Securing Communication in Dynamic Network Environments

Abstract

In dynamic network environments, users may come from different domains, and the number of users and the network topology may change unpredictably over time. How to protect the users' ommunication in such dynamic environments, therefore, is extremely challenging. This dissertation has investigated multiple research problems related to securing users' communication in dynamic network environments, focusing on two kinds of dynamic networks, i.e., mobile ad hoc networks and overlay networks. It first introduces a secure address auto-configuration scheme for mobile ad hoc networks, since a precondition of network communication is that each user is configured with a unique network identifier (address). This proposed auto-configuration scheme binds each address with a public key, allows a user to self-authenticate itself, and thus greatly thwarts the address spoofing attacks, in the absence of centralized authentication services. Next, this thesis presents two storage-efficient stateless group key distribution schemes to protect the group communication of a dynamic set of users. These two key distribution schemes utilize one-way key chains with a logical tree. They allow an authorized user to get updated group keys even if the user goes off-line for a while, and significantly reduce the storage requirement at each user if compared with previous stateless key distribution schemes. Third, this thesis investigates the solution using cryptographic methods to enforce network access control in mobile ad hoc networks, whose dynamic natures make it difficult to directly apply traditional access control techniques such as firewalls. A functioning prototype demonstrates the proposed access control system is practical and effective. Finally, this dissertation introduces a k-anonymity communication protocol for overlay networks to protect the privacy of users' communication. Unlike the existing anonymous communication protocols that either cannot provide provable anonymity or suffer from transmission collision, the proposed protocol is transmission collision free and provides provable k-anonymity for both the sender and the recipient. The analysis shows the proposed anonymous communication protocol is secure even under a strong adversary model, in which the adversary controls a fraction of nodes, is able to eavesdrop all network traffic and maliciously modify/replay the transmitted messages. A proof-of-concept implementation demonstrates the proposed protocol is practical.