The emergence of the Mobile Ad Hoc Networking (MANET) technology advocates self-organized wireless interconnection of communication devices that would either extend or operate in concert with the wired networking infrastructure or, possibly, evolve to autonomous networks. In either case, the proliferation of MANET-based applications depends on a multitude of factors, with trustworthiness being one of the primary challenges to be met. Despite the existence of well-known security mechanisms, additional vulnerabilities and features pertinent to this new networking paradigm might render such traditional solutions inapplicable. In particular, the absence of a central authorization facility in an open and distributed communication environment is a major challenge, especially due to the need for cooperative network operation. In particular, in MANET, any node may compromise the routing protocol functionality by disrupting the route discovery process. In this paper, we present a route discovery protocol that mitigates the detrimental effects of such malicious behavior, as to provide correct connectivity information. Our protocol guarantees that fabricated, compromised, or replayed route replies would either be rejected or never reach back the querying node. Furthermore, the protocol responsiveness is safeguarded under different types of attacks that exploit the routing protocol itself. The sole requirement of the proposed scheme is the existence of a security association between the node initiating the query and the sought destination. Specifically, no assumption is made regarding the intermediate nodes, which may exhibit arbitrary and malicious behavior. The scheme is robust in the presence of a number of non-colluding nodes, and provides accurate routing information in a timely manner.

翻译：移动自组织网络（MANET）技术的兴起倡导通信设备自组织无线互联，该技术既可扩展或协同有线网络基础设施运行，也可能演进为自主网络。无论哪种情况，基于MANET的应用普及取决于多重因素，而可信性是最需应对的核心挑战之一。尽管存在成熟的防御机制，但这一新型网络范式特有的附加脆弱性与特征可能使传统解决方案失效。尤其在开放分布式通信环境中，缺乏集中授权设施成为重大挑战——这主要源于协作式网络运营的需求。具体而言，MANET中任何节点都可能通过破坏路由发现过程来危害路由协议功能。本文提出一种可减轻此类恶意行为损害的路由发现协议，旨在提供准确的连通性信息。该协议能够确保伪造、篡改或重放的路由应答被拒绝或永不返回查询节点。此外，协议响应能力在各类利用路由协议本身的攻击下仍能保有保障。本方案的唯一前提是发起查询的节点与目标节点之间存在安全关联，中间节点无需满足任何假设，即使其表现出任意恶意行为。该机制在存在若干非合谋节点时仍具鲁棒性，并能及时提供精确的路由信息。