FESICM

Downloaded from engine.lib.uwaterloo.
ca on 7 January 2014
FESCIM: Fair, Efficient, and Secure Cooperation Incentive Mechanism for Hybrid Ad Hoc Networks
Mohamed Mohamed Elsalih Abdelsalam Mahmoud, Sherman Shen
Date Submitted: 23 November 2009 Date Revised: 23 December 2009 Date Published: 18 July 2011
Updated information and services can be found at: http://engine.lib.uwaterloo.ca/ojs2.2/index.php/pptvt/article/view/594
These include:
Subject Classification Keywords Vehicular Technology Network-level security and protection, Payment schemes, Wireless communication, Hybrid systems.; IEEE TMC
Submitting Author's Comments Comments
You can respond to this article at: http://engine.lib.uwaterloo.ca/ojs2.2/index.php/pptvt/comment/add/594/0
Copyright
2009 IEEE. Personal use of this material is permitted. However, permission to reprint/republish this material for advertising or promotional purposes or for creating new collective works for resale or redistribution to servers or lists, or to reuse any copyrighted component of this work in other works must be obtained from the IEEE.
Transactions on Mobile Computing
http://mc.manuscriptcentral.com/tmc-cs Downloaded from engine.lib.uwaterloo.ca on 7 January 2014
rP Fo
Journal: Manuscript ID: Manuscript Type: Keywords:
Transactions on Mobile Computing Draft Regular Network-level security and protection, Payment schemes, Wireless communication, Hybrid systems
ee rR ev ie w On ly
Page 1 of 36
Page 1 of 35
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60
Mohamed Elsalih Mahmoud, Xuemin (Sherman) Shen, IEEE Fellow AbstractIn hybrid ad hoc wireless networks, the mobile nodes usually act as routers to relay packets from other nodes. However, selfish nodes may not cooperate but make use of the honest ones to relay their packets, which has negative effect on fairness, security, and performance of the network. In this paper, a fair, efficient, and secure cooperation incentive mechanism is proposed to stimulate the nodes cooperation in hybrid ad hoc networks. Fair payment can be achieved by rewarding and charging credits to balance between a nodes contributions and benefits. In order to reduce the overhead cost, a payment aggregation technique is applied to reduce the number of generated receipts. A hash chain is used to efficiently integrate the incentive mechanism in the routing protocol. Secure techniques are proposed to protect the receipt submission from collusion attacks and to reduce the number of transmitted receipts. Extensive evaluation shows that the proposed mechanism is robust against rational and colluding attacks, and the nodes can be rewarded proportionally to their contributions. Simulation results demonstrate that the proposed mechanism can be implemented efficiently. Index Terms Network-level security and protection, Payment schemes, Wireless communication, Hybrid systems.
1 INTRODUCTION
Hybrid ad hoc network (also called multi-hop cellular network (MCN)) [1], [2], [3], [4] is a
network architecture which incorporates the ad hoc characteristics into the cellular system. The packets originated from a node are relayed through the mobile nodes to the receiver or to a base station which delivers them to the receiver. The network nodes commit bandwidth, data storage, CPU cycles, battery power, etc, forming a pool of resources which can be shared by all of them. The utility which nodes can obtain from the pooled resources is much higher than they can obtain on their own. Multi-hop relaying improves the network performance and deployment [5], [6], [7], [8]. It can extend the communication range using limited transmit power, improve area spectral efficiency, reduce the dead areas, reduce power consumption because the transmission distances are shorter, and enhance the network throughput and capacity. In addition, the network can be deployed more readily and at lower costs. It is shown in [8] that the path loss per hop can be reduced by 12dB, and the data rate can be increased by a factor of ten if the relaying distance is halved.
rP Fo
ee
rR
ev
ie
On
ly
Page 2 of 36

2
Page 2 of 35
IEEE TRANSACTIONS ON MOBILE COMPUTING
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60
However, due to involving autonomous devices in the routing process, it suffers from new security challenges which endanger the practical implementation of the network. The proper operation of the hybrid ad hoc network requires the intermediate nodes to collaborate to enhance the network performance. It is shown in [9] that if 10% to 40% of the nodes behave selfishly, the average throughput degrades by 16% to 32%. It is also shown in [10] that the delay increases linearly with the percentage of selfish nodes. Therefore, the selfish behavior significantly degrades the overall network performance which may result in failure of multi-hop data communication, and thus selfish nodes pose real threats to the operation of the hybrid ad hoc network. However, most existing works assume that all the mobile nodes of a hybrid ad hoc network are cooperative, i.e., they are willing to relay data generated from other nodes. While this assumption is reasonable in disaster recovery or military applications since the nodes belong to a single authority and have a common goal, it may not hold for civilian applications where each node tries to maximize its benefits from the network. Moreover, the nodes may not benefit from their cooperation since it consumes their scarce resources (such as radio spectrum, battery power, and CPU cycles), and does not provide any immediate advantages because serving others does not guarantee that the user will be served as well. Consequently, in civilian applications, selfish nodes are not voluntarily interested in cooperation without sufficient incentive, and they make use of the honest nodes to relay their packets without any contribution to the network, which has negative impact on fairness, security, and performance of the network. Several mechanisms have been proposed to mitigate the problems caused by the selfish nodes [11], [12]. The mechanisms fall into one of two categories, namely, reactive (or enforcement) and preventive (or incentive). In reactive mechanisms [13], [14], [15], and [16], a network node monitors the transmission of a neighbor to make sure that the neighbor forwards others traffic. A reputation system is used to identify and punish the selfish nodes. The system should be able to differentiate between a nodes unwillingness and inability to cooperate, and to suppress the false accusations against the honest nodes. In preventive (also called credit-based or incentive) mechanisms, forwarding packets generated from other nodes is a service (not an obligation) because the mobile nodes are autonomous devices which are owned by the
rP Fo
ee
rR
ev
ie
On
ly
Page 3 of 36
Page 3 of 35

M. MAHMOUD: FESCIM: FAIR, EFFICIENT, AND SECURE COOPERATION INCENTIVE MECHANISM FOR HYBRID AD HOC NETWORKS 3
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60
network users. The mechanisms do not enforce the nodes to cooperate nor punish them when they decide not to cooperate. An incentive (virtual currency or credits) is used to motivate the nodes to collaborate, and to prove that it is more beneficial for them to cooperate than behaving selfishly. The transmission of self-generated packets is charged and the forwarding of other nodes packets is rewarded. However, reactive mechanisms suffer from unreliable detection to the selfish nodes because different nodes may evaluate the behavior of the same node differently, and it is difficult to differentiate between a nodes unwillingness and inability to cooperate due to low resources such as low battery or full buffer. Another challenge is to prevent the propagation of incorrect reputations (either good or bad) because malicious nodes can work together to boost their reputations or to defame innocent nodes. In addition, reactive mechanisms may not guarantee fairness because the nodes with higher contributions are not compensated. For instance, although the nodes situated in the center contribute more to the network than those in the periphery, they are not compensated. Moreover, to monitor their neighbors, the nodes work in the inefficient promiscuous mode [17]. Therefore, preventive mechanisms are more appropriate to commercial networks where individual nodes do not have pre-existing links to each other and they can periodically contact a centralized
entity which manages their credit accounts.
Several preventive mechanisms have been proposed in the literatures [11]. The main concern is that the practicability and performance remain unclear because the packet-by-packet paying implies a significant communication overhead and implementation complexity due to generating and transmitting a large number of receipts (payment proofs) for clearance, which consumes the network storage area, bandwidth, and energy. Heavyweight mechanism degrades the performance of the network, and stimulates the nodes to behave selfishly to save their resources to serve their users. Although the cooperation incentive mechanisms are implemented to protect the network from rational attacks, insecure mechanisms encourage the nodes to attack the payment to pay less and/or gain undeserved credits. Two techniques have been adopted in the existing mechanisms to submit the receipts for clerarance: (1) one node (e.g. the last intermediate node) sends all the receipts; this
rP Fo
ee
rR
ev
ie
On
ly
Page 4 of 36

4
Page 4 of 35
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60
technique is vulnerable to collusion attack to prevent clearing the receipts, (2) all the intermediate nodes send all the receipts; this technique is not efficient because multiple copies of the same receipt (which has payment data for all the relaying nodes) are submitted. Fairness issues arise when a node gains more benefits than its contributions, or when some nodes take advantage from the honest ones which are more overloaded because the network traffic is concentrated through them. Although achieving fairness is an important requirement to stimulate the nodes to participate in the routing process, the existing mechanisms have been paid little attention to adopt fair payment. In this paper, a fair, efficient, and secure cooperation incentive mechanism is proposed to stimulate the nodes to cooperate in hybrid ad hoc network. Our mechanism can enforce fairness by rewarding or charging credits to balance between the nodes contributions and benefits. In order to reduce the number of the submitted receipts, each receipt contains complete payment data to all the session nodes. Therefore, instead of transmitting all the receipts by all the nodes, they can be transmitted by some. A payment aggregation technique is proposed to generate a receipt for multiple packets instead of generating a receipt per packet. A hash chain is applied to integrate the incentive mechanism in the routing protocol efficiently. Secure techniques are proposed to protect the receipt submission from collusion attacks and to reduce the number of transmitted receipts. It will be shown that the mechanism can reward the network nodes proportionally to their contributions. Extensive security and overhead evaluations demonstrate that the mechanism is secure against rational and colluding attacks, and can be implemented efficiently. The remainder of this paper is organized as follows. A brief description and evaluation to some existing mechanisms are presented in Section 2. Section 3 gives the network model. The proposed cooperation incentive mechanism is presented in Sections 4. Extensive security analysis is given in Sections 5. In Section 6, fairness and implementation overhead are evaluated. Finally, we conclude the paper and discuss some future work in Section 7.
2 RELATED WORK
In Nuglets mechanism [18], [19], and [20], a tamper proof device (TPD) is installed in each de-
rP Fo
ee
rR
ev
ie
On
ly
Page 5 of 36
Page 5 of 35

