Public Key Authentication in Wireless Sensor Network (2)

waralligatorΚινητά – Ασύρματες Τεχνολογίες

21 Νοε 2013 (πριν από 3 χρόνια και 10 μήνες)

105 εμφανίσεις

INFORMATION SECURITY RESEARCH LABORATORY

인천광역시

용현동

253
인하대학교

하이테크센터

307


+82
-
32
-
876
-
8424

情報保護硏究室

Public Key Authentication in
Wireless Sensor Network (2)

Jeonil

Kang

(dreamx@seclab.inha.ac.kr)

INFORMATION SECURITY RESEARCH LABORATORY

인천광역시

용현동

253
인하대학교

하이테크센터

307


+82
-
32
-
876
-
8424

情報保護硏究室

2

Public Key Cryptography


Key agreement problem in wireless sensor network


“How to set up secret keys between communicating nodes.”


Symmetric key techniques


The secret keys are pre
-
distributed among sensors before their
deployment.


Due to the limitation on memory, symmetric key techniques are not able
to achieve both a perfect connectivity and a perfect resilience for large
-
scale sensor networks.



Public key cryptography


eliminate the connectivity and resilience problems.


Common criticism: computational complexity and communication
overhead.


ECC signature verification: 1.62s (160
-
bit
Atmega

128)



PKC becomes widely accepted for WSNs.

INFORMATION SECURITY RESEARCH LABORATORY

인천광역시

용현동

253
인하대학교

하이테크센터

307


+82
-
32
-
876
-
8424

情報保護硏究室

3

Public Key Authentication

A

B

CA

PK
CA

A

B

C

B
<CA>

B
<CA>

B
<A>

B
<A>

PK
A

D

E

C

C
<CA>

C
<CA>

D
<E>

D
<E>

PK
E

Non
-
certificate

Certificate

INFORMATION SECURITY RESEARCH LABORATORY

인천광역시

용현동

253
인하대학교

하이테크센터

307


+82
-
32
-
876
-
8424

情報保護硏究室

4

Public Key Authentication with Hash


Naïve Scheme: Trusted hash value


instead of trusted public key


This method still has the memory
-
usage problem.



Memory
-
Efficient Scheme:
Merkle

Tree

Φ(L
i
)=hash(
id,pk
i
)

Φ(V)=hash(Φ(
V
left
)||Φ(
V
right
))

Root Hash

INFORMATION SECURITY RESEARCH LABORATORY

인천광역시

용현동

253
인하대학교

하이테크센터

307


+82
-
32
-
876
-
8424

情報保護硏究室

5

Merkle

Tree

Root Hash

A

A’s proof

id
A
,
pk
A
,
A’s proof

B

Root Hash

Communication Overhead = L
×

H

N
lg
H=

INFORMATION SECURITY RESEARCH LABORATORY

인천광역시

용현동

253
인하대학교

하이테크센터

307


+82
-
32
-
876
-
8424

情報保護硏究室

6

Deployment Knowledge

INFORMATION SECURITY RESEARCH LABORATORY

인천광역시

용현동

253
인하대학교

하이테크센터

307


+82
-
32
-
876
-
8424

情報保護硏究室

7

Deployment Knowledge

INFORMATION SECURITY RESEARCH LABORATORY

인천광역시

용현동

253
인하대학교

하이테크센터

307


+82
-
32
-
876
-
8424

情報保護硏究室

8

2D Grid Based Scheme

A

A

B

B

S

C

D

C

D

S

S

1
lg

N
N
lg
Proof served by S

Proof served by C

Worst Case

S’

INFORMATION SECURITY RESEARCH LABORATORY

인천광역시

용현동

253
인하대학교

하이테크센터

307


+82
-
32
-
876
-
8424

情報保護硏究室

9

Intersection Node & Loop Model


When a intersection node was compromised,

B

C

B

C

1
lg

N
1
lg

N
No Way!

