WIRELESS SENSOR NETWORK Pair-Wise Key Establishment

1
WIRELESS SENSOR NETWORK Pair-Wise Key
Establishment

• Presented By
• Mohammed Saleh
• CS 599b Summer07

2
WSN

• Background
• WSN Architecture
• WSN Security Issues and requirements
• Problem Proposed
• Network Architecture
• Pair-wise key establishment
• Conclusion

3
Background

• 100/1000 nodes
• Low cost solution
• Limited resources
• Controlled or uncontrolled environment

4
WSN Architecture
5
WSN Components

• A sensor Nodes Consist of
• Battery
• Memory
• Processor
• Radio links for communicating

6
Sensor Node Constraints

• Battery Power/
• Energy
• Processor
• Rechargeability
• Sleep Patterns
• Memory

7
Network constraints

• Limited Pre-Configuration
• Unreliable communications
• Frequent Routing Changes

8
WSN Architecture
9
Security in Wireless Networks
10
Security Requirements

• Confidentiality
• Authenticity
• Availability
• Integrity
• Freshness
• Scalability
• Accessibility
• Self-Organization
• Flexibility

11
Security in Wireless Networks

• Attacks
• -Poor physical protection
• -Attacks not only from outside but
• also from within the network from
• compromised nodes.

12
WSN Attacks
13
Security in Wireless Networks

• Security concepts
• RSA
• Cryptography
• - Public/private key
• Diffie-Hellman

14
Problem Proposed
15
Problem

• The initialization process of a previously
  study known as SHELL.
• No Pair-Wise key establishment

16
Proposed

• We propose a pair-wise key establishment of
  neighboring sensor nodes for the improvement of
  the network architecture that can be vulnerable
  for an attack or compromising. This schema can be
  efficiently applied to the protection of
  distributing keys throughout the network sensor
  nodes cant only provide an equal level of
  security but also reduce the consequences of node
  compromise.

17
Goal

• Establishing pair-wise key
• Improving the initialization process or the
  network bootstrapping.
• Protecting against node capturing

18
SHELL

• Introduces a novel heuristic for key assignment
  that decreases the probability of capturing the
  network through the compromised node
• very few additional keys would be revealed when
  colluding.
• SHELL boosts the network resiliency to node
  capture while conservatively consuming the
  networks critical resources such as energy.

19
EBS

• EBS (Exclusion Basis System)
• Eltoweissy et al
• methodology for group key management.
• EBS eliminates the need of storing a large number
  of keys at each sensor node.
• It further allows trading off the number of keys
  stored versus
• amount of network traffic due to the rekeying
  operations.
• Simplifies the addition and eviction of nodes.
• Performs key refreshing through the exchange of
  few messages.
• EBS-based schemes can be prone to collusion
  attacks.

20
Network Architecture

• Command Node
• Gateway
• Sensors

21
Network Architecture

• There are two basic categories of nodes that
  comprise the system
• Sensing nodes (N1 nodes)
• memory and processing nodes (N2 nodes)

22
Network Bootstrapping

• The phase of system initialization that
  precedes actual operations is referred to as
  network bootstrapping.
• Sensor Implementation
• Cluster Assignment
• Gateway Registration

23
Pair-wise Key Establishment

• The rationale for establishing a set of protocols
  for shared key
• interaction is to improve security and decrease
  nodal
• Vulnerability.
• The proposed model accounts for scenarios in
  which there is
• only one node needed for key establishment or, in
  contrast,
• an unlimited number of nodes that can participate
  in the key
• establishment process. In either situation, the
  backbone
• architecture is considered secure.

24
Pair-wise Key Establishment

• Backhaul In order to create the conditions
  necessary for backhaul, an N1 node and an N2 node
  must share a common key.
• Neighboring nodes with Limitation This scenario
  permits inter-nodal communication between two N1
  nodes in the same neighborhood.
• Neighboring Nodes Open Trust To establish
  connectivity in this scenario, N1 nodes can
  establish session keys through a sequence of
  mutual N1 nodes key matching.

25
Pair-wise Key Establishment

• With this key Establishment we can have
• significant increase in the number of keys stored
  by all N1
• nodes.
• Protecting against Attacks and failure between N1
  N2 nodes.
• Maintaining a low energy consumption.
• key assignment that decreases the probability of
  capturing
• would share most keys with reachable nodes and,
  thus, very few additional keys would be revealed
  when colluding

26
Conclusion

• A key feature of our approach is that it exploits
  the availability of multiple transmission power
  levels at sensor nodes in terms of elevated
  security schemes. We introduced different
  approaches the description of how to establish a
  pair-wise key between two neighboring nodes can
  be established by the discussed approach and
  applied to Younis approach for more efficiency.
  In doing so we can reduce the possibility of data
  being lost from all nodes if the chance of a
  network is captured.

