Securing Wireless Sensor Networks

1
Securing Wireless Sensor Networks

• Wenliang (Kevin) Du
• Department of Electrical Engineering and Computer
  Science
• Syracuse University

2
Overview

• Overview of Wireless Sensor Networks (WSN).
• Security in wireless sensor networks.
• Why is it different?
• Our work on key pre-distribution in WSN
• Deployment-based scheme (INFOCOM04)
• Pair-wise Scheme (ACM CCS03)
• Summary.

3
Wireless Sensors
Berkeley Motes
4
Mica Motes

• Mica Mote
• Processor 4Mhz
• Memory 128KB Flash and 4KB RAM
• Radio 916Mhz and 40Kbits/second.
• Transmission range 100 Feet
• TinyOS operating System small, open source and
  energy efficient.

5
Spec Motes
6
Wireless Sensor Networks (WSN)
Sensors
7
Applications of WSN

• Battle ground surveillance
• Enemy movement (tanks, soldiers, etc)
• Environmental monitoring
• Habitat monitoring
• Forrest fire monitoring
• Hospital tracking systems
• Tracking patients, doctors, drug administrators.

8
Securing WSN

• Motivation why security?
• Why not use existing security mechanisms?
• WSN features that affect security.
• Our work
• Two key management schemes.

9
Why Security?

• Protecting confidentiality, integrity, and
  availability of the communications and
  computations
• Sensor networks are vulnerable to security
  attacks due to the broadcast nature of
  transmission
• Sensor nodes can be physically captured or
  destroyed

10
Why Security is Different?

• Sensor Node Constraints
• Battery,
• CPU power,
• Memory.
• Networking Constraints and Features
• Wireless,
• Ad hoc,
• Unattended.

11
Sensor Node Constraints

• Battery Power Constraints
• Computational Energy Consumption
• Crypto algorithms
• Public key vs. Symmetric key
• Communications Energy Consumption
• Exchange of keys, certificates, etc.
• Per-message additions (padding, signatures,
  authentication tags)

12
Constraints (Cont.)Public Key Encryption

• Slow
• 1000 times slower than symmetric encryption
• Hardware is complicated
• Energy consumption is high

Processor Energy Consumption (mJ/Kb) Energy Consumption (mJ/Kb) Energy Consumption (mJ/Kb)
Processor RSA/E/V RSA/D/S AES
MIPS R4000 0.81 16.7 0.00115
MC68328 42 840 0.0130
13
Memory Constraints

• Program Storage and Working Memory
• Embedded OS, security functions (Flash)
• Working memory (RAM)
• Mica Motes
• 128KB Flash and 4KB RAM

14
Objectives of Our Research

• Long-term Goals
• Study how WSNs constraints/features affect the
  design of security mechanisms.
• Develop security mechanisms for WSN.
• Current Projects
• Key Management Problems
• Data Fusion Assurance

15
Key Management Problem
16
Key Management Problem
Sensors
17
Key Management Problem
Sensors
Secure Channels
18
Approaches

• Trusted-Server Schemes
• Finding trusted servers is difficult.
• Public-Key Schemes
• Expensive and infeasible for sensors.
• Key Pre-distribution Schemes

19
Key Pre-distribution

• Loading Keys into sensor nodes prior to
  deployment
• Two nodes find a common key between them after
  deployment
• Challenges
• Memory/Energy efficiency
• Security nodes can be compromised
• Scalability new nodes might be added later

20
Naïve Solutions

• Master-Key Approach
• Memory efficient, but low security.
• Needs Tamper-Resistant Hardware.
• Pair-wise Key Approach
• N-1 keys for each node (e.g. N10,000).
• Security is perfect.
• Need a lot of memory and cannot add new nodes.

21
Eschenauer-Gligor Scheme
Key Pool S
Each node randomly selects m keys
A
B
E
D
C

• When S 10,000, m75
• Pr (two nodes have a common key) 0.50

22
Establishing Secure Channels
B
A
C
23
Our Improvement Over Eschenauer-Gligor Scheme
Appeared in IEEE INFOCOM 2004
24
Observations and Objectives
A
B
F
Property Pr(A, B) Pr(A, F)
Our objective Pr(A, B) gtgt Pr(A, F)
Using deployment knowledge
25
Modeling Deployment Knowledge
Deployment points for a group of sensors
I
A
J
F
26
Probability Distribution Function of Each
Deployment Group
27
Key Pre-distribution Scheme
Key Pools
28
Key Sharing Among Key Pools
Horizontal
a
B
C
A
b
b
a
F
D
a
a
Vertical
Diagonal
a
b
b
G
H
I
b
a
29
Local Connectivity
30
Network Resilience

• What is the damage when x nodes are compromised?
• These x nodes contain keys that are used by the
  good nodes.
• What percentage of communications can be affected?

31
Network Resilience
32
A Pairwise Key Pre-distribution Scheme
Appeared in CCS03 ACM Conference on Computer
and Communications Security
33
Objectives

• Pairwise key pre-distribution scheme.
• Each pair of sensor share a unique secret key
• Can be used for Authentication
• Our Approach
• We use Blom Scheme to achieve Pairwise
• We use Random Key Selection scheme to improve
  performance and resilience

34
Blom Scheme

• Public matrix G
• Private matrix D (symmetric).

D
?1
?1
G
N
?1
Let A (D G)T
A G (D G)T G GT DT G GT D G (A G)T
35
Blom Scheme
A (D G)T
G
(D G)T G
j
i
Kij
i

N
Kji
X
j
N
N
?1
36
?-secure Property
i
j
k
Undesirable Situation if uG(i) vG(j) G(k)
then uA(i) vA(j) A(k)
G
?1
N
AT D G
i
j
k
37
?-secure Property

• ANY ?1 columns in G are linear independent.
• Different from saying that G has rank ?1
• Rank there exist ?1 linear independent columns
• Can tolerate compromise up to ? nodes.
• Once ?1 nodes are compromised, the rest can be
  calculated if these ?1 columns are linear
  independent.
• How to find such a matrix G?

38
Vandermonde Matrix
1 1 1 1
s s2 s3 sN
s2 (s2)2 (s3)2 (sN)2

s? (s2)? (s3)? (sN)?
G
39
Properties of Blom Scheme

• Bloms Scheme
• Network size is N
• Any pair of nodes can directly find a secret key
• Tolerate compromise up to ? nodes
• Need to store ?2 keys
• Challenge Can we increase ? without increasing
  the storage usage.

40
Multiple Space Scheme
Key-Space Pool
? spaces
(D1, G)
? spaces
? spaces
(D2, G)
Two nodes can find a pairwise key if they carry
a common key space!
(D?, G)
41
How to select ? and ??

• If the memory usage is m, the security threshold
  (probablistic) ?m is
• To improve the security, we need to increase
  ?/?2.
• However, such an increase affects the
  connectivity.

42
Measure Local Connectivity
plocal the probability that two neighboring
nodes can find a common key.
43
Plocal for different ? and ?
44
Security Analysis

• Network Resilience
• When x nodes are compromised, how many other
  secure links are affected?

45
Resilience (p 0.33, m200)
Blom
46
Resilience (p 0.50, m 200)
Blom
47
ImprovementUsing Two-hop Neighbors
? 7 ? 2
? 31 ? 2
48
Summary

• Security in WSN is quite different from
  traditional (Wired) network security.
• We have proposed two key pre-distribution
  schemes for WSN.
• Our schemes substantially improves the
  performance and network resilience.