Digital signature is a mechanism by which a message is authenticated i.e. proving that a message is effectively coming from a given sender, much like a signature on a paper document. Digital signatures are computed based on the documents (message/information) that need to be signed and on some private information held only by the sender. In practice, instead of using the whole message, a hash function is applied to the message to obtain the message digest. A hash function, in this context, takes an arbitrary-sized message as input and produces a fixed-size message digest as output. Among the commonly used hash functions in practice are Message Digest 5 (MD-5) and Secure Hash Algorithm (SHA). These algorithms are fairly sophisticated and ensure that it is highly improbable for two different messages to be mapped to the same hash value. Using Digital Signature Authentication, Integrity and Non Repudiation can be enforced. So digital signature can be used to verify if a node is legitimate to respond in the network and this digital signature technique is used to authenticate all legitimate nodes of the network, if any malicious node is willing to be part of the network then the access to that malicious node is restricted. As shown in figure 4.1, during route creation and maintenance phase, nodes appends their digital signature to the RREQ and RREP packets. When the sender broadcasts RREQ in the network, it appends it’s signature in the signature column of RREQ packet. All further recipients of the packets verify the digital signature of previous nodes by list of all nodes and their respective digital signature. If the Figure Error! No text of specified style in document..1 Digital Signature
Digitalsignatureisamechanismbywhichamessageisauthenticatedi.e.proving
thatamessageiseffectivelycomingfromagivensender,muchlikeasignatureonapaperdocument.Digitalsignaturesarecomputedbasedonthe
documents(message/information)thatneedtobesignedandonsomeprivate
informationheldonlybythesender.Inpractice,insteadofusingthewhole
message, a hash function is applied to the message to obtain the
message digest. A
hashfunction,inthiscontext,takesanarbitrary-sizedmessageasinputand
producesafixed-sizemessagedigestasoutput.Amongthecommonlyusedhash
functionsinpracticeareMessageDigest5(MD-5)andSecureHashAlgorithm
(SHA).Thesealgorithmsarefairlysophisticatedandensurethatitishighly
improbablefor twodifferentmessagestobemappedto the samehashvalue.
UsingDigitalSignatureAuthentication,IntegrityandNonRepudiationcanbe
enforced. So digital signature can be used to verify if a node is
legitimate to respond
inthenetworkandthisdigitalsignaturetechniqueisusedtoauthenticateall
legitimatenodesofthenetwork,ifanymaliciousnodeiswillingtobepartofthe
network then the access to that malicious node is
restricted.Asshowninfigure4.1,duringroutecreationandmaintenancephase,nodes
appendstheirdigitalsignaturetotheRREQandRREPpackets.Whenthesender
broadcasts RREQ in the network, it appends its signature in the
signature column of
RREQpacket.Allfurtherrecipientsofthepacketsverifythedigitalsignatureof
previousnodesbylistofallnodesandtheirrespectivedigitalsignature.Ifthe
Figure Error! No text of specified style in document..1 Digital
Signature signature is matched then the recipient node can be sure
that it is a trusted node in the network. If the signature is found
to be duplicated or the signature is found to be absent in the
signature column then it is considered to be malicious node. Thus,
only
legitimatenodescantakepartintheprocessofroutecreationandmaintenance.It
willalsobeabletohandlepacketmodificationandsinglemaliciousnodeproblem.
The proposed algorithm is as follows (Sharma & Trivedi,
2011):
