Efficient certificateless web-of-trust model for public-key authentication in MANET

Establishing trust among participating nodes in Mobile Ad-hoc NETworks (MANET) is a very challenging task due to the fact that these systems generally operate in highly dynamic and fully distributed environments. In particular, we note the absence of any online trusted authority. A PGP-like trust model is considered to be very suitable for the unique characteristics of MANETs since it does not require access to a trusted authority. Instead, the nodes themselves are allowed to establish trust by certifying each other in a self-organizing way. However, in large-scale networks, this model may impose high costs due to the expensive certificate chaining overheads which does not fit with Ad-hoc applications with high resource constrained nodes. In this paper, we propose a new certificateless PGP-like trust establishment scheme for MANET. In our approach, we adopt a different strategy by using self-certifying ID-based cryptography. The resulting model allows mobile nodes to determine public-keys of each other from only the nodes’ identities and their trust levels. The proposed approach reduces significantly the communication and computation costs and requires minimal local storage capacity even in large-scale networks. Furthermore, we define a trust metric which contributes in improving the reliability of a decision about the authenticity of a public-key. The performance and security analysis of our scheme demonstrate its efficiency compared to traditional PGP-like schemes.