Sage Journals: Discover world-class research

Abstract

Mobile ad hoc network has been extensively studied in recent years due to its potential applications in civilian and military environments. Cooperative caching, which allows the sharing and coordination of cached data among multiple nodes, could be employed to improve data accessibility and reduce data access cost in mobile ad hoc networks. In this paper, we give anonymity requirements for cooperative cache-based data access in mobile ad hoc networks and present two efficient anonymous data access schemes based on onion message and pseudonym-based encryption, respectively. The proposed schemes can not only protect confidentiality of sensitive cache data but can also protect privacy of nodes and routes.

1. Introduction

A mobile adhoc network (MANET) is a self-configuring temporary network of mobile devices connected by wireless links without infrastructure support. The benefits of flexible routing, global connectivity and a highly adaptive potential make MANETs suitable for a wide range of applications in both military and commercial environments, such as battlefields, disaster relief operations, personal area networking, mobile information sharing, and vehicular networks.

Similar to the wired network, security requirements for MANETs include availability, confidentiality, integrity, authentication, nonrepudiation. Compared to the wired network, MANET is more vulnerable to security attacks due to its features of open medium, dynamic changing topology, cooperative algorithms, lack of centralized monitoring and management point, and so forth [1].

Traffic analysis is one of the most serious security attacks in MANETs due to the broadcast nature of the wireless medium. In this attack, adversaries can obtain sensitive information about the applications even without revealing the contents of the messages just by observing network traffic pattern. For example, an attacker can identify the communicating parties and their positions by tracing and analyzing the network traffic patterns. This may lead to severe threats in security-sensitive applications. For instance, in a battle field the enemy can physically destroy the important mobile nodes if they can identify and locate such nodes by traffic analysis. Ideally, a node should be able to keep its identity, its location and its correspondents private, that is, remain anonymous. Simple traffic padding approach by generating dummy traffic into the network does not aim to hide the identifiers of communicating nodes and so cannot completely prevent traffic analysis.

In order to thwart traffic analysis attack, anonymous mobile ad hoc routing protocols are developed and have been attracting the attention of more and more researchers in recent years. The most current anonymous routing protocols for MANETs assume that mobile users share pairwise secrets before they start an anonymous communication session. This assumption is impractical for many ad hoc scenarios where pairwise shared keys are difficult to be set up in advance.

Song et al. [2] presented an anonymous dynamic source routing protocol for MANETs. The protocol employs anonymous onion routing between the source and destination, and each intermediate node owns a shared session key with the source and destination nodes when the protocol is completed. Zhang et al. [3] proposed an anonymous on-demand routing protocol based on identity-based encryption [4] for MANETs. In their approach, nodes use pseudonyms instead of their real identifiers, and each node can dynamically changes its pseudonyms. Each node self-generates a set of pseudonyms and submit them to the trusted authority, and the trusted authority generates corresponding private keys and sends them back to the node. The drawback of Zhang et al.'s approach is the underlying anonymous communications are not blind to the trusted private key generator (PKG). Later, Huang [5] presented an anonymous communication system for MANETs based on pseudonym-based cryptography without trusted PKG. Sheklabadi and Berenjkoub [6] proposed an anonymous version of authenticated routing for ad hoc networks (ARAN), which can provide a variety of anonymous functionalities such as identity privacy, location privacy, and route anonymity together with security features of ARAN. However, the proposed protocol is based on a impractical assumption that there is a shared secret between the source and the destination.

Although routing is an important issue in MANETs, other issues such as data access are also very important since the ultimate goal of using MANETs is to provide data access to mobile nodes. Caching techniques are an efficient way for increasing the performance in data communication, which has been widely used in different fields such as CPU design, multiprocessor, memory architecture, or router design. Internet uses cache placement and replacement in proxy servers and cooperative caching architecture to reduce the network traffic and average latency of data query significantly [7]. As mobile nodes in ad hoc networks may have similar tasks and share common interest, cooperative caching, which allows the sharing and coordination of cached data among multiple nodes, can be used to reduce the bandwidth and power consumption. However, cooperative caching techniques designed for wired networks may not be applied directly to MANETs due to their dynamic topology and constrained resources (i.e., bandwidth, battery power, and computational capacity).