27
References

• RSA Encryption Standard, Version 1.4. San Mateo,
  Ca. RSA Data Security, Inc., 1991.
• W. Diffie and M.E. Hellman, New directions in
  cryptography, IEEE Transactions on Information
  Theory 22 (1976), 644-654.
• Multicast Security A Taxonomy and Efficient
  Constructions. IEEE Press, 1999.
• Ten Emerging Technologies That Will Change The
  World, Feb.2003.
• Mihaela Cardei My T. Thai Yingshu Li Weili Wu,
  Energy-Efficient Target
• Coverage in Wireless Sensor Networks, IEEE
  INFOCOM 2005.
• A. D. Wood and J. A. Stankovic. Denial of service
  in sensor networks. Computer
• 35(10)5462, 2002.
• J. Newsome, E. Shi, D. Song, and A. Perrig. The
  Sybil attack in sensor networks
• analysis defenses. Proceedings of the third
  international symposium on Information
• processing in sensor networks, pp. 259268. ACM
  Press, 2004.
• Wireless Sensor Network Security A Survey John
  Paul Walters, Zhengqiang Liang,
• Weisong Shi, and Vipin Chaudhary Department of
  Computer Science Wayne State
• University5143 Cass Ave, MI 48202, USA

28
References

• J. Deng, R. Han, and S. Mishra. Countermeasuers
  against traffic analysis in wireless sensor
  networks. Tech. Rep. CU-CS-987-04, University of
  Colorado at Boulder, 2004.
• Peng Peng , P2P-HGKM An Efficient Hierarchical
  Group Key Management
• Protocol for Mobile Ad-Hoc Networks, B.Sc.,
  Peking University, 2000
• Eric Ricardo Anton, Otto Carlos Muniz Bandeira
  Duarte, Group Key Establishment in Wireless Ad
  Hoc Networks , Workshop em Qualidade de Serviço e
  Mobilidade 2002.
• N. Asokan, V. Schoup, and M. Waidner, Optimistic
  fair exchange of digital signa-tures, IEEE
  Journal on Selected Area in Communications, vol.
  18, no. 4, pp. 593,610, 2000.
• Y. Amir, Y. Kim, C. Nita-Rotaru, and G. Tsudik,
  On the performance of group key agreement
  protocols," in Proceedings of the 22nd IEEE
  International Conference on Distributed Computing
  Systems, (Viena, Austria), June 2002.
• Cliques Project team, \Cliques," 1999.
  http//sconce.ics.uci.edu/cliques/.
• Cristina Nita-Rotaru, High-Performance Secure
  Group Communication, (Baltimore, Maryland), June
  2003

29
References

• A Logic for the Exclusion Basis System, Samuel T.
  Redwine, Jr., James Madison University
  Harrisonburg, Va. 22807, Proceedings of the 37th
  Hawaii International Conference on System
  Sciences 2004.
• Distributed Clustering in Ad-hoc Sensor Networks
  A Hybrid, Energy-Efficient Approach Younis, O.,
  Fahmy, S. Distributed clustering in ad-hoc
  sensor networks. In Proceedings of the IEEE
  Conference on Computer Communications (INFOCOM),
  Hong Kong (2004)",
• Mohamed F. Younis, Senior Member, IEEE, Kajaldeep
  Ghumman, and Mohamed Eltoweissy, Senior Member,
  IEEE Location-Aware Combinatorial Key Management
  Scheme for Clustered Sensor Networks. IEEE Vol
  17, No.8, August 2006

30
References

• Du., W. et al. A Key Management Scheme for
  Wireless Sensor Networks Using
• Deployment Knowledge. IEEE INFOCOM, 2004.
• Hill, J. et al. System Architecture directions
  for Networked Sensors. Architectural Support for
  Programming Languages and Operating systems,
  2000 93-104.
• Hu, Y., Perrig, A., and Johnson, D. Ariadne a
  secure on-demand routing protocol for ad hoc
  networks. New York ACM Press, (2002) 12-23.
• Patrick Traynor, Heesook Choi, Guohong Cao,
  Sencun Zhu and Tom La Porta
• Networking and Security Research Center
  Department of Computer Science and Engineering
  The Pennsylvania State University, Establishing
  Pair-wise Keys in Heterogeneous Sensor Networks.
  
•