Security in Wireless

flangeeasyMobile - Wireless

Nov 21, 2013 (4 years and 7 months ago)


Security in Wireless
Sensor Networks

Perrig, Stankovic, Wagner

Jason Buckingham

CSCI 7143: Secure Sensor Networks

August 31, 2004

Introduction to sensor networks

Security Issues

Key establishment & setup

Secrecy & Authentication


Robustness to DOS

Secure Routing

Resilience to node capture

Secure Group Management

Intrusion Detection

Secure Data Aggregation

Secure Sensor Network Research

Broad Range of Applications

Wildlife Monitoring

Machinery Performance

Building Safety

Military Applications

Health Monitoring

Countless other applications

Most applications require some level of security!

Traditional security cannot
be applied directly

Sensor device limitations

Power, Processing, and Communication

Nodes are often physically accessible,
allowing possible physical attacks

Sensor networks interact with their
environments and with people

Security Research Issues

These new problems present an
opportunity to properly address network

Security is NOT a standalone

it must be integrated into
every component

Key Establishment & Setup

Why not use existing protocols?

Public key cryptography has too much
system overhead for sensor networks

Key establishment techniques must scale
well to hundreds or thousands of nodes

Sensor nodes have different
communication needs

Key Establishment


Establish a network wide shared key

Problem: if one node is compromised, the whole
network is compromised

Instead use shared symmetric keys between
each pair of nodes that are preconfigured

Problem: It doesn’t scale well!

For an

node network, each node must store
1 keys,

* (

1) / 2
total keys are needed.

Combine the above: use a network wide key
to establish link keys, then erase the
networkwide key.

Problem: New nodes cannot be added after initial

Key Establishment

Solutions (cont.)

Bootstrapping Keys

each node shares a single key with the base station
and the base station sets up keys between pairs.

Problem: requires a trusted base station that is the
central point of failure

Random Key Predistribution

choose a large pool of symmetric keys, and give each
node a random subset of the pool

not all nodes share a common key, but the network
will still be fully connected if the probability of two
nodes sharing a key is sufficiently high

Problem: once compromising a sufficient number of
nodes, attackers could reconstruct the entire pool and
break the scheme

Secrecy & Authentication


end cryptography

Provides high level of security, but requires that
keys be set up among all end points

Incompatible with passive participation and local

layer cryptography

Simplifies key setup

Supports passive participation and local

Problem? Intermediate nodes can eavesdrop and
alter messages. Is this really a problem?

Cryptography Issues

Performance Costs

Extra computation

Could be reduced by additional hardware but this
increases node cost and will it really fix the problem?

Increases packet size

Recent research shows that most of the
performance overhead is attributable to increased
packet size, not additional computation

This limits how much dedicated cryptographic hardware
will help

Robustness to Denial of

Adversaries can simply broadcast a high
energy signal or violate the 802.11 MAC
protocol to disrupt communication


Spread spectrum communication, but
cryptographically secure spread spectrum radios
are not commercially available

Automated defense, by simply routing around the
jammed portion of the network

Secure Routing

Current routing protocols suffer security

DOS attacks, packet injection, replay

Resilience to Node Capture

Sensor networks are highly susceptible

the compromise of a single node
usually compromises the entire network

This is more of a problem because
sensor networks often lack physical

Solutions to Node Capture

Physical solution

tamper resistant packaging


Create algorithms that use majority voting
schemes; send packets along multiple
independent paths and check for consistency

Gather redundant data and analyze for

Secure Group Management

Groups of nodes perform data aggregation
and analysis (tracking a moving object)

The group may change continuously and

Protocols are needed for admitting new
group members and supporting secure
communication with the group

Solutions conserve time and energy

Intrusion Detection

Classic intrusion detection is very
expensive in terms of memory, energy,
and bandwidth

To develop a solution, typical threat
models must be analyzed

Secure groups may be a possible
solution for decentralized intrusion

Secure Data Aggregation

Tons of data can be collected from the
various nodes in the network

How do we aggregate the data so as to
reduce network traffic to the base

Aggregation locations must be secured


How do we prevent sensor networks
from being used to violate privacy?

Devices are becoming smaller, cheaper,
and more effective at surveillance


New laws, technological responses, and

Other Issues

What cryptographic algorithms are best
suited for use in sensor networks?

Public key cryptography? Too expensive!

DES/Triple DES



We need something that fits the processing
and memory requirements of our nodes

Secure Sensor Network

How can we build security into sensor
networks from the outset?

Advantages of sensor networks

Many applications will be deployed under
a single administrative domain

It may be possible to exploit redundancy,
scale, and physical characteristics