A framework for key management in mobile ad hoc networks

Recently proposed key management systems (KMSs) provide limited functionality in highly partitioned mobile ad hoc networks. In this paper we present a framework for key management that provides redundancy and robustness for security association (SA) establishment between pairs of nodes in mobile ad hoc networks. Our KMS uses a modified hierarchical trust public key infrastructure (PKI) model in which nodes can dynamically assume management roles. The system ensures high service availability for the network members through a number of schemes. A novel behavior grading mechanism provides security criteria for the network nodes and aids the management functions of the KMS to revoke or reissue certificates for nodes. This mechanism is based on the notion of trust, and more specifically on SAs among nodes in the entire network. In this paper we give an overview of the framework of the system and present a performance analysis of the system based on certificate issuance and acquisition. Finally, we compare our KMS with threshold cryptography schemes.