Ting and Chang [8] proposed a cooperative caching scheme for wireless ad hoc networks called GroupCaching, which allows each mobile host and its 1-hop neighbors form a group, and the caching status is exchanged and maintained periodically in a group. Yin and Cao [9] proposed three cooperative caching schemes for ad hoc networks, called CachePath, CacheData, and HybridCache, respectively. Zhao et al. [10] proposed a novel asymmetric cooperative cache approach, where the data requests are transmitted to the cache layer on every node, but the data replies are only transmitted to the cache layer at the intermediate nodes that need to cache the data. Recently, Wu and Cao [11] proposed a Voronoi Diagram-based cooperative cache discovery approach to reduce data access cost by limiting the cache information update and query within a single Voronoi Region. Currently existing cooperative caching schemes in MANETs have not yet considered the problem of anonymity.

In this paper, we give anonymity requirements for cooperative cache based data access in MANETs, and present two efficient anonymous cooperative cache based data access schemes based on onion message and pseudonym-based encryption, respectively. The proposed schemes cannot only protect confidentiality of sensitive cache data but can also protect privacy of nodes and routes.

The rest of this paper is organized as follows. Some necessary background knowledge about bilinear pairings and pseudonym-based encryption are introduced in Section 2. The anonymity requirements and system model of anonymous cooperative cache based data access in MANETs are explained in Section 3. Our proposed anonymous cooperative cache based data access schemes in MANETs based on onion message and pseudonym-based encryption are described in Sections 4 and 5, respectively. Anonymity and security analysis of the two proposed cooperative cache based data access schemes in MANETs are presented in Section 6. We conclude our work in Section 7.

2. Preliminary Works

We first introduce some notations. If S is a set, then $x \in_{R} S$ denotes the operation of picking an element x uniformly at random from S. A function $f (λ)$ is negligible if for every $c > 0$ , there exists a $λ_{c}$ , such that $f (λ) < 1 / λ^{c}$ for all $λ > λ_{c}$ .

2.1. Bilinear Pairings and the Bilinear Diffie-Hellman Assumption

Let $G_{1}$ be an additive cyclic group of large prime order q and $G_{2}$ be a multiplicative cyclic group of the same order q. In particular, $G_{1}$ is a subgroup of the group of points on an elliptic curve over a finite field and $G_{2}$ is a subgroup of the multiplicative group over a finite field. Let P be a generator of $G_{1}$ . A bilinear pairing is an admissible map $\hat{e} : G_{1} \times G_{1} \to G_{2}$ and satisfies the following properties. (i)

Bilinearity. For $a, b \in_{R} Z_{q}^{*}$ , we have $\hat{e} ([a] P, [b] P) = e (P, P)^{a b}$ .

(ii)

Nondegeneracy. The map does not send all pairs in $G_{1} \times G_{1}$ to the identity in $G_{2}$ , this implies that $\hat{e} (P, P)$ is a generator of $G_{2}$ .

(iii)

Computability. There is an efficient algorithm to compute $\hat{e} (P_{1}, P_{2})$ for $P_{1} \in_{R} G_{1}$ and $P_{2} \in_{R} G_{1}$ .

The bilinear group generator $ℊ (1^{λ})$ is an algorithm that takes as input a security parameter λ and outputs a bilinear group $(q, G_{1}, G_{2}, \hat{e})$ , where q is a prime of size $2^{λ}$ , $G_{1}$ and $G_{2}$ are cyclic groups of order q, and $\hat{e}$ is an admissible bilinear map.

