See discussions, stats, and author profiles for this publication at: http://www.researchgate.net/publication/258814714
Implementation of secure AODV in MANET
ARTICLE in PROCEEDINGS OF SPIE - THE INTERNATIONAL SOCIETY FOR OPTICAL ENGINEERING · MARCH 2013
Impact Factor: 0.2 · DOI: 10.1117/12.2010536
DOWNLOADS
VIEWS
5
58
4 AUTHORS, INCLUDING:
Noor Ul Amin
Imran Memon
14 PUBLICATIONS 18 CITATIONS
36 PUBLICATIONS 13 CITATIONS
Hazara University
SEE PROFILE
Zhejiang University
SEE PROFILE
Mohsin Shah
Hazara University
5 PUBLICATIONS 0 CITATIONS
SEE PROFILE
Available from: Imran Memon
Retrieved on: 14 September 2015
Implementation of Secure AODV in MANET
Rizwan Akhtar, Noor Ul Amin, Imran Memon, Mohsin Shah
University of Electronic Science and Technology of CHINA, SCIE, Chengdu, Sihuan 610054
CHINA
ICT PTCL Acadmy. NWFP University of Engineering and Technology, Peshawar 25000 Pakistan
rizwanakhtarpk@gmail.com
ABSTRACT
Mobile Ad hoc Networks (MANETs) comprised of autonomous and self-organizing mobile computing devices
which do not have a fixed infrastructure but rather they use ad-hoc routing protocols for data transmission and reception.
Ad hoc on demand distance vector (AODV) is an IP reactive routing protocol which is optimized for MANETs and it
can also be used for other wireless ad-hoc networks. Nodes in network cannot perform route discovery or maintenance
functions itself. This problem is resolved by using AODV as it computes the routing distance from sending node to
receiving node at preset intervals.
This research paper proposed Secure Routing Protocol (SRP) AODV for MANETs and its implementation.
Performance of proposed SRP is compared to ordinary AODV. The simulation results reveal that proposed SRP is more
efficient and secure than ordinary AODV. SRP AODV can be used for further research towards development of a
commercial demand for the MANET routing protocol using Blowfish cryptosystem for encryption and decryption for
secure routing in a given mobile ad hoc network.
Keywords: SRP AODV, MANETS, Reactive routing, Network Simulator
1. INTRODUCTION
Without any ambiguity, in the running era, MANETs are of big importance because of the fact that they don't have any
fixed infrastructure for support. MANETs can easily be used to set up collaborative computing and communications
wireless network in smaller areas (buildings, organizations, etc.).
Direct Rad o Comm
Acero Pomi
o
Routing in Mobile Ad hoc
Network
Routing in Traditional
network
Figure 1: Routing in Mobile Adhoc and Traditional Network
Figure 1 shows routing in ad hoc networks. There is no access point in ad hoc mode so nodes are connected directly
with each other and each node act as a router which then itself receives information and transfers it to other node like a
router in infrastructure mode [6].
As node in Ad hoc network is free to move and can send information through direct radio communication. Therefore it
is essential to provide better security in ad hoc networks. Researchers around the world have explored a variety of
mechanisms to attain security of data while considering the whole network at the same time. Moreover, due to
increasingly security threats to the wired networks and growing demand of mobile networks, ad-hoc network security is
now becoming a hot area of research. The most common concept used in a mobile ad hoc network andother type of
International Conference on Graphic and Image Processing (ICGIP 2012),
edited by Zeng Zhu, Proc. of SPIE Vol. 8768, 876803 · © 2013 SPIE
CCC code: 0277-786X/13/$18 · doi: 10.1117/12.2010536
Proc. of SPIE Vol. 8768 876803-1
Downloaded From: http://proceedings.spiedigitallibrary.org/ on 11/22/2013 Terms of Use: http://spiedl.org/terms
network is Packet forwarding, which contains block of logically addressed packets propagating from a source to the
destination through nodes [5].
