隨意行動網路不需要基礎架構並且運作在無線的環境，且無線節點是多步的端點對端點通訊。由於它天生的特質，使得竊聽通訊層的交談過程不用耗費太多成本。這使得在隨意行動網路中使用偽裝或中間人攻擊之類的攻擊手法，會遠比在有線網路中更容易成功。所以在隨意行動網路中建立彼此的信任關係是一件重要的工作。門檻演算法可以將單一的資料明文分散成許多份密文，當還原成明文時，只要取回門檻份數的任意密文便可以還原。但就算擁有低於門檻值一份的密文，是無法得到任何資訊。在隨意行動網路中有許多的金鑰管理方法使用門檻法來保護金鑰或憑證。這些方法需要位置服務系統來收集各持有者位址及維護位址清單。這些機制會遭遇到一些問題，包含資訊新鮮度、更新成本及較慢的收斂時間時。任播k是個服務導向的一對多技術，允許在同個任播群組中，同時找尋k個持有者。就目前所知，還沒有一個門檻金鑰管理系統實作在以IPv6為基礎的隨意行動網路中。因此，我們在隨意行動網路中利用任播k機制實作了一個以門檻金鑰管理系統。實驗結果呈現使用任播k可以有效地找到k個服務，並降低控制封包的負擔，且具有高容錯率。

Mobile ad-hoc networks have wireless links and infrastructure-less nature. The wireless nodes operate both as communication end-points as well as routers, enabling multi-hop wireless communication. The wireless communication links can be eavesdropped on without noticeable effort and communication protocols on all layers are vulnerable to specific attacks. In contrast to wired networks, known attacks like masquerading, man-in-the middle, and replaying of messages can easily be carried out. Obviously, building the trusted relationship of the nodes is an important element for MANets. Some security schemes of key management have been proposed in MANets which use threshold cryptography schemes to protect a key file or certificate. Threshold cryptography is a method to divide a file into n secret slices. In such a way that the file can be easily reconstructed with any k secret slices. Those security schemes require simultaneous communication with group-subset nodes. Those security schemes need a location repository to collect address of service node and maintain an address list. Those schemes encounter some problems, including data freshness, cost of update and slow converge. The anycast-k technology allows a node to discover any k nodes of same anycast group without location repository. As far as we know, there is no implementation of IPv6-based threshold key management system using anycast-k scheme in MANets. Therefore, we design and implement a threshold key management system using anycast schemes in MANets. The experiment results show that anycast-k can effectively discover k services, reduce control overhead, and improve the rate of fault tolerant.

摘要 i
誌謝 ii
Abstract iii
Table of Contents iv
List of Figures vi
List of Tables viii
Chapter 1 Introduction 1
1.1 Motivation 1
1.2 Overview of Research 3
1.3 Thesis Organization 4
Chapter 2 Related Work 5
2.1 Threshold Cryptography in MANets 5
2.2 Anycast and Anycast-k schemes 6
2.3 Anycast Implementations 9
Chapter 3 System Architecture 12
3.1 System Overview 12
3.2 Anycast-k Protocol 15
3.3 Threshold Key Management System 17
3.4 Consideration on Threshold Cryptography 22
Chapter 4 System Implementation and Prototype 24
4.1 Implementation of Threshold Key Management Service 24
4.2 Implementation of Anycast-k Protocol 24
4.3 Snapshots 25
Chapter 5 Experimental Results 28
5.1 Experimental Environments 28
5.2 Control Overhead 29
5.3 Impact of Number of Nodes 32
5.4 Impact of Node Mobility 35
Chapter 6 Conclusions 37
作者簡介 41

