1 Securing Wireless Sensor Networks Wenliang (Kevin) Du Department of Electrical Engineering and...
-
Upload
coral-greene -
Category
Documents
-
view
217 -
download
0
Transcript of 1 Securing Wireless Sensor Networks Wenliang (Kevin) Du Department of Electrical Engineering and...
![Page 1: 1 Securing Wireless Sensor Networks Wenliang (Kevin) Du Department of Electrical Engineering and Computer Science Syracuse University Excerpted from wedu/Research/slides/Purdue04.ppt.](https://reader035.fdocuments.net/reader035/viewer/2022062408/56649e955503460f94b99bc6/html5/thumbnails/1.jpg)
1
Securing Wireless Sensor Networks
Wenliang (Kevin) DuDepartment of Electrical Engineering and
Computer Science
Syracuse UniversityExcerpted from
http://www.cis.syr.edu/~wedu/Research/slides/Purdue04.ppt
![Page 2: 1 Securing Wireless Sensor Networks Wenliang (Kevin) Du Department of Electrical Engineering and Computer Science Syracuse University Excerpted from wedu/Research/slides/Purdue04.ppt.](https://reader035.fdocuments.net/reader035/viewer/2022062408/56649e955503460f94b99bc6/html5/thumbnails/2.jpg)
2
Overview
• Overview of Wireless Sensor Networks (WSN).
• Security in wireless sensor networks.– Why is it different?
• Our work on key pre-distribution in WSN– Deployment-based scheme (INFOCOM’04)– Pair-wise Scheme (ACM CCS’03)
• Summary.
![Page 3: 1 Securing Wireless Sensor Networks Wenliang (Kevin) Du Department of Electrical Engineering and Computer Science Syracuse University Excerpted from wedu/Research/slides/Purdue04.ppt.](https://reader035.fdocuments.net/reader035/viewer/2022062408/56649e955503460f94b99bc6/html5/thumbnails/3.jpg)
3
Wireless Sensors
Berkeley Motes
![Page 4: 1 Securing Wireless Sensor Networks Wenliang (Kevin) Du Department of Electrical Engineering and Computer Science Syracuse University Excerpted from wedu/Research/slides/Purdue04.ppt.](https://reader035.fdocuments.net/reader035/viewer/2022062408/56649e955503460f94b99bc6/html5/thumbnails/4.jpg)
4
Mica Motes
• Mica Mote: – Processor: 4Mhz– Memory: 128KB Flash and 4KB RAM– Radio: 916Mhz and 40Kbits/second.– Transmission range: 100 Feet
• TinyOS operating System: small, open source and energy efficient.
![Page 5: 1 Securing Wireless Sensor Networks Wenliang (Kevin) Du Department of Electrical Engineering and Computer Science Syracuse University Excerpted from wedu/Research/slides/Purdue04.ppt.](https://reader035.fdocuments.net/reader035/viewer/2022062408/56649e955503460f94b99bc6/html5/thumbnails/5.jpg)
5
Spec Motes
![Page 6: 1 Securing Wireless Sensor Networks Wenliang (Kevin) Du Department of Electrical Engineering and Computer Science Syracuse University Excerpted from wedu/Research/slides/Purdue04.ppt.](https://reader035.fdocuments.net/reader035/viewer/2022062408/56649e955503460f94b99bc6/html5/thumbnails/6.jpg)
6
Wireless Sensor Networks (WSN)
DeploySensors
![Page 7: 1 Securing Wireless Sensor Networks Wenliang (Kevin) Du Department of Electrical Engineering and Computer Science Syracuse University Excerpted from wedu/Research/slides/Purdue04.ppt.](https://reader035.fdocuments.net/reader035/viewer/2022062408/56649e955503460f94b99bc6/html5/thumbnails/7.jpg)
7
Applications of WSN
• Battle ground surveillance– Enemy movement (tanks, soldiers, etc)
• Environmental monitoring– Habitat monitoring – Forrest fire monitoring
• Hospital tracking systems– Tracking patients, doctors, drug administrators.
![Page 8: 1 Securing Wireless Sensor Networks Wenliang (Kevin) Du Department of Electrical Engineering and Computer Science Syracuse University Excerpted from wedu/Research/slides/Purdue04.ppt.](https://reader035.fdocuments.net/reader035/viewer/2022062408/56649e955503460f94b99bc6/html5/thumbnails/8.jpg)
8
Securing WSN
• Motivation: why security?
• Why not use existing security mechanisms?– WSN features that affect security.
• Our work: – Two key management schemes.
![Page 9: 1 Securing Wireless Sensor Networks Wenliang (Kevin) Du Department of Electrical Engineering and Computer Science Syracuse University Excerpted from wedu/Research/slides/Purdue04.ppt.](https://reader035.fdocuments.net/reader035/viewer/2022062408/56649e955503460f94b99bc6/html5/thumbnails/9.jpg)
9
Why Security?