The proposed work aims to provide security using Ad-Hoc on Demand distance vector Routing Protocol. In this
work routing Protocol is made secure for transmission in MANETs. Routing protocols determine the path on which the
routers communicate with each other using different routing algorithms. This information is instantly shared with the
immediate neighbours, and then throughout the network. The behaviour and characteristics of the routing protocols and
their selection depend on the type of topology being used in the network. For Mobile Ad hoc networks, which do not
have fixed dedicated infrastructure, any type of routing protocols may be used. The basic idea is that a new node may
announce its presence and may listen for announcements broadcast by its neighbours. Each node has information about
nodes nearby and also how to reach them. The mechanism of routing protocol is based on the procedure through which
the nodes select preferred routes using information about the hop count (also known as hop cost) and the amount of the
time required for communication between the source and destination. Some common examples of the routing protocols
are OLSR, AODV, DSR, IS-IS, RIP.
Regardless of what type of routing algorithm is used, data security is another ever growing demand especially within
Mobile Ad hoc networks. Data security is the only means of ensuring that data is safely transferred between the
communicating devices and is kept safe from corruption and that access to it is suitably controlled. Thus data security
helps to maintain privacy, no doubt, which is an ocean of hackers and attackers. Some of the security mechanisms
deployed today mainly captures hardware based security while others may deal with more software based approaches.
Data Masking, Data Erasure and backups help to provide data security to some extent; Data Encryption has
been
identified as the best of all options for the security. The work presented in this paper mainly deals with the encryption of
all sent messages and decryption of all received messages while communicating within a mobile ad hoc network using Ad
hoc on Demand Distance Vector routing protocol.
The remainder of this paper is organized as follows: The proposed model for secure routing protocol is introduced in
Section 2. In Section 3, simulation results are illustrated and performance analysis is made in comparison with other
models. Conclusion is made in Section IV.
2. PROPOSED MODEL
Mobile Ad hoc networks do not provide security for a dedicated infrastructure. The issue of secure routing is very
critical in ad hoc networks and some basic protocols (AODV, OLSR etc) need to offer more reliable security features.
The proposed research work deals with a very basic implementation of Secure AODV for MANETs using Blowfish
cryptosystem for encryption and decryption for secure routing in a given mobile ad hoc network. Encryption at Source
node and decryption at the destination node is performed using the following block diagrams:
(a)
(b)
Figure 2: (a) For encryption (b) For decryption
The nodes that act routers can free to move randomly as a part of network and organize nodes themselves arbitrarily;
thus, the network’s topology of wireless network may change quickly and unpredictably [3].
The behavior and characteristics of the routing protocols and their selection depends upon the type of topology being
used in the network. For Mobile Ad hoc networks, which do not have fixed dedicated infrastructure [4], Ad hoc routing
protocols of any type are used work mainly deals with the encryption of all messages sent and decryption of all messages
received while communicating in a mobile ad hoc network using Ad hoc On-demand Distance Vector Protocol. As
mentioned earlier, Blowfish encryption and decryption algorithm is kind of a tool used to make sure that all the messages
Proc. of SPIE Vol. 8768 876803-2
Downloaded From: http://proceedings.spiedigitallibrary.org/ on 11/22/2013 Terms of Use: http://spiedl.org/terms
transmitted on the network remain unreadable to any type of interfering entity providing fool proof security over the
network. Furthermore, any sent message can only be read at a node if the destination node is also using the same protocol,
so this is a part of the given network. Additionally if a node has been identified as a malicious node, newly developed
protocol is capable of blacklisting it and thus informing the whole network about the node which has just been blocked so
that the whole network is protected against any threat from the malfunctioning node. Usually there are other security
schemes proposed to defense against more sophisticated attacks such as black hole, wormhole, rushing and similarly
replay attacks in ad hoc networks [1].
The proposed research work deals with a very basic implementation and testing of Secure AODV for MANETs using
Blowfish cryptosystem for encryption and decryption for secure routing In Detail mechanism of Blowfish Algorithm and
AODV is explained below.
2.1. Encryption Technique
Blowfish is known as a keyed, symmetric block cipher, designed in 1993 by Bruce Schneier and today it is included in
a large number of cipher suites and encryption products. Blowfish provides a better encryption rate in software and no
effective cryptanalysis of it has been found till date. However, the Advanced Encryption Standard now required more
attention. Schneier designed Blowfish to be a general-purpose algorithm, intended as a replacement for the aging DES
(data Encryption standard) and free of the problems and constraints associated with other algorithms. At that time
Blowfish was released, many other designs were proprietary, encumbered by patents or were commercial or government
secrets. Schneier has stated that, "Blowfish is unpatented, and will remain so in all countries. The algorithm is hereby
placed in open to the public domain, and can be freely used by anyone who required." Notable features of algorithm
design include key-dependent S-boxes and a highly complex key schedule.