Given a bilinear group $(q, G_{1}, G_{2}, \hat{e})$ generated by $ℊ (λ)$ , and $(P, a P, b P, c P)$ for some $a, b, c \in_{R} Z_{q}^{*}$ . The BDH problem in the bilinear group $(q, G_{1}, G_{2}, \hat{e})$ is to compute $W = \hat{e} (P, P)^{a b c} \in G_{2}$ . The advantage of an algorithm 𝒜 in solving the BDH problem in the bilinear group $(q, G_{1}, G_{2}, \hat{e})$ is defined by

\begin{matrix} {Adv}_{ℊ, 𝒜}^{BDH} (λ) = Pr [𝒜 (P, a P, b P, c P) = \hat{e} {(P, P)}^{a b c}], \end{matrix}

(1)

where the probability is over the random choice of

a, b, c

Z_{q}^{*}

, the random choice of

P \in G_{1}

, and the random bits of 𝒜.

We say that the BDH assumption holds in the bilinear group $(q, G_{1}, G_{2}, \hat{e})$ if no probabilistic polynomial time (in λ) algorithm has a nonnegligible advantage in solving the BDH problem in the bilinear group $(q, G_{1}, G_{2}, \hat{e})$ .

2.2. Pseudonym-Based Encryption Scheme

Huang proposed a pseudonym-based encryption (PBE) scheme without trusted PKG to provide anonymous communication [5], which is described as follows. (i)

Setup. The PKG generates and publish system parameters as

\begin{matrix} params = (G_{1}, G_{2}, \hat{e}, q, P, P_{pub} = [s] P, n, H, H_{2}, H_{3}, H_{4}), \end{matrix}

(2)

where n denote bit length of plaintext,

H : G_{1} \times G_{2} \to G_{1}

H_{2} : G_{2} \to {0,1}^{n}

H_{3} : {0,1}^{2 n} \to Z_{q}^{*}

and

H_{4} : {0,1}^{n} \to {0,1}^{n}

denotes cryptographic secure hash functions, respectively. The PKG keeps the master secret key

s \in_{R} Z_{q}^{*}

secret.

(ii)

Extract. To self-generate a pseudonym and corresponding private key, an anonymous user first chooses $k \in_{R} Z_{q}^{*}$ and $\tilde{k} \in_{R} Z_{q}^{*}$ , then he computes ${\tilde{k}}^{- 1}$ satisfying $\tilde{k} {\tilde{k}}^{- 1} \equiv 1 \mod q$ , $Q_{A} = [k \tilde{k}] P$ , $Q_{A}^{'} = [{\tilde{k}}^{- 1} - 1] P_{pub}$ , and $c_{A} = \hat{e} (Q_{A}, Q_{A}^{'})$ . Finally, he sets $P D_{A} = 〈 Q_{A}, c_{A} 〉$ as his pseudonym, and sets $S_{P D_{A}} = [s k] P$ as the corresponding private key.

(iii)

Encrypt. To encrypt the plaintext $M \in {0,1}^{n}$ for an entity A with pseudonym $P D_{A}$ , the sender chooses a random $r \in_{R} {0,1}^{n}$ , sets $t = H_{3} (r, M)$ , computes and outputs the ciphertext $C = 〈 U, V, W 〉$ , where $U = [t] P$ , $V = r \oplus H_{2} (\hat{e} (Q_{A}, P_{pub})^{t} c_{A}^{t})$ , and $W = M \oplus H_{4} (r)$ .

(iv)

Decrypt. To decrypt C, the intended receiver A first computes $r^{'} = V \oplus H_{2} (\hat{e} (S_{P D_{A}}, U))$ and $M^{'} = W \oplus H_{4} (r^{'})$ , then A sets $t^{'} = H_{3} (r^{'}, M^{'})$ and tests if $U = [t^{'}] P$ . If it does not hold, A rejects the ciphertext. Otherwise, A outputs $M^{'}$ as the decryption of C.

Huang [5] proved that the above scheme is semantically secure pseudonym based encryption in the random oracle model assuming BDH is hard in groups generated by ℊ.

3. System Model

The system model for our proposed anonymous cooperative cache based data access schemes in MANETs is illustrated as Figure 1. There are n intermediate nodes between the source node and the destination node along the routing path. We denote the source node, nodes en route, and the destination node as S, $X_{i} (1 \leq i \leq n)$ , and D, respectively.

