Title: Security Issues In Sensor Networks
1Security Issues In Sensor Networks
2What Is A Sensor Network?
- A network is formed when a set of small sensor
devices that are deployed in an ad hoc fashion
cooperate for sensing a physical phenomenon.
3 Typical application of sensor networks
- Military sensor networks to detect enemy
movements, the presence of hazardous material
(such as poison gases or radiation, explosions,
etc.) - Environmental sensor networks (such as in plains
or deserts or on mountains or ocean surfaces) to
detect and monitor environmental changes. - Wireless traffic sensor networks to monitor
vehicle traffic on a highway or in a congested
part of a city. - Wireless surveillance sensor networks for
providing security in a shopping mall, parking
garage, or other facility.
4Communication Architecture
- The sensor nodes communicate using RF
- The sensor nodes establish a routing forest, with
a base station at the root of every tree - Periodic transmission of beacons allows nodes to
create a routing topology. - The base station accesses individual nodes using
source routing.
5Challenges Of Sensor Network
- Energy consumption primarily
- By radio communication
- Need to minimize communication overhead
- Reliance on asymmetric digital signature
- Long signatures with high communication overhead
of 50-1000 bytes per packet - Very high overhead to create verify signature
- Symmetric broadcast authentication is impractical
6Requirements for sensor networks security
- Data Confidentiality
- From the observed communication pattern set up
secure channels between nodes and base stations - Data Authentication
- Construct authenticated broadcast from symmetric
primitives only - Introduce asymmetry with delayed key disclosure
and one way function key chains - Data Integrity
- Data Freshness
- Recent data
- No replay of data
7Communication Pattern Of The Sensor Network
- 1) Node to base station communication, e.g.
sensor readings. - 2) Base station to node communication, e.g.
specific requests. - 3) Base station to all nodes, e.g. routing
beacons, queries or reprogramming of the entire
network.
8SPINS Security Protocols for Sensor Networks
security building blocks optimized for source
constrained environments and wireless
communication.
SPINS
_TESLA
SNEP
Timed, Efficient, Streaming, Loss-tolerant
Authentication Protocol),
Secure Network Encryption Protocol
9Important Baseline Security Primitives
- SNEP ? Data confidentiality, two-party data
authentication, and data freshness - µTESLA ? new protocol which provides
authenticated broadcast for severely
resource-constrained environments.
10SNEP Data Confidentiality, Authentication,
Integrity, and Freshness
- Low communication overhead
- Adds only 8 bytes per message
- Uses counter
- Counter value is kept at both end points
- Provides semantic security
- Prevents eavesdroppers from interfering the
message content from the encrypted message - Data authentication, replay protection, and
weak/strong message freshness
11SNEP-mechanism
- Communicating parties share a counter, which is
used as an Initialization Vector (IV) - Counter is not sent with the message
- Block ciphers are in Counter Mode (CTR)
- Counter incremented after each block
- MAC used to achieve 2 party data authentication
and data integrity - Counter value is never repeated
- Counter value in MAC prevents replay attacks
12TESLA vs. µTESLA
- TESLA
- Authenticates initial packet with a digital
signature - Too expensive for sensor nodes
- Disclosing a key in each packet requires too much
energy(24bytes/packet) - Expensive to store one-way key chain
- µTESLA
- Uses symmetric mechanism
- Discloses key once every epoch
- Restricts number of authenticated senders
13µTESLA Overview
- Base station (BS) broadcasts authenticated
information to nodes - BS and nodes are loosely time synchronized
- Each node knows the upper bound on max.
synchronization error - BS computes a MAC on the packet
- The key is secret at this point
- Sensor receives the packet stores it in buffer
- BS broadcasts the verification key to all
receivers - Node verifies the authenticity of the key
- Node uses key to authenticate the packet in the
buffer
14Thank you!!!