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60
vice to store its credits and to secure its operation. The self-generated and forwarding packets are passed to the TPD to decrease and increase the credit account, respectively. A node can not transmit its generated packets if it does not have sufficient credits. Two models, called the packet purse model (PPM) and the packet trade model (PTM), have been proposed. In the PPM, the source node pays for relaying its packets by loading some credits in each packet before sending it. Each forwarding node acquires the amount of credits that covers its forwarding cost. A packet is discarded if it does not have enough credits to be forwarded. In the PTM, each intermediate node buys a packet and sells it to the following node in the route until the destination node pays the total cost. Using tamper-proof devices can reduce the complexity of the incentive mechanism but the assumption that they can not be tampered is neither secure nor realistic for networks with autonomous nodes. Tamper-proof devices with high security level may be expensive, and if they are compromised, attackers can attack the mechanism brutally in undetectable way. In a subtle attack, two tamper proof devices can be installed in one device, and a packet is passed through them for double rewarding. Fairness issue arises when a node loses its credits without any benefits. It is difficult to estimate the required amount of loaded credits so the surplus credits are lost in overestimation and all the loaded credits are lost in underestimation. In addition, the source node pays a complete payment for every generated packet even if it does not reach its destination. The PTM suffers from high bandwidth and latency overhead because an auction occurs at each node. Dropping the packets with insufficient credits degrades the network throughput. It is shown in [21] that the long-term operation of the mechanism is questionable because the amount of credits in the network decreases over time due to employing unbalanced payment, i.e., the paid credits are not necessarily equal to the earned ones. Unbalanced payment may lead to credit inflation if the rewards are greater, or credit depletion if the charges are greater. In credit inflation, the nodes are rich and their stimulation to cooperation becomes less, whereas, in credit depletion, the nodes are poor and they can not initiate communications. In CASHnet mechanism [22] and [23], users regularly visit service points to buy traffic credits (which are used to forward self-generated packets) and/or to transfer helper credits (which are
rP Fo
ee
rR
ev
ie
On
ly
Page 6 of 36

6
Page 6 of 35
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60
gained from relaying other nodes packets) to traffic credits. Before transmitting a packet, the originators traffic credit account (stored in the node) is charged. Upon receiving the packet, the destination nodes traffic credit account is also charged and a digitally signed acknowledgement packet (ACK) is sent. Upon receiving the ACK, the forwarding nodes increase their helper credit account. The source node pays for relaying its packets to a gateway, and the destination node pays for receiving them. It is shown in [21] and [24] that the performance of the network depends on the availability of service points, i.e., although the nodes have helper credits, they starve because they can not find a service point to convert. Fairness issues arise when a node is not rewarded when it does not receive an ACK packet, and the sender pays full payment whether the packet reaches the gateway or not. Moreover, the payment ratio between the source and destination nodes is proportional to the distance to the gateway not to their interest from the communication. In SIP (Secure Incentive Protocol) [25] and [26], after receiving a packet, the destination node sends a payment RECEIPT packet to the transmitter to issue a REWARD packet which increments the accounts (stored in the nodes) of the intermediate nodes. The mechanism encourages the communicating nodes to issue REWARD packets by overcharging them for full payment, and they get the overcharged credits (half of the payment) back after issuing them. The mechanism incurs high overhead because each packet needs three trips between the source and destination nodes. A fairness concern is that the intermediate nodes are not rewarded, and the payers pay more than the deserved credits when REWARD or RECEIPT packets are dropped, or when a data packet does not reach the destination node due to malicious or non-malicious action.
In [27] and [28], a probabilistic payment technique is applied to avoid generating a large number of receipts in the network. The sender (the payer) appends payment tokens to its transmitted packets. The forwarding nodes check whether a token corresponds to a winning ticket. Winning tickets are sent to the accounting center (AC) to reward the winning nodes. Payers are charged per packet and forwarding nodes are paid per winning ticket. The mechanism encourages the nodes to relay the packets with losing tickets by rewarding not only the winning node but also its neighbors. The mechanism suffers from a security flaw that colluders can intercept and exchange collected tokens
rP Fo
ee
rR
ev
ie
On
ly
Page 7 of 36
Page 7 of 35

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60
to be checked locally in each node to gain credits without contributing to the network. In [29], it is shown an attack which enables two attackers to communicate for free without being detected by the operator. Fairness issue arises when a node is not compensated for consuming its resources to relay a packet. In Sprite mechanism [30], an intermediate node stores a receipt for each relayed packet and submits the receipts when it has a connection to the accounting center to clear them. The mechanism incurs significant communication overhead because the number of submitted receipts is large due to generating a receipt for each packet and due to sending all the receipts by all the nodes. The size of the receipts is large, which consumes the network resources. Fairness issue arises when the amount of rewards is greatly reduced (to thwart cheating actions) if a packet is not reported to be received by the destination node due to malicious or non-malicious actions. In [31], the sender appends a signature to the full path identities and an initialization of a keyed hash chain. Each intermediate node verifies the signature and computes a new hash value. The recipient generates a receipt of the received amount of data and sends it to the last intermediate node to transmit to the AC. A security flaw is that two colluders can communicate freely by exchanging packets with invalid hash values because the intermediate nodes can not verify the received hash chain. The last intermediate node may collude with the payers, and it does not send the receipts to the AC to deprive the relaying nodes from their payments. In addition, the last intermediate node may not have the sufficient resources to submit the receipts, or this extra load may degrade its efficiency. In [32] and [33], the sender encrypts the payload and appends a receipt. Each uplink node reencrypts the payload and stores the receipt. The base station removes the encryption layers and iteratively encrypts the payload with the keys shared with the downlink nodes. Each downlink node decrypts one layer, computes and stores the receipt. The iterative encryption and decryption operations protect the mechanism from free riding attack. The sender is charged and the uplink nodes are rewarded when the packet reaches the base station. The downlink nodes are rewarded when the base station receives an ACK from the receiver. In order to motivate the destination node to send ACK, it is charged a fee which is returned when the ACK is received. If a packet does not reach
rP Fo
ee
rR
ev
ie
On
ly
Page 8 of 36

8
Page 8 of 35
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60
the base station, the intermediate nodes submit the receipts to claim the payments but they are rewarded only for the minimum packet length. It is shown in [34] that the mechanism suffers from the early duplicate attack to deny the service from the legitimate nodes. Two colluders can communicate for free because the intermediate nodes can not verify the payment data. A large number of receipts are claimed because they are individually issued and claimed. If an ACK packet does not reach the base station due to malicious or non-malicious action, the destination node is over-
rP Fo
charged.
In [35], the mechanism is a series of per-hop transactions. Nodes pay in advance to get coins before engaging in communication sessions. The intermediate nodes trade the forwarded packets. A packet buyer contacts the AC to get deposited coins which are used for a limited time, specific seller, and one session. The seller claims the coins by submitting them to the AC. The mechanism is complicated because the buyers and sellers frequently and interactively contact the AC. The coin format is inflexible because it is used for a specific user, one session, and limited time. The mechanism can be used in limited applications because only the destination node can initiate the session. In [36], an AODV-based incentive routing protocol for ad-hoc networks has been proposed. The protocol employs three new types of control packets, which imposes much overhead. In [37], an incentive-based mechanism has been proposed to encourage Transit Access Points (TAPs) to forward data for other TAPs, and thus it eliminates the location-dependent unfairness problem in the backhaul networks. The mechanism in [38] improves Sprite by using hash chains instead of digital signatures but a large number of receipts are generated and payment nonrepudiation can not be guaranteed.
3 THE NETWORK ARCHITECTURE

3.1 The Network Model
As shown in Fig. (1), the hybrid ad hoc network includes a trusted party (TP), a set of base stations (BSs) and mobile nodes (MNs). The trusted party is responsible for the security and financial issues in the network. It generates and revokes (whenever it is necessary) the required crypto-
ee
rR
ev
ie
On
ly
Page 9 of 36
Page 9 of 35

