research article two anonymous cooperative...

Hindawi Publishing CorporationInternational Journal of Distributed Sensor NetworksVolume 2013 Article ID 513257 7 pageshttpdxdoiorg1011552013513257

Research ArticleTwo Anonymous Cooperative Cache-Based Data Access Schemesin Mobile Ad Hoc Networks

Chang-Ji Wang123 Xi-Lei Xu12 and Dong-Yuan Shi12

1 School of Information Science and Technology Sun Yat-sen University Guangzhou 510006 China2Guangdong Province Information Security Key Laboratory Guangzhou 510006 China3 Research Center of Software Technology for Information Service South China Normal University Guangzhou 501631 China

Correspondence should be addressed to Chang-Ji Wang isswchjmailsysueducn

Received 8 October 2013 Accepted 20 November 2013

Academic Editor Fatos Xhafa

Copyright copy 2013 Chang-Ji Wang et alThis is an open access article distributed under the Creative Commons Attribution Licensewhich permits unrestricted use distribution and reproduction in any medium provided the original work is properly cited

Mobile ad hoc network has been extensively studied in recent years due to its potential applications in civilian and militaryenvironments Cooperative caching which allows the sharing and coordination of cached data among multiple nodes could beemployed to improve data accessibility and reduce data access cost in mobile ad hoc networks In this paper we give anonymityrequirements for cooperative cache-based data access in mobile ad hoc networks and present two efficient anonymous data accessschemes based on onion message and pseudonym-based encryption respectively The proposed schemes can not only protectconfidentiality of sensitive cache data but can also protect privacy of nodes and routes

1 Introduction

A mobile adhoc network (MANET) is a self-configuringtemporary network of mobile devices connected by wirelesslinks without infrastructure support The benefits of flexiblerouting global connectivity and a highly adaptive potentialmake MANETs suitable for a wide range of applications inboth military and commercial environments such as battle-fields disaster relief operations personal area networkingmobile information sharing and vehicular networks

Similar to the wired network security requirementsfor MANETs include availability confidentiality integrityauthentication nonrepudiation Compared to the wired net-work MANET is more vulnerable to security attacks due toits features of open medium dynamic changing topologycooperative algorithms lack of centralized monitoring andmanagement point and so forth [1]

Traffic analysis is one of the most serious security attacksin MANETs due to the broadcast nature of the wirelessmedium In this attack adversaries can obtain sensitiveinformation about the applications even without revealingthe contents of the messages just by observing networktraffic pattern For example an attacker can identify the

communicating parties and their positions by tracing andanalyzing the network traffic patternsThismay lead to severethreats in security-sensitive applications For instance in abattle field the enemy can physically destroy the importantmobile nodes if they can identify and locate such nodesby traffic analysis Ideally a node should be able to keepits identity its location and its correspondents private thatis remain anonymous Simple traffic padding approach bygenerating dummy traffic into the network does not aim tohide the identifiers of communicating nodes and so cannotcompletely prevent traffic analysis

In order to thwart traffic analysis attack anonymousmobile ad hoc routing protocols are developed and havebeen attracting the attention of more andmore researchers inrecent years The most current anonymous routing protocolsfor MANETs assume that mobile users share pairwise secretsbefore they start an anonymous communication sessionThisassumption is impractical for many ad hoc scenarios wherepairwise shared keys are difficult to be set up in advance

Song et al [2] presented an anonymous dynamic sourcerouting protocol for MANETs The protocol employs anony-mous onion routing between the source and destination andeach intermediate node owns a shared session key with the

2 International Journal of Distributed Sensor Networks

source and destination nodeswhen the protocol is completedZhang et al [3] proposed an anonymous on-demandrouting protocol based on identity-based encryption [4] forMANETs In their approach nodes use pseudonyms insteadof their real identifiers and each node can dynamicallychanges its pseudonyms Each node self-generates a set ofpseudonyms and submit them to the trusted authority andthe trusted authority generates corresponding private keysand sends them back to the node The drawback of Zhang etalrsquos approach is the underlying anonymous communicationsare not blind to the trusted private key generator (PKG) LaterHuang [5] presented an anonymous communication systemforMANETs based on pseudonym-based cryptographywith-out trusted PKG Sheklabadi and Berenjkoub [6] proposedan anonymous version of authenticated routing for ad hocnetworks (ARAN)which can provide a variety of anonymousfunctionalities such as identity privacy location privacy androute anonymity together with security features of ARANHowever the proposed protocol is based on a impracticalassumption that there is a shared secret between the sourceand the destination

Although routing is an important issue in MANETsother issues such as data access are also very importantsince the ultimate goal of using MANETs is to provide dataaccess to mobile nodes Caching techniques are an efficientway for increasing the performance in data communica-tion which has been widely used in different fields suchas CPU design multiprocessor memory architecture orrouter design Internet uses cache placement and replacementin proxy servers and cooperative caching architecture toreduce the network traffic and average latency of data querysignificantly [7] As mobile nodes in ad hoc networks mayhave similar tasks and share common interest cooperativecaching which allows the sharing and coordination of cacheddata among multiple nodes can be used to reduce thebandwidth and power consumption However cooperativecaching techniques designed for wired networks may not beapplied directly to MANETs due to their dynamic topologyand constrained resources (ie bandwidth battery powerand computational capacity)

