Spins protocol

7/29/2019 Spins protocol

http://slidepdf.com/reader/full/spins-protocol 1/26

Intrusion Detection System

WSN

Information Security Research Laboratory

http://seclab.inha.ac.kr/



Topics

• IDS Challenges in WSN

• SPINS: Security Protocol for Sensor Network

• Efficient anonymity schemes for clusteredwireless sensor networks.

• Placement Problem.

• Signature Update.



IDS Challenges in WSN

• Authentication.

• Anonymity(prevent compromising).

•

Node placement.• Signature Update.

SPINS: Security Protocol for Sensor

Network

Adrian Perrig, Robert Szewczyk, JD,VectorWen, and Davide Culler

Springer 2002



Introduction

– Symmetric techniques

• The secret keys are pre-distributed among sensors beforetheir deployment.

• Due to the limitation on memory, symmetric key techniques

are not able to achieve both a perfect connectivity and aperfect resilience for large-scale sensor networks.

– Public key cryptography

• eliminate the connectivity and resilience problems.

• Common criticism: computational complexity andcommunication overhead.

– ECC signature verification: 1.62s (160-bit Atmega 128)



System Assumptions

• Communication Architecture:• The broadcast is the fundamental communication way.

• The network topology is tree which the BS is the root.

•

The sensors cooperate to pass the packets from the leaves tothe root.

• The communication patterns categorized into :

• NodeBs

•BS node

• Bs All Nodes.

• Node node



• They assumed sensors are not trusted.

• The nodes in initialization phase trust the BS

but not after this phase.

• The protocol achieve security requirements

like data authentication, data integrity, and

data freshness.



Notation

Na Nonce by node A (freshness)

Xab Master secret key sheared between A, B

kab Secret encryption key derived from Xab

K’ab Secret MAC key shared FXab(2) wher F() is Pseudo Random function



SNEP

• The two parties A, B shared XAB and derived

the comm. Keys KAB=FX(1), KBA=FX(3), K’AB=FX(2),

K’BA=FX(4).

• The encrypted data E(D){K,C}, and MAC(K’,C||E)

• The complete message from AB is:

A

B: (D){KAB

,C}, MAC(K’AB

,C|| (D){KAB

,CA

})



Counter Exchange Protocol

• AB: CA

BA: CB , MAC(K’BA,CA||CB)

A

B: MAC(K’ AB,CA||CB)• How does the synchronization of the counter

be?

•

AB: CA, MAC(K’AB,CA)BA: CB , MAC(K’BA,CA||CB)



µTESLA

• Requirements:

• The BS and Nodes be loosely synchronized.

•

Each node know the upper bound of max.sync. error.

• Each node loaded with commitment key K0.



µTESLA cont.

• The BS compute the MAC (K,P) where K

unknown for receiver at sending time.

• Ki=F(Ki+1)

• K0=F(F(K2))F F F F F F

K0 K2K1 K3 K4 K5P1 P2 P3 P4 P5 P1 P2



µTESLA detailed description

• Sender phase.(keys generation e.g. MD5)

• Sending Auth. Packet.

•

Bootstrapping new receiver.(parameters of sync.)• MS: NM

• MS: TS|Ki|Ti|Tint|δ,MAC(KMS,NM| TS|Ki|Ti|Tint|δ)

• Auth. received packet.



Node to Node key agreement

• If node A(IDS) want to communicate with

node B.

• They use trusted party BS because the share

master secret key with it (XAS,XAB).

• AB: NA,A

BS: NA,NB ,A,B, MAC(K’BS,NA|NB|A|B)

SA: {SKAB}KSA,MAC(K’ SA,NA|B|{SKAB}KSA)

SB: {SKAB}KSB,MAC(K’ SB,NA|B|{SKAB}KSB)



“Efficient anonymity schemes for clustered wireless

sensor networks”

Satyajayant Misra and Guoliang Xue

Inderscience,Wireless Network 2006

Arizona State University

• Authentication.


•





Requirements for anonymity in a CWSN

• SN can communicate with any other SN in its

neighborhood and the BS in an anonymous .

•

Routing of messages is anonymous• The nodes in a cluster are indistinguishable.

• SNs outside the neighborhood of a cluster

cannot figure out the CH of the cluster.



• 2k pseudonyms

• Continuous chunk of size 2L

•

The total chunk N2

K bit

…. ….

N2

2L

Framework for the anonymity

schemes



• Each node produce table and for scheme

management.

• SN assign chunk for comm. With node v from (N)

• In secure way:

• UV: chunk

• VU:chunk

• The sender & receiver IDs became:

i + index v

i’ + index u

Table of node u

Sender: index u|| IDvu

Receiver: index v || IDuv



• Authentication.


•





Cluster Construction

R

Wait for a random amount of timeTimeout and elect itself as a clusterheadGrow the cluster iterativelyLegitimate Cluster

R

R

R

mR

mR

mR

mR

Network partition constructedValid cluster

LOCI: Local Clustering Service for Large Scale Wireless Sensor Networks (Springer 06, Vineet Mittal)



A

R

Placement Problem

CH

IDS

IDS

IDS

IDS

Tree Based

Tree Based



• Authentication.


•





Signature Update

• The problem of multi pattern matching

technique is preprocessing phase.

• We have two choices(rebuild in node, send to preprocessed signature )

Send new signature from BS

-Less comm. Overhead

-Processing overhead

Send whole table to IDS node

-Intensive comm. Overhead

-Less node processing overhead



Thank You Any Question ?

Spins protocol

Documents

Transcript of Spins protocol