Security protocols in sensor networks

From
Revision as of 17:38, 20 February 2005 by 80.185.145.63 (talk)
Jump to navigation Jump to search

Work in progress!

Applications for sensor networks

Sensor networks can become useful in a variety of applications:

  • Emergency response information: Sensors can collect information about status of buildings, people and transportation pathways.
  • Energy management: We can achieve a better management through optmizied distribution depending on the ambient and immediate temperature of the wire (see California 2001).
  • Medical monitoring: Sensors can monitor health conditions and be used to apply remedies (instant release of medication to the bloodstream).
  • Logistics and inventory management: Sensors can help to manage the worldwide distribution of goods or even the inventory management in a single store.

Limits of sensor networks

Characteristics of a sensor node:

CPU8-bit, 4MHz
Storage8 kbytes instruction flash
512 bytes ram
512 bytes EEPROM
Communication916MHz radio
Bandwith10kbps
Operating SystemTinyOS
OS Code space3500 bytes
Available code space4500 bytes

Sensors form a self-organizing wireless network with a multihop routing topology. A prototype network consists of a couple of nodes and a more powerful base station. The base station is connected to an outside network. Small batteries work as the energy source for the nodes. Since wireless communication is the most energy consuming function we need to minimize communication overhead, while the security has to be limited in the consumption of processing power. Most current secure algorithms are impractical to use since the working memory of a node cannot even hold variables for asymmetric algorithms like RSA with 1024 bits. Furthermore authenticated broadcast with existing protocols generates high communication overhead of 50-1000 bytes per packet. Usual packets in sensor networks are just about 30 bytes long.

System assumptions

  • Communication architecture:

Broadcast is the fundamental primitive. Sensor nodes establish a routing forest with a base station as root of each tree. Routing beacons are used to form a routing topology. Nodes are able to forward messages towards the base station, they can handle the broadcasting of messages, and recognize packets that are adressed to itself. The base station accesses the nodes frequently and has capabilities similar to nodes, but sufficient battery power to surpass the lifetime of all sensor nodes, sufficient memory to store cryptographic keys, and means for communicating with outside networks. There are three communication pattern: node to base station, base station to node, base station to all nodes (beacons, reprogramming etc.).

  • Trust requirements:

We assume that individual sensors are untrusted. Basic wlan communication is not secure (eavesdropping, messageinjection, messagereplaying), so that we do not trust the communication infrastructure. All nodes initially trust the base station and each node trusts itself. Which means it trusts the local clock to be accurate with small drift. The goal is a key setup so that the compromise of a node does not spread in the network.

Design guidelines

Due to the limited program store all cryptographic primitives (encryption, mac, hash, random number generator) will be constructed out of a single block cipher for code reuse.

  • Requirements for sensor network security:

1. Data confidentiality:The message content is not readable for an adversary. The standard approach to keep sensitive data secret is data encryption with a secret key.
2. Data authentication:This allows the receiver to verify that the data was really sent by the claimed sender. Therefore sender and receiver share a secret key to compute a mac (message authentication code). The needed asymmetric mechanism will be introduced by a delayed key disclosure and a one-way-function key chain.
3. Data integrity:This ensures the receiver that the received data was not altered in transit. Data integrity is achieved through data authentication.
4. Data freshness:Freshness implies that data is recent and ensures no replaying of old messages (strong vs. weak freshness).


SPINS

SPINS (security protocols for sensor networks) consist of two building blocks:

  • SNEP: The sensor network encryption protocol, which provides secure point-to-point communication.
  • µTESLA: The micro timed efficient stream loss-tolerant authentication, which provides broadcast authentication.

SNEP

µTESLA

Implementation

Evaluation

References