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60
graphic credentials for a node to join the network. It also contains the accounting center (AC) that stores and manages the credit accounts of the network entities. Once the AC receives a proof of packet forwarding (transaction cheque), it updates the accounts of the participating entities. The nodes can gain credits from forwarding other nodes packets or from buying additional credits from the accounting center for real money. Credits can be converted to real money and reverse to make the network operation flexible and to give incentive to the rich nodes to keep cooperating. Some of the relays may be fixed as parts of the network infrastructure to improve the network connectivity especially in low density case. The base stations are powerful parties that are distributed in large geographic area.
The mobile nodes have limited storage, computing, and energy resources. Each node is registered with a legitimate operator and stores a unique global identifier, public/private key pair with a certificate, and the public key of the trusted party. As opposite to [39], the nodes anonymity and privacy preserving is outside the scope of this work, so each node has one identity during its lifetime. Each node is loaded with a local account counter to estimate its latest credit account stored in the AC. The local counters alleviate the load of periodically requesting the latest account from the AC. A node uses its counter to make some local decisions such as its state (cooperative or un-
rP Fo
Fig. (1): The hybrid ad hoc network architecture
ee rR

ev ie w On ly
Page 10 of 36

10
Page 10 of 35
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60
cooperative).
3.2 The Communication Model

The base stations are connected with each other and with the trusted party by a fast backbone network which may be wired or wireless. The exchanged messages between the mobile nodes and the trusted party are relayed by the base stations. The nodes can communicate in one of two modes: pure ad hoc or hybrid. In pure ad hoc mode, the data packets are sent by the source node and relayed in several hops through the intermediate nodes to the destination node without involving any infrastructure. In hybrid mode, at least one base station is involved in the communication, i.e., the packets are relayed from an originator to the base station through multi-hops, then to the destination base station over the backbone network (if the communicating parties are in different domains), and finally to the destination node. In order to submit the payment proofs (cheques), the network nodes are able to communicate with the trusted party at least once during a time interval which can be in the range of few days.
3.3 Threat and Trust Models
An attacker has a full control on his mobile node, and he can change the nodes operation. Attackers can work individually or collude with each other to share information to launch more sophisticated attacks. Attackers are rational in the sense that they cheat if the benefit of doing so is greater than that of honestly following the protocol. These strong assumptions do not exaggerate the attackers capabilities because the nodes are autonomous and strongly motivated to cheating. For the base stations, we consider them rational attackers because they are owned by different providers who are motivated to cheat to increase their accounts and their subscribers accounts. The trusted party is fully secure; several security measures can be taken to guarantee its security such as using threshold cryptosystems [40] which do not allow an individual person to perform an operation. For the trust models, all the network nodes fully trust the trusted party to correctly perform billing and auditing. The trusted party does not trust any entity in the network. The base stations and users do not trust each other.
rP Fo
ee
rR
ev
ie
On
ly
Page 11 of 36
Page 11 of 35

11
M. MAHMOUD: FESCIM: FAIR, EFFICIENT, AND SECURE COOPERATION INCENTIVE MECHANISM FOR HYBRID AD HOC NETWORKS
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60
TABLE (1): THE USEFUL NOTATIONS
4 FESCIM: THE PROPOSED MECHANISM
In this section, we propose FESCIM (Fair, Efficient, and Secure Cooperation Incentive Mechanism) for stimulating the nodes cooperation in hybrid ad hoc networks. In FESCIM, the payers (both the sender and receiver) generate cheques by digitally signing a piece of data that identifies the transaction. The cheques are transmitted to the AC to reward the intermediate nodes and to
charge the communicating entities. Table (1) gives the useful notations.
4.1 FESCIM for Hybrid Mode Communication

4.1.1 Route Discovering Phase An on-demand routing protocol (such as DSR) can be used to discover an optimal route between the source and destination nodes. The source node broadcasts a Route Request Packet (RREQ) after attaching its certificate and authentication tag (e.g. signature) to offer the relaying service only
rP Fo ee rR ev ie w On ly
Page 12 of 36

12
Page 12 of 35
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60
to the legitimate users and to thwart external attacks. The intermediate nodes (which are interested in cooperation) add their identities before re-broadcasting the packet. The source base station relays the request to the destination base station which rebroadcasts it. The destination node replies to the first received RREQ with unicasting a Route Reply Packet (RREP) to inform the intermediate nodes that they have been chosen in the session. As shown in Fig. (2), the destination node generates a hash chain of size N by iteratively hashing nonce N times. The hash chain is generated in the direction from HD1(Nonce) to HDN(Nonce) but the hash values are released in the opposite direction. The hash chain is used to improve the network performance by replacing the destinations signature with a hash value, and to aggregate the payment by generating a cheque for a series of packets. In RREQ and RREP packets, the source and destination nodes agree on the ratio of payment which is proportional to their interest of the communication. In RREP, the destination node (if it pays) attaches its certificate, the session establishment time stamp (TS), the last value in the hash chain (HDN(Nonce)), and a signature to the payment data (PD), the TS, and the last value in the hash chain (SigD(PD|TS|HDN(Nonce))). The destinations signature is an approval from one payer to pay for the session, and it also authenticates the destination node and the hash chain. The payment data contain the identities of the nodes on the route (the payers and payees) and the ratio of payment between the sender and receiver. After establishing a session, the source and destination nodes know their payment ratios and the identities of the intermediate nodes. The intermediate nodes know the public keys of the communicating ones (the payers).
4.1.2 Packet Transmitting Phase As shown in Fig. (3-a), the source node initiates a series of packets (with maximum size of N
rP Fo
Fig. (2): The hash chain generated by the destination node
ee
rR
ev
ie
On ly
Page 13 of 36
Page 13 of 35

13
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60
packets) by attaching its signature to the payment data (PD), session establishment time stamp (TS), counter to the number of transmitted packets (X), and the hash value of the message. The signature is an approval from one payer to pay for X packets. It also ensures the message authenticity and integrity, and thwarts free riding, packet replay, packet and payment repudiation, and impersonation attacks. The source node initiates a new packet series (with a new cheque) when the route is broken, or N packets have already been transmitted. After transmitting a packet, the sender turns on a timer waiting for ACK, NACK, or Timeout.
4.1.3 Packet Relaying Phase
Before relaying a packet, an intermediate node verifies the signature to ensure the messages integrity and authenticity, and to ensure that the payment data and the number of relayed packets are correct. In case of the first packet in a series (X=1), an intermediate node composes the single approval cheque (SAC) (which contains payment approval from one payer) as a proof of receiving the packet. The format of SAC is shown in Fig. (4-a). Storing the hash of the signatures significantly reduces the cheque size but with extra overhead on the AC which is powerful party. The nodes claim the SAC if the packet does not reach the destination node. For the successive packets in a series (X>1), each node composes aggregated double approval cheque with a single approved packet (ADAC_S(X)) which contains payment data for (X-1) successfully delivered packets and one received packet. As shown in Figs. (4-c), the payment approval of the destination node in
rP Fo
ee
(a) The data packet format
Fig. (3): The formats of data and ACK packets
rR
(b) The ACK packet format
ev
ie w On ly
Page 14 of 36

14
Page 14 of 35
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60
ADAC_S(X) lags that of the source node by one packet. The evolution of the payment cheques is shown in Fig. (5).
SAC PD|TS|1|HS(M1)|HD (Nonce)| N H( SigS(PD|TS|1|HS(M1)) | SigD(PD|TS|HD (Nonce)) )
N
(a) The SAC format
4.1.4 Packet Receiving Phase
Upon receiving a packet in a series, the destination node attaches a new hash value from the hash chain to its acknowledgement (ACK) packet (if it pays for the session). The hash value is an approval from the second payer to pay for the received packet. The format of the ACK packet is
shwon in Fig. (3-b). 4.1.5 ACK/NACK Relaying Phase
In case of the first ACK in a series, an intermediate node verifies the hash value and upgrades the single approval cheque (SAC) to double approval cheque (DAC) which is a proof of successfully delivering the packet. As shown in Fig. (4-b), the DAC contains payment approval from the two payers. For ACK for successive packets in the series, the intermediate nodes ensure that the
rP Fo
DAC ADAC(X)
PD |TS|1|HS(M1)| HD (Nonce)|HD (Nonce)| N H( SigS(PD|TS|1|HS(M1)) | SigD(PD|TS| HD (Nonce)) )
N-1
(b) The DAC format
ADAC-S(X) PD|TS|X|HS(MX)|HD (Nonce)|HD (Nonce)| N H( SigS(PD|TS|X|HS(MX)) | SigD(PD|TS| HD (Nonce)) )
PD|TS|X|HS(MX)|HD (Nonce)|HD (Nonce)| N H( SigS(PD|TS|X|HS(MX)) | SigD(PD|TS| HD (Nonce)) )
Fig. (4): The formats of the payment cheques
ee
N-X+1
(c) The ADAC_S format
rR
N-X
(d) The ADAC format
ev
ie
w On ly
Page 15 of 36
Page 15 of 35

15
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60
hash value HDN-X+1(Nonce) is generated from hashing HDN-X(Nonce), then they aggregate the payment by composing the aggregated double approval cheque (ADAC(X)) which contains the latest hash value (HDN-X(Nonce)) as a proof to pay for (X) delivered packets. If an intermediate node decides to transit to uncooperative state, it piggybacks a notice in the ACK packet. The source node re-establishes the route when it receives NACK, the Timeout expires without receiving ACK, or some intermediate node(s) decided to transit to uncooperative state.
4.1.6 Cheque Clearing Phase
Since the base stations are involved in the sessions, they submit the cheques to the AC for redemption. If a session was broken and the BS does not have the latest cheque, the nodes claim it. Once the AC receives a cheque, it checks that it has not been deposited before using its unique identifier (the identities of the payers and payees, and the time stamp), then it verifies the payers payment approvals (the signatures of the payers, and X hashing operations to get HDN(Nonce) from HDN-X (Nonce)). The AC clears the cheque by crediting the source and destination nodes with the listed ratios, and rewarding the relaying nodes. The AC periodically sends clearance confirmation messages to the nodes, showing the identifiers of the cleared cheques and their updated accounts. After receiving the messages, the nodes delete the cleared cheques and adjust their local account counters. If a cheque is not cleared in a certain time, the node can claim it.
rP Fo
Fig. (5): The evolution of the payment cheques
ee rR ev ie w On ly
Page 16 of 36

