A distributed certificate authority and key establishment protocol for mobile ad hoc networks

In mobile ad hoc networks, a single certificate authority (CA) node could be a security bottleneck. Multiple replica of CA is fault tolerant, but the network is as vulnerable as single CA or even worse since breaking one of the CAs means breaking all of them. In this paper a distributed CA, system is proposed which is based on the secret sharing scheme. It is assumed that the network is partitioned into clusters and responsibility of the CA is distributed among the cluster-heads (CHs). Therefore, a valid certificate is produced by a quorum of CHs. Also, based on the proposed distributed CA, an efficient key establishment protocol for intra-cluster and inter-cluster communications is proposed.