Karim Eldefrawy

Cryptography, Cybersecurity, Privacy

Co-founder and CTO at Confidencial.io
2017-2021: SRI
2011-2016: HRL Laboratories
2006-2010: PhD@UC Irvine

Scientific curiosity

Scientific knowledge map · Paper #9

PRISM: Privacy-Friendly Routing in Suspicious MANETs (and VANETs)

Karim Eldefrawy and Gene Tsudik

2008 · IEEE International Conference on Network Protocols (ICNP)

  • Theory
  • Applied
  • protocol

What does the paper try to establish?

Can reactive routing in a suspicious MANET avoid persistent identities and global topology disclosure while still authenticating communicating nodes and supporting later accountability?

What is the proposed answer?

PRISM makes communication location-centric and adapts AODV: a group-signed route request names a destination area and temporary key; a responding node returns its exact location and a session key encrypted to the source. Hash-linked route state hides persistent identifiers, and an offline group manager can open logged signatures after misbehavior. Simulations compare routing overhead and topology exposure with ALARM.

Six dimensions, kept separate

The chart summarizes documented evidence and process. It is not a correctness probability, confidence score, or ranking, and no composite score is calculated.

The visual spider chart requires JavaScript. The complete values and rationales follow in text.

LowMediumHighN/A = not assessed

A smaller value means less documented support for that dimension, not that the paper is false or unimportant.

Epistemic evidence Medium

The protocol and threat boundaries are detailed and overhead/topology exposure are simulated, but security is informal and no implementation, formal proof, or independent reproduction is supplied.

RREQ/RREP protocol Security analysis and active-insider boundary Simulation design and overhead results Topology-exposure results
Auditability High

A fixed author-hosted full text is checked in with page count and hash, making protocol details, caveats, and simulation claims directly inspectable.

Author-copy provenance RREQ/RREP protocol Topology-exposure results
Production provenance Medium

Named authorship, author-copy provenance, and official metadata are documented; roles, revisions, tool use, and simulation lineage are not.

Author-copy provenance Official publication metadata
External scrutiny Medium

The paper has an official full-conference publication record; review reports, formal verification, and independent reproduction were not located.

Official publication metadata
Reception Low

No citations were verifiably located in the constrained dated search. Under the author's 0-8 rule this is low, but it is not a claim that the paper has no citations.

Citation search attempted
Contribution significance High

PRISM articulates a location-centric alternative to identity-centric reactive routing, integrates privacy with accountability, and quantifies the topology/overhead tradeoff.

Problem, goals, and contributions RREQ/RREP protocol Topology-exposure results Conclusions and future work

Assessment: Ai draft author review pending · 2026-07-11 · rubric 0.2. These dimensions describe documented support and process, not truth, correctness, or a universal ranking. No composite score is calculated.

Hierarchical knowledge map

Collapse a branch for a top-level reading, or follow its source links and child nodes to audit the evidence and boundaries underneath it.

paper

PRISM

A privacy-oriented, location-centric reactive MANET routing protocol using group-signed requests and replies, temporary keys, and offline accountability.

Problem, goals, and contributions Official publication metadata
  1. question

    Research question

    research question

    Can on-demand routing protect movement privacy without preshared source-destination secrets, online identity servers, or full topology advertisement?

    Problem, goals, and contributions
  2. scope Location-centric environment explicitly scoped

    Communication decisions are assumed to depend on current areas rather than persistent identities; nodes have GPS-like location, uniform range, public-key capability, and predeployment credentials from an offline TTP.

    Environment, adversary, and trust assumptions
  3. protocol PRISM route discovery specified

    A RREQ contains a destination area, temporary public key, timestamp, and source group signature. A destination returns the RREQ hash, exact location, session key encrypted to the temporary key, and its group signature.

    RREQ/RREP protocol
    1. component

      Hash-linked route state

      specified

      Intermediate nodes cache request and reply hashes and forward unchanged messages; the two hashes identify the established bidirectional route without exposing stable source or destination names.

      RREQ/RREP protocol
  4. claim group Privacy and authentication claims informally argued

    Fresh group signatures and keys resist cross-route linkage, the MANET-wide key hides routing from outsiders, and source/destination logs let the TTP de-anonymize disputed messages later.

    Security analysis and active-insider boundary Offline audit of excessive probing
  5. evidence group PRISM versus ALARM simulation

    Simulations use 100 nodes under random-waypoint and reference-point group mobility, varying the number of destination areas to compare routing messages and topology exposure.

    Simulation design and overhead results Topology-exposure results
    1. result

      Workload-dependent efficiency and exposure

      simulation supported

      PRISM has lower total routing traffic than ALARM when each source contacts relatively few areas and exposes a smaller topology fraction; its advantage shrinks as destination probing grows, and discovery can take longer.

      Simulation design and overhead results Topology-exposure results

Source index

Locators state the depth of the current audit. PDF page numbers, where present, are one-based file pages; metadata-, summary-, and abstract-bounded records explicitly identify their limitations.

  1. Problem, goals, and contributions Abstract and Sections I-II, PDF pages 1-3
  2. Environment, adversary, and trust assumptions Section III, PDF pages 3-4
  3. RREQ/RREP protocol Section IV-A-C, PDF pages 4-6
  4. Security analysis and active-insider boundary Section IV-D, PDF pages 6-7
  5. Offline audit of excessive probing Section IV-D, PDF page 7
  6. Simulation design and overhead results Section VI and Figures 1-3, PDF pages 8-9
  7. Topology-exposure results Section VI.3 and Figure 4, PDF page 9
  8. Conclusions and future work Section VII, PDF page 9
  9. Author-copy provenance Public UCI author-hosted PDF
  10. Official publication metadata DOI 10.1109/ICNP.2008.4697044