Quality of Authentication in Ad Hoc Networks

With the emergence of ad hoc networking technology came efforts to provide necessary security support for ad hoc networks. However, due to challenging characteristics of ad hoc environments, providing the same level of security as in wired networks is often very difficult if not impossible. A more via ble way to approach this challenge is to maximize the utility of the achievable security instead of trying to achieve perfect security at a prohibitive cost. To this end, we propose a Situation-Aware Security paradigm. A situation-aware security service provides best-achievable service and the clients of the service constantly measure the level of the currently provided service. We apply this new paradigm to one of the most fundamental security services: authentication. Most proposed solutions measure their utility using only success ratio, which cannot fully measure the quality of the authentication service and often leads to a false sense of security. Therefore, we propose the missing part of the metric, the Quality of Authentication (QoA). QoA encapsulates the current situation that the authentication service operates in, which is expressed as the level of confidence an authenticating entity can put on the ta rget entity. QoA combined with success ratio can provide a complete evaluation of an authentication service. We evaluate existing ad hoc key management frameworks with an extensive simulation study and combinatorial analysis of the framework designs to show the utility of QoA, including the discovery of previously hidden flaws of existing designs and a comprehensive comparison between several different approaches.