Ting and Chang [8] proposed a cooperative cachingscheme for wireless ad hoc networks called GroupCachingwhich allows each mobile host and its 1-hop neighbors forma group and the caching status is exchanged and maintainedperiodically in a group Yin and Cao [9] proposed threecooperative caching schemes for ad hoc networks calledCachePath CacheData andHybridCache respectively Zhaoet al [10] proposed a novel asymmetric cooperative cacheapproach where the data requests are transmitted to thecache layer on every node but the data replies are onlytransmitted to the cache layer at the intermediate nodesthat need to cache the data Recently Wu and Cao [11]proposed a Voronoi Diagram-based cooperative cache dis-covery approach to reduce data access cost by limiting thecache information update and query within a single VoronoiRegion Currently existing cooperative caching schemes inMANETs have not yet considered the problem of anonymity

In this paper we give anonymity requirements for coop-erative cache based data access in MANETs and present

two efficient anonymous cooperative cache based data accessschemes based on onion message and pseudonym-basedencryption respectively The proposed schemes cannot onlyprotect confidentiality of sensitive cache data but can alsoprotect privacy of nodes and routes

The rest of this paper is organized as follows Somenecessary background knowledge about bilinear pairings andpseudonym-based encryption are introduced in Section 2The anonymity requirements and system model of anony-mous cooperative cache based data access in MANETs areexplained in Section 3 Our proposed anonymous cooper-ative cache based data access schemes in MANETs basedon onion message and pseudonym-based encryption aredescribed in Sections 4 and 5 respectively Anonymity andsecurity analysis of the two proposed cooperative cache baseddata access schemes in MANETs are presented in Section 6We conclude our work in Section 7

2 Preliminary Works

We first introduce some notations If S is a set then 119909isin119877S

denotes the operation of picking an element 119909 uniformly atrandom from S A function 119891(120582) is negligible if for every119888 gt 0 there exists a 120582

119888 such that 119891(120582) lt 1120582

119888 for all 120582 gt 120582119888

21 Bilinear Pairings and the Bilinear Diffie-Hellman Assump-tion Let G

1be an additive cyclic group of large prime order

119902 andG2be a multiplicative cyclic group of the same order 119902

In particular G1is a subgroup of the group of points on an

elliptic curve over a finite field and G2is a subgroup of the

multiplicative group over a finite field Let 119875 be a generator ofG1 A bilinear pairing is an admissiblemap 119890 G

1timesG1rarr G2

and satisfies the following properties

(i) Bilinearity For 119886 119887isin119877Zlowast119902 we have 119890([119886]119875 [119887]119875) =

119890(119875 119875)119886119887

(ii) Nondegeneracy The map does not send all pairs inG1timesG1to the identity inG

2 this implies that 119890(119875 119875)

is a generator of G2

(iii) Computability There is an efficient algorithm tocompute 119890(119875

1 1198752) for 119875

1isin119877G1and 119875

2isin119877G1

The bilinear group generator g(1120582) is an algorithm that

takes as input a security parameter 120582 and outputs a bilineargroup (119902G

1G2 119890) where 119902 is a prime of size 2

120582 G1and G

2

are cyclic groups of order 119902 and 119890 is an admissible bilinearmap

Given a bilinear group (119902G1G2 119890) generated by g(120582)

and (119875 119886119875 119887119875 119888119875) for some 119886 119887 119888isin119877Zlowast119902 The BDH problem

in the bilinear group (119902G1G2 119890) is to compute 119882 =

119890(119875 119875)119886119887119888

isin G2 The advantage of an algorithm A in solving

the BDH problem in the bilinear group (119902G1G2 119890) is

defined by

AdvBDHgA (120582) = Pr [A (119875 119886119875 119887119875 119888119875) = 119890(119875 119875)119886119887119888

] (1)

where the probability is over the random choice of 119886 119887 119888 inZlowast119902 the random choice of 119875 isin G

1 and the random bits ofA

International Journal of Distributed Sensor Networks 3

We say that the BDH assumption holds in the bilineargroup (119902G

1G2 119890) if no probabilistic polynomial time (in 120582)

algorithm has a nonnegligible advantage in solving the BDHproblem in the bilinear group (119902G

1G2 119890)

22 Pseudonym-Based Encryption Scheme Huang proposeda pseudonym-based encryption (PBE) scheme withouttrusted PKG to provide anonymous communication [5]which is described as follows

(i) Setup The PKG generates and publish system param-eters as

params = (G1G2 119890 119902 119875 119875pub = [119904] 119875 119899119867119867

2 1198673 1198674)

(2)

where 119899 denote bit length of plaintext119867 G1timesG2rarr

G1 1198672

G2

rarr 0 1119899 1198673

0 12119899

rarr Zlowast119902

and 1198674

0 1119899

rarr 0 1119899 denotes cryptographic

secure hash functions respectively The PKG keepsthe master secret key 119904isin

119877Zlowast119902secret

(ii) Extract To self-generate a pseudonym and cor-responding private key an anonymous user firstchooses 119896isin

119877Zlowast119902and

119896isin119877Zlowast119902 then he computes

119896minus1

satisfying 119896119896minus1

equiv 1 mod 119902 119876119860

= [119896119896]119875 1198761015840

119860= [

119896minus1

minus

1]119875pub and 119888119860

= 119890(119876119860 1198761015840

119860) Finally he sets 119875119863

119860=

⟨119876119860 119888119860⟩ as his pseudonym and sets 119878

119875119863119860= [119904119896]119875 as

the corresponding private key(iii) Encrypt To encrypt the plaintext 119872 isin 0 1

