SPINS: Security Protocols for Sensor Networks Adrian Perrig, Robert Szewczyk, Victor Wen, David...
-
date post
21-Dec-2015 -
Category
Documents
-
view
222 -
download
4
Transcript of SPINS: Security Protocols for Sensor Networks Adrian Perrig, Robert Szewczyk, Victor Wen, David...
SPINS: Security Protocols for Sensor
NetworksAdrian Perrig, Robert Szewczyk,
Victor Wen, David Culler, and J.D. Tygar – University of California,
Berkeley
Presented By: Kimberly Yonce
Outline Wireless Sensor Networks SPINS Building Blocks
SNEP TESLA
Related Work Limitations/Future Work/Comments
Wireless Sensor Networks (WSN) A wireless network
consisting of spatially distributed autonomous devices using sensors to cooperatively monitor different locations.
Types of Sensors: temperature, sound, vibration, pressure, motion, and light.
WSN Applications Habitat monitoring
ZebraNet: Animals are equipped with tracking nodes that contain GPS to monitor position and speed of movement and light sensors to indicate current environment.
WSN Applications Fire Detection
SmokeNet: Sensors monitor smoke detection in a building. Sensors worn by firefighters monitor heart rate and air tank level as well as their location.
WSN Applications Medical Uses
Vital Sign Monitoring Patient Tracking Emergency Triage Stroke Rehabilitation
WSN Applications Military Uses
Military Vehicle Tracking
Mine Fields Sniper Localization
Traffic Monitoring Intrusion Detection
Sensor Network at UC Berkeley
Sensor Hardware
Sensor Hardware SmartDust TinyOS CPU: 8-bit, 4MHz Storage: 8 KB instruction
flash, 512 bytes RAM, 512 bytes EEPROM
916 MHz radio Bandwidth: 10 Kbps OS Code Space: 3500
bytes Available Code Space:
4500 bytes
WSN Challenges Severely resource-constrained
environments: Processing power Storage Bandwidth Energy
Is Security Possible? RSA
Performs operations on 2 large prime numbers N (modulus of the public and private keys) is
recommended to be at least 2048 bits long Digital Signatures
High communication overhead of 50-1000 bytes per packet
High overhead to create and verify the signatures
Is Security Possible? DES
64 bit block size Key length 56 bits 512-entry Sbox table 256-entry table for various permutations
AES 128 bit fixed block size Key size of 128, 192, or 256 bits 800 bytes of lookup tables
WSN Communication Patterns Sensor Readings
Node to Base Station Specific Requests
Base Station to Node Reprogramming
Network, Routing Beacons Base Station broadcast
to all Nodes
Sensor Network Security Requirements Data Confidentiality Data Authentication Data Integrity Data Freshness
Weak Freshness Strong Freshness
SPINS Building Blocks SNEP
Data confidentiality Two-party data authentication Integrity Freshness
TESLA Authentication for data broadcasts
SNEP Low communication overhead Uses MAC to achieve two-party authentication
and data integrity A shared counter between sender and receiver
helps ensure semantic security
CKmacCK encrencrDCKMACDBA
,,: ,,
SNEP with Strong Freshness
AA RNBA ,:
CKBAmacCKB encrencrRCNKMACRAB ,, ,,:
TESLA TESLA authenticates initial packet with a
digital signature. TESLA uses only symmetric mechanisms.
Instead of disclosing a key in each packet, a key is disclosed once per epoch.
TESLA restricts number of authenticated senders.
Broadcast from Base Station vs. Broadcast from a node
Cryptography Implementation Block Cipher
RC5 – small code size and high efficiency Variable block size (32, 64, or 128 bits) Key Size (0 to 255) # of Rounds (0 to 255) Modular additions and XORs Feistal like structure
Encryption Function Counter (CTR) Mode
Same function for encryption and decryption Stream cipher in nature
MAC Generation
Key Setup
Evaluation Code Size
RAM Requirements
Evaluation Energy Costs
20%1%
1%
1%
7%
2%
71%
MAC Transmission
Encryption Computation
EncryptionTransmissionComputation
Freshness Transmission
MAC Computation
Data Transmission
Related Work Carman, Kruus, and Matt analyze a variety
of approaches for key agreement and distribution in sensor networks.
TEA by Wheeler and Needham or TREYFER by Yuval are smaller alternatives as symmetric ciphers.
Karlof and Wagner investigate security goals for routing in sensor networks.
Deng et al. analyze attacks against the base station.
Limitations/Future Work TESLA requires loose time
synchronization between nodes Counter must be updated at sender and
receiver Information leakage through covert
channels Only ensure that a compromised sensor
does not reveal the keys of all the sensors in the network
Limitations/Future Work Does not consider DoS Does not achieve non-repudiation Relies on the base station being trusted,
and therefore does not consider attacks on the base station itself.
Questions/Comments