16
Page 16 of 35
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60
4.2 FESCIM for Pure Ad Hoc Mode Communication

For pure ad hoc mode, the proposed mechanism for hybrid mode can be used but because the base stations are not involved in the communication, the intermediate nodes submit the cheques to the AC. In this section, we discuss and evaluate different techniques to send the cheques to the AC. In evaluating the performance of the techniques, we consider two metrics: the total number of transmitted cheques (T), and the required storage space in each node to store the cheques (j). In the security evaluation, the effect of collusion attack on the number of submitted cheques is considered. It is obvious as these metrics decrease, as it is better. 4.2.1 One-Trust-Level Cheque Submssion Technique Every cheque contains complete payment data for all the session nodes, so it is sufficient to submit it once. For instance, the last intermediate node is responsible to submit all the session cheques in [31]. This technique is efficient because the cheques are transmitted and stored once. However, the entire cheque submission load is on one node that may not have the sufficient resources, or this load may degrade its efficiency. The technique is not secure against collusion attack because if just one node colludes with the payers, all the cheques are not transmitted. In addition, the cheques that are stored in one node may be deleted or corrupted accidentally due to a malfunction. 4.2.2 Uncooperative Cheque Submssion Technique
All the intermediate nodes store and transmit the session cheques independently and uncooperatively [30], [33]. The technique is secure against collusion attack because it guarantees that all the cheques are submitted if at least one node does not collude with the payers. However, the technique is inefficient because each cheque is stored and transmitted (n-C) times, which exhausts the network resources. In addition, each node has to store and transmit all the cheques, which consumes its resources. In the following subsections, we propose two novel techniques to submit the cheques to the AC aiming to balance between the performance and the security. 4.2.3 Deterministic Cheque Submssion Technique Each intermediate node sends a unique and pre-defined set of cheques (around (i/n)). Node
rP Fo
ee
rR
ev
ie
w On ly
Page 17 of 36
Page 17 of 35

17
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60
number (x) on the route sends a set of cheques starting from cheque number [S(x)] to [S(x)+j(x)1], where j(x) is the share size (the number of cheques to be sent by node number (x) on the session route), and S(x) is the starting cheque number. Equations (1) and (2) can be used to calculate j(x) and S(x). The used notations in the equations are defined in Table (1). The technique is efficient because each cheque is stored and transmitted once and the cheque submission load is distributed evenly among the nodes. However, it has two security concerns: (1) colluders know their profits in advance because each cheque is supposed to be sent by one node, which may be an incentive to cheating, and (2) the number of submitted cheques is sensitive to the number of colluders especially at small number of relaying nodes because a nodes share is large.
i j(x) Int[ ] I(R - x) n
rP Fo

ee
(1) (2)
S(x)
(x -1) * Int[ i ] V(R, x) 1 n
If x 1
rR
Otherwise
where:-
1 if y ! 0 otherwise 0 0 if R 0 Regardless of x V(R, x) x -1 if R ! 0 , x R R if R ! 0 , x ! R I(y)
R= i % n (% is the remainder),
4.2.4 Probabilistic Cheque Submssion Technique
Each node stores and submits a randomly chosen share (j) of the session cheques. One cheque may be submitted by more than one node. The technique guarantees with a certain probability that a minimum number of unrepeated cheques will be submitted. Q denotes an integer random variable (0<=Q<=i) which defines the number of unrepeated cheques that are submitted. The probability that at least (q) unrepeated cheques are submitted as a function of (j) is given in (3) and (4). The technique can balance between performance and security because increasing (j) improves the robustness against collusion attack but degrades its performance. The technique has two main security strengths: (1) colluders do not know their profits in advance because they do not know the
ev ie w On ly
Page 18 of 36

18
Page 18 of 35
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60
submitted cheques by the other nodes, and (2) the honest nodes can take preventive measures (by increasing (j)) to protect the technique up to a certain number of probable colluders, which is called adaptive security.
Pr(Q ! q) x i Pr(Q x) x q
(3) (4)
x i x i n C 1 PR n C Pr Q x 1 1 PR x
Fig. (6) gives the relation between the ratio of transmitted cheques by each node (PR=j/i) and the probability of submitting at least (q) unrepeated cheques. We assume the number of intermediate nodes (n) is six, the number of the cheques (i) is 30, and all the nodes do not collude (C=0). The nodes choose (j) to achieve a certain probability of submitting a minimum number of cheques. As shown in the figure, it is not worth to choose the operating point at the first region (0%-10%) or the last region (90%-100%) because the effect of changing PR on the probability is very little. Therefore, the nodes calculate (j) to guarantee that the probability of sending at least 90% of the cheques is at least 90%. The figure shows that at least 90% of the cheques can be submitted when each node sends only 35.2% of the cheques. In addition, when each node submits 40% of the cheques, at least 95% of the cheques can be submitted. For the un-sent cheques, the nodes can
rP Fo
Fig. (6): The effect of PR on the probability of submitting the cheques
ee rR ev ie w On ly
Page 19 of 36
Page 19 of 35

19
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60
claim them, or the AC can compensate the nodes, i.e., it can add compensation credits to each transaction. In order to investigate the effect of the collusion attack on the number of submitted cheques and to show how the honest nodes can take preventive measures to protect the technique in advance (adaptive security), Fig. (7) shows the relation between PR and the probability of submitting at least 90% of the cheques at different numbers of colluders (C). The relation shows that at PR=0.5, the technique is immuned up to two colluders because it is guaranteed that the probability of submitting at least 90% of the cheques is 90%. The security against collusion attack is adaptive because increasing PR improves the immunity of the technique.
4.2.5 Case Study
In order to demonstrate the difference among the cheque submission techniques, we run a case study to analyze their security and performance. We assume that i=100 and n=10. As shown in Table (2), we consider different security levels in the probabilistic technique. A security level (or immunity level) is defined by the maximum number of colluders that the probability of transmitting at least 90% of the cheques is at least 90%. As shown in the table, one-trust-level technique achieves the worst protection against collusion attack because for one colluder (at C=1), all the cheques are not submitted. However, its performance is high because the cheques are stored and
rP Fo
Fig. (7): The effect of collusion attack on cheque submission
ee rR ev ie w On ly
Page 20 of 36

20
Page 20 of 35
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60
transmitted once (T=100) but the submission load is on one node. The uncooperative technique can provide the highest protection against colluders since up to nine colluders, all the cheques are submitted but with high overhead cost because the cheques are supposed to be stored and transmitted ten times (T=1000). Deterministic technique has low overhead because the cheques are stored and transmitted once (j=10). The number of submitted cheques decreases by 10% for each colluder. Probabilistic technique can balance between the protection against colluders and the overhead. Increasing PR enhances the security but with more overhead. For instance, increasing PR from 0.23 to 0.36 increases the number of submitted cheques from 75 to 90 assuming four colluders but with increasing the storage space per node from 23 to 36 and the total transmitted cheques from 230 to 360. The results also emphasize that the probabilistic technique is less sensitive to the colluders. For instance, when the number of colluders increases from 2 to 8 at PR=0.28, the number of submitted cheques drops from 80 to 20 in the deterministic technique and from 90 to 46 in
the probabilistic technique.
5 SECURITY ANALYSIS
In this Section, we study the robustness of the proposed mechanism against some common attacks.
rP Fo
ee
TABLE (2): THE RESULTS OF THE CASE STUDY
rR
ev
ie w On ly
Page 21 of 36
Page 21 of 35

21
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60
5.1 Free Calling (or Riding) Attacks

Attackers launch this kind of attacks to communicate for free or with reduced payment. Two colluding intermediate nodes on a legitimate session can manipulate the packets to add their exchanged data. If the payers pay only for successfully delivered packets, colluders can claim that the packet is dropped and then they deliver it secretly. In another scenario, if the intermediate nodes are unable to verify the payment data, payers can exchange packets which will not be rewarded for. Attackers may record legitimate packets and reply them in different place and/or time claiming that they are fresh to establish a session without paying. Our mechanism is secure against these attacks since the intermediate nodes can detect any addition or modification to the packets and verify the payment data because of having the hash of the message and the payment data in the payers signatures. The intermediate nodes can claim the payment if a packet does not reach the destination node, and attaching time stamp can prevent packet replaying attack. In a subtle attack, attackers may exploit that the AC clears the cheques with the same identifier once and attempt to issue cheques with the same identifier for different sessions to pay once for multiple sessions. This attack can not be launched in our mechanism because a cheques identifier includes the identities of the nodes on the route and the session establishemnet time. Therefore, even if an attacker establishes two different sessions at the same time, the cheques identifiers are different because at least one intermediate node is different. In another attack, since the AC clears only the first received cheque when multiple copies of the same cheque are submitted, the payers may collude with some intermediate nodes to reduce their payments. The colluders may submit cheques with less payments so when the AC receives other copies with the same identifier (but with correct payment), it discards them. In order to thwart the attack and identify the attackers, the AC should compare the amount of payment in the cleared cheque with each received copy of the same cheque. For other collusion attack, the colluding intermediate nodes do not send the cheques to the AC. In order to evaluate the effectiveness of this attack, we run a simulation to evaluate the effect of the nodes collusion on the ratio of un-sent cheques in a cell with 100 network nodes. The probability that a node is honest or colluder has uniformly random distribution. As shown in Fig. (8), the effect
rP Fo
ee
rR
ev
ie
On
ly
Page 22 of 36