119899 for anentity 119860 with pseudonym 119875119863

119860 the sender chooses a

random 119903isin1198770 1119899 sets 119905 = 119867

3(119903119872) computes and

outputs the ciphertext 119862 = ⟨119880119881119882⟩ where 119880 =

[119905]119875119881 = 119903oplus1198672(119890(119876119860 119875pub)

119905119888119905

119860) and119882 = 119872oplus119867

4(119903)

(iv) Decrypt To decrypt 119862 the intended receiver 119860 firstcomputes 119903

1015840= 119881 oplus 119867

2(119890(119878119875119863119860

119880)) and 1198721015840= 119882 oplus

1198674(1199031015840) then 119860 sets 119905

1015840= 1198673(11990310158401198721015840) and tests if 119880 =

[1199051015840]119875 If it does not hold A rejects the ciphertext

Otherwise A outputs1198721015840 as the decryption of 119862Huang [5] proved that the above scheme is semantically

secure pseudonym based encryption in the random oraclemodel assuming BDH is hard in groups generated by g

3 System Model

The system model for our proposed anonymous cooperativecache based data access schemes in MANETs is illustrated asFigure 1 There are 119899 intermediate nodes between the sourcenode and the destination node along the routing path Wedenote the source node nodes en route and the destinationnode as 119878119883

119894(1 le 119894 le 119899) and119863 respectively

The proposed anonymous cooperative cache based dataaccess schemes in MANETs consist of the following foursteps

(i) Route Request Phase The source node first constructsand initializes the route request message packet(RREQ) and broadcasts to search for the destinationnode who has a copy of required data cache

X1S Xi Xnmiddot middot middot middot middot middot D

Figure 1 Route from source node to destination node

(ii) Route Reply Phase The destination node constructsand sends a route reply packet (RREP) back to thesource node along the path found by the first step

(iii) Data Request PhaseThe source node sends data cacherequest message packet (DREQ) to the destinationnode

(iv) AnonymousDataTransmission PhaseThedestinationnode transfers the requested data cache back to thesource node

We define an internal adversary as a node that is com-promised and on the routing path An external adversary isa compromised node not on the path or an external nodenot directly participating in the MANET that is it onlyeavesdrops on traffic between nodes

We make the following two assumptions for our anony-mous cooperative cache-based data access schemes inMANETs

(i) All wireless links are symmetric which means that ifnode 119860 is in transmission range of some node 119861 so 119861

is in transmission range of 119860 as well(ii) Adversaries have unbounded eavesdropping capa-

bility but bounded computing and node intrusioncapabilities

To resist outsider attack our anonymous cooperativecache based data access schemes should prevent outsideradversary from learning the identity of source node anddestination node and intermediate nodes en route To resistinsider attack our anonymous cooperative cache based dataaccess schemes should prevent insider adversary from deter-miningwhether another node is the source or the destinationor an intermediate node en route of a particular message Sowe consider the following three types of anonymity for ouranonymous cooperative cache based data access schemes inMANETs

(i) Anonymity of source and destination nodes Both thesource and destination nodes is anonymous to othersand no one knows the location of the source node ordestination node

(ii) Anonymity of intermediate nodes Nobody knows thereal identities and location of intermediate nodeseven the node en route cannot know the real identitiesand locations of other nodes

(iii) Anonymity of the route Adversaries cannot trace apacket flow back to its source or the destinationsNobody knows the real routing path between thesource and destination nodes For adversaries not inthe route they have no information on any part of theroute


For convenience of presentation we introduce the nota-tions that will be used in our proposed anonymous coopera-tive cache based data access schemes in notations section

4 Anonymous Data Access Scheme Basedon Onion Packet

41 Route Request Phase The route request phase allows asource node 119878 to discover and establish a routing path to adestination node119863 through a number of intermediate nodesTo keep communication anonymity none of the intermediatenodes participating in this phase should discover the identi-ties of 119878 and 119863 The source node 119878 constructs a route requestmessage packet with the following format and broadcasts toall its neighboring nodes

[RREQ SEQPDN119904CIDPDN

119894minus1 119901k119904] (3)

RREQ field indicates that it is the the route request messagepacket SEQ field indicates the packet sequence number thatserves as the unique identifier of the request and it is alsoused by the intermediate nodes to validate whether an routereply is generated by the real destination in the route replyphase PDN

119904field indicates the pseudonym of the source

node which is the temporary identity of node 119878When a node 119883

119894receives a route request message packet

with the following format


119894minus1 119901119896119904] (4)

it processes the packet according to the following steps

(1) Check whether the packet has already been receivedby using the fields SEQ as the unique identifier for thepacket

(2) If the packet has not been received then 119883119894checks

whether it has the requested cache data or not

(i) If the node has the requested cache data (ienode 119883

119894is the destination node) then the

process jumps to the route reply phase(ii) If node 119883

119894has not the requested cache data

it records SEQ PDN119904 PDN

119894minus1into its routing

table and generates a new routing table entry asfollows

[SEQPDN119904PDN

119894minus1PDN

119894K119894TTL] (5)

The field PDN119894denotes a pseudonym generated by

node 119883119894for this session the field K

119894denotes a

symmetric session key generated randomly by node119883119894that will be used to encrypt the data from neighbor

(this field is not set in this phase) Finally node 119883119894

replaces the field PDN119894minus1

with PDN119894in the received

route request message packet and rebroadcasts therequest to all its neighbors

(3) If the packet has been received then 119883119894checks

whether the pseudonym PDN119894minus1

has been recordedin the routing table associated with SEQ

(i) If PDN119894minus1

is one of the nodes in the routingtable drop the packet and stop

(ii) Otherwise node 119883119894records the pseudonym

PDN119894minus1

into its routing table as one of thereverse node The reverse node is the next nodein the reverse path towards the source in theroute reply phase

