Distributed certificates in ad hoc networks

Abstract: In this report an ad hoc system is defined with the capabilities to validate the integrity ofevery node in the network without a third party, as long as every node has possession of acertificate. The system is developed to function in an ad hoc network with many externalthreats. The main target group would be the military and first responders. There are manydifferent problems with such a network, and many parts have been researched, but few fullsystems have been developed. This report defines a hierarchical system where nodes cancommunicate in an encrypted way, with the help of certificates. In a military situation therisk for compromised nodes must be considered. Therefore, the system can both detectand handle compromised nodes by revocation certificates. The proposed system is alsodetecting and handling partitions. The system has been put together by first making aliterature study to find existing solutions to different problems, then making a synthesisof those solutions. We also came up with new solutions where the three cornerstones ofsecurity: availability, confidentiality and integrity were in focus. To make the solutionmore trustworthy a risk analysis on the resulting system was made, which defined theweak points of the system.