Mobile ad-hoc network key management with certificateless cryptography

In this paper, we present an idea of adopting certificateless public key encryption (CL-PKE) schemes over mobile ad hoc network (MANET), which has not been explored before. In current literature, essentially there exists two main approaches, namely the public key cryptography and identity-based (ID-based) cryptography. Unfortunately, they both have some inherent drawbacks. In the public key cryptography system, a certificate authority (CA) is required to issue certificates between users´ public keys and private keys to ensure their authenticity, whilst in an ID-based cryptography system, users´ private keys are generated by a key generation center (KGC), which means the KGC knows every users´ keys (the key escrow problem). To avoid these obstacles, Al-Riyami and Paterson proposed certificateless cryptography systems where the public keys do not need to be certified and the KGC does not know users´ keys. Essentially, certificateless cryptography relies between the public key cryptography and ID-based cryptography. In this work, we adopt this system´s advantage over MANET. To implement CL-PKE over MANET and to make it practical, we incorporate the idea of Shamir´s secret sharing scheme. The master secret keys are shared among some or all the MANET nodes. This makes the system self-organized once the network has been initiated. In order to provide more flexibility, we consider both a full distribution system and a partial distribution system. Furthermore, we carry out two simulations to support our schemes. We firstly simulate our scheme to calculate our encryption, decryption and key distribution efficiency. Then we also simulate our scheme with AODV to test the network efficiency. The simulations are performed over OPNET.