42 Route Reply Phase The destination node119863 first choosesa random symmetric key K

119889and a pseudonym PDN

119889

generates and appends a new routing table entry with thefollowing format

[SEQPDN119904PDN

119894minus1PDN

119889K119889TTL] (6)

where PDN119894minus1

is the pseudonym that the destination node119863got the route request message packet from the previous hopThen the destination node generates a route reply messagepacket with the following format

[RREP SEQPDN119904PDN

119894minus1 119901k119889ONI]

where ONI def= [119864119901119896119904

(K119889) 119864119870119889

(PDN119889)]

(7)

Finally the destination node broadcasts the route replymessage packet to all its neighbors

For every intermediate node 119883119894who receives the route

reply message packet it first checks whether there is an entryin its anonymous routing table whose SEQ and PDN

119904fields

are the same as those of the received packet If there existssuch an entry then node 119883

119894checks whether the field PDN

119894

of this entry is equal to the field PDN119894minus1

of the packet Ifyes node 119883

119894chooses a symmetric key K

119894and fills it into the

field K119894of this entry Furthermore node119883

119894replaces the field

PDN119894minus1

of the packet with the field PDN119894minus1

recorded by itselfand changes fieldONI of the packet into the following format

ONI = [119864119901119896119904

(119870119894) 119864119870119894

(ONI)] (8)

Finally node 119883119894broadcasts the packet to its neighbors

This process loops until the source node 119878 gets the packetThe source node 119878 decrypts the received ONI by using itscorresponding private key 119904119896

119904 thus the source node can get all

the symmetric encryption keys 119870119894and pseudonym of nodes

PDN119894along the path

43 Data Request Phase The source node 119878 generates andbroadcasts the data cache request packet with the followingformat

[DREQPESU119894ONI] (9)

where

ONI = 1198641198701

[IMNPDN1

E119870119894

[IMNPDN119894 E

119870119889[ENDRT] sdot sdot sdot ]]

RT = 119864119901119896119889

[PDN1K1 PDN

119894K119894 PDN

119889K119889]

(10)


The intermediate node119883119894determinewhether he is in the path

by checking the field PDN119894in the received data packet against

his pseudonym If yes node119883119894decrypts the ONI and gets the

pseudonym for the next hop Then node119883119894replaces the field

PDN119894with decrypted pseudonym For the destination node

119863 when it decrypts the ONI it gets the route information

44 Anonymous Data Transmission Phase The process ofdata cache transmission is similar with the process of thedata cache request The difference is that the route pathinformation are included in the process of data cache requestwhile the cache-related data are included in the process ofdata cache transmission

Every node has to broadcast the request packets to theentireMANET to get the cache data in our proposed schemeRecently Wu and Cao [11] proposed a Voronoi Diagrambased cooperative cache discovery approach to reduce dataaccess cost by limiting the cache information update andquery within a single Voronoi Region We can furtherextend our anonymous data access scheme according to thefollowing idea for each type of cache all nodes send theroute request packets Once nodes receive route reply packetsthey compute the length of hops for every received packetand choose the shortest two If the two shortest paths areequal then we assure that the node is the edge node of theVoronoi Region So for that type of cache the node will stopbroadcasting the request packet to these nodes

5 Anonymous Data Access SchemeBased on PBE

51 Route Request Phase The source node 119878 cannot findsome data in the local cache it asks for its neighbor nodesby broadcasting a route request message packet with thefollowing format

[RREQ SEQCIDPDN0 SigPDN0] (11)

where PDN0and PDN

119904are two pseudonyms generated by

the source node and PDN0is used to represent source nodersquos

identity while PDN119904will be used to encrypt the requested

dataOnce the intermediate node119883

119894received the route request

message packet 119883119894first verifies the signature of the previous

hop to ensure the validity of the pseudonym PDN119894minus1

If theverification fails it discards the route request message packetOtherwise 119883

119894checks whether it has a cache copy of the

corresponding CID If yes node 119883119894is the destination node

If not node 119883119894replaces the fourth field PDN

0 in the route

request message packet with its own pseudonym PDN119894 and

add a new route recordwith the following format into its localrouting table

[SEQCIDPDN119894minus1

PDN119894 0TTL] (12)

where the fifth field is set for the pseudonym of the next hopPDN119894+1

Afterwards it goes on broadcasting the route requestmessage packet

52 Route Response Phase Suppose that the node 119863 findsthe cache copy of the requested data according to its SEQand CID after received the route request packet It goes onbroadcasting with certain probability to confuse adversariesin order to protect the privacy that it is the destination nodeIf the destination node 119863 receives many packets with thesame keywords (SEQCID) it only responses to the first routerequest packet by generating a route reply message packetwith the following format

[RREP SEQCID 119864PDN119894minus1 (PDN119894) PDN119894minus1 SigPDN119894+1] (13)

At the same time it add a new route record with the followingformat into its local routing table


PDN119894 0TTL] (14)

The intermediate node 119883119894in the replying path firstly checks

whether the field PDN119894minus1

is equal to its own pseudonym ornot If it is not node 119883

119894then discards the packet Otherwise

node 119883119894continues to verify the signature in the packet to

ensure the validity of the PDN119894+1

And then node 119883119894checks

the route table against keywords (SEQCID) after receivedthe route reply packet It discards the packet if there isnot a corresponding item Otherwise it decrypts the item119864PDN119894minus1(PDN119894) to get PDN