2.2. The Algorithm
Blowfish consist of a 64-bit block size and having a variable key length from 32 up to 448 bits. It is composed of 16round Feistel cipher and thus uses large key-dependent S-boxes. It is similar of the structure to CAST-128, which utilizes
fixed S-boxes. Figure 3 shows the working of Blowfish. Each line is representing 32 bits. The algorithm contains two sub
key arrays one is 18-entry P-array and other is four 256-entry S-boxes. The S-boxes accept 8-bit input and generate 32-bit
output. One entry of the P-array is utilize for every round, and after the final round, each half of the data block performed
XORed with one of the two remain in unused P-entries. Figure 4.1 presents Blowfish's F-function. The work of function is
to splits the 32-bit input into four eight-bit quarters, and then uses the quarters as input to the S-boxes. The outputs are
added modulo 232 and then XORed to generate the Final 32-bit output. Decryption is performed exactly the same as
encryption, except that of P1, P2--- P18 are used the reverse order. This is not so obvious because XOR function is
commutative and associative. A common mistake that occur is to use inverse order of encryption as decryption algorithm
(i.e. first XORing P17 and P18 to the cipher text block, then using the P-entries in reverse order). Blowfish's key schedule
starts by Algorithm initiate the P-array and S-boxes with values that derived from the hexadecimal digits of pi, which
contain no obvious pattern.
The secret key is then XORed with the P-entries in required order (cycling the key if necessary). A 64-bit all-zero
blocks is then ready to be encrypted with the algorithm as it stands. The resultant cipher text replaces P1 and P2. The
cipher text is then encrypted again with the newly sub keys, P3 and P4 are replaced by the new cipher text. This will
continue, till replacing the entire P-array and all the S-box entries. In all, the Blowfish encryption algorithm will run 521
times to produce all the sub keys about 4KB of data it is processed.
Y4
SIMSe POI -1-73.43-M
Figure 3: Working procedure of Blowfish
Proc. of SPIE Vol. 8768 876803-3
Downloaded From: http://proceedings.spiedigitallibrary.org/ on 11/22/2013 Terms of Use: http://spiedl.org/terms
In this work the blowfish algorithm has been embedded in message of AODV and the resulting new protocol has
been tested using network simulator 2. In order to achieve secure routing, some functions have been added in the AODV
which is explained in detail below
2.3. AODV
Pure on-demand routing protocol of MANETs. A node itself does not perform route discovery or maintenance until it
needs a route to another node or it offers its services. While an intermediate node using this protocol nodes that are not on
active paths in a communication do not maintain routing information and thus do not participate in routing table
exchanges. AODV uses a broadcast route discovery mechanism, It use hop-by-hop routing Routes that are based on
dynamic table entries maintained at intermediate nodes[2] Similar to Dynamic Source Routing (DSR), but DSR uses
almost source routing Local HELLO messages are used to determine local connectivity which can reduce response time
to routing requests. AODV can trigger updates when necessary Sequence numbers are mostly assigned to routes and
routing table entries by using supersede stale cached routing entries Every node maintains two counters Node sequence
number and Broadcast ID Let us consider an example of seven nodes Node 1 want to sent information to Node 7. but does
not have a route to that node hence source node broadcasts a route request (RREQ) packet to its neighbours [7] here we
can see that node 1 generate a route request RREQ packet and propagate it in whole network through Node 2,3,4,5,6 and
finally RREQ packet reaches node 7 by maintaining the shortest distance to destination Node by counting the number of
hops
Upon receiving the RREQ packet by destination Node 7 it generate route reply RREP Packet and send it to
transmitting Node 1 in reverse order.
Figure 4: Complete routing path for AODV
Proposed work focus on that once a route is built and it is available for sending information across the communicating
Node. Another worked was also done in Secure Ad hoc On-demand Distance Vector (SAODV) is a proposal for security
extensions to the AODV protocol [8] against the attacks. worked presented shows that before sending any information
on that available route TX Node must encrypt the information to produce cipher text by using Symmetric Blowfish
Algorithm and similarly RX Node must be decrypted by using similar Algorithm to produce the original text in order to
ensure the data security.