Figure 1

Route from source node to destination node.

The proposed anonymous cooperative cache based data access schemes in MANETs consist of the following four steps. (i)

Route Request Phase. The source node first constructs and initializes the route request message packet (RREQ) and broadcasts to search for the destination node who has a copy of required data cache.

(ii)

Route Reply Phase. The destination node constructs and sends a route reply packet (RREP) back to the source node along the path found by the first step.

(iii)

Data Request Phase. The source node sends data cache request message packet (DREQ) to the destination node.

(iv)

Anonymous Data Transmission Phase. The destination node transfers the requested data cache back to the source node.

We define an internal adversary as a node that is compromised and on the routing path. An external adversary is a compromised node not on the path, or an external node not directly participating in the MANET, that is, it only eavesdrops on traffic between nodes.

We make the following two assumptions for our anonymous cooperative cache-based data access schemes in MANETs. (i)

All wireless links are symmetric, which means that if node A is in transmission range of some node B, so B is in transmission range of A as well.

(ii)

Adversaries have unbounded eavesdropping capability but bounded computing and node intrusion capabilities.

To resist outsider attack, our anonymous cooperative cache based data access schemes should prevent outsider adversary from learning the identity of source node and destination node, and intermediate nodes en route. To resist insider attack, our anonymous cooperative cache based data access schemes should prevent insider adversary from determining whether another node is the source or the destination, or an intermediate node en route of a particular message. So, we consider the following three types of anonymity for our anonymous cooperative cache based data access schemes in MANETs. (i)

Anonymity of source and destination nodes. Both the source and destination nodes is anonymous to others, and no one knows the location of the source node or destination node.

(ii)

Anonymity of intermediate nodes. Nobody knows the real identities and location of intermediate nodes, even the node en route cannot know the real identities and locations of other nodes.

(iii)

Anonymity of the route. Adversaries cannot trace a packet flow back to its source or the destinations. Nobody knows the real routing path between the source and destination nodes. For adversaries not in the route, they have no information on any part of the route.

For convenience of presentation, we introduce the notations that will be used in our proposed anonymous cooperative cache based data access schemes in notations section.

4. Anonymous Data Access Scheme Based on Onion Packet

4.1. Route Request Phase

The route request phase allows a source node S to discover and establish a routing path to a destination node D through a number of intermediate nodes. To keep communication anonymity, none of the intermediate nodes participating in this phase should discover the identities of S and D. The source node S constructs a route request message packet with the following format and broadcasts to all its neighboring nodes:

\begin{matrix} [RREQ, SEQ, {PDN}_{s}, CID, {PDN}_{i - 1}, p k_{s}] . \end{matrix}

(3)

RREQ

field indicates that it is the the route request message packet,

SEQ

field indicates the packet sequence number that serves as the unique identifier of the request, and it is also used by the intermediate nodes to validate whether an route reply is generated by the real destination in the route reply phase.

{PDN}_{s}

field indicates the pseudonym of the source node, which is the temporary identity of node S.

When a node $X_{i}$ receives a route request message packet with the following format

\begin{matrix} [RREQ, SEQ, {PDN}_{s}, CID, {PDN}_{i - 1}, p k_{s}], \end{matrix}

(4)

it processes the packet according to the following steps.

(1)

Check whether the packet has already been received by using the fields $SEQ$ as the unique identifier for the packet.

(2)

If the packet has not been received, then $X_{i}$ checks whether it has the requested cache data or not.

(i)

If the node has the requested cache data (i.e., node $X_{i}$ is the destination node), then the process jumps to the route reply phase.

(ii)

If node $X_{i}$ has not the requested cache data, it records $SEQ$ , ${PDN}_{s}$ , ${PDN}_{i - 1}$ into its routing table and generates a new routing table entry as follows:

\begin{matrix} [SEQ, {PDN}_{s}, {PDN}_{i - 1}, {PDN}_{i}, K_{i}, TTL] . \end{matrix}

(5)

The field ${PDN}_{i}$ denotes a pseudonym generated by node $X_{i}$ for this session, the field $K_{i}$ denotes a symmetric session key generated randomly by node $X_{i}$ that will be used to encrypt the data from neighbor (this field is not set in this phase). Finally node $X_{i}$ replaces the field ${PDN}_{i - 1}$ with $PD N_{i}$ in the received route request message packet and rebroadcasts the request to all its neighbors.

