Random Key-Assignment for Secure Wireless Sensor Networks


Published on

1 Like
  • Be the first to comment

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Random Key-Assignment for Secure Wireless Sensor Networks

  1. 1. Random Key-Assignment for Secure Wireless Sensor Networks<br />Roberto Di Pietro, Luigi V. Mancini and Alessandro Mei<br />
  2. 2. Limited memory<br />Limited computational power<br />Limited energy<br />Sensor nodes<br />
  3. 3. Secure microcontroller<br />
  4. 4. Passive attacks<br />Cipher text attacks<br />Active attacks<br />Take control of a sensor node<br />Unfriendly environment<br />Nodes only trust themselves<br />Threat Model<br />
  5. 5. Secure pairwise communication<br />Memory efficient<br />Energy efficient<br />Tolerate the collusion of a set of corrupted sensors<br />Goals<br />
  6. 6. Have one master key<br />Can’t tolerate nodes being taken over<br />Each node stores a seperate key for every other node<br />Requires too much space<br />Expensive to add more nodes later<br />Tradeoff<br />Use less memory, but have only a probabilistic tolerance to nodes being taken over<br />Naïve solutions<br />
  7. 7. One way hash function<br />Symmetric encryption<br />Keyed hashed function<br />Pseudo-random number generator<br />Requirements<br />
  8. 8. A key deployment scheme<br />A key discovery procedure<br />A security adaptive channel establishment procedure<br />The direct protocol<br />
  9. 9. Method used in A key-management<br />scheme for distributed sensor networks:<br />A pool of P random keys is generated<br />Each sensors takes k random keys from the pool<br />Key deployment<br />
  10. 10. Challenge is encrypted using each key and then broadcasted<br />Needs to perform k^2 decryptions on receiver side and k encryptions on the sender side<br />At least k messages have to be sent<br />Inefficient key discovery<br />
  11. 11. Also used in A key management scheme for distributed sensor networks<br />Instead of challenge response, submit the indexes<br />Less secure, as a smart attacker can easily find the nodes that have the key it wants<br />Key deployment II<br />
  12. 12. Method used in Establishing pair-wise keys for<br />secure communication in ad hoc networks: A<br />probabilistic approach:<br />A pool of P random keys is generated<br />k indexes into the pool are created pseudo-randomly with a publicly known seed dependent on the node id.<br />Less secure than challenge-response, but can be improved<br />Key deployment III<br />
  13. 13. Channel existence<br />
  14. 14. Find out which keys are shared and xor them together<br />An attacker needs to know all shared keys<br />Channel establishment<br />
  15. 15. Corruption probability – P=1000<br />
  16. 16.
  17. 17. Corruption Probability – k=120<br />
  18. 18. The cooperative protocol<br />
  19. 19. Nearby sensors<br />Weaker against geographically attacks<br />Random<br />Larger communication overhead<br />Individual properties<br />More trusted nodes can give higher security<br />The C set<br />
  20. 20. They give an upper bound on the probability that the channel between two nodes is corrupted, given w corrupted nodes<br />Upper bound<br />
  21. 21. Sensor failure resistent<br />Can add more sensors if required<br />No information leakage<br />Sensors in the C set only transmits hash values of their keys<br />Adaptiveness<br />If an upper bound of w is known, C can be chosen to secure communication with a desired probability.<br />Load balance<br />a sends c+1 message, sensors in C send 1, tot=2c+1<br />Only done once during setup<br />Features of cooperation protocol<br />
  22. 22. Sensor doesn’t respond<br />After timeout, node a can pick another node<br />Sensor sends correct key<br />Lowers security<br />Sends false key<br />Can pick another C set<br />Notify trusted base-station<br />Aware that network is under attack<br />DoS Attacks of Malicious Cooperators<br />
  23. 23. If node a has the keys that node a should have, according to the pseudo-random number generator, it’s probable that a is a.<br />Authentication<br />
  24. 24. P=1000 and w=8<br />
  25. 25. P=1000 w=16<br />
  26. 26. P=10000 w=32<br />
  27. 27. M = {}<br />for all keys k in P<br />z = RND(id||k)<br />if(z%(|P|/m)==0)<br />put k into M<br />|M| must be less than memory size but larger than the security constraints<br />Discard ID if conditions not satisfied<br />Efficient and Secure Pre-deployment (ESP)<br />
  28. 28. Generated IDs<br />
  29. 29. Direct protocol<br />