My work examines the security issues related to the protection of the routing protocol in ad hoc networks, and more specifically of the OLSR protocol. OLSR has been developed by the HIPERCOM project group1 at INRIA, the National Research Institute in Computer Science and Control, based in Rocquencourt, France.
OLSR was not designed with security in mind. Consequently, it is easy to find ways to maliciously perturb the correct functioning of the protocol. The aim of my doctoral researches, carried out in the HIPERCOM workgroup, was to explore the possible attacks and countermeasures to secure OLSR. This has led to the design of security extensions for OLSR, described in five papers published in international conferences [2, 130, 131, 132, 4] and in an INRIA Research Report [3]. I have also contributed in the writing of an Internet-Draft [30].
Chapter 1 introduces the domain of wireless networking discussing the different types of architectures, and introduces the ad hoc networks by giving examples of routing protocols and a detailed overview of OLSR.
Chapter 2 handles the problem of system security, explaining the basics of cryptography. Chapter 3 provides a taxonomy of the attacks at the routing level in MANETs, and more specifically of the attacks against the OLSR protocol.
Chapter 4 outlines the countermeasures that can be taken in order to secure a wireless network, and gives some basic mechanisms (relying mainly on digests and digital signatures) to protect different routing protocols. A basic mechanism designed to secure the OLSR protocol is expounded in Chapter 5.
Chapter 6 debates the major choices that must be done in order to select a suitable cryptographic architecture, and discusses problematics related to the implementation of a Public Key Infrastructure on an ad hoc network, with a proposal for OLSR. Chapter 7 offers a detailed view over the problem of a correct timestamping.
Chapter 8 introduces the topic of more advanced techniques to secure the routing protocol, in particular when the network has been compromised from the inside. The subsequent chapters present different studies concerning elaborated protection techniques for OLSR. Chapter 9 examines the insertion of old topology information in control messages to validate the actual link state, and Chapter 10 examines the use of GPS devices to cross-check advertised routing control data with information regarding the node’s geographical position. Another detection technique, presented in Chapter 11, consists in the detection of intra-network misbehaviors; this is done by passive listening or controls on flow coherence. Last, Chapter 12 concludes the thesis.
Appendix A is an extended résumé of the thesis in the French language; every chapter of the thesis is condensed into a section of the résumé.
This thesis utilizes the following style conventions:
| A,B,C,… | nodes |
| t0 | time at instant 0 |
| TA | timestamp generated by A |
| TA(t0) | timestamp generated by A at instant 0 |
| x ← 0 | store the value 0 in x |
| A → B : {M}A | A sends the message M, signed by A, to B |
| 〈X,pX,TX〉 | tuple |
| HELLO | OLSR (or derived protocol) control message |
| Originator Address | field of an OLSR message or packet |
This doctoral thesis has been completed also thanks to many persons which contributed with suggestions, thoughts, and constructive criticisms. I take therefore the occasion to briefly mention them here.
I am greatly indebted to my thesis director Paul Mühlethaler, and with research director Philippe Jacquet, who welcomed me in the HIPERCOM project at INRIA. I am glad having spent my doctoral work within such a team. Paul guided me during my researches, and has been a very available and patient supervisor; his professional knowledge and constant support helped me proceed throughout my studies. I am grateful also to Guy Pujolle for accepting to be my thesis director at UPMC. Thanks to the INRIA for the financial grant.
My thanks to all members of the jury of the thesis dissertation: François Baccelli, Ana Cavalli, François Morain, Paul Mühlethaler, Guy Pujolle, and Ahmed Serhrouchni. Besides participating in the jury, Ana Cavalli and Ahmed Serhrouchni accepted to devote their time in reviewing my thesis, providing very constructive comments and criticisms. I express my gratitude to François Baccelli, as well as to Mesaac Makpangou, also for being my pre-reviewers.
The whole INRIA HIPERCOM team deserves a special appreciation for an exceptionally friendly environment. In particular, I cannot certainly forget Thomas Clausen, who always provided me with his extremely useful and encouraging advices, and illustrated me the “1.3-year Ph.D. panic schedule”. Thanks to Cédric Adjih and Géraud Allard for their useful ideas and for helping me in hacking my Linux box. Thanks to Pascale Minet for re-reading parts of the thesis. Thanks to Dang-Quan Nguyen, Amina Meraihi Naimi, Saadi Boudjit, and Adokoé Plakoo for their cooperation and their valuable tips.
Thanks very much to Daniel Augot and Raghav Bhaskar (INRIA CODES) and, again, to François Morain (LIX) for the helpful discussions on cryptography, in spite of their busy timetable. Thanks to Xiaoyun Xue (ENST) for spotting a flaw in the ADVSIG architecture. Joe Macker (NRL) and his group, Justin Dean included, Andreas Hafslund and Eli Winjum (UniK), and Ricardo Staciarini Puttini (UNB) contributed with discussions and links about securing OLSR.
Richard James and Ishak Binudin helped in correcting the manuscript; thanks to Richard also for being always available to examine my scientific papers.
Several people helped me in a way or another during these three years. Therefore I take the occasion to thank, in no particular order, Marco Perisi, Marfi Giagu with Patrick Marcellin, Xanthi Kapsosideri, Eufrosine Andreou, Anne Dautzenberg, Cécile Bredelet, Charles Saada, Karina with Erik Fjeldstad, Jacques Henry, Claire Alexandre, Eliane Launay with Gilles Scagnelli, Aïssa Amoura, Christian Tourniaire, Danielle Croisy, Saholy with Stéphane Grolleau, and Vincent Lucquiaud.
Thanks to Matteo, Salvio, Federico, Marta, and all others for our Italiansonline community in Paris!
My deepest thanks, and apologies, to Sophie for her support, patience and understanding during the writing of my thesis.
Last but not least, thanks a lot to my family, for always supporting me during
my studies abroad.