119894using the corresponding private

key Then node 119883119894encrypts PDN

119894minus1(the pseudonym of the

node itself) using PDN119894minus2

to get the new route reply packetand goes on broadcasting The function of encryption is tokeep the privacy of the identity of PDN

119894minus1

53 Data Request Phase After receiving the route replypacket the source node 119878 broadcasts the data requestmessagepacket with following format

[DREQ SEQCID 119864PDN119894+1 (PDN119894PDN119904)] (15)

The intermediate node checks the anonymous route table todecide whether it is the corresponding node by matching thePDN119894+1

of the received packet and PDN119894of the node itself If

it is the correct match it can decrypt to obtain PDN119894of the

packet Then it matches it with the PDN119894minus1

in the route tableto decide whether it is the right path to follow It discardsthe packet if they do not match Otherwise it decrypts thepacket and replace the field PDN

119894with PDN

119894+1(actually the

pseudonym of the node itself) and encrypts (PDN119894+1

PDN119904)

with PDN119894+2

and keeps on broadcasting

54 Anonymous Data Transmission Phase The destinationnode 119863 gets the requested data by searching in its routetable against keywords (SEQ CID) after received the datarequest packet Firstly it goes on broadcasting with a certainprobability Simultaneously it encrypts the data with PDN

119904

and encrypts its pseudonym with PDN119894minus1

Then it broadcaststhe data cache reply message packet with the followingformat

[DREP SEQCID 119864PDN119904 (data) 119864PDN119894minus1 (PDN119894)] (16)


The intermediate node 119883119894decrypts the field 119864PDN119894minus1(PDN119894)

of the received data cache reply message packet to get PDN119894

then node 119883119894try to match it with field PDN

119894+1in the local

routing table If there is no match node 119883119894discards the

packet Otherwise node 119883119894generates new data cache reply

message packet by replacing the field PDN119894minus1

and PDN119894

with the pseudonym of the previous hop and the currentnode 119883

119894 respectively Then node 119883

119894goes on broadcasting

the new data cache reply message packet Finally the sourcenode 119878 receives the data cache reply message packet gets therequired data by decrypting the packet with the private keycorresponding to PDN

119904 and broadcasts the packet with a

certain probability

6 Analysis on the Proposed Anonymous DataAccess Schemes

In the context of anonymity analysis we assume that adver-saries may be en route as well as out of the route and theyare interested in the privacy information about the route andnodes en route

We use pseudonyms to identify the nodes without unveil-ing the real identities and locations of all the nodes thusthe privacy of locations and identities of the nodes are wellprotected In our anonymous data access scheme based ononion packet the information of route is encrypted thewhole routing path are only known by the source node anddestination node The path consists of pseudonyms of eachnode intermediate nodes may only know the number ofhops the proposed anonymous data access scheme based ononion packet provides weak anonymity In our anonymousdata access scheme based on PBE the information of therouting path is only recorded separately in the route tableof each node with pseudonyms Even adversaries en routecan get nothing about the route except pseudonyms of itsprevious hop and next hop The pseudonym of the sourcenode used for encrypting the data is transferred along thepath however it uses another pseudonym to participate inthe route path So even the next hop of the source node knowsnothing about the fact it is the source node thus our proposedanonymous data access scheme based on PBE provides stronganonymity

In our proposed two anonymous data access schemespassive eavesdropper can only catch packets encrypted by apublic key or a session key For active adversaries who maypretend to be the destination node to send fake route replypacket to the requested node and control some nodes alongthe routing path they could only get the pseudonyms of theprevious hop and next hop and the encrypted data packet

In our proposed anonymous data access scheme basedon onion packet DOS attacker cannot control which nodethey get the cache data from and they do not know thetrue identity of the cache node In our proposed anonymousdata access scheme based on PBE the node has to beauthenticated before it requests the cache data Thus ourproposed anonymous data access schemes can resist DOSattack

7 Conclusion

Secure anonymity cooperative caching is one of the impor-tant task in mobile ad hoc networks in certain privacy vitalenvironments In this paper we give anonymity requirementsfor cooperative cache-based data access in mobile ad hocnetworks and present two efficient anonymous data accessscheme based on onion message and pseudonym-basedencryption respectively The proposed schemes cannot onlyprotect the privacy of nodes and routes but can also resistboth passive and active attacks

Notations

RREQ the flag of route request message packetRREP the flag of route reply message packetDREQ the flag of data cache request message

packetDREP the flag of data cache reply message packetIMN the flag of intermediate nodeEND the flag of destination nodeCID the identifier of requested cache dataSEQ the sequence number of the current

sessionPDN119904 the pseudonym of the source node 119878

PDN119889 the pseudonym of the destination node119863

PDN119894 the pseudonym of the intermediate node

119883119894

TTL time-to-live valuesK119894 the symmetric key chosen by the

intermediate node119883119894

E119870(119898) encrypt message119898 by symmetric

encryption with key119870

119901119896119904 the public key of the source node 119878

119901119896119889 the public key of the destination node119863

E119901119896(119898) encrypt message119898 by asymmetric

encryption with public key 119901119896

EPDN119894(119898) encrypt message119898 by using pseudonymbased encryption scheme with pseudonymPDN119894

ONI the onion data packetSigPDN119894 the signature generated by node with

pseudonym PDN119894

Acknowledgment

This research is jointly funded by the National NaturalScience Foundation of China (Grant no 61173189) and theGuangdong Province Information Security Key LaboratoryProject

