Trusted Routing Discovery (2) ◆ Scenario‖- A TAOD∨ MANET After a period of Running time MN1 D N2 Trust relationships have been established among almost all the nodes a The values of uncertainty are getting smaller and smaller a We take node n for example to illustrate the general procedures of TAODV 26 May 29, 2009 CSE CUHK
26 May 29, 2009 CSE CUHK ◆ Scenario II – A TAODV MANET After a Period of Running Time ◼ Trust relationships have been established among almost all the nodes. ◼ The values of uncertainty are getting smaller and smaller. ◼ We take node N for example to illustrate the general procedures of TAODV. Trusted Routing Discovery (2) S N1 N2 N N4 N3 D
Trusted Routing Discovery(3) ◆ On receiving TRREQ/ TRREF,Nwi‖ Collect recommendations from its neighbors about the trustworthiness of the predecessor u Then according to the value of the new combined opinion, it Will trust, distrust or verify the source and the destination one by one a If all the trust judging or digital signature verification pass, it will then perform the normal routing decisions. Otherwise, TWARNWill be broadcasted On receiving TREQ/TREP/TWARN TRREQITRREP s On tReQ, if the disbelief value is larger step 1 Trust recommendation than the threshold, N will drop the TREO, step 2 :Predecessor Verification otherwise, N will reply TREP On treP or TWarN n will do opinion combinations to prevent malicious trust Step 3 Originator Verification recommendations Step 4 Destination verification Step 5 Routing Decision 27 May 29, 2009 CSE CUHK
27 May 29, 2009 CSE CUHK Trusted Routing Discovery (3) ◆ On receiving TRREQ/TRREP, N will ◼ Collect recommendations from its neighbors about the trustworthiness of the predecessor. ◼ Then according to the value of the new combined opinion, it will trust, distrust or verify the source and the destination one by one. ◼ If all the trust judging or digital signature verification pass, it will then perform the normal routing decisions. Otherwise, TWARN will be broadcasted. ◆ On receiving TREQ/TREP/TWARN ◼ On TREQ, if the disbelief value is larger than the threshold, N will drop the TREQ; otherwise, N will reply TREP. ◼ On TREP or TWARN, N will do opinion combinations to prevent malicious trust recommendations. Trust Recommendation TRREQ/TRREP Predecessor Verification Originator Verification Destination Verification Routing Decision Step 1: Step 2: Step 3: Step 4: Step 5:
Performance Analysis o Computation overheads are largely reduced a No need to perform cryptographic computations in every packet a Cost of each set of trust operations is o (v)(v is the no. of average neighbors) Cost of each set of signature operations is o(k)(k is the length of signature) Not introducing much routing overhead The routing message extensions are in short length 28 May 29, 2009 CSE CUHK
28 May 29, 2009 CSE CUHK Performance Analysis ◆ Computation overheads are largely reduced ◼ No need to perform cryptographic computations in every packet ◼ Cost of each set of trust operations is O(v) (v is the no. of average neighbors) ◼ Cost of each set of signature operations is O(k3) (k is the length of signature) ◆ Not introducing much routing overhead ◼ The routing message extensions are in short length
Security Analysis Based on our trust model, the risk of being compromised is largely reduced than the original routing protocol ◆ Malicious nodes’ trust value v‖ be combined and propagated throughout the whole network. They will get large evidence penalties o The employment of trust model with the assistance of cryptographic authentication makes the network secure without sacrificing performance e The combination of different recommendations make the routing decision more reasonable and objective 29 May 29, 2009 CSE CUHK
29 May 29, 2009 CSE CUHK Security Analysis ◆ Based on our trust model, the risk of being compromised is largely reduced than the original routing protocol. ◆ Malicious nodes’ trust value will be combined and propagated throughout the whole network. They will get large evidence penalties. ◆ The employment of trust model with the assistance of cryptographic authentication makes the network secure without sacrificing performance. ◆ The combination of different recommendations make the routing decision more reasonable and objective
Flexibility and Scalability Analysis o Each node is given more flexibility to define its own opinion threshold o For high level security requirements, the threshold can be increased o For some non-critical applications, the threshold can be decreased o The protocol runs in a self-organized way, which remains the scalability of the network 30 May 29, 2009 CSE CUHK
30 May 29, 2009 CSE CUHK Flexibility and Scalability Analysis ◆ Each node is given more flexibility to define its own opinion threshold. ◆ For high level security requirements, the threshold can be increased. ◆ For some non-critical applications, the threshold can be decreased. ◆ The protocol runs in a self-organized way, which remains the scalability of the network