Sybil Safe Virtualization - based Public Key Management Scheme for Mobile Ad Hoc Networks

Abstract— A Sybil attacker is a malicious node which creates several false identities to itself. This attack is extremely harmfull to any voting or cooperation-based system, like a MANET. MANETs (Mobile Ad hoc Networks) are dynamically establiched, cooperation-based wireless networks, deployed without any infrastructure or centralized administration. Due to their dynamic environment, MANETs are highly vulnerable to several malicious attacks, as the Sybil attack. Cryptography is the main technique to assure secure data transferring in these networks, making the key management an important issue. This work presents a new Key Management scheme based on virtualization, the Virtual Key Management (VKM). VKM uses a virtual structure to establish the key management operations between the nodes of the network. Therefore, nodes follow the rules established by this virtual structure to perform the issue, storage, distribution, authentication, protection and revocation of the public and certificates on network. VKM is evaluated under two different types of attacks, the personification and the Sybil, and it is also compared with two well-known key management schemes for MANETs, the PGP-Like and the GKM. VKM is the first key management for MANETs which is completely secure against the Sybil attack independently of the number of attackers and the network configuration. On the other hand, PGP-Like is completely vulnerable to a Sybil attack, and GKM becomes vulnerable with more than 40% of attackers in the network. Moreover, comparing the communication and memory overhead of these key management schemes, VKM has the smallest values independently of network configuration.