Abstract:
Providing security in wireless communication networks is one of the most challenging problems in security systems. Broadcast nature of wireless networks make them more vulnerable to eavesdropping and active attacks when compared to terres trial fixed networks. Also, wireless networks are resource limited especially for power and bandwidth possibilities, which makes harder to provide security in these systems. These problems become much severe for wireless networks having very large number of members and high member join-leave characteristic. In this thesis, in order to address aforementioned problems, we propose seven novel studies each of them provides efficient solutions for these problems in wireless networks. We especially focus on providing security in satellite networks and military Mobile Ad-hoc NETworks (MANET). We bring novelties to wireless network security systems in three main points: Structural design, integrated key management techniques and novel cryptographic approaches that have not been used in Secure Satellite Multicast Systems (SSMS) and military MANETs. Our structural design principles, integrated with hybrid key management techniques, are based on " independency of tiers" principle. In this principle, modification in a tier does not affect all other tiers in the network system. Our hybrid key management techniques combine centralized logical key tree based key management techniques and decentralized key management techniques in an efficient manner. We specifically utilized appropriate cryptographic methods to our security mechanisms. We propose Two-Tier Pintsov-Vanstone Signature Scheme (TTPVSS), which itroduces our independency of tiers principle and a novel hybrid key management technique. These approaches signifficantly reduce rekeying workload of satellites and provide many advantages when compared to traditional methods. Also, as a novelty, TTPVSS uses Elliptic Curve Pintsov-Vanstone Signature Scheme (ECPVSS), which provides high security and advantages. Then, we propose a new three-tier satellite multicast security mechanism based on Elliptic Curve Menezes-Qu-Vanstone (ECMQV). This security mechanism additionally uses special properties of GEO, MEO and LEO satel- lites for better performance and security. ECMQV, different from classical key exchange and digital signature schemes, achieves major cryptographic goals and security against active attacks. Our another study, NAMEPS, N-tier sAtellite Multicast sEcu- rity Protocol (Mechanism) based on Signcryption schemes uses N-tiered structure and Efficient Large Key management protocol (ELK) based hybrid key management tech- nique, which further reduces rekeying and cryptographic workload of satellites. As a novel approach, NAMEPS uses a multi-recipient signcryption scheme, which provides computational and storage advantages. Apart from SSMS, we propose HIMUTSIS, HIerarchical MUlti-Tier adaptive ad-hoc network security protocol based on SIgncryption type key exchange Schemes for military MANETs. In HIMUTSIS, we propose a novel multi-tier structure for military MANETs, which reduces threshold cryptography requirement and single point of failure problems. Also, as a novelty, HIMUTSIS uses a multi-level security system and signcryption based key exchange protocols that provides high security and performance together. In addition to these, we also studied on improving some existing cryptosystems. In this sense, we propose IMC (Improved Merkle Cryptosystem), which has signifiant security advantages over both MC (Merkle Cryptosystem) and VMC (Variant of Merkle Cryptosystem). Security of IMC is compatible with today's modern public key cryptosystems. Apart from these, we work on STAKE (Signcryption Type Authentic Key Establishment), which integrates signcryption based approaches with our IMC algorithm. As a result, in this thesis, we present our major studies for wireless network security and cryptography in an integrated manner providing many advantages when compared to the traditional approaches.