SPREAD: enhancing data confidentiality in mobile ad hoc networks

Security is a critical issue in a mobile ad hoc network (MANET). We propose and investigate a novel scheme, security protocol for reliable data delivery (SPREAD), to enhance the data confidentiality service in a mobile ad hoc network. The proposed SPREAD scheme aims to provide further protection to secret messages from being compromised (or eavesdropped) when they are delivered across the insecure network. The basic idea is to transform a secret message into multiple shares by secret sharing schemes and then deliver the shares via multiple independent paths to the destination so that even if a small number of nodes that are used to relay the message shares are compromised, the secret message as a whole is not compromised. We present the overall system architecture and investigate the major design issues. We first describe how to obtain message shares using the secret sharing schemes. Then we study the appropriate choice of the secret sharing schemes and the optimal allocation of the message shares onto each path in order to maximize the security. The results show that the SPREAD is more secure and also provides a certain degree of reliability without sacrificing the security. Thirdly, the multipath routing techniques are discussed and the path set optimization algorithm is developed to find the multiple paths with the desired property, i.e., the overall path set providing maximum security. Finally, we present the simulation results to justify the feasibility and evaluate the effectiveness of SPREAD.