(3)

If the packet has been received, then $X_{i}$ checks whether the pseudonym ${PDN}_{i - 1}$ has been recorded in the routing table associated with $SEQ$ .

(i)

If ${PDN}_{i - 1}$ is one of the nodes in the routing table, drop the packet and stop.

(ii)

Otherwise, node $X_{i}$ records the pseudonym ${PDN}_{i - 1}$ into its routing table as one of the reverse node. The reverse node is the next node in the reverse path towards the source in the route reply phase.

4.2. Route Reply Phase

The destination node D first chooses a random symmetric key $K_{d}$ and a pseudonym ${PDN}_{d}$ generates and appends a new routing table entry with the following format:

\begin{matrix} [SEQ, {PDN}_{s}, {PDN}_{i - 1}, {PDN}_{d}, K_{d}, TTL], \end{matrix}

(6)

where

{PDN}_{i - 1}

is the pseudonym that the destination node D got the route request message packet from the previous hop. Then the destination node generates a route reply message packet with the following format:

\begin{array}{l} [RREP, SEQ, {PDN}_{s}, {PDN}_{i - 1}, p k_{d}, ONI] \\ where ONI ≝ [{\hat{E}}_{p k_{s}} (K_{d}), E_{K_{d}} ({PDN}_{d})] . \end{array}

(7)

Finally, the destination node broadcasts the route reply message packet to all its neighbors.

For every intermediate node $X_{i}$ who receives the route reply message packet, it first checks whether there is an entry in its anonymous routing table whose $SEQ$ and $PD N_{s}$ fields are the same as those of the received packet. If there exists such an entry, then node $X_{i}$ checks whether the field ${PDN}_{i}$ of this entry is equal to the field ${PDN}_{i - 1}$ of the packet. If yes, node $X_{i}$ chooses a symmetric key $K_{i}$ and fills it into the field $K_{i}$ of this entry. Furthermore, node $X_{i}$ replaces the field $PD N_{i - 1}$ of the packet with the field ${PDN}_{i - 1}$ recorded by itself, and changes field $ONI$ of the packet into the following format:

\begin{matrix} ONI = [{\hat{E}}_{p k_{s}} (K_{i}), E_{K_{i}} (ONI)] . \end{matrix}

(8)

Finally, node

X_{i}

broadcasts the packet to its neighbors. This process loops until the source node S gets the packet. The source node S decrypts the received

ONI

by using its corresponding private key

s k_{s}

, thus the source node can get all the symmetric encryption keys

K_{i}

and pseudonym of nodes

{PDN}_{i}

along the path.

4.3. Data Request Phase

The source node S generates and broadcasts the data cache request packet with the following format:

\begin{matrix} [DREQ, {PESU}_{i}, ONI], \end{matrix}

(9)

where

\begin{array}{l} ONI = E_{K_{1}} [IMN, PD N_{1}, \dots, \\ E_{K_{i}} [IMN, PD N_{i}, \dots, E_{K_{d}} [END, RT] \dots]] \\ RT = {\hat{E}}_{p k_{d}} [PD N_{1}, K_{1}, \dots, PD N_{i}, K_{i}, \dots, PD N_{d}, K_{d}] . \end{array}

(10)

The intermediate node

X_{i}

determine whether he is in the path by checking the field

PD N_{i}

in the received data packet against his pseudonym. If yes, node

X_{i}

decrypts the

ONI

and gets the pseudonym for the next hop. Then node

X_{i}

replaces the field

PD N_{i}

with decrypted pseudonym. For the destination node D, when it decrypts the

ONI

, it gets the route information.

