Certificate-less on-demand public key management (CLPKM) for self-organized MANETs

In this paper, we have proposed a novel certificate-less on-demand public key management (CLPKM) protocol for self-organized MANETs. The protocol works on flat network architecture, and distinguishes between authentication layer and routing layer of the network. We put an upper limit on the length of verification route and use the end-to-end trust value of a route to evaluate its strength. The end-to-end trust value is used by the protocol to select the most trusted verification route for accomplishing public key verification. Also, the protocol uses MAC function instead of RSA certificates to perform public key verification. By doing this, the protocol saves considerable computation power, bandwidth and storage space. The saved storage space is utilized by the protocol to keep a number of pre-established routes in the network nodes, which helps in reducing the average verification delay of the protocol. Analysis and simulation results confirm the effectiveness of the proposed protocol.

Self-organized public key management in MANETs with enhanced security and without certificate-chains

In the self-organized public key management approaches, public key verification is achieved through verification routes constituted by the transitive trust relationships among the network principals. Most of the existing approaches do not distinguish among different available verification routes. Moreover, to ensure stronger security, it is important to choose an appropriate metric to evaluate the strength of a route. Besides, all of the existing self-organized approaches use certificate-chains for achieving authentication, which are highly resource consuming. In this paper, we present a self-organized certificate-less on-demand public key management (CLPKM) protocol, which aims at providing the strongest verification routes for authentication purposes. It restricts the compromise probability for a verification route by restricting its length. Besides, we evaluate the strength of a verification route using its end-to-end trust value. The other important aspect of the protocol is that it uses a MAC function instead of RSA certificates to perform public key verifications. By doing this, the protocol saves considerable computation power, bandwidth and storage space. We have used an extended strand space model to analyze the correctness of the protocol. The analytical, simulation, and the testbed implementation results confirm the effectiveness of the proposed protocol. (c) 2014 Elsevier B.V. All rights reserved.