Security in Wireless
Sensor Networks
Perrig, Stankovic, Wagner
Jason Buckingham
CSCI 7143: Secure Sensor Networks
August 31, 2004
•
Introduction to sensor networks
•
Security Issues
–
Key establishment & setup
–
Secrecy & Authentication
–
Privacy
–
Robustness to DOS
–
Secure Routing
–
Resilience to node capture
–
Secure Group Management
–
Intrusion Detection
–
Secure Data Aggregation
–
Secure Sensor Network Research
Broad Range of Applications
•
Wildlife Monitoring
•
Machinery Performance
•
Building Safety
•
Military Applications
•
Health Monitoring
•
Countless other applications
Most applications require some level of security!
Traditional security cannot
be applied directly
•
Sensor device limitations
–
Power, Processing, and Communication
•
Nodes are often physically accessible,
allowing possible physical attacks
•
Sensor networks interact with their
environments and with people
Security Research Issues
•
These new problems present an
opportunity to properly address network
security
•
Security is NOT a standalone
component
–
it must be integrated into
every component
Key Establishment & Setup
•
Why not use existing protocols?
–
Public key cryptography has too much
system overhead for sensor networks
–
Key establishment techniques must scale
well to hundreds or thousands of nodes
–
Sensor nodes have different
communication needs
Key Establishment
-
Potential
Solutions
•
Establish a network wide shared key
–
Problem: if one node is compromised, the whole
network is compromised
•
Instead use shared symmetric keys between
each pair of nodes that are preconfigured
–
Problem: It doesn’t scale well!
•
For an
n
node network, each node must store
n
-
1 keys,
and
n
* (
n
–
1) / 2
total keys are needed.
•
Combine the above: use a network wide key
to establish link keys, then erase the
networkwide key.
–
Problem: New nodes cannot be added after initial
deployment
Key Establishment
-
Potential
Solutions (cont.)
•
Bootstrapping Keys
–
each node shares a single key with the base station
and the base station sets up keys between pairs.
–
Problem: requires a trusted base station that is the
central point of failure
•
Random Key Predistribution
–
–
choose a large pool of symmetric keys, and give each
node a random subset of the pool
–
not all nodes share a common key, but the network
will still be fully connected if the probability of two
nodes sharing a key is sufficiently high
–
Problem: once compromising a sufficient number of
nodes, attackers could reconstruct the entire pool and
break the scheme
Secrecy & Authentication
–
Cryptography
•
End
-
to
-
end cryptography
–
Provides high level of security, but requires that
keys be set up among all end points
–
Incompatible with passive participation and local
broadcast
•
Link
-
layer cryptography
–
Simplifies key setup
–
Supports passive participation and local
broadcast
–
Problem? Intermediate nodes can eavesdrop and
alter messages. Is this really a problem?
Cryptography Issues
•
Performance Costs
–
Extra computation
•
Could be reduced by additional hardware but this
increases node cost and will it really fix the problem?
–
Increases packet size
–
Recent research shows that most of the
performance overhead is attributable to increased
packet size, not additional computation
•
This limits how much dedicated cryptographic hardware
will help
Robustness to Denial of
Service
•
Adversaries can simply broadcast a high
-
energy signal or violate the 802.11 MAC
protocol to disrupt communication
•
Solutions?
–
Spread spectrum communication, but
cryptographically secure spread spectrum radios
are not commercially available
–
Automated defense, by simply routing around the
jammed portion of the network
Secure Routing
•
Current routing protocols suffer security
vulnerabilities
–
DOS attacks, packet injection, replay
attacks
Resilience to Node Capture
•
Sensor networks are highly susceptible
–
the compromise of a single node
usually compromises the entire network
•
This is more of a problem because
sensor networks often lack physical
security
Solutions to Node Capture
•
Physical solution
–
tamper resistant packaging
•
Software:
–
Create algorithms that use majority voting
schemes; send packets along multiple
independent paths and check for consistency
–
Gather redundant data and analyze for
consistency
Secure Group Management
•
Groups of nodes perform data aggregation
and analysis (tracking a moving object)
•
The group may change continuously and
quickly
•
Protocols are needed for admitting new
group members and supporting secure
communication with the group
•
Solutions conserve time and energy
Intrusion Detection
•
Classic intrusion detection is very
expensive in terms of memory, energy,
and bandwidth
•
To develop a solution, typical threat
models must be analyzed
•
Secure groups may be a possible
solution for decentralized intrusion
detection
Secure Data Aggregation
•
Tons of data can be collected from the
various nodes in the network
•
How do we aggregate the data so as to
reduce network traffic to the base
station?
•
Aggregation locations must be secured
Privacy
•
How do we prevent sensor networks
from being used to violate privacy?
–
Devices are becoming smaller, cheaper,
and more effective at surveillance
•
Solutions?
–
New laws, technological responses, and
awareness
Other Issues
•
What cryptographic algorithms are best
suited for use in sensor networks?
–
Public key cryptography? Too expensive!
–
DES/Triple DES
–
AES
–
RC5
•
We need something that fits the processing
and memory requirements of our nodes
Secure Sensor Network
Research
•
How can we build security into sensor
networks from the outset?
•
Advantages of sensor networks
–
Many applications will be deployed under
a single administrative domain
–
It may be possible to exploit redundancy,
scale, and physical characteristics
Enter the password to open this PDF file:
File name:
-
File size:
-
Title:
-
Author:
-
Subject:
-
Keywords:
-
Creation Date:
-
Modification Date:
-
Creator:
-
PDF Producer:
-
PDF Version:
-
Page Count:
-
Preparing document for printing…
0%
Σχόλια 0
Συνδεθείτε για να κοινοποιήσετε σχόλιο