4.4. Anonymous Data Transmission Phase

The process of data cache transmission is similar with the process of the data cache request. The difference is that the route path information are included in the process of data cache request, while the cache-related data are included in the process of data cache transmission.

Every node has to broadcast the request packets to the entire MANET to get the cache data in our proposed scheme. Recently, Wu and Cao [11] proposed a Voronoi Diagram based cooperative cache discovery approach to reduce data access cost by limiting the cache information update and query within a single Voronoi Region. We can further extend our anonymous data access scheme according to the following idea: for each type of cache, all nodes send the route request packets. Once nodes receive route reply packets, they compute the length of hops for every received packet and choose the shortest two. If the two shortest paths are equal, then we assure that the node is the edge node of the Voronoi Region. So for that type of cache, the node will stop broadcasting the request packet to these nodes.

5. Anonymous Data Access Scheme Based on PBE

5.1. Route Request Phase

The source node S cannot find some data in the local cache, it asks for its neighbor nodes by broadcasting a route request message packet with the following format:

\begin{matrix} [RREQ, SEQ, CID, {PDN}_{0}, {Sig}_{PD N_{0}}], \end{matrix}

(11)

where

PD N_{0}

and

{PDN}_{s}

are two pseudonyms generated by the source node, and

PD N_{0}

is used to represent source node's identity, while

{PDN}_{s}

will be used to encrypt the requested data.

Once the intermediate node $X_{i}$ received the route request message packet, $X_{i}$ first verifies the signature of the previous hop to ensure the validity of the pseudonym ${PDN}_{i - 1}$ . If the verification fails, it discards the route request message packet. Otherwise, $X_{i}$ checks whether it has a cache copy of the corresponding $CID$ . If yes, node $X_{i}$ is the destination node. If not, node $X_{i}$ replaces the fourth field, PDN₀, in the route request message packet with its own pseudonym ${PDN}_{i}$ , and add a new route record with the following format into its local routing table:

\begin{matrix} [SEQ, CID, {PDN}_{i - 1}, {PDN}_{i}, 0, TTL], \end{matrix}

(12)

where the fifth field is set for the pseudonym of the next hop

{PDN}_{i + 1}

. Afterwards, it goes on broadcasting the route request message packet.

5.2. Route Response Phase

Suppose that the node D finds the cache copy of the requested data according to its $SEQ$ and $CID$ after received the route request packet. It goes on broadcasting with certain probability to confuse adversaries in order to protect the privacy that it is the destination node. If the destination node D receives many packets with the same keywords ( $SEQ$ , $CID$ ), it only responses to the first route request packet by generating a route reply message packet with the following format:

\begin{matrix} [RREP, SEQ, CID, {\tilde{E}}_{PD N_{i - 1}} ({PDN}_{i}), {PDN}_{i - 1}, Si g_{PD N_{i + 1}}] . \end{matrix}

(13)

At the same time, it add a new route record with the following format into its local routing table:

\begin{matrix} [SEQ, CID, PD N_{i - 1}, PD N_{i}, 0, TTL] . \end{matrix}

(14)

The intermediate node

X_{i}

in the replying path firstly checks whether the field

PD N_{i - 1}

is equal to its own pseudonym or not. If it is not, node

X_{i}

then discards the packet. Otherwise node

X_{i}

continues to verify the signature in the packet to ensure the validity of the

PD N_{i + 1}

. And then node

X_{i}

checks the route table against keywords

(SEQ, CID)

after received the route reply packet. It discards the packet if there is not a corresponding item. Otherwise it decrypts the item

{\tilde{E}}_{PD N_{i - 1}}

(

PD N_{i}

) to get

PD N_{i}

using the corresponding private key. Then node

X_{i}

encrypts

PD N_{i - 1}

(the pseudonym of the node itself) using

PD N_{i - 2}

to get the new route reply packet and goes on broadcasting. The function of encryption is to keep the privacy of the identity of

PD N_{i - 1}

5.3. Data Request Phase

After receiving the route reply packet, the source node S broadcasts the data request message packet with following format:

\begin{matrix} [DREQ, SEQ, CID, {\tilde{E}}_{PD N_{i + 1}} (PD N_{i}, PD N_{s})] . \end{matrix}