• Protecting confidentiality, integrity, and availability of the communications and computations
• Sensor networks are vulnerable to security attacks due to the broadcast nature of transmission
• Sensor nodes can be physically captured or destroyed
![Page 10: 1 Securing Wireless Sensor Networks Wenliang (Kevin) Du Department of Electrical Engineering and Computer Science Syracuse University Excerpted from wedu/Research/slides/Purdue04.ppt.](https://reader035.fdocuments.net/reader035/viewer/2022062408/56649e955503460f94b99bc6/html5/thumbnails/10.jpg)
10
Why Security is Different?• Sensor Node Constraints
– Battery,– CPU power,– Memory.
• Networking Constraints and Features– Wireless, – Ad hoc,– Unattended.
![Page 11: 1 Securing Wireless Sensor Networks Wenliang (Kevin) Du Department of Electrical Engineering and Computer Science Syracuse University Excerpted from wedu/Research/slides/Purdue04.ppt.](https://reader035.fdocuments.net/reader035/viewer/2022062408/56649e955503460f94b99bc6/html5/thumbnails/11.jpg)
11
Sensor Node Constraints
• Battery Power Constraints– Computational Energy Consumption
• Crypto algorithms• Public key vs. Symmetric key
– Communications Energy Consumption• Exchange of keys, certificates, etc.• Per-message additions (padding, signatures,
authentication tags)
![Page 12: 1 Securing Wireless Sensor Networks Wenliang (Kevin) Du Department of Electrical Engineering and Computer Science Syracuse University Excerpted from wedu/Research/slides/Purdue04.ppt.](https://reader035.fdocuments.net/reader035/viewer/2022062408/56649e955503460f94b99bc6/html5/thumbnails/12.jpg)
12
• Slow– 1000 times slower than symmetric encryption
• Hardware is complicated
• Energy consumption is high
Constraints (Cont.)Public Key Encryption
Processor Energy Consumption (mJ/Kb)
RSA/E/V RSA/D/S AES
MIPS R4000 0.81 16.7 0.00115
MC68328 42 840 0.0130
![Page 13: 1 Securing Wireless Sensor Networks Wenliang (Kevin) Du Department of Electrical Engineering and Computer Science Syracuse University Excerpted from wedu/Research/slides/Purdue04.ppt.](https://reader035.fdocuments.net/reader035/viewer/2022062408/56649e955503460f94b99bc6/html5/thumbnails/13.jpg)
13
Memory Constraints
• Program Storage and Working Memory– Embedded OS, security functions (Flash)– Working memory (RAM)
• Mica Motes:• 128KB Flash and 4KB RAM
![Page 14: 1 Securing Wireless Sensor Networks Wenliang (Kevin) Du Department of Electrical Engineering and Computer Science Syracuse University Excerpted from wedu/Research/slides/Purdue04.ppt.](https://reader035.fdocuments.net/reader035/viewer/2022062408/56649e955503460f94b99bc6/html5/thumbnails/14.jpg)
14
Objectives of Our Research
• Long-term Goals– Study how WSN’s constraints/features affect the
design of security mechanisms.– Develop security mechanisms for WSN.
• Current Projects– Key Management Problems– Data Fusion Assurance
![Page 15: 1 Securing Wireless Sensor Networks Wenliang (Kevin) Du Department of Electrical Engineering and Computer Science Syracuse University Excerpted from wedu/Research/slides/Purdue04.ppt.](https://reader035.fdocuments.net/reader035/viewer/2022062408/56649e955503460f94b99bc6/html5/thumbnails/15.jpg)
15
Key Management Problem
![Page 16: 1 Securing Wireless Sensor Networks Wenliang (Kevin) Du Department of Electrical Engineering and Computer Science Syracuse University Excerpted from wedu/Research/slides/Purdue04.ppt.](https://reader035.fdocuments.net/reader035/viewer/2022062408/56649e955503460f94b99bc6/html5/thumbnails/16.jpg)
16
Key Management Problem
DeploySensors
![Page 17: 1 Securing Wireless Sensor Networks Wenliang (Kevin) Du Department of Electrical Engineering and Computer Science Syracuse University Excerpted from wedu/Research/slides/Purdue04.ppt.](https://reader035.fdocuments.net/reader035/viewer/2022062408/56649e955503460f94b99bc6/html5/thumbnails/17.jpg)
17
Key Management Problem
Secure Channels
DeploySensors
![Page 18: 1 Securing Wireless Sensor Networks Wenliang (Kevin) Du Department of Electrical Engineering and Computer Science Syracuse University Excerpted from wedu/Research/slides/Purdue04.ppt.](https://reader035.fdocuments.net/reader035/viewer/2022062408/56649e955503460f94b99bc6/html5/thumbnails/18.jpg)
18
Approaches
• Trusted-Server Schemes– Finding trusted servers is difficult.
