1

Computer Science

Using Directional Antennas to Prevent Wormhole Attacks

Presented by: Juan Du

Nov 16, 2005

2Computer Science

Outline

• Wormhole attacks

• Related works

• Three neighbor discovery protocols– Directional Neighbor Discovery– Verified Neighbor Discovery– Strict Neighbor Discovery

• Conclusion and future work

3Computer Science

Wormhole Attacks

• A, B, C: nodes in wireless networks• X, Y: transceivers connected by a high quality, low-latency link• Attacker replays packets received by X at Y, and vice versa• Makes A and B believe they are neighbors• Selectively drop data messages to disrupt communications

4Computer Science

Wormhole Impact

• Cost – Limited resources needed– No cryptographic material needed

• Damage to routing– Impact beyond the endpoints’ neighborhoods!– Endpoints placed strategically

• Worst case: disrupts nearly all network routes

5Computer Science

Related Works

• Secure routing protocols such as SRP, SEAD, Ariadne, ARRIVE, … – Still vulnerable to wormhole attacks

• Location based routing protocols – Have the potential– Have drawbacks

• Localization systems become attack target

• Need synchronized clocks and precise location knowledge

6Computer Science

Protocol Idea

• Wormhole attack depends on a node that is not nearby convincing another node it is

• Solution:– Verify neighbors are really neighbors– Only accept messages from verified neighbors

7Computer Science

The Technique: Directional Antennas

• Divide transmission range into N zones clockwise starting with zone 1 facing east.

• All nodes have the same orientation.• A node can get approximate direction information based on

received signals

8Computer Science

Notations

• A, B, C... Legitimate nodes• X, Y Wormhole endpoints• R Nonce• EKAB(M) Message encrypted by key shared between nodes A and B• zone The directional element, which ranges from 1–6 as shown in figure• ^zone The opposite directional element. For

example, if zone=1 then ^zone=4.• zone (A, B) Zone in which node A hears node B • neighbors (A, zone) Nodes within one (directional distance) hop in direction zone of node A.

9Computer Science

Directional Neighbor Discovery

1. A Region HELLO | IDA

Sent in every direction2. N A IDN | EKNA (IDA | R | zone (N, A))

Sent in zone (N, A) 3. A N R

Checks zone is opposite, sent in zone (A, N)

A

N1

23

4

5 6

10Computer Science

Directional Neighbor Discovery (Cont.)

• The protocol itself is vulnerable to wormhole attacks• Attack’s effectiveness is reduced

– Only node pairs that are in opposite directions relative to the wormhole in each region will accept each other as neighbors (e.g. A and C)

– How about A and B?

11Computer Science

Verified Neighbor Discovery

• Observation: Cooperate!– Wormhole can only trick nodes in particular locations

– Verify neighbors using other nodes

– Need receive confirmation from a verifier node before accepting a new neighbor

– Need prevent verifiers from acting through the wormhole

• A valid verifier V for the link A B must satisfy:– zone (B, A) ≠ zone (B, V)

B hears V in a different zone from node A

– zone (B, A) ≠ zone (V, A)

B and V hear node A from different directions

12Computer Science

Verified Neighbor Discovery (Cont.)

• 1. A Region HELLO | IDA

• 2. N A IDN | EKNA (IDA | R | zone (N, A))

• 3. A N R

• 4. N Region INQUIRY | IDN | IDA | zone (N, A)

Sent in directions except zone (N, A) and ^zone (N, A)

• 5. V N IDV | EKNV (IDA | zone (V, N))

V satisfies verifier properties and completed 1-3

• 6. N A IDN | EKAN (IDA | ACCEPT)

N must receive at least one verifier response

Same asbefore

13Computer Science

Effect of Verified Neighbor Discovery

• D as the verifier– zone (D, A) = 3‚ zone (A, D) = 1

– wormhole cannot convince D and A to accept each other as neighbors

– B will not be able to verify A as a neighbor through D

• Secure against wormhole attacks that involve two distant endpoints

14Computer Science

Strict Neighbor Discovery

• Worawannotai attack– B and A are unable to communicate directly, but close enough to have a verifier that

can hear both A and B

15Computer Science

Analysis

• Advantage– Low overhead– Directional antennas

• Energy conservative• Better spatial reuse of bandwidth

• Disadvantage– May prevent legitimate links from being established

because of no potential verifier node– For network density of 10 neighbors, less than 0.5% (or

40%) of links are lost and no (or 0.03%) nodes are disconnected in verified (or strict) neighbor discovery protocol

16Computer Science

Conclusion and Future Work

• Conclusion– Wormhole attacks are a powerful attack which

depend on a node misrepresenting its location– Directional antennas offer a promising approach

• Future work– Multiple wormhole endpoint attacks– Robustness

17Computer Science

Questions?

Thank you!