(15)

The intermediate node checks the anonymous route table to decide whether it is the corresponding node by matching the

PD N_{i + 1}

of the received packet and

PD N_{i}

of the node itself. If it is the correct match, it can decrypt to obtain

PD N_{i}

of the packet. Then it matches it with the

PD N_{i - 1}

in the route table to decide whether it is the right path to follow. It discards the packet if they do not match. Otherwise it decrypts the packet and replace the field

PD N_{i}

with

PD N_{i + 1}

(actually the pseudonym of the node itself) and encrypts (

PD N_{i + 1}

PD N_{s}

) with

PD N_{i + 2}

and keeps on broadcasting.

5.4. Anonymous Data Transmission Phase

The destination node D gets the requested data by searching in its route table against keywords ( $SEQ$ , $CID$ ) after received the data request packet. Firstly it goes on broadcasting with a certain probability. Simultaneously it encrypts the data with $PD N_{s}$ and encrypts its pseudonym with $PD N_{i - 1}$ . Then it broadcasts the data cache reply message packet with the following format:

\begin{matrix} [DREP, SEQ, CID, {\tilde{E}}_{PD N_{s}} (data), {\tilde{E}}_{PD N_{i - 1}} (PD N_{i})] . \end{matrix}

(16)

The intermediate node

X_{i}

decrypts the field

{\tilde{E}}_{PD N_{i - 1}} (PD N_{i})

of the received data cache reply message packet to get

PD N_{i}

, then node

X_{i}

try to match it with field

PD N_{i + 1}

in the local routing table. If there is no match, node

X_{i}

discards the packet. Otherwise, node

X_{i}

generates new data cache reply message packet by replacing the field

PD N_{i - 1}

and

PD N_{i}

with the pseudonym of the previous hop and the current node

X_{i}

, respectively. Then node

X_{i}

goes on broadcasting the new data cache reply message packet. Finally, the source node S receives the data cache reply message packet, gets the required data by decrypting the packet with the private key corresponding to

PD N_{s}

, and broadcasts the packet with a certain probability.

6. Analysis on the Proposed Anonymous Data Access Schemes

In the context of anonymity analysis, we assume that adversaries may be en route as well as out of the route and they are interested in the privacy information about the route and nodes en route.

We use pseudonyms to identify the nodes without unveiling the real identities and locations of all the nodes, thus the privacy of locations and identities of the nodes are well protected. In our anonymous data access scheme based on onion packet, the information of route is encrypted, the whole routing path are only known by the source node and destination node. The path consists of pseudonyms of each node, intermediate nodes may only know the number of hops, the proposed anonymous data access scheme based on onion packet provides weak anonymity. In our anonymous data access scheme based on PBE, the information of the routing path is only recorded separately in the route table of each node with pseudonyms. Even adversaries en route can get nothing about the route except pseudonyms of its previous hop and next hop. The pseudonym of the source node used for encrypting the data is transferred along the path, however, it uses another pseudonym to participate in the route path. So even the next hop of the source node knows nothing about the fact it is the source node, thus our proposed anonymous data access scheme based on PBE provides strong anonymity.

In our proposed two anonymous data access schemes, passive eavesdropper can only catch packets encrypted by a public key or a session key. For active adversaries who may pretend to be the destination node to send fake route reply packet to the requested node and control some nodes along the routing path, they could only get the pseudonyms of the previous hop and next hop and the encrypted data packet.

In our proposed anonymous data access scheme based on onion packet, DOS attacker cannot control which node they get the cache data from, and they do not know the true identity of the cache node. In our proposed anonymous data access scheme based on PBE, the node has to be authenticated before it requests the cache data. Thus our proposed anonymous data access schemes can resist DOS attack.

