Supporting periodic, strong re-authentication in MANET scenarios

A Security Association (SA), established by strong authentication, between a node pair in a Mobile Ad hoc Network (MANET) could be lost when its route is disconnected. In contrast, in good channel conditions and stable topology, routing protocols such as the Optimized Link State Routing (OLSR) do not refresh routes periodically, and in doing so, an SA bound to these routes could become stale and out of date. In this paper we demonstrate a decoupling of the maintenance of the SAs from the link state conditions by introducing a timer that defines the lifetime of the SAs, as well as the periodicity of strong authentications. This timer is implemented within a state machine that also manages other aspects of the authentication process. We implement these changes using a Trust-enhanced Routing Table (TRT), an extension of the OLSR routing table. The state machine and TRT are trialed in a series of MANET simulations in which the topology of the network remains static but channel conditions are made progressively less favorable. By varying the allowed SA duration timer within the state machine, we are able to measure the overhead (cost) associated with maintaining SAs in varying channel conditions. We show that the costs associated with our implementation are generally far lower than if we were to link SAs to standard OLSR routes in the same conditions. Since the allowed lifetime of SA is a security parameter, our results effectively demonstrate a trade-off between security and overhead for our model. Our implementation is designed to be further, and easily, extended to account for additional security parameters as input.