3. SIMULATION RESULTS AND COMPARISON
Work mainly deals with the encryption of all sent messages and decryption of all received messages while
communicating in a mobile ad hoc network using Ad hoc on demand Distance Vector. In order to achieve our target
variables, structures and functions have been added to the original AODV. A blowfish Algorithm is used for
cryptosystem using AODV deals with the simulation scenario that is implemented in Network Simulator. NS-2 (Network
Simulator – 2) is known to be a discrete event that is a simulator targeted at networking research. NS-2 can provides
substantial support for simulation of TCP, routing, and multicast protocols over both wired and wireless The results
shown are the successful implementation of secure routing protocol for MANETs. The simulation results of implemented
newly secure AODV also show that Blowfish algorithm does not add unbearable overhead to the network traffic and
hence the delay and drop rate both for packets is not affected, when compared to original AODV.
Above graphs shows the total throughput for the secure AODV after the 20 seconds time mark, the time when actual
data starts transferring. An increase in the throughput is evident when it is compared to the original AODV due to the
fact that an extra encryption and decryption is utilizing place for all the messages sent or received. The resulting AODV
protocol has successfully been tested and is shown to be efficient and more secure when it is compared to ordinary
AODV. These results obtained by the simulation in NS-2 shows that it can be used for further research towards
development of a commercial demand for the MANET routing protocol. An example of such a progress is development
Proc. of SPIE Vol. 8768 876803-4
Downloaded From: http://proceedings.spiedigitallibrary.org/ on 11/22/2013 Terms of Use: http://spiedl.org/terms
of an intrusion detection module and its integration with the existing system in order to provide fool proof security to the
MANETs when it is depending on reactive protocols.
30.Ok
i
20.Ok
10.0k
80.0
100.0
Figure 5: Throughput using original AODV
45.0k
O:O -> 3:0
3:0 -> O:O
40.Ok
35.Ok
30.0k
25.Ok
20.06
15.Ok
10.0k
5.0k
0.0
A
0.0
20.0
40.0
60.0
Tima
80.0
100.0
120.0
Figure 6: Throughput using proposed AODV
4. CONCLUSION
The results generated from the simulation based on the scenario discussed above show that the newly developed
protocol is well efficient and no continuous network disconnection is experienced with longer delays which has mostly
caused due to route non-availability. SRP AODV can be used for further research towards development of a commercial
demand for the MANET routing protocol using Blowfish cryptosystem for encryption and decryption for secure routing in
a given mobile ad hoc network.
REFERENCES
[1] R. Ramanathan and J. Redi. A brief overview of ad hoc networks: challenges and directions. IEEE Communications,
40(5):20–22, 2002.
[2] C. E. Perkins, E. M. Belding-Royer, and S. R. Das, “Ad hoc On-Demand Distance Vector (AODV) Routing,” IETF
Internet Draft, draft-ietf-manet-aodv-13.txt, Feb. 17, 2003 (work in Progress).
[3] Brooke Shrader. A proposed definition of ’ad hoc network’, 2002
[4] C. Perkins (ed). Ad hoc networking. Addison-Wesley, 2001
[5] H. Deng,W. Li, and D. Agrawal. Routing security in wireless ad hoc networks. IEEE Communications, 40(10):70–
75, 2002.
[6] Karp, B., and Kung. H. T. GPSR: Greedy Perimeter Stateless Routing for Wireless Networks. Proc. 6th Annual
International Conference on Mobile Computing and Networking (MOBICOM 2000), 243-254.
[7] C. E. Perkins and E. M. Royer, “Ad hoc On-Demand Distance Vector Routing,” Proceedings 2nd IEEE Workshop on
Mobile Computing Systems and Applications, February 1999, pp. 90-100.
[8] M.G. Zapata, and N. Asokan, “Secure Ad hoc On-Demand Distance Vector Routing,” ACM Mobile Computing and
Communications Review, vol. 3, no. 6, July 2002, pp. 106-107
Proc. of SPIE Vol. 8768 876803-5
Downloaded From: http://proceedings.spiedigitallibrary.org/ on 11/22/2013 Terms of Use: http://spiedl.org/terms