S

S

1
lg

N
1
lg

N
1
lg

N
INFORMATION SECURITY RESEARCH LABORATORY

인천광역시

용현동

253
인하대학교

하이테크센터

307


+82
-
32
-
876
-
8424

情報保護硏究室

10

Memory / Communication Trade
-
off

1
lg
1
lg
2
:
)
1
(





N
N
p
p
c
r
2D Grid Based Scheme (2 Root Hash)

Basic Scheme (2 Root Hash) = 1D GBS

N
p
r
lg
:
1
lg
:

N
p
c
1
lg
:
1

N
Du Scheme (2 Root Hash)

N
p
lg
:
N
p
lg
:
)
1
(

p
p
r

1
1
)
1
(




N
N
p
p
c
This is 1.5D GBS!

INFORMATION SECURITY RESEARCH LABORATORY

인천광역시

용현동

253
인하대학교

하이테크센터

307


+82
-
32
-
876
-
8424

情報保護硏究室

11

Basic / Du / 1.5D GBS

0
2
4
6
8
10
12
14
16
0.1
0.2
0.3
0.4
0.5
0.6
0.7
0.8
0.9
1
Communication Overhead

p

Basic (2K)
Du (2K)
1.5D GBS (2K)
Basic (10K)
Du (10K)
1.5D GBS (10K)
INFORMATION SECURITY RESEARCH LABORATORY

인천광역시

용현동

253
인하대학교

하이테크센터

307


+82
-
32
-
876
-
8424

情報保護硏究室

12

3D GBS on 2D

A

B

S

C

D

S’

1
lg
1
lg
2
:
)
1
(
3
2
1






N
N
p
p
p
3D Grid Based Scheme (3 Root Hash)

N
p
lg
:
1
1
lg
:
2

N
p
1
lg
:
3

N
p
INFORMATION SECURITY RESEARCH LABORATORY

인천광역시

용현동

253
인하대학교

하이테크센터

307


+82
-
32
-
876
-
8424

情報保護硏究室

13

3D GBS on 3D

B

S

C

3D Grid Based Scheme (3 Root Hash)

S’

1
lg
1
lg
2
:
)
1
(
3
2
1






N
N
p
p
p
N
p
lg
:
1
1
lg
:
2

N
p
1
lg
:
3

N
p
INFORMATION SECURITY RESEARCH LABORATORY

인천광역시

용현동

253
인하대학교

하이테크센터

307


+82
-
32
-
876
-
8424

情報保護硏究室

14

3D GBS on 3D

B

S2

C

S1

3D Grid Based Scheme (3 Root Hash)

3
1
lg
:
N
p
1
lg
:
3
2

N
p
1
lg
:
3
3

N
p
1

2

3

1
lg
2
:
3
12

N
p
1
lg
2
:
3
13

N
p
2
lg
2
:
3
23

N
p
2
lg
3
:
)
1
(
3



N
p
INFORMATION SECURITY RESEARCH LABORATORY

인천광역시

용현동

253
인하대학교

하이테크센터

307


+82
-
32
-
876
-
8424

情報保護硏究室

15

Basic / Du / 2.5D GBS

0
2
4
6
8
10
12
0.1
0.2
0.3
0.4
0.5
0.6
0.7
0.8
0.9
1
Communication Overhead

p

Basic (2K)
Du (2K)
2.5D GBS (2K)
INFORMATION SECURITY RESEARCH LABORATORY

인천광역시

용현동

253
인하대학교

하이테크센터

307


+82
-
32
-
876
-
8424

情報保護硏究室

16

Basic / Du / 2.5D GBS

0
2
4
6
8
10
12
14
1000
2000
3000
4000
5000
6000
7000
8000
9000
10000
Communication Overhead

Network Size

Basic
Du (0.75)
2.5D GBS (0.75)
INFORMATION SECURITY RESEARCH LABORATORY

인천광역시

용현동

253
인하대학교

하이테크센터

307


+82
-
32
-
876
-
8424

情報保護硏究室

17

M
-
D GBS

M
N
lg
Is This Possible on 2D or 3D?