A BODY-CENTERED CUBIC METHOD FOR KEY AGREEMENT IN DYNAMIC MOBILE AD HOC NETWORKS Ioannis G. Askoxylakis Foundation for Research & Technology – Hellas, Institute of Computer Science (FORTH-ICS) asko@ics.forth.gr Damien Sauveron, XLIM University of Limoges Damien.Sauveron@xlim.fr Konstantinos Markantonakis, Royal Holloway University of London Information Security Group, UK K.Markantonakis@rhul.ac.uk Theodore Tryfonas Faculty of Engineering University of Bristol ttryfona@glam.ac.uk Apostolos Traganitis Foundation for Research & Technology – Hellas, Institute of Computer Science (FORTH-ICS) tragani@ics.forth.gr Abstract Mobile ad hoc networking is an operating mode for rapid mobile host interconnection, where nodes rely on each other, in order to maintain network connectivity and functionality. Security is one of the main issues for mobile ad hoc networks (MANETs) deployment. We introduce a weak to strong authentication mechanism associated with a multiparty contributory key agreement method, designed for dynamic changing topologies, where nodes arrive and depart from a MANET at will. We introduce a new cube algorithm based on the body-centered cubic (BCC) structure. The proposed system employs elliptic curve cryptography, which is more efficient for thin clients where processing power and energy are significant constraints. The algorithm is designed for MANETs with dynamic changing topologies due to continuous flow of incoming and departing nodes. 1. Introduction 1.1 Motivation for group key agreement Consider a military operation, where the need for establishing a network quickly and securely is crucial. The potential network members seek to establish a wireless network in the most secure and efficient way. The objective is to interconnect all computing and communication devices where they will be able to share all necessary information securely, since nobody can guarantee that the “high tech” enemies will not try to disrupt or intercept the operation efforts. The technical goal is to make sure that no other entity outside the group (we define all the legitimate members of the established wireless network as group, e.g., soldiers of a military unit) should be able to gain access within the new network. However, since neither a certification authority nor a secure communication channel exists, the enemy has the ability to eavesdrop and modify exchanged messages transmitted over the air. Additionally, since no central identification authority is present, group member impersonation is easy, jeopardizing the security of the whole system. Considering all these issues, the main challenge that arises is the setting up of a wireless network where the legitimate members of a group will be able to establish a secure wireless network. Moreover, in the case where a new node arrives at place, desiring to become a member in an already established group, joining, without delaying or even intercepting the existing group, is also challenging. Finally, we consider the case where a group member is captured by the enemy and therefore the group key is compromised. 1.2 Security and MANETs Security is an important factor in the design of decentralized communications systems, like ad hoc networks. An ad hoc network is a type of network, which is typically composed of equal mobile hosts that we call nodes. When the nodes are located within the same radio range, they can communicate directly with each other using wireless links. This direct communication is employed without the presence of a central control. The absence of backbone infrastructure, such as base stations, introduces several problems, such as configuration advertising, discovery, maintenance, as well as ad hoc addressing, self-routing and security. Since no central certification authority exists, trust cannot be provided among the nodes of the network without the existence of initial specific prior known information. This special kind of information is necessary in order to build trust between all participating nodes. We define that an ad hoc network is established among the existing nodes, if from preexisting, commonly known information, we reach a state where a common Session Key is agreed. Securing ad hoc networks can be very challenging, mainly because of The Second International Conference on Emerging Security Information, Systems and Technologies 978-0-7695-3329-2/08 $25.00 © 2008 IEEE DOI 10.1109/SECURWARE.2008.42 193 The Second International Conference on Emerging Security Information, Systems and Technologies 978-0-7695-3329-2/08 $25.00 © 2008 IEEE DOI 10.1109/SECURWARE.2008.42 193