CACMAN: a framework for efficient and highly available CA services in MANETs

MANET applications and services pose many interesting challenges due to their unique features. Specifically, security is getting a lot of attention in every aspect of MANETs due to their inherent vulnerability to attacks. Threats exist in every layer of the MANET stack, and different solutions have been adapted for each security problem. Another problem for MANETs is availability, and adding more resources does not necessarily make the system more available. Certificate authority (CA) is one of the most important entities in public key infrastructure (PKI) and needs to be designed carefully when adapted to MANETs. The main goal of our work is to provide a framework that addresses the issues of performance and security of CA in MANETs. Additionally, we would like to increase the availability of CA services, while lowering packet overhead of the network, without increasing the network vulnerability. In this paper, we present a framework suitable for exchanging PKI certificates in MANETs. By caching and exchanging certificates between clients collaboratively, we show that our system can meet the performance challenges of providing CA service without sacrificing system security. Using NS-2 Simulator, we have demonstrated the feasibility of the framework, quantitatively, compared to other related research that has addressed the same problem in MANETs environments.