22
Page 22 of 35
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60
of collusion is nearly linear with a weight of 0.01% for each colluding node in the deterministic technique. The probabilistic technique can improve the ratio of un-sent cheques. For instance, when 60% of the network nodes collude, colluders can prevent sending 60% of the cheques in the deterministic technique but they prevent only 41% of the cheques in probabilistic technique with PR=0.33. In order to prevent submitting a significant ratio of the cheques in probabilistic technique, an attacker has to collude with a large number of nodes, which may not be reasonable in civilian applications and scalable network. For example, to prevent sending at least 50% of the cheques, an attacker has to collude with at least 55 and 68 nodes at PR of 0.23 and 0.33, respectively. Even if an attacker could prevent sending a group of cheques, the nodes can claim them, and the trusted party can identify the attackers by applying some statistical analysis.
5.2 Modification of Payment Data Attacks
A misbehaving node may attempt to compromise the payment data to gain more credits or pay less. It may try to add its identity and/or a friends identity claiming that they participated in packet relaying. In a severe attack, an attacker may fabricate a forged cheque to reward himself and his friends for a session which did not happen. In the proposed mechanism, modifying the payment data is difficult because it is hard to forge or modify the payers signatures and to compute HDN-
rP Fo
Fig. (8): The effect of the nodes collusion on the ratio of un-sent cheques
ee
rR ev ie w On ly
Page 23 of 36
Page 23 of 35

23
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60
(Nonce) from HDN-X+1(Nonce). In addition, payees can detect misbehaving the payment data be-
cause they verify them.
5.3 Double Rewarding Attack

A greedy node may attempt to clear a valid cheque more than once, or to replay valid packets claiming that they are fresh to gain undeserved rewards. The trusted party can detect this attack and identify the attackers because each cheque has a unique identifier. Packet replaying attack can be detected due to having a time stamp in the payers signatures. In addition, an attacker can not claim the individual and aggregated cheques because all of them have the same identifier.
5.4 Denial of Payment Attack

Payers may deny initiating a communication session so as not to pay, or they may deny the payment information. In our mechanism, payers can not deny issuing packets or the payment informa-
tion because they sign them.
5.5 Payment Collecting Attack
Attackers collect payments for each other for sessions in which they did not participate by claiming that they have non-existent neighbor(s). In order to launch this attack, colluders need to exchange their private keys to authenticate themselves. Extracting the keys from the mobile device is not easy. Exchanging the keys is not likely to happen because colluders can steal the accounts of each other. Inserting non-existent nodes decreases the chance to be selected in the session route due to increasing the total relaying cost. Moreover, the trusted party can detect the attack and identify the attackers by applying some statistics to detect that some nodes are always neighbors, or they appeared in different locations at the same time.
5.6 Forwarding only the Cheques Attack

Colluders forward the cheques (smaller size) but not the payload, and then they claim the SACs aiming to gain credits with consuming low resources. In order to thwart this attack, Sprite [30] greatly reduces the amount of credits given to the intermediate nodes if the packet does not reach
rP Fo
ee
rR
ev
ie
On
ly
Page 24 of 36

24
Page 24 of 35
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60
the destination node due to malicious or non-malicious actions. In our mechanism, the trusted party can detect the attack by applying statistical analysis to infer that some nodes are always neighbors, and they claim SACs more than the normal rate.
5.7 Dropping Control Packets Attack

Although control packets (such as ACK and NACK) are short, some rational attackers may drop them to save their resources. In our mechanism, the nodes are fully motivated to forward them to gain more credits by triggering the source node to generate more packets, and to get their credits by enabling the base stations to compose and redeem the cheques. By applying statistical analysis, the trusted party can identify the attackers because the routes are frequently broken at them.
5.8 Credit Depletion Attack
Malicious nodes may launch attacks to deplete the destination nodes credits by sending useless data or inserting dummy data to increase the payment. The attack may lead to denial of service (DOS) because the victims having fewer credits do not initiate communication. In our mechanism, a rational node does not launch this attack because both the sender and receiver pay. The intermediate nodes can detect and drop modified packets, and the payers agree on the ratio of payment in route discovering phase. Colluders can not generate fake cheques to steal credits from a destination node because its payment approval is needed for each packet. However, colluders can establish a session and generate SACs (without sending data) to steal credits from the receiver. The destination node can thwart the attack by denying creating sessions with the nodes that frequently create incomplete sessions. In addition, statistical tools can be applied to identify the colluders because
they claim SACs more than the normal rate.
5.9 Irrational Attacks

Although the main objective of the mechanism is to protect the network from rational attacks, it can also thwart some irrational ones. In sleep deprivation attack, attackers send bogus information to exhaust the resources of the nodes. Attackers can not launch this attack successfully by replaying valid packets due to signing time stamps. External attackers can not launch the attack by send-
rP Fo
ee
rR
ev
ie
On
ly
Page 25 of 36
Page 25 of 35

25
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60
ing bogus data because they have to sign their transmitted messgaes. The senders are discouraged to launch sleep deprivation attack because they pay. In packet dropping attack, an attacker participates in route discovering phase but it drops the data packets aiming to degrade the network performance. The trusted party can identify the attackers by noticing that their preceding nodes on the routes claim SACs more than the normal rate. An attacker may compromise mobile nodes to infer their secret keys to launch irrational attacks under their names. By statistical analysis, the trusted party can notice that a user has appeared in different locations at the same time.
6 EVALUATIONS
In this section, fairness is analyzed and simulation results are discussed to evaluate the feasibility of the proposed mechanism.
6.1 Fairness Analysis
Fairness is defined as a nodes benefits from the network are proportional to its contributions [41]. A nodes contribution can be relaying packets generated from other nodes or paying credits, whereas a nodes benefit can be relaying its packets or gaining credits. Fairness is an important requirement to stimulate the users to participate in the routing process. Our mechanism can enforce fairness by rewarding or charging credits to balance between the nodes contributions and benefits. In the proposed mechanism, the nodes are rewarded for every relayed packet regardless whether it reaches the destination node or not because the relaying nodes can claim the payment. The nodes are able to validate the payment data before relaying the packets to make sure that they will be rewarded. They do not delete the cheques before receiving a clearance confirmation from the accounting center. The payers pay only the deserved credits (not full payment) when a route is broken. In addition, in route discovering phase, the communicating nodes agree on the payment ratio which is proportional to their interest from the communication.
6.2 Overhead
Several performance measures have been taken to reduce the overhead cost and to improve the
rP Fo
ee
rR
ev
ie
On
ly
Page 26 of 36

26
Page 26 of 35
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60
scalability of the proposed mechanism. Our mechanism is scalable because it does not require instantaneous contacting to the AC in each session. Reducing the number and size of the cheques lessens the required storage, energy, and bandwidth to submit them. A cheque contains complete payment information for all the session nodes. Therefore, instead of transmitting all the receipts by all the nodes, they can be transmitted by some. A payment aggregation technique is applied to generate a cheque for multiple packets instead of generating a cheque per packet. In order to reduce the ACK packet overhead, the destination nodes signature is replaced with a hash value because hashing operations are more efficient than signing or verifying operations. The cheque size is very compact due to storing the hash of the signatures but more overhead is required by the AC to verify it. This is acceptable because online clearance is not required, and the AC is a powerful party. Composing a cheque is efficient because it needs only one lightweight hashing operation. The payment does not suffer from credit depletion or inflation due to adopting balanced payment and converting credits to real money and reverse.
The proposed mechanism avoids using impractical techniques such as e-coins (which require an online party to check the coins and permanent storage), and tamper proof devices (which may be insecure and expensive). Our mechanism does not need extra control packets or executing an auction in each node to avoid causing bandwidth and latency overheads. With using local credit counters, the nodes make their decisions locally without frequently contacting the accounting center. Converting the credits into real money motivate the rich nodes to continue in cooperative state. Although symmetric key cryptography is faster and requires less resource, in our application, public key cryptography is more appropriate to prevent payers from denying the payment, and to en-
able the relaying nodes to verify the payment data. 6.2.1 Simulation Setup
In the simulation, we consider two popular digital signature algorithms: RSA and DSA. According to NIST guidelines [42], the secure private keys should have at least 1024 bits. For the message digest function, we use MD5 [40] with digest length of 16 bytes. In our mechanism, the major online processing overhead is due to signing and verifying operations to the security and incentive
rP Fo
ee
rR
ev
ie
On
ly
Page 27 of 36
Page 27 of 35

