Randomly shifted certification authority authentication protocol for MANETs

Security in mobile ad hoc networks is difficult to achieve because of vulnerability of the links, inadequate physical protection, the dynamically changing topology and the sporadic nature of the connectivity. The dynamic change in topology results in the change of trust relationships among the nodes and as a result any security solution with a static configuration will not suffice. Authentication protocols and key management play a vital role and are the basis of security in many distributed systems. In this paper, a novel randomly shifted certification authority authentication protocol (RASCAAL) for ad hoc networks is presented. RASCAAL employs a trusted third party for authentication purposes which holds the public key certificates and acts as a certification authority (CA). RASCAAL has been developed to take into account the radio technology communication related characteristics of the underlying IEEE 802.11 MAC for ad hoc networks. This is achieved by integration with the CSMA/CA medium access rules to enable nodes to securely exchange messages for different transactions. To the best of author's knowledge, RASCAAL is the first authentication protocol which proposes the concept of dynamically formed short lived random clusters with no prior knowledge of the cluster head. To achieve this, RASCAAL implements the idea of a random ACTIVE CA selection and CA role shift in the network. This property significantly enhances the overall security of the communicating nodes. The protocol design is formally verified using Burrows-Abadi-Needham (BAN) logic.