References

[1] W J Lou and Y Fang ldquoA survey on wireless security in mobilead hoc networks challenges and available solutionsrdquo in Ad HocWireless Networking pp 68ndash73 Kluwer Academic New YorkNY USA 2003

[2] R Song L Korba and G Yee ldquoAnonDSR efficient anonymousdynamic source routing for mobile ad-hoc networksrdquo in ACM


Workshop on Security of Ad Hoc and Sensor Networks (SASNrsquo05) pp 33ndash42 November 2005

[3] Y Zhang W Liu and W Lou ldquoAnonymous communicationsin mobile ad hoc networksrdquo in Proceedings of IEEE InformationCommunications Conference (INFOCOM rsquo05) pp 1940ndash1951March 2005

[4] D Boneh andM Franklin ldquoIdentity-based encryption from theWeil pairingrdquo in Proceedings of the 21st Annual InternationalCryptology Conference on Advances in Cryptology (CRYPTOrsquo01) vol 2139 of Lecture Notes in Computer Science pp 213ndash229Springer Santa Barbara Calif USA 2001

[5] D J Huang ldquoPseudonym-based cryptography for anonymouscommunications in mobile ad hoc networksrdquo InternationalJournal of Security and Networks vol 2 no 3-4 pp 272ndash2832007

[6] E Sheklabadi and M Berenjkoub ldquoAn anonymous securerouting protocol for mobile ad hoc networksrdquo in Proceedingsof the International Symposium on Computer Networks andDistributed Systems (CNDS rsquo11) pp 142ndash147 February 2011

[7] D B Johnson ldquoRouting in ad hoc networks of mobile hostsrdquo inProceedings of the Workshop on Mobile Computing Systems andApplications pp 158ndash163 December 1994

[8] Y-W Ting and Y-K Chang ldquoA novel cooperative cachingscheme for wireless ad hoc networks GoupCachingrdquo in Pro-ceedings of the 2nd International Conference on NetworkingArchitecture and Storage (NAS rsquo07) pp 62ndash68 July 2007

[9] L Yin and G Cao ldquoSupporting cooperative caching in ad hocnetworksrdquo IEEE Transactions on Mobile Computing vol 5 no1 pp 77ndash89 2006

[10] J Zhao P Zhang G Cao and C R Das ldquoCooperative cachingin wireless P2P networks design implementation and evalua-tionrdquo IEEETransactions on Parallel andDistributed Systems vol21 no 2 pp 229ndash241 2010

[11] W G Wu and J N Cao ldquoEfficient cache discovery for cooper-ative caching in wireless ad hoc networksrdquo in Proceedings of the18th IEEE International Conference on Parallel and DistributedSystems (ICPADS rsquo12) pp 323ndash330 2012

International Journal of

AerospaceEngineeringHindawi Publishing Corporationhttpwwwhindawicom Volume 2014

RoboticsJournal of

Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014


Active and Passive Electronic Components

Control Scienceand Engineering

Journal of



RotatingMachinery


Hindawi Publishing Corporation httpwwwhindawicom

Journal ofEngineeringVolume 2014

Submit your manuscripts athttpwwwhindawicom

VLSI Design



Shock and Vibration


Civil EngineeringAdvances in

Acoustics and VibrationAdvances in



Electrical and Computer Engineering

Journal of

Advances inOptoElectronics


Volume 2014

The Scientific World JournalHindawi Publishing Corporation httpwwwhindawicom Volume 2014

SensorsJournal of


Modelling amp Simulation in EngineeringHindawi Publishing Corporation httpwwwhindawicom Volume 2014


Chemical EngineeringInternational Journal of Antennas and

Propagation




Navigation and Observation



DistributedSensor Networks



source and destination nodeswhen the protocol is completedZhang et al [3] proposed an anonymous on-demandrouting protocol based on identity-based encryption [4] forMANETs In their approach nodes use pseudonyms insteadof their real identifiers and each node can dynamicallychanges its pseudonyms Each node self-generates a set ofpseudonyms and submit them to the trusted authority andthe trusted authority generates corresponding private keysand sends them back to the node The drawback of Zhang etalrsquos approach is the underlying anonymous communicationsare not blind to the trusted private key generator (PKG) LaterHuang [5] presented an anonymous communication systemforMANETs based on pseudonym-based cryptographywith-out trusted PKG Sheklabadi and Berenjkoub [6] proposedan anonymous version of authenticated routing for ad hocnetworks (ARAN)which can provide a variety of anonymousfunctionalities such as identity privacy location privacy androute anonymity together with security features of ARANHowever the proposed protocol is based on a impracticalassumption that there is a shared secret between the sourceand the destination

Although routing is an important issue in MANETsother issues such as data access are also very importantsince the ultimate goal of using MANETs is to provide dataaccess to mobile nodes Caching techniques are an efficientway for increasing the performance in data communica-tion which has been widely used in different fields suchas CPU design multiprocessor memory architecture orrouter design Internet uses cache placement and replacementin proxy servers and cooperative caching architecture toreduce the network traffic and average latency of data querysignificantly [7] As mobile nodes in ad hoc networks mayhave similar tasks and share common interest cooperativecaching which allows the sharing and coordination of cacheddata among multiple nodes can be used to reduce thebandwidth and power consumption However cooperativecaching techniques designed for wired networks may not beapplied directly to MANETs due to their dynamic topologyand constrained resources (ie bandwidth battery powerand computational capacity)

