Security in Wireless Sensor

flangeeasyΚινητά – Ασύρματες Τεχνολογίες

21 Νοε 2013 (πριν από 4 χρόνια και 1 μήνα)

72 εμφανίσεις

1

Security in Wireless Sensor
Networks

Group Meeting

Fall 2004


Presented by Edith Ngai

2

Outline


Wireless Sensor Networks (WSN)


Security in WSN


Key Management Approaches


Straight Forward Approach


Basic Probabilistic Approach


Deployment
-
based Approach


Conclusion


References

3

Wireless Sensor Networks


A sensor network is
composed of a large number
of sensor nodes


Sensor nodes are small, low
-
cost, low
-
power devices that
have following functionality:


communicate on short
distances


sense environmental data


perform limited data
processing


The network usually also
contains “sink” node which
connects it to the outside
world



Berkeley Motes

4

Applications


WSN can be used to monitor the conditions of
various objects / processes


Military: battlefield surveillance, biological attack
detection, targeting


Ecological: fire detection, flood detection, agricultural
uses


Health related: human physiological data monitoring


Miscellaneous: car theft detection, inventory control,
home applications


Sensors are densely deployed either inside or very
close to the monitored object / process

5

Security in WSN


Main security threats in WSN are:


Radio links are insecure


eavesdropping / injecting
faulty information is possible


Sensor nodes are not temper resistant


if it is
compromised the attacker obtains all security
information


Protecting
confidentiality
,
integrity
, and
availability

of the communications and
computations


6

Why Security is Different?


Sensor Node Constraints


Battery


CPU power


Memory


Networking Constraints and Features


Wireless


Ad hoc


Unattended

7

Key Management: Goals


The protocol must establish a key between all sensor
nodes that must exchange data securely


Node addition / deletion should be supported


It should work in undefined deployment environment


Unauthorized nodes should not be allowed to establish
communication with network nodes


8

Key Management Problem

Secure Channels

Deploy

Sensors

9

Approaches


Trusted
-
server schemes


Finding trusted servers is difficult


Public
-
key schemes


Expensive and infeasible for sensors


Key pre
-
distribution schemes


10


Loading Keys into sensor nodes
prior to

deployment


Two nodes find a common key between them
after deployment


Challenges


Memory/Energy efficiency


Security: nodes can be compromised


Scalability: new nodes might be added later

Key Pre
-
distribution

11

Straight Forward Approach


Single mission key is obviously unacceptable


Pairwise private key sharing between every two
nodes is impractical because of the following reasons:


it requires pre
-
distribution and storage of n
-
1 keys in each
node which is n(n
-
1)/2 per WSN


most of the keys would be unusable since direct
communication is possible only in the nodes neighborhood


addition / deletion of the node and re
-
keying are complex

12

Basic Probabilistic Approach


Proposed by Eschenauer and Gligor


Relies on probabilistic key sharing among nodes of
WSN


Uses simple shared
-
key discovery protocol for key
distribution, revocation and node re
-
keying


Three phases are involved: key pre
-
distribution,
shared
-
key discovery, path
-
key establishment


13

Eschenauer
-
Gligor Scheme

Each node

randomly

selects m

keys

A

B

E

Key Pool



S

D

C


When |S| = 10,000, m=75

Pr (two nodes have a common key) =
0.50

14

Establishing Secure Channels

A

C

B

15

Observations and Objectives

A

B

F

Problem: How to pick a large key pool while
maintaining high connectivity? (i.e. maintain
resilience while ensuring connectivity)

16

Deployment
-
based Scheme



Proposed by Du, et. al (IEEE Infocom 2004)


Improves Random Key Predistribution (Eschenauer
and Gligor) by exploiting Location Information


Studies a Gaussian distribution for deployment of
Sensor nodes to improve security and memory
usage


17

Deployment
-
based Scheme


Groups select from key group S (i,j)





Probability node is in a certain group is (1 / tn).


n
j
t
i
S
S
j
i
..
1
,
,...
1
,
,




18

Step 1 : Key Pre
-
distribution

-

Key Sharing Among Key Pools
-

b

b

b

b

A

B

C

F

H

I

D

G

a

a

a

a

a

a

b

Horizontal

Vertical

Diagonal

19

Step 1 : Key Pre
-
distribution

-

Key Sharing Among Key Pools
-










Determining |Sc|




When |S| = 100,000, t = n = 10, a = 0.167, b = 0.083

|Sc| = 1770


20

Step 2: Shared
-
key Discovery


Takes place during initialization phase after WSN
deployment. Each node discovers its neighbor in
communication range with which it shares at least one
key


Nodes can exchange IDs of keys that they poses and
in this way discover a common key


A more secure approach would involve broadcasting a
challenge for each key in the key ring such that each
challenge is encrypted with some particular key. The
decryption of a challenge is possible only if a shared
key exists

21

Step 3: Path
-
key Establishment


During the path
-
key establishment phase path
-
keys
are assigned to selected pairs of sensor nodes that
are within communication range of each other, but do
not share a key


Find secure path by using flooding method


Limit the lifetime of the flooding message to three hops to reduce
flooding overhead


Share random key K by using secure path

22

Local Connectivity


With 100 keys, location management improves local
connectivity from 0.095 to 0.687




23

Network Resilience


What is the damage
when x nodes are
compromised?


These x nodes contain
keys that are used by
the good nodes


What percentage of
communications can be
affected?

24

Conclusion


Robust security mechanisms are vital to the
wide acceptance and use of senor networks for
many applications


Security in WSN is quite different from traditional
(wired) network security


Various peculiarities of WSN make the
development of good key scheme a challenging
task


We have discussed several approaches to key
management in WSN


25

References


I. F. Akyildiz, W. Su, Y. Sankarasubramaniam, and E. Cyirci.
Wireless Sensor Networks: A Survey. Computer Networks,
38(4):393
-
422, 2002.


L. Eschenauer and V. Gligor. A Key
-
Management Scheme for
Distributed Sensor Networks. In Proc. of ACM CCS’02, November
2002.


H. Chan, A. Perrig, and D. Song. Random Key Predistribution
Schemes for Sensor Networks. In 2003 IEEE Symposium on
Research in Security and Privacy.


W. Du, J. Deng, Y. Han, S. Chen, and P. Varshney. A Key
Management Scheme for Wireless Sensor Networks Using
Deployment Knowledge. IEEE Infocom 2004.