27
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60
data. Therefore, in order to estimate the computational processing delays of applying our mechanism, we have implemented a prototype of the mechanism using the Crypto++ library [43]. The mobile node is a laptop with an Intel processor at 1.6 GHZ and 1 GB Ram. The operating system of the mobile node is Windows XP. Table (3) gives the CPU processing times of sending (signing) and forwarding (verifying or hashing) a message. As it is shown, the processing time of the hash function is much shorter than the signing or verifying times, i.e., replacing the signatures with hash values in the ACK packets is efficient. A concern in using DSA in multi-hops networks is that the verifying operations performed by the intermediate and destination nodes need more delays than the signing operations performed by the sender. The RSA signature generation is computationally intensive but the signature verification time is shorter. DSA and RSA generate signature tags of 320 and 1024 bits, respectively. A concern in using RSA is its longer signature size. The resources of the real mobile nodes may be less than a laptop, so in the simulations (in next subsections), the results in Table (3) are scaled by factor of five to estimate a limited-resource node.
TABLE (3): PROCESSING TIMES FOR CRYPTOGRAPHIC PRIMITIVES
Network simulator NS2 (version 2.27) is used to implement a version from the proposed mechanism and Sprite [30] as an example to a mechanism which generates a cheque per packet. We simulate a hybrid ad hoc network in a square cell of 800800 square meters. 35 mobile nodes are randomly deployed, and a fixed base station is located at the center of the cell. We use the Distributed Coordination Function (DCF) of IEEE 802.11 as the medium access control (MAC) layer protocol, and dynamic source routing (DSR) as the routing protocol. The radio transmission ranges for a node and the base station are 250 meters, and the transmission data rate is 2 Mbits/s. To stimulate the node movements, the random waypoint model is used with speed and pause time uniformly distributed in the ranges [0-10] m/s and [0-100] sec, respectively. Constant bit rate (CBR) traffic source is implemented in each node as an application layer. The source and destination pairs
rP Fo
ee
rR
ev
ie w On ly
Page 28 of 36

28
Page 28 of 35
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60
are randomly selected. All data packets are 512 bytes and sent at speed of 2 packets/sec. For simplicity, we assume that all the nodes are cooperative, and the relaying price is one credit per packet. Each simulation is executed for 15 simulated minutes, and each data point represents an average of twenty runs with identical traffic models but differently generated mobility scenarios. A summary for the simulation scenario is given in Table (4).
TABLE (4): SIMULATION PARAMETERS
6.2.2 Simulation Results A. Average Storage Area
For networks with limited-resource nodes, the mechanism should require small storage area. In FESCIM, each node stores cryptographic information and the payment cheques. The concern issue is the required area to store the cheques because each node has to store them until it receives a confirmation of clearance. Table (5) gives the expected cheque size in Sprite and FESCIM using different cryptosystems. In FESCIM, a cheque size does not depend on the used cryptosystem, and it needs less storage area due to hashing the signature. The aggregated cheques (ADAC(X) and ADAC-S(X)) have fixed sizes regardless of the number of relayed packets (X), but each packet requires a receipt in Sprite. In FESCIM, 1MB can store up to 9,157 aggregated cheques, but in Sprite, the same area can store up to 4,628 and 7,569 receipts using RSA and DSA, respectively. In order to evaluate the effectiveness of the payment aggregation technique, Table (6) gives the
rP Fo
ee rR ev ie w On ly
Page 29 of 36
Page 29 of 35

29
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60
expected number of generated cheques in all the intermediate nodes in Sprite and FESCIM for a session at different packet transmission rates. The source and detination pair is uniformaly chosen and the session is held for 300 seconds. The table shows that in Sprite, the number of cheques is much larger, and it significantly increases with the increase of the packet transmission rate. The FESCIM can significantly reduce the number of generated cheques. More cheques are generated at higher mobility because the routes are more frequently broken. Fewer cheques can be generated with the increase of the size of the hash chain (N) because a cheque can aggregate payment for more packets but more memory space and CPU cycles are needed to store and calculate the chain. In the optimal case, one cheque is generated for a session. However, because it is difficult to estimate the number of packets in a session in advance, the unused hash values in a chain are lost because it is insecure to use them in other sessions. The table shows that increasing N above 30 can not reduce the number of the cheques significantly. Consequently, properly choosing the size of the hash chain can optimize the number of cheques and also save the nodes resources. The FESCIM does not suffer from storage problem because the cheques are compact, temporarily stored, and
rP Fo
ee
rR
ev
few.
TABLE (5): AVERAGE CHEQUE SIZE
TABLE (6): THE AVERAGE NUMBER OF GENERATED CHEQUES
ie
w On ly
B. Packet End-to-End Delay It is the average time interval between the data packet generation and the time when the last bit
Page 30 of 36

30
Page 30 of 35
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60
arrives at the destination. Fig. (9) shows the average end to end delay as a function of the number of connections in Sprite and FESCIM. Up to 20 connections, the delay is mainly due to the signing and verifying operations but for larger number of connections, the delay dramatically increases (with or without implementing the cooperation incentive mechanism) because the channel contention and queuing delays dominate. There is no sensible delay difference between Sprite and FESCIM because the additional hashing operation needed in each ACK packet in FESCIM is free computationally (50s per operation), i.e., using the hash chain to aggregate the payment almost does not have effect on the delay. Although DSA has much shorter signature tag than RSA, it causes more delay because the verifying time (in the intermediate nodes) is longer. The end to end delay can be significantly improved by using a delayed verification, i.e., a node forwards the packet first then it verifies the payment.
C. Network Throughput
The average network throughput gives the fraction of the channel capacity used for useful transmission. It is computed by dividing the size of the received data by all the nodes over the simulation time. Fig. (10) shows the average throughput as a function of the number of connections. Increasing the number of connections increases the network throughput but the increasing rate starts to decrease above 20 connections because the network starts to enter its maximum capacity. There is little improvement by using RSA over DSA because congestions occur more likely in longer processing delays in the intermediate nodes, and no difference between Sprite and
rP Fo
Fig. (9): The end to end delay in Sprite and FESCIM
ee
rR ev ie w On ly
Page 31 of 36
Page 31 of 35

31
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60
FESCIM because the extra hashing operation in FESCIM has little effect on the processing delay.
D. Data Packet Delivery Ratio (PDR)
It is the average ratio of the data packets successfully delivered to the destination nodes with respect to those generated by the sources. Fig. (11) shows the average packet delivery ratio (PDR) as a function of the number of connections. The percentage of packets correctly delivered is quite high (above 99%) for up to 20 connections. Over 20 connections, the PDR decreases because the congestions are more likely to occur. We can observe little improvement by using RSA over DSA because congestions are more likely to take place in DSA due to its longer processing delay. The extra lightweight hashing operation needed in FESCEM does not have effect on the PDR.
rP Fo
Fig. (10): The throughput in Sprite and FESCIM
Fig. (11): The Packet Delivery Ratio in Sprite and FESCIM
ee rR ev ie w On ly
Page 32 of 36

32
Page 32 of 35
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60
TABLE (7): AVERAGE DATA PACKET OVERHEAD (IN BYTES)
E. Average Packet Overhead It is the average additional data (in bytes) attached to the packets including the routing and cryptographic information. Table (7) gives the average packet overhead in Sprite and FESCIM. The packet overhead by using RSA is much longer than DSA due to its longer signature size. In FESCIM, a signature is attached to the first ACK packet in a series and then the overhead is significantly reduced by replacing it with a hash value in the successive packets. F. Average Energy Consumption
An efficient incentive mechanism should not consume much energy because the network nodes have limited energy. Consuming much energy discourages the nodes to cooperate, which results in devastating impact on the network performance. In [44], it is shown that the energy required to perform computation is negligible to the required energy to perform transmission. The FESCIM can save the nodes energy because it can significantly reduce the number and size of the cheques. The energy consumption for the cryptosystems used in this paper is given in Table (8). The results in the table confirm that the hash chain can be used efficiently to aggregate the payment because it consumes very low energy.
7 CONCLUSION AND FUTURE WORK

In this paper, we have proposed a fair, efficient, and secure cooperation incentive mechanism for hybrid ad hoc network. In order to reduce the overhead cost, a payment aggregation technique is used to reduce the number of the cheques by generating a cheque for multiple packets, and the
rP Fo
TABLE (8): ENERGY CONSUMPTION OF THE CRYPTOGRAPHIC TOOL [45]
ee
rR
ev
ie
On
ly
Page 33 of 36
Page 33 of 35