Ting and Chang [8] proposed a cooperative cachingscheme for wireless ad hoc networks called GroupCachingwhich allows each mobile host and its 1-hop neighbors forma group and the caching status is exchanged and maintainedperiodically in a group Yin and Cao [9] proposed threecooperative caching schemes for ad hoc networks calledCachePath CacheData andHybridCache respectively Zhaoet al [10] proposed a novel asymmetric cooperative cacheapproach where the data requests are transmitted to thecache layer on every node but the data replies are onlytransmitted to the cache layer at the intermediate nodesthat need to cache the data Recently Wu and Cao [11]proposed a Voronoi Diagram-based cooperative cache dis-covery approach to reduce data access cost by limiting thecache information update and query within a single VoronoiRegion Currently existing cooperative caching schemes inMANETs have not yet considered the problem of anonymity

In this paper we give anonymity requirements for coop-erative cache based data access in MANETs and present

two efficient anonymous cooperative cache based data accessschemes based on onion message and pseudonym-basedencryption respectively The proposed schemes cannot onlyprotect confidentiality of sensitive cache data but can alsoprotect privacy of nodes and routes

The rest of this paper is organized as follows Somenecessary background knowledge about bilinear pairings andpseudonym-based encryption are introduced in Section 2The anonymity requirements and system model of anony-mous cooperative cache based data access in MANETs areexplained in Section 3 Our proposed anonymous cooper-ative cache based data access schemes in MANETs basedon onion message and pseudonym-based encryption aredescribed in Sections 4 and 5 respectively Anonymity andsecurity analysis of the two proposed cooperative cache baseddata access schemes in MANETs are presented in Section 6We conclude our work in Section 7

2 Preliminary Works

We first introduce some notations If S is a set then 119909isin119877S

denotes the operation of picking an element 119909 uniformly atrandom from S A function 119891(120582) is negligible if for every119888 gt 0 there exists a 120582

119888 such that 119891(120582) lt 1120582

119888 for all 120582 gt 120582119888

21 Bilinear Pairings and the Bilinear Diffie-Hellman Assump-tion Let G

1be an additive cyclic group of large prime order

119902 andG2be a multiplicative cyclic group of the same order 119902

In particular G1is a subgroup of the group of points on an

elliptic curve over a finite field and G2is a subgroup of the

multiplicative group over a finite field Let 119875 be a generator ofG1 A bilinear pairing is an admissiblemap 119890 G

1timesG1rarr G2

and satisfies the following properties

(i) Bilinearity For 119886 119887isin119877Zlowast119902 we have 119890([119886]119875 [119887]119875) =

119890(119875 119875)119886119887

(ii) Nondegeneracy The map does not send all pairs inG1timesG1to the identity inG

2 this implies that 119890(119875 119875)

is a generator of G2

(iii) Computability There is an efficient algorithm tocompute 119890(119875

1 1198752) for 119875

1isin119877G1and 119875

2isin119877G1

The bilinear group generator g(1120582) is an algorithm that

takes as input a security parameter 120582 and outputs a bilineargroup (119902G

1G2 119890) where 119902 is a prime of size 2

120582 G1and G

2

are cyclic groups of order 119902 and 119890 is an admissible bilinearmap

Given a bilinear group (119902G1G2 119890) generated by g(120582)

and (119875 119886119875 119887119875 119888119875) for some 119886 119887 119888isin119877Zlowast119902 The BDH problem

in the bilinear group (119902G1G2 119890) is to compute 119882 =

119890(119875 119875)119886119887119888

isin G2 The advantage of an algorithm A in solving

the BDH problem in the bilinear group (119902G1G2 119890) is

defined by

AdvBDHgA (120582) = Pr [A (119875 119886119875 119887119875 119888119875) = 119890(119875 119875)119886119887119888

] (1)

where the probability is over the random choice of 119886 119887 119888 inZlowast119902 the random choice of 119875 isin G

1 and the random bits ofA





1G2 119890)



params = (G1G2 119890 119902 119875 119875pub = [119904] 119875 119899119867119867

2 1198673 1198674)

(2)


G1 1198672

G2

rarr 0 1119899 1198673

0 12119899

rarr Zlowast119902

and 1198674

0 1119899







119896minus1


equiv 1 mod 119902 119876119860

= [119896119896]119875 1198761015840

119860= [

119896minus1

minus

1]119875pub and 119888119860

= 119890(119876119860 1198761015840

119860) Finally he sets 119875119863

119860=


119875119863119860= [119904119896]119875 as




random 119903isin1198770 1119899 sets 119905 = 119867

3(119903119872) computes and


[119905]119875119881 = 119903oplus1198672(119890(119876119860 119875pub)

119905119888119905

119860) and119882 = 119872oplus119867

4(119903)


1015840= 119881 oplus 119867

2(119890(119878119875119863119860

119880)) and 1198721015840= 119882 oplus

1198674(1199031015840) then 119860 sets 119905

1015840= 1198673(11990310158401198721015840) and tests if 119880 =




3 System Model
























119894minus1 119901k119904] (3)







119894minus1 119901119896119904] (4)












[SEQPDN119904PDN

119894minus1PDN

119894K119894TTL] (5)



119894denotes a












PDN119894minus1




119889


[SEQPDN119904PDN

119894minus1PDN

119889K119889TTL] (6)




119894minus1 119901k119889ONI]

where ONI def= [119864119901119896119904

(K119889) 119864119870119889

(PDN119889)]

(7)