7. Conclusion

Secure anonymity cooperative caching is one of the important task in mobile ad hoc networks in certain privacy vital environments. In this paper, we give anonymity requirements for cooperative cache-based data access in mobile ad hoc networks and present two efficient anonymous data access scheme based on onion message and pseudonym-based encryption, respectively. The proposed schemes cannot only protect the privacy of nodes and routes but can also resist both passive and active attacks.

Footnotes

Notations

Acknowledgment

This research is jointly funded by the National Natural Science Foundation of China (Grant no. 61173189) and the Guangdong Province Information Security Key Laboratory Project.

References

Lou

W. J.

Fang

A survey on wireless security in mobile ad hoc networks: challenges and available solutions

Ad Hoc Wireless Networking 2003

New York, NY, USA

Kluwer Academic

68 73

Song

Korba

Yee

AnonDSR: efficient anonymous dynamic source routing for mobile ad-hoc networks

ACM Workshop on Security of Ad Hoc and Sensor Networks (SASN '05)

November 2005

33 42

2-s2.0-33745945444

10.1145/1102219.1102226

Zhang

Liu

Lou

Anonymous communications in mobile ad hoc networks

Proceedings of IEEE Information Communications Conference (INFOCOM '05)

March 2005

1940 1951

10.1109/INFCOM.2005.1498472

2-s2.0-25844443821

Boneh

Franklin

Identity-based encryption from the Weil pairing

2139

Proceedings of the 21st Annual International Cryptology Conference on Advances in Cryptology (CRYPTO '01)

2001

Santa Barbara, Calif, USA

Springer

213 229 Lecture Notes in Computer Science

10.1007/3-540-44647-8_13

Huang

D. J.

Pseudonym-based cryptography for anonymous communications in mobile ad hoc networks

International Journal of Security and Networks 2007 2 3-4 272 283

Sheklabadi

Berenjkoub

An anonymous secure routing protocol for mobile ad hoc networks

Proceedings of the International Symposium on Computer Networks and Distributed Systems (CNDS '11)

February 2011

142 147

2-s2.0-79957513399

10.1109/CNDS.2011.5764561

Johnson

D. B.

Routing in ad hoc networks of mobile hosts

Proceedings of the Workshop on Mobile Computing Systems and Applications

December 1994

158 163

2-s2.0-0029222929

Ting

Y.-W.

Chang

Y.-K.

A novel cooperative caching scheme for wireless ad hoc networks: GoupCaching

Proceedings of the 2nd International Conference on Networking, Architecture, and Storage (NAS '07)

July 2007

62 68

2-s2.0-47749154423

10.1109/NAS.2007.4

Yin

Cao

Supporting cooperative caching in ad hoc networks

IEEE Transactions on Mobile Computing 2006 5 1 77 89

2-s2.0-32844462635

10.1109/TMC.2006.15

10.

Zhao

Zhang

Cao

Das

C. R.

Cooperative caching in wireless P2P networks: design, implementation, and evaluation

IEEE Transactions on Parallel and Distributed Systems 2010 21 2 229 241

2-s2.0-75449116579

10.1109/TPDS.2009.50

11.

W. G.

Cao

J. N.

Efficient cache discovery for cooperative caching in wireless ad hoc networks

Proceedings of the 18th IEEE International Conference on Parallel and Distributed Systems (ICPADS '12)

2012

323 330

Two Anonymous Cooperative Cache-Based Data Access Schemes in Mobile Ad Hoc Networks

Abstract

1. Introduction

2. Preliminary Works

2.1. Bilinear Pairings and the Bilinear Diffie-Hellman Assumption

2.2. Pseudonym-Based Encryption Scheme

3. System Model

4. Anonymous Data Access Scheme Based on Onion Packet

4.1. Route Request Phase

4.2. Route Reply Phase

4.3. Data Request Phase

4.4. Anonymous Data Transmission Phase

5. Anonymous Data Access Scheme Based on PBE

5.1. Route Request Phase

5.2. Route Response Phase

5.3. Data Request Phase

5.4. Anonymous Data Transmission Phase

6. Analysis on the Proposed Anonymous Data Access Schemes

7. Conclusion

Footnotes

Notations

Acknowledgment

References