop
routing have many challenges such as limited wireless bandwidth, low device power,
dynamically changing network topology, and high vulnerability to Failure. To answer
those challenges, many routing algorithms in MANETs were proposed. But one of the
problems in routing algorithm is congestion which decreases the overall performance of
the network so in this research the authors are trying to identify the best routing algorithm
which will improve the congestion control mechanism among the entire Multipath
routing protocols.
20
Robin Choudhary, Niraj Singhal (2012) proposed “A Novel Approach for
Congestion Control in MANET”[26].
In mobile ad-hoc networks have limited bandwidth and are more prone to error than
wired networks which further impose limits on the amount of data that can be sent. In
order to conserve the limited resources, it is highly desirable that transmission should be
as efficient as possible with minimal loss. The objective of congestion control is to limit
the delay and buffer overflow caused by network congestion and provide better
performance of the network. The traditional congestion control mechanism, applied by
the transport control protocol is unable to catch up the network dynamics of ad-hoc
networks. Congestion control assumes all losses induced by congestion. In this research,
a novel approach of congestion control for supporting applications like multimedia
streaming over MANET is being proposed.Result from this research had shown that
MANET performance can be improved by using novel approach as it reduces packet loss
ratio and increase transmission efficiency. Moreover, its computational burden is
negligible; it is ideally suited for resource constrained environment such as MANETs.
Prasad Lokulwar And Vivek Shelkhe,(2012) worked on “Security Aware Routing
Protocol For Manet Using Asymmetric Cryptography Using RSA Algorithm”[27].
Mobile ad-hoc networks (MANETs) are temporary networks that are built up
momentarily in order to satisfy a certain emergency. Ad-hoc networks are in a great
demand now-a-day and have a lot of advantages like emergency control, short term
connections for roaming subscribers, etc. In this research, authors had designed the Ad
Hoc on Demand Routing Protocol (AODV) using RSA algorithm on platform NS. Which
is efficient as well as they had implemented the security technique so they can prevent
the data loss at the time of transmission. The main advantage of using the Network
Simulator for the design of AODV is that they can actually observe the working of the
specific protocol without the establishment of the network as NS provides the
environment for the working of protocol.
21
S.Sudha, V.Madhu Viswanatham et al. (2012) proposed “Implementation of
Enhanced Data Encryption Standard on MANET with less energy consumption
through limited computation”[28].
A mobile ad-hoc network (MANET) is a self-organizing system of mobile nodes. The
nodes in MANET are free to move arbitrarily in any direction. The nature of the mobile
ad-hoc network (MANET) makes them very vulnerable to an adversary’s security threats.
Providing security through cryptographic algorithms in these networks is very important.
To provide an information security in MANET symmetric encryption algorithms play a
main role among all of the cryptographic algorithms. Encryption algorithms used to
provide information security are known to be computationally intensive. This algorithm
consumes a significant amount of computing resources such as memory, processing time
and battery power. A mobile node consists of very limited resources, especially limited
battery power, is subject to the problem of more energy consumption due to encryption
algorithms. Designing an energy efficient security algorithm requires an understanding of
the common encryption schemes related to the energy consumption. This research
paperrepresents an Enhancement to Data Encryption Standard algorithm in terms of less
energy consumption through limited computation by reducing number of rounds and
increasing key size. In this research,a proposed new algorithm EDES uses limited
computation by reducing the number of rounds used in DES algorithm by which energy
consumption is reduced and security is improved than DES in terms of brute force attack,
differential crypto analysis attack by increasing the key size. Symmetric key also shared
by using one of the public key crypto systems Diffie-Hellman key exchange algorithms
based on discrete logarithm problem. Since the less energy consumption and security is
the major requirement in the MANET, the EDES algorithm is one of the most suitable
encryption algorithms for MANET nodes.
Gulshan Kumar et al. (2011) introduced “DSAB – A Hybrid Approach for
Providing Security in MANET”[29].
With the pace of life, technology has also been evolved. The authors have moved from
the fixed transmission to the mobility aspect. In today’s environment, MANETs is of
great importance. The dynamic feature of MANETs makes the networks vulnerable to
22
different security attacks. So, it is great concern to provide security and authentication
along with power utilization and robustness for the MANETs for successful transmission.
In this research, they had introduced a novel hybrid security approach by using digital
signature (DSA) with Blowfish algorithm (DSAB) and compared its performance with
existing encryption techniques like DES.
D.SuganyaDevi et al. (2010) proposed “Secure Multicast Key Distribution for
Mobile ad-hoc Networks”[30].
Many emerging applications in mobile ad-hoc networks involve group-oriented
communication. Multicast is an efficient way of supporting group oriented applications,
mainly in mobile environment with limited bandwidth and limited power. For using such
applications in an adversarial environment as military, it is necessary to provide secure
multicast communication. Key management is the fundamental challenge in designing
secure multicast communications. In many multicast interactions, new member can join
and current members can leave at any time and existing members must communicate
securely using multicast key distribution within constrained energy for mobile ad-hoc
networks. This has to overcome the challenging element of “1 affects n” problem which
is due to high dynamicity of groups. Thus, this research shows the specific challenges
towards multicast key management protocols for securing multicast key distribution in
mobile ad-hoc networks and present relevant multicast key management protocols in
mobile ad hoc networks. A comparison is done against some pertinent performance
criteria.This research presents challenges, constraints and requirements for securing
multicast key distribution for mobile ad-hoc networks. It also presents taxonomy of key
management protocols. This research suggested OMCT (Optimized Multicast Cluster
Tree) is a scalable scheme, which provides secure multicast communication in mobile ad-
hoc network. This scheme is based on simple technique of clustering and key
management approach. Thus, this approach is scalable and efficient for dynamic
multicast groups.
23
Pradeep Rai et al. (2010) surveyed “A Review of ‘MANET’s Security Aspects and
Challenges”[31].
Mobile ad-hoc Network (MANET) is a collection of communication devices or nodes
that wish to communicate without any fixed infrastructure and pre-determined
organization of available links. The nodes in MANET themselves are responsible for
dynamically discovering other nodes to communicate. Although the ongoing trend is to
adopt ad-hoc networks for commercial uses due to their certain unique properties, the
main challenge is the vulnerability of security attacks. A number of challenges like open