33
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60
cheque size is reduced with storing the hash of the payers signatures. A hash chain is used to efficiently integrate the incentive mechanism in the routing protocol. In order to protect the payment from collusion attacks, secure and efficient techniques have been proposed to submit the cheques to the accounting center for redemption. Extensive evaluation demonstrates that the mechanism is robust against rational and colluding attacks, and it can reward the nodes proportionally to their contributions. Overhead evaluation shows that the mechanism can significantly reduce the number of cheques, and can be implemented efficiently. In this work, on-demand routing protocol has been used to enable the payers (the source and destination nodes) to know the identities of the payees (the intermediate nodes) to issue the payment cheques. In some wireless networks, such as Delay Tolerant Networks (DTN), the source node may not be able to know the identities of the relaying nodes before sending a packet. Therefore, in our future work, we are going to extend this work to consider these networks.
REFERENCES
[1] Y. Lin and Y. Hsu, Multihop Cellular: A New Architecture for Wireless Communications , Proc. of IEEE INFOCOM 00, Vol. 3, pp. 1273--1282, March 26-30, 2000. [2] X. Li, B. Seet, and P. Chong, Multihop Cellular Networks: Technology and Economics , Computer Networks, Vol. 52, No. 9, pp. 1825--1837, June 2008. [3] C. Gomes and J. Galtier, Optimal and Fair Transmission Rate Allocation Problem in Multi-hop Cellular Networks , Lecture Notes in Computer Science, Springer Berlin/Heidelberg, Vol. 5793, pp. 327-340, August 29, 2009. [4] Y. Tam, S. Akl, and H. Hassanein, Resource Managemnet in Multi-hop Cellular Networks , PhD Thesis, Queen s University, Kingston, Ontario, Canada, January 2009. [5] G. Shen, J. Liu, D. Wang, J. Wang, and S. Jin,Multi-Hop Relay for Next-Generation Wireless Access Networks , Bell Labs Technical Journal, Vol. 13, No. 4, pp. 175-193, 2009. [6] F. Hossain and H. Chowdhury, Impact of Mobile Relays on Throughput and Delays in Multihop Cellular Network , Proc. of IEEE International Conference on Wireless and Mobile Communications (ICWMC 08), pp. 304308, Athens, Greece, July 27-August 1, 2008. [7] R. Schoenen, R. Halfmann, and B. Walke, MAC Performance of a 3GPP-LTE Multihop Cellular Network , Proc. of IEEE International Conference on Communications (ICC 08), pp. 4819--4824, Beijing, China, May 1923, 2008. [8] 3rd Generation Partnership Project, Technical Specification Group Radio Access Network, Opportunity Driven Multiple Access , 3G Technical Reort 25.924, version 1.0.0, December 1999. [9] S. Marti, T. Giuli, K. Lai, and M. Baker, Mitigating Routing Misbehavior in Mobile Ad Hoc Networks , Proc. of ACM International Conference on Mobile Computing and Networking (MobiCom 00), pp. 255--265, Boston, Massachusetts, USA, August 6-11, 2000. [10] P. Michiardi and R. Molva, Simulation-Based Analysis of Security Exposures in Mobile Ad Hoc Networks , Proc. of European Wireless Conference, Florence, Italy, February 25--28, 2002. [11] J. Hu, Cooperation in Mobile Ad Hoc Networks , Technical report (TR-050111), Computer Science Department, Florida State University, Tallahassee, January 2005.
rP Fo
ee
rR ev ie w On ly
Page 34 of 36

34
Page 34 of 35
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60
[12] G. Marias, P. Georgiadis, D. Flitzanis, and K. Mandalas, Cooperation Enforcement Schemes for MANETs: A Survey , Wiley' s Journal of Wireless Communications and Mobile Computing, Vol. 6, Issue 3, pp. 319--332, 2006. [13] C. Song and Q. Zhang, OMH----Suppressing Selfish Behavior in Ad hoc Networks with One More Hop , Mobile Networks and Applications, Springer Netherlands, Vol. 14, No. 2, pp. 178-187, February 2009. [14] Y. Ho, A. Ho, K. Hua, and F. Xie, Cooperation Enforcement in a Highly Dynamic Mobile Ad Hoc Network , Journal of Universal Computer Science, Vol. 15, No. 5, pp. 1090-1118, 2009. [15] D. Djenouri and N. Badache, On Eliminating Packet Droppers in MANET: A Modular Solution , Elsevier Ad Hoc Networks, Vol. 7, Issue 6, pp. 1243-1258, August 2009. [16] G. Bella, G Costantino, and S. Riccobene, Evaluating the Device Reputation Through Full Observation in MANETs , Journal of Information Assurance and Security, Vol. 4, Issue 5, pp. 458-465, March 2009. [17] L. Feeney, An Energy-Consumption Model for Performance Analysis of Routing Protocols for Mobile Ad Hoc Networks , Mobile Networks and Applications, Vol. 3, No. 6, pp. 239--249, 2001. [18] L. Buttyan and J. Hubaux, Nuglets: A Virtual Currency to Stimulate Cooperation in Self Organized Ad Hoc Networks , Technical Report DSC/2001/001, Swiss Federal Institute of Technology, Lausanne, January 2001. [19] L. Buttyan and J. Hubaux, Enforcing Service Availability in Mobile Ad-hoc WANs , Proc. of the 1st IEEE/ACM international symposium on Mobile Ad Hoc Networking and Computing (MobiHOC 00), pp. 87-96, Boston, Massachusetts, August 11, 2000. [20] L. Buttyan and J. Hubaux, Stimulating Cooperation in Self-Organizing Mobile Ad Hoc Networks , Mobile Networks and Applications, Vol. 8, No. 5, pp. 579-592, October, 2004. [21] A. Weyland, T. Staub, and T. Braun, Comparison of Motivation-Based Cooperation Mechanisms for Hybrid Wireless Networks , Journal of Computer Communications, Vol. 29, pp. 2661--2670, 2006. [22] A. Weyland and T. Braun, Cooperation and Accounting Strategy for Multi-Hop Cellular Networks , Proc. of IEEE Local and Metropolitan Area Networks (LANMAN 04), pp. 193-198, Mill Valley, CA, USA, April 25-28, 2004. [23] A. Weyland and T. Braun, Cashnet - Cooperation and Accounting Strategy for Hybrid Networks , Proc. of IEEE International Symposium on Modeling and Optimization in Mobile, Ad Hoc, and Wireless Networks (WiOpt 04), Cambrigde, UK, March 24-26, 2004. [24] A. Weyland, T. Staub, and T. Braun, Liveliness Evaluation of a Cooperation and Accounting Strategy in Hybrid Network , Proc. of Workshop on Applications and Services in Wireless Networks (ASWN 04), Boston, Massachusetts, USA, August, 2004. [25] Y. Zhang, W. Lou, and Y. Fang, SIP: A Secure Incentive Protocol against Selfishness in Mobile Ad Hoc Networks , Proc. of IEEE Wireless Communication and Networking Conference (WCNC 04), pp. 1679-1684, Atlanta, Georgia, USA, March 21-25, 2004. [26] Y. Zhang, W. Lou, and Y. Fang, A Secure Incentive Protocol for Mobile Ad Hoc Networks , ACM Wireless Networks, Vol. 13, No. 5, pp. 569-582, October, 2007. [27] M. Jakobsson, J. Hubaux, and L. Buttyan, A Micro-Payment Scheme Encouraging Collaboration in Multi-hop Cellular Networks , Proc. of the 7th Financial Cryptography (FC' 03), pp. 15--33, La Guadeloupe, January 2003. [28] M. Jakobsson and L. Yang, Quantifying Security in Hybrid Cellular Networks , ACNS Springer-Verlag Berlin/Heidelberg, Vol. 3531, pp. 350--363, May 2005. [29] G. Avoine, Fraud within Asymmetric Multi-Hop Cellular Networks , Proc. of Financial Cryptography (FC 05), Vol. 3570, pp. 1--15, Roseau, The Commonwealth of Dominica, February 28-March 3, 2005. [30] S. Zhong, J. Chen, and R. Yang, Sprite: A Simple, Cheat-Proof, Credit Based System for Mobile Ad-Hoc Networks , Proc. of Annual Joint Conference of the IEEE Computer and Communications Societies (INFOCOM 03), Vol. 3, pp. 1987-1997, San Francisco, CA, March 30-April 3, 2003. [31] B. Lamparter, K. Paul, and D. Westhoff, Charging Support for Ad Hoc Stub Networks , Journal of Computer Communications, Vol. 26, No. 13, pp. 1504--1514, 2003. [32] N. Salem, L. Buttyan, J. Hubaux, and M. Jakobsson, A Charging and Rewarding Scheme for Packet Forwarding in Multi-hop Cellular Networks , Proc. of ACM International Symposium on Mobile Ad Hoc Networking and Computing (MobiHoc 03), Annapolis, USA, June 2003. [33] N. Salem, L. Buttyan, J. Hubaux, and M. Jakobsson, Node Cooperation in Hybrid Ad Hoc Networks , IEEE Transactions on Mobile Computing, Vol. 5, No. 4, April 2006. [34] N. Salem, L. Buttyan, J. Hubaux, and M. Jakobsson, Cooperation in Multi-hop Cellular Networks with Extended Security Analysis , Proc. of ACM International Symposium on Mobile Ad Hoc Networking and Computing (MobiHoc 03), Annapolis, MD, USA, June 1-3, 2003. [35] J. Pan, L. Cai, X. Shen, and J. Mark, Identity-Based Secure Collaboration in Wireless Ad Hoc Networks , Computer Networks (Elsevier), Vol. 51, No. 3, pp. 853-865, 2007.
rP Fo
ee
rR
ev
ie
On
ly
Page 35 of 36
Page 35 of 35

