Identity and Anonymity in Ad Hoc Networks

University dissertation from Karlstad : Karlstad University

Abstract: In ad hoc networks every device is responsible for its own basic computer services, including packet routing, data forwarding, security, and privacy. Most of the protocols used in wired networks are not suitable for ad hoc networks, since they were designed for static environments with defined borders and highly specialized devices, such as routers, authentication servers, and firewalls.This dissertation concentrates on the achievement of privacy-friendly identifiersand anonymous communication in ad hoc networks. In particular, the objective is to offer means for better anonymous communication in such networks. Two research questions were formulated to address the objective:I. How to design proper and trusted privacy-friendly digital identifiers to beused in ad hoc network environments?II. How to provide anonymous communication in ad hoc networks and whatis the performance cost in relation to the obtained degree of anonymity?To address the first research question we studied and classified the security and privacy threats, enhancements, and requirements in ad hoc networks and analyzed the need for privacy and identification. The analysis led us to the relationship between security, identification, and anonymous communication that we refer to as the “identity-anonymity paradox”. We further identifiedthe requirements for privacy-friendly identifiers and proposed the self-certified Sybil-free pseudonyms to address such requirements.The second research question was addressed with the design and implementation of the Chameleon protocol, an anonymous communication mechanism for ad hoc networks. The performance of Chameleon was evaluated using a network simulator. The results were used to find out the trade-off between anonymity and performance in terms of the expected end-to-end delay.The solutions proposed in this dissertation are important steps towards the achievement of better anonymous communications in ad hoc networks andcomplement other mechanisms required to prevent leaks of personal data.