Design and evaluation of a security architecture for ad hoc networks

Secure communication is very important for computer networks. Thereby, authentication is one of the most eminent preconditions. In ad hoc networks, common authentication schemes are not applicable since public key infrastructures with a centralized certification authority are hard to deploy in ad hoc networking environments. This paper aims to investigate these issues.

In order to overcome these issues, the paper proposes and evaluates a security concept based on a distributed certification facility. Thereby, a network is divided into clusters with one special head node each. These cluster head nodes perform administrative functions and hold shares of a network key used for certification. New nodes start to participate in the network as guests; they can only become full members with a network‐signed certificate after their authenticity has been warranted by some other members. Access to resources and services within the ad hoc network is controlled using authorization certificates.

The feasibility of this concept was verified by simulations. Three different models for node mobility were used in order to include realistic scenarios as well as to make the results comparable to other work. The simulation results include an evaluation of the log‐on times, availability, and communication overhead.

The paper introduces a cluster‐based architecture to realize a distributed public key infrastructure that is highly adapted to the characteristics of ad hoc networks.