[1]B. Aziz, E. Nourdine and E. K. Mohamed, “A Recent Survey on Key Management Schemes in MANET,” in Proceedings of the 3rd International Conference of Information and Communication Technologies, pp. 1-6, Apr. 2008.
[2]M. Bechler, H.J Hof, D. Kraft, F. Pahlke, and L. Wolf, “A Cluster-Based Security Architecture for Ad-hoc Networks,” in Proceedings of the 20th Annual Joint Conference of the IEEE Computer and Communications Societies, Vol. 4, pp. 2383-2403, Mar. 2004.
[3]J. Bound and P. Roque, “IPv6 Anycasting Service: Minimum Requirements for End Nodes,” IETF Internet Draft, draft-bound-anycast-00.txt, Jun. 1996.
[4]C. Carter, S. Yi, P. Ratanchandani, and R. Kravets, “Manycast Exploring the Space Between Anycast and Multicast in Ad-hoc Networks,” in Proceedings of the 9th Annual International Conference on Mobile Computing and Networking, pp. 273-286, Sep. 2003.
[5]S. C. Chen, C. R. Dow, S. K. Chen, J.H. Lin, and S.F. Hwang, “An Efficient Anycasting Scheme in Ad-hoc Wireless Networks,” in Proceedings of the Consumer Communications and Networking Conference, pp. 178-183, Jan. 2005.
[6]A. Conta and S. Deering, “Internet Control Message Protocol (ICMPv6) for the Internet Protocol Version 6 (IPv6) Specification,” RFC 2463, Dec. 1998.
[7]Y. Desmedt and Y. Frankel, “Threshold Cryptosystems,” in Proceedings of Advances in Cryptography, pp. 307-315, Jul. 1989.
[8]C. R. Dow, C. J. Li, S. C. Chen, and S. F. Hwang, “An Efficient Anycast Scheme for Discovering K Services in Wireless Ad-hoc Networks,” in Proceedings of 12th Mobile Computing Workshop, Mar. 2006.
[9]P. Hsuan, C. R. Dow, S. C. Chen, S. F. Hwang, and S. K. Chen “Design and Implementation of IPv6 based Anycast System for Mobile Ad-hoc Networks,” Journal of Internet Technology , Vol. 9, No. 3, Aug. 2008.
[10]P. S. Gemmell, “An Introduction to Threshold Cryptography,” RSA Laboratories’ CryptoBytes, Vol. 2, No. 3, pp. 7-11, 1997.
[11]G. C. Hadjichristofi, W. J. Adams, and N. J. Davis IV, “A Framework for Key Management in Mobile Ad-hoc Networks,” in Proceedings of International Conference on Information Technology: Coding and Computing, Vol. 2, pp. 568-573, Apr. 2005.
[12]A. Z. Ghalwash, A. A. A. Youssif, S. H. Hashad and R. Doss, “Self Adjusted Security Architecture for Mobile Ad Hoc Networks(MANETs),” in Proceedings of the 6th International Conference on Computer and Information Science, pp. 682 - 687, Jul. 2007.
[13]R. Hinden and S. Deering, “IP Version 6 Addressing Architecture,” RFC 2373, Jul. 1998.
[14]Y. Kim, D. Mazzocchi, and G. Tsudik, “Admission Control in Peer Groups,” in Proceedings of 2nd IEEE International Symposium of Network Computing and Applications, pp. 131-139, Apr. 2003.
[15]H. Miura and M. K. Yamamoto, “Server Selection Policy in Active Anycast,” IEICE Transaction on Communication, Vol. E84.B, No. 10, Oct. 2001.
[16]A. Nakaniwa, H. Niimi, K. Inui, H. Ebara, and H. Okada, “Server and Route Selection Method for QoS-based Anycast Protocol,” in Proceedings of the 2003 IEEE Global Telecommunications Conference, Vol. 6, pp. 3063-3067, Dec. 2003.
[17]M. OE and S. Yamagugi, “Implementation and Evaluation of IPv6 Anycast,” in Proceeding of 10th Annual Internet Society Conference, Jul. 2000.
[18]C. Partridge, T. Mendez, and W. Milliken, “Host Anycasting Service,” RFC 1546, Nov. 1993.
[19]A. Shamir, “How to Share a Secret,” Communications of the ACM, Vol. 22, No. 11, pp. 612-612, Nov. 1979.
[20]S. Weber and C. Liang, “A Survey of Anycast in IPv6 Networks,” IEEE Communications Magazine, Vol. 42, No. 1, pp. 127-132, Jan. 2004.
[21]B. Wu and J. Wu, “k-anycast Routing Schemes for Mobile Ad-hoc Networks,” in Proceedings of the 20th International of Parallel and Distributed Processing Symposium, Apr. 2006.
[22]Y. S. Yen, C. C. Hsu, and H. C. Chao, “Distributed Balancing with Application-layer Anycast for Home Agent Discovery on the Mobile IPv6,” in Proceedings of the 2005 International Conference of Wireless Networks, Communications and Mobile Computing, Vol. 2, pp. 1277-1282, Jun. 2005.
[23]S. Yi and R. Kravets, “MOCA: Mobile Certificate Authority for Wireless Ad-hoc Networks,” in Proceedings of the 2nd Annual PKI Research Workshop, Apr. 2003.
[24]S. Yu, W. Zhou, and Y. Wu, “Research on Network Anycast,” in Proceedings of the 5th International Conference of Algorithms and Architectures for Parallel Processing, pp. 154-161, Oct. 2002
[25]L. Zhou and Z. J. Haas. “Securing Ad-hoc Networks,” IEEE Network, Vol. 13 Issue 6, Nov. 1999.
[26]Shamir’s Secret Sharing Scheme:
http://point-at-infinity.org/ssss/
[27]OpenSSL Project:
http://www.openssl.org/