Secure and Privacy-Preserving Decentralized Wi-Fi Aware Service Discovery Architecture

Abstract: In modern Mobile Ad hoc Networks (MANETs), service discovery is a major component for mobile devices to exchange data and find available services. However, service discovery architectures developed and adopted by the industry either are not appropriate for MANETs or cannot provide security and privacy protection to clients. Service discovery architectures could be either directory-based or directory-less. Both of the two types of architectures suffer from certain security or privacy issues: The directory-based architecture requires a directory server to facilitate communication between service providers and users, which makes the directory server a single point of failure and may harm users’ privacy if the directory server is honestbut- curious; the directory-less architecture solves these two problems but without a trusted directory, the Denial of Service (DoS) attacks can be easily performed on all entities in the system since the mutual authentication between entities consumes significant computational resource. Wi-Fi Aware, a recently introduced Wi-Fi-based connectivity, allows MANETs nodes to discover and connect directly to each other without any infrastructure. Moreover, the size of the message transmitted in this process is large enough (around 255 bytes) for security and privacy protection. So in this thesis, we implemented a Wi-Fi Aware-based decentralized secure service discovery system that allows the clients to directly discover nearby service providers and provide mutual authentication between them without a directory server. In our system we leverage several schemes, including bloom filter, Timed Efficient Stream Loss- Tolerant Authentication (TESLA), and client puzzle. A set of experiments are carried out for the evaluation of the implemented system. The evaluation results show that our system meets most of the security requirements of service discovery architectures with acceptable processing delays.