We address the problem of control-channel jamming attacks in multi-channel ad hoc networks. Deviating from the traditional view that sees jamming attacks as a physical-layer vulnerability, we consider a sophisticated adversary who exploits knowledge of the protocol mechanics along with cryptographic quantities extracted from compromised nodes to maximize the impact of his attack on higher-layer functions. We propose new security metrics that quantify the ability of the adversary to deny access to the control channel, and the overall delay incurred in re-establishing the control channel. We also propose a randomized distributed scheme that allows nodes to establish a new control channel using frequency hopping. Our method differs from classic frequency hopping in that no two nodes share the same hopping sequence, thus mitigating the impact of node compromise. Furthermore, a compromised node is uniquely identified through its hop sequence, leading to its isolation from any future information regarding the frequency location of the control channel.