Chapter x: Security and Cryptography

daughterinsectAI and Robotics

Nov 21, 2013 (3 years and 8 months ago)

74 views

Chapter x: Security and Cryptography

Cryptography is essential to successful WSN, and plays many roles. Broadly these fall
into three categories: confidentiality, integrity, and authenticity, which have an
entertaining acronym.

Confidentiality

Often in th
e first discussions about a new application, i
t is common for the first reaction
to be “I don’t need security”, by which people mean that they don’t need their data to be
encrypted. The reality is that this is almost never true, and of course security cov
ers
much more than just encrypting data, as we will see below.

One of the earliest deployments of wireless sensors at Berkeley was a light and
temperature sensor that we put into every room on one of the floors of Cory Hall. We
didn’t encrypt the data. N
o sooner had we deployed the sensors than some people
expressed the concern that someone would be able to figure out how long and when they
were working (based on light level). One of the graduate students took two motes home
with him


one was plugged in
to his laptop, the other was sitting on his dresser. Looking
at the traces from the light and temperature sensors, it’s amazing what information you
can pick up. You can see the laptop mote cool off when the laptop shuts down, giving an
idea of when he w
ent to bed. You can see the sun come up in the morning, and a
disturbance in the light level indicating when his girlfriend got up and went to work.
Much later, you can see the student get up, and that the first thing that he does is boot up
his laptop!

Figure
1

24 hours of light and temperature in a graduate student's appartment.

Would you want this information available to anyone who happened to have a radio to
receive it? Most people wouldn’t and some would be quite adamant.
Any product which
does home automation must at least have a mode of operation where all of the data is
encrypted.

So how do we keep messages secret? Caesar had a simple way. He
is supposed to have
used a simple substitution cipher, in which each letter o
f the plaintext is replaced by a
different letter to get the ciphertext, with the same mapping used throughout the
document. In a Caesar cipher, the substitution is just a shift of the alphabet, for example
a shift of three: A

D, B

E, C

F, …, W

Z, X

A, Y

B, Z

C. This is simple to
do, but obviously pretty simple to break. The study of breaking cryptosystems is
cryptoanalysis, and the cryptoanalysts are quite good at what they do. There’s only one
encryption system that is known to be unbreakable: the one
-
time pad.

One
-
time pad

If you and I get together and roll a 26
-
sided die over and over, and we write down what
number comes up each time, the result is a one
-
time pad. We each take a copy, and never
show it to anyone. When you want to send me a five
-
let
ter message “HELLO” you take
the first five numbers on your pad, say {5, 26, 2, 1, 9}

and shift each letter by the
corresponding number on the pad:
H

M, E

D, L

N, L

M, O

X. So “HELLO”
becomes “MDNMX”. Notice that unlike the Caesar cipher, the two L’s don
’t end up
encrypting to the same thing in this message, and that both H and L encrypt to M. When
I receive the message, I take the first 5 numbers on my pad (the same numbers as on your
pad) and subtract them, and I get back the original message. As long

as no one else
knows what’s on our two pads, and our 26
-
sided die is in fact random, our code is
unbreakable. In case we get out of sync, you can even write in plain text in the message
“Hey Kris, I’m using page 3, numbers 11 through 15 to encrypt this m
essage” and it
doesn’t give anyone any help at all (except me!).

Integrity

Replay

Authenticity

Symmetric Key and Public Key Tools

AES128 Cipher

CTR mode

Storing lots of one
-
time pads on a mote is an inconvenient way to encrypt messages.
Fortunately, a blo
ck cipher offers a convenient mechanism for storing very little, and still
being able to generate arbitrarily long one
-
time pads when we need them.

CBC mode

CCM* mode

Integrity: bit error rate and intentional attack

Broadcast authentication

Random Number G
enerators

Access control lists

Certificates

Key exchange