|
Authenticated Routing for Ad-Hoc Networks (ARAN) is an on-demand, ad-hoc routing protocol
that uses certificates to ensure authentication, message integrity, and non-repudiation of routing messages in an
ad hoc networking environment. Based on logical route metrics and certificates, ARAN is immune to
modification, impersonation, and fabrication of routing messages. If you are interested in learning more about the ARAN
protocol, you may find the paper describing the protocol available at the
documentation page useful.
arand is the implementation of ARAN being developed by Daniel LaFlamme at the
Secure Internet and Group-Networking Lab in the
Computer Science Department at the University of
Massachusetts, Amherst. It is a user-space routing daemon written in C and runs on machines with
Linux kernel version 2.4 or higher. The code utilizes the Ad Hoc Support Library (ASL), developed by Kawadia, et. al.
at the University of Illinois, Urbana-Champaign as well as the OpenSSL toolkit. To use ARAN, you install arand and a X509 certificate on each node that will participate in
the ad hoc network. Routing messages will be processed at each node only if the message was sent by another node with
a certificate that was generated by a trusted Certification Authority (CA). Nodes lacking a valid certificate are prevented from
participating in routing message exchanges. Since the contents of routing messages are cryptographically signed and are verified at each hop, routing messages that are modified en route can be detected and appropriate action can be taken.
arandview is a GUI written in Python using the GTK widget set that enables monitoring of arand as it runs.
aranca is a Perl script that provides a wrapper around the openssl command line program to make the creation of Certificate
Authorities (CA) and the generation of certificates for use with arand easier.
arand, arandview, and aranca are available on the download page
and are licensed under the GNU General Public License (GPL).
|