35
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60
[36] C. Bassem and A. Bestavros,CSR: Constrained Selfish Routing in Ad-Hoc Networks , Lecture Notes in Computer Science, Springer Berlin/ Heidelberg, Vol. 5682, pp. 179-189, 2009. [37] J. Lee, W. Liao, and M. Chen, An Incentive-based Fairness Mechanism for Multi-hop Wireless Backhaul Networks with Selfish Nodes , IEEE Transactions on Wireless Communications, Vol. 7, No. 2, pp. 697--704, February 2008. [38] H. Janzadeh, K. Fayazbakhsh, M. Dehghan, and M. Fallah, A Secure Credit-based Cooperation Stimulating Mechanism for MANETs Using Hash Chains , Future Generation Computer Systems, Vol. 25, Issue 8, September 2009. [39] M. Mahmoud and X. Shen, Anonymous and Authenticated Routing in Multi-Hop Cellular Networks , Proc. of IEEE ICC 09, Dresden, Germany, June 14-18, 2009. [40] A. Menzies, P. Oorschot, and S. Vanstone, Handbook of Applied Cryptography , CRC Press, http://www.cacr.math.uwaterloo.ca/hac, Boca Raton, Fla., 1996. [41] A. Mok, B. Mistry, E. Chung, and B. Li, FAIR: Fee Arbitrated Incentive Architecture in Wireless Ad Hoc Networks , Proc. of 10th IEEE Real-Time and Embedded Technology and Applications Symposium (RTAS' 04), pp. 38-47, Toronto, Canada, May 25-28, 2004. [42] National Institute of Standards and Technology (NIST), Recommendation for Key Management - Part 1: General (Revised) , Special Publication 800-57 200, 2007. [43] W. Dai, Crypto++ Library 5.6.0 , http://www.cryptopp.com, 2009. [44] G. Pottie and W. Kaiser,Wireless Integrated Sensor Networks , Communications of the ACM, Vol. 43, Isuue 5, pp. 51-58, May 2000. [45] N. Potlapally, S. Ravi, A. Raghunathan, and N. Jha, A Study of the Energy Consumption Characteristics of Cryptographic Algorithms and Security Protocols , IEEE Transactions on Mobile Computing, Vol. 5, No. 2, pp. 128-143, March-April 2006.
Xuemin (Sherman) Shen received the B.Sc.(1982) degree from Dalian Maritime University (China) and the M.Sc. (1987) and Ph.D. degrees (1990) from Rutgers University, New Jersey (USA), all in electrical engineering. He is a Professor and University Research Chair, Department of Electrical and Computer Engineering, University of Waterloo, Canada. Dr. Shens research focuses on mobility and resource management in interconnected wireless/wired networks, UWB wireless communications networks, wireless network security, wireless body area networks and vehicular ad hoc and sensor networks. He is a co-author of three books, and has published more than 400 papers and book chapters in wireless communications and networks, control and filtering. Dr. Shen served as the Tutorial Chair for IEEE ICC08, the Technical Program Committee Chair for IEEE Globecom07, the General Co-Chair for Chinacom07 and QShine06, the Founding Chair for IEEE Communications Society Technical Committee on P2P Communications and Networking. He also serves as a Founding Area Editor for IEEE Transactions on Wireless Communications; Editor-in-Chief for Peer-to-Peer Networking and Application; Associate Editor for IEEE Transactions on Vehicular Technology; KICS/IEEE Journal of Communications and Networks, Computer Networks; ACM/Wireless Networks; and Wireless Communications and Mobile Computing (Wiley), etc. He has also served as Guest Editor for IEEE JSAC, IEEE Wireless Communications, IEEE Communications Magazine, and ACM Mobile Networks and Applications, etc. Dr. Shen received the Excellent Graduate Supervision Award in 2006, and the Outstanding Performance Award in 2004 and 2008 from the University of Waterloo, the Premiers Research Excellence Award (PREA) in 2003 from the Province of Ontario, Canada, and the Distinguished Performance Award in 2002 and 2007 from the Faculty of Engineering, University of Waterloo. Dr. Shen is a registered Professional Engineer of Ontario, Canada, and a Distinguished Lecturer of IEEE Communications Society.
rP Fo
Mohamed Elsalih Mahmoud received the B.Sc. (1998) degree with honor degree and the M.Sc. (2003) from Banha university (Egypt), both in electrical communications engineering. He got the best paper award in Communication and Information Systems Security Symposium in International Conference on Communications (ICC09), Dresden, Germany, 14-18 June, 2009. He also got the University of Waterloo Graduate Scholarship award four times. He is currently working toward his Ph.D. degree in the Department of Electrical and Computer Engineering at the University of Waterloo, Ontario, Canada, where he is working with the Broadband Communications Research (BBCR) Group. His research interest includes wireless network security, privacy in hybrid ad hoc networks, and cooperation incentive mechanisms in multi-hop wireless networks.
ee
rR
ev
ie
On
ly
Page 36 of 36

FESICM

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

FESICM

Uploaded by

Copyright:

Available Formats

Downloaded from engine.lib.uwaterloo.

Updated information and services can be found at: http://engine.lib.uwaterloo.ca/ojs2.2/index.php/pptvt/article/view/594

Submitting Author's Comments Comments

You can respond to this article at: http://engine.lib.uwaterloo.ca/ojs2.2/index.php/pptvt/comment/add/594/0

Transactions on Mobile Computing

http://mc.manuscriptcentral.com/tmc-cs Downloaded from engine.lib.uwaterloo.ca on 7 January 2014

Transactions on Mobile Computing

http://mc.manuscriptcentral.com/tmc-cs Downloaded from engine.lib.uwaterloo.ca on 7 January 2014

Transactions on Mobile Computing

http://mc.manuscriptcentral.com/tmc-cs Downloaded from engine.lib.uwaterloo.ca on 7 January 2014

Transactions on Mobile Computing

entity which manages their credit accounts.

http://mc.manuscriptcentral.com/tmc-cs Downloaded from engine.lib.uwaterloo.ca on 7 January 2014

Transactions on Mobile Computing

http://mc.manuscriptcentral.com/tmc-cs Downloaded from engine.lib.uwaterloo.ca on 7 January 2014

Transactions on Mobile Computing

http://mc.manuscriptcentral.com/tmc-cs Downloaded from engine.lib.uwaterloo.ca on 7 January 2014

Transactions on Mobile Computing

http://mc.manuscriptcentral.com/tmc-cs Downloaded from engine.lib.uwaterloo.ca on 7 January 2014

Transactions on Mobile Computing

http://mc.manuscriptcentral.com/tmc-cs Downloaded from engine.lib.uwaterloo.ca on 7 January 2014

Transactions on Mobile Computing

3 THE NETWORK ARCHITECTURE

http://mc.manuscriptcentral.com/tmc-cs Downloaded from engine.lib.uwaterloo.ca on 7 January 2014

Transactions on Mobile Computing

http://mc.manuscriptcentral.com/tmc-cs Downloaded from engine.lib.uwaterloo.ca on 7 January 2014

Fig. (1): The hybrid ad hoc network architecture

Transactions on Mobile Computing

3.2 The Communication Model

3.3 Threat and Trust Models

http://mc.manuscriptcentral.com/tmc-cs Downloaded from engine.lib.uwaterloo.ca on 7 January 2014

Transactions on Mobile Computing

TABLE (1): THE USEFUL NOTATIONS

4 FESCIM: THE PROPOSED MECHANISM

4.1 FESCIM for Hybrid Mode Communication

http://mc.manuscriptcentral.com/tmc-cs Downloaded from engine.lib.uwaterloo.ca on 7 January 2014

Transactions on Mobile Computing

http://mc.manuscriptcentral.com/tmc-cs Downloaded from engine.lib.uwaterloo.ca on 7 January 2014

Fig. (2): The hash chain generated by the destination node

Transactions on Mobile Computing

4.1.3 Packet Relaying Phase

http://mc.manuscriptcentral.com/tmc-cs Downloaded from engine.lib.uwaterloo.ca on 7 January 2014

(a) The data packet format

Fig. (3): The formats of data and ACK packets

(b) The ACK packet format

Transactions on Mobile Computing

(a) The SAC format

4.1.4 Packet Receiving Phase

shwon in Fig. (3-b). 4.1.5 ACK/NACK Relaying Phase

http://mc.manuscriptcentral.com/tmc-cs Downloaded from engine.lib.uwaterloo.ca on 7 January 2014

PD |TS|1|HS(M1)| HD (Nonce)|HD (Nonce)| N H( SigS(PD|TS|1|HS(M1)) | SigD(PD|TS| HD (Nonce)) )

(b) The DAC format

ADAC-S(X) PD|TS|X|HS(MX)|HD (Nonce)|HD (Nonce)| N H( SigS(PD|TS|X|HS(MX)) | SigD(PD|TS| HD (Nonce)) )

PD|TS|X|HS(MX)|HD (Nonce)|HD (Nonce)| N H( SigS(PD|TS|X|HS(MX)) | SigD(PD|TS| HD (Nonce)) )

Fig. (4): The formats of the payment cheques

(c) The ADAC_S format

(d) The ADAC format

Transactions on Mobile Computing

4.1.6 Cheque Clearing Phase

http://mc.manuscriptcentral.com/tmc-cs Downloaded from engine.lib.uwaterloo.ca on 7 January 2014

Fig. (5): The evolution of the payment cheques

Transactions on Mobile Computing

4.2 FESCIM for Pure Ad Hoc Mode Communication

http://mc.manuscriptcentral.com/tmc-cs Downloaded from engine.lib.uwaterloo.ca on 7 January 2014

(x -1) * Int[ i ] V(R, x) 1 n

1 if y ! 0 otherwise 0 0 if R 0 Regardless of x V(R, x) x -1 if R ! 0 , x R R if R ! 0 , x ! R I(y)