Foundations of Security for Hash Chains in Ad Hoc Networks

Nodes in ad hoc networks generally transmit data at regular intervals over long periods of time. Recently, ad hoc network nodes have been built that run on little power and have very limited memory. Authentication is a significant challenge in ad hoc networks, even without considering size and power constraints. Expounding on idealized hashing, this paper examines lower bounds for ad hoc broadcast authentication for μTESLA-like protocols. In particular, this paper explores idealized hashing for generating preimages of hash chains. Building on Bellare and Rogaway’s classical definition, a similar definition for families of hash chains is given. Using these idealized families of hash chain functions, this paper gives a time-space product Ω(k2 log 4n) bit operation1 lower-bound for optimal preimage hash chain generation for k constant. This bound holds where n is the total length of the hash chain and the hash function family is k-wise independent. These last results follow as corollaries to a lower bound of Coppersmith and Jakobsson.