119904fields



119894







PDN119894minus1



ONI = [119864119901119896119904

(119870119894) 119864119870119894

(ONI)] (8)








where

ONI = 1198641198701

[IMNPDN1

E119870119894

[IMNPDN119894 E


RT = 119864119901119896119889

[PDN1K1 PDN

119894K119894 PDN

119889K119889]

(10)













where PDN0and PDN












0 in the route




PDN119894 0TTL] (12)







PDN119894 0TTL] (14)














119894minus1








119894with PDN



PDN119904)

with PDN119894+2



119904












and PDN119894






certain probability






7 Conclusion


Notations






119883119894











pseudonym PDN119894

Acknowledgment


References
















RoboticsJournal of





Journal of



RotatingMachinery





VLSI Design



Shock and Vibration







Journal of



Volume 2014


SensorsJournal of





Propagation













1G2 119890)



params = (G1G2 119890 119902 119875 119875pub = [119904] 119875 119899119867119867

2 1198673 1198674)

(2)


G1 1198672

G2

rarr 0 1119899 1198673

0 12119899

rarr Zlowast119902

and 1198674

0 1119899







119896minus1


equiv 1 mod 119902 119876119860

= [119896119896]119875 1198761015840

119860= [

119896minus1

minus

1]119875pub and 119888119860

= 119890(119876119860 1198761015840

119860) Finally he sets 119875119863

119860=


119875119863119860= [119904119896]119875 as




random 119903isin1198770 1119899 sets 119905 = 119867

3(119903119872) computes and


[119905]119875119881 = 119903oplus1198672(119890(119876119860 119875pub)

119905119888119905

119860) and119882 = 119872oplus119867

4(119903)


1015840= 119881 oplus 119867

2(119890(119878119875119863119860

119880)) and 1198721015840= 119882 oplus

1198674(1199031015840) then 119860 sets 119905

1015840= 1198673(11990310158401198721015840) and tests if 119880 =




3 System Model
























119894minus1 119901k119904] (3)







119894minus1 119901119896119904] (4)












[SEQPDN119904PDN

119894minus1PDN

119894K119894TTL] (5)



119894denotes a












PDN119894minus1




119889


[SEQPDN119904PDN

119894minus1PDN

119889K119889TTL] (6)




119894minus1 119901k119889ONI]

where ONI def= [119864119901119896119904

(K119889) 119864119870119889

(PDN119889)]

(7)




119904fields



119894







PDN119894minus1



ONI = [119864119901119896119904

(119870119894) 119864119870119894

(ONI)] (8)








where

ONI = 1198641198701

[IMNPDN1

E119870119894

[IMNPDN119894 E


RT = 119864119901119896119889

[PDN1K1 PDN

119894K119894 PDN

119889K119889]

(10)













where PDN0and PDN












0 in the route




PDN119894 0TTL] (12)







PDN119894 0TTL] (14)














119894minus1








119894with PDN



PDN119904)

with PDN119894+2



119904












and PDN119894






certain probability






7 Conclusion


Notations






119883119894











pseudonym PDN119894

Acknowledgment


References
















RoboticsJournal of





Journal of



RotatingMachinery





VLSI Design



Shock and Vibration







Journal of



Volume 2014


SensorsJournal of





Propagation














119894minus1 119901k119904] (3)







119894minus1 119901119896119904] (4)












[SEQPDN119904PDN

119894minus1PDN

119894K119894TTL] (5)



119894denotes a












PDN119894minus1




119889


[SEQPDN119904PDN

119894minus1PDN

119889K119889TTL] (6)




119894minus1 119901k119889ONI]

where ONI def= [119864119901119896119904

(K119889) 119864119870119889

(PDN119889)]

(7)




119904fields



119894







PDN119894minus1



ONI = [119864119901119896119904

(119870119894) 119864119870119894

(ONI)] (8)








where

ONI = 1198641198701

[IMNPDN1

E119870119894

[IMNPDN119894 E


RT = 119864119901119896119889

[PDN1K1 PDN

119894K119894 PDN

119889K119889]

(10)













where PDN0and PDN












0 in the route




PDN119894 0TTL] (12)







PDN119894 0TTL] (14)














119894minus1








119894with PDN



PDN119904)

with PDN119894+2



119904












and PDN119894






certain probability






7 Conclusion


Notations






119883119894











pseudonym PDN119894

Acknowledgment


References
















RoboticsJournal of





Journal of



RotatingMachinery





VLSI Design



Shock and Vibration







Journal of



Volume 2014


SensorsJournal of





Propagation





















where PDN0and PDN












0 in the route




PDN119894 0TTL] (12)







PDN119894 0TTL] (14)














119894minus1








119894with PDN



PDN119904)

with PDN119894+2



119904












and PDN119894






certain probability






7 Conclusion


Notations






119883119894











pseudonym PDN119894

Acknowledgment


References
















RoboticsJournal of





Journal of



RotatingMachinery





VLSI Design



Shock and Vibration







Journal of



Volume 2014


SensorsJournal of





Propagation

















and PDN119894






certain probability






7 Conclusion


Notations






119883119894











pseudonym PDN119894

Acknowledgment


References
















RoboticsJournal of





Journal of



RotatingMachinery





VLSI Design



Shock and Vibration







Journal of



Volume 2014


SensorsJournal of





Propagation






















RoboticsJournal of





Journal of



RotatingMachinery





VLSI Design



Shock and Vibration







Journal of



Volume 2014


SensorsJournal of





Propagation









research article two anonymous cooperative...

Documents