• Public-Key Schemes– Expensive and infeasible for sensors.
• Key Pre-distribution Schemes
![Page 19: 1 Securing Wireless Sensor Networks Wenliang (Kevin) Du Department of Electrical Engineering and Computer Science Syracuse University Excerpted from wedu/Research/slides/Purdue04.ppt.](https://reader035.fdocuments.net/reader035/viewer/2022062408/56649e955503460f94b99bc6/html5/thumbnails/19.jpg)
19
Loading Keys into sensor nodes prior to deployment
Two nodes find a common key between them after deployment
Challenges Memory/Energy efficiency Security: nodes can be compromised Scalability: new nodes might be added later
Key Pre-distribution
![Page 20: 1 Securing Wireless Sensor Networks Wenliang (Kevin) Du Department of Electrical Engineering and Computer Science Syracuse University Excerpted from wedu/Research/slides/Purdue04.ppt.](https://reader035.fdocuments.net/reader035/viewer/2022062408/56649e955503460f94b99bc6/html5/thumbnails/20.jpg)
20
Naïve Solutions
Master-Key Approach Memory efficient, but low security. Needs Tamper-Resistant Hardware.
Pair-wise Key Approach N-1 keys for each node (e.g.
N=10,000). Security is perfect. Need a lot of memory and cannot add
new nodes.
![Page 21: 1 Securing Wireless Sensor Networks Wenliang (Kevin) Du Department of Electrical Engineering and Computer Science Syracuse University Excerpted from wedu/Research/slides/Purdue04.ppt.](https://reader035.fdocuments.net/reader035/viewer/2022062408/56649e955503460f94b99bc6/html5/thumbnails/21.jpg)
21
Eschenauer-Gligor Scheme
Each noderandomly selects m keys
AB E
Key Pool S
DC
• When |S| = 10,000, m=75Pr (two nodes have a common key) = 0.50
43.057.0111000075
992575
C
C
![Page 22: 1 Securing Wireless Sensor Networks Wenliang (Kevin) Du Department of Electrical Engineering and Computer Science Syracuse University Excerpted from wedu/Research/slides/Purdue04.ppt.](https://reader035.fdocuments.net/reader035/viewer/2022062408/56649e955503460f94b99bc6/html5/thumbnails/22.jpg)
22
Establishing Secure Channels
A
C
B
D
E
![Page 23: 1 Securing Wireless Sensor Networks Wenliang (Kevin) Du Department of Electrical Engineering and Computer Science Syracuse University Excerpted from wedu/Research/slides/Purdue04.ppt.](https://reader035.fdocuments.net/reader035/viewer/2022062408/56649e955503460f94b99bc6/html5/thumbnails/23.jpg)
23
Exercise 7
• Write a program to calculate the probability:– Input:
• G=(V,E)• Pr (two nodes have a common key) =
– Output:• Let E’E denote the subset of secure channels,
calculate the probability that G=(V,E’) is a connected graph.
– Due: June 4th
![Page 24: 1 Securing Wireless Sensor Networks Wenliang (Kevin) Du Department of Electrical Engineering and Computer Science Syracuse University Excerpted from wedu/Research/slides/Purdue04.ppt.](https://reader035.fdocuments.net/reader035/viewer/2022062408/56649e955503460f94b99bc6/html5/thumbnails/24.jpg)
24
Example 1
=1/2
![Page 25: 1 Securing Wireless Sensor Networks Wenliang (Kevin) Du Department of Electrical Engineering and Computer Science Syracuse University Excerpted from wedu/Research/slides/Purdue04.ppt.](https://reader035.fdocuments.net/reader035/viewer/2022062408/56649e955503460f94b99bc6/html5/thumbnails/25.jpg)
25
2
1
881
81
81
81
81
![Page 26: 1 Securing Wireless Sensor Networks Wenliang (Kevin) Du Department of Electrical Engineering and Computer Science Syracuse University Excerpted from wedu/Research/slides/Purdue04.ppt.](https://reader035.fdocuments.net/reader035/viewer/2022062408/56649e955503460f94b99bc6/html5/thumbnails/26.jpg)
26
27
20
)13
2
3
2
3
2()3
3
1
3
2
3
2(
=2/3
Example 2
![Page 27: 1 Securing Wireless Sensor Networks Wenliang (Kevin) Du Department of Electrical Engineering and Computer Science Syracuse University Excerpted from wedu/Research/slides/Purdue04.ppt.](https://reader035.fdocuments.net/reader035/viewer/2022062408/56649e955503460f94b99bc6/html5/thumbnails/27.jpg)
27
Input Format
3
1 2
2 3
3 1
• |V|=3• Undirected edges (1,2)
(2,3) (3,1)• Note: the given graph
may not be complete.