Securing a Re-Taskable

waralligatorMobile - Wireless

Nov 21, 2013 (3 years and 8 months ago)

45 views

SPEDA 2010


August, 23
-
25, 2010, Atlanta, GA, USA

A. De
Benedictis
,
A.
Gaglione
,
N.
Mazzocca

Securing

a
Re
-
Taskable

Sensing

System


Seclab

Group


http://
www.seclab.unina.it

Dipartimento di Informatica e
Sistemistica

Università degli Studi di Napoli
Federico II

Via Claudio, 21


80125 Napoli


Italia

Email
: {
alessandra.debenedictis
,
andrea.gaglione
,

nicola.mazzocca
}@unina.it


1st
International
Workshop on Security and Performance
in
Emerging

Distributed

Architectures

(SPEDA 2010)

August 23
-
25, 2010, Atlanta, GA, USA

SPEDA 2010


August, 23
-
25, 2010, Atlanta, GA, USA

About me

Alessandra De
Benedictis


Ph
. D.
Student

in Computer and Control
Engineering at the
Department of
Computer Science

and System
of the
University of Naples Federico II


alessandra.debenedictis@unina.it

2


SPEDA 2010


August, 23
-
25, 2010, Atlanta, GA, USA

3


Outline


Overview of security issues in sensor
networks and background description



Introduction

of a secure
-
layer to guarantee
security requirements



Design and implementation details



Conclusions and future works

SPEDA 2010


August, 23
-
25, 2010, Atlanta, GA, USA

Motivation and security

challenges in sensor networks

4



Openness of wireless channels lets anyone be able to
monitor or participate in communications


WSN
applications

require
security
mechanisms


WSN features:


Very limited resources


limited memory and storage space


power limitations


Unreliable communication


unreliable transfer


conflicts (due to the broadcast nature of WSN)


latency


Unattended operations


exposure to physical attack


remote management makes impossible to detect physical
tampering and physical maintenance issues

SPEDA 2010


August, 23
-
25, 2010, Atlanta, GA, USA

Desired security requirements


Desired properties of a secure sensor


network communication architecture


Data authentication


allows a receiver to verify that data really was sent by the claimed
sender


Broadcast authentication



Data confidentiality


protect information traveling through the network


Data integrity


ensures the receiver that the received data has not been altered in
transit by an adversary


achieved through data authentication


Data freshness


implies that the data is recent


ensures protection against
replay attack

5


SPEDA 2010


August, 23
-
25, 2010, Atlanta, GA, USA

Symmetric
vs

Asymmetric

Cryptography


Limited computational complexity, well
suited for resource constrained devices
such as sensor nodes but...


Key management is a fundamental
concern

6


Alice

Bob

plaintext

plaintext

encryption

ciphertext

decryption

Alice

Bob

plaintext

plaintext

encryption

ciphertext

decryption

Bob’s
Public
Key

Bob’s
Privat
e Key

Symmetric Key

Encryption (SKE)

Public Key

Cryptography (SKC)


Stronger

degree

of

security

than

SKE

schemes,

greater

flexibility

and

manageability

but

also
..


Higher computation and storage
requirement


recent

works

demonstrated

the

feasibility

of

using

Elliptic

Curve

Cryptography

(ECC)

schemes

on

sensor

platforms,

due

to

their

fast

computation,

small

key

size

and

compact

signatures

features
.


Such

schemes

have

been

proved

to

guarantee

an

equivalent

security

degree

then

other

SKC

schemes

(such

as

RSA)

while

adopting

smaller

keys

and

requiring

slighter

computations
.

SPEDA 2010


August, 23
-
25, 2010, Atlanta, GA, USA

Tenet
: a
re
-
taskable

sensing

system (1/2)

7




The Tenet system is an
architecture for tiered sensor
networks, proposed by the
Uiversity

of LA (UCLA),
consisting of:



motes
: simple sensor nodes
processing locally
-
generated
sensor data



masters
:

relatively
unconstrained 32
-
bit platform
nodes, performing multi
-
node
data fusion and complex
application logic

Since

masters

have

relatively

plentiful

processing

and

storage

resources,

it

is

possible

to

implement

more

sophisticated

applications,

such

as

cryptographic

algorithms,

by

exploiting

their

capabilities

SPEDA 2010


August, 23
-
25, 2010, Atlanta, GA, USA

Tenet
: a
re
-
taskable

sensing

system (2/
2
)

8


And
return responses

Motes
process data
,

Applications run on masters,
and

masters task motes

periodic(1 min)
-
> sample(TEMPERATURE)
-
> Send()

A
task

is a linear data flow
program consisting of a sequence
of
tasklet

implementing such
functionality as timers, sampling,
data compression,
thresholding
,
statistical operations, and other
forms of simple signal processing.

Masters
can then
fuse the
results
,
re
-
task motes
or
trigger
other sensing functionalities

Example

of

task

The

tasking

system

enables

an

easier

application

development

and

a

significant

code

reuse
.

Mote

functionality

is

limited

to

executing

tasks

and

returning

responses,

thus

enabling

energy
-
efficient

operations
.

SPEDA 2010


August, 23
-
25, 2010, Atlanta, GA, USA

Proposal


Enhancement of the Tenet system, by
introducing a hybrid cryptosystem which
aims to:

1.
implement a mechanism for
key exchanging
between master and motes

2.
achieve
broadcast authentication
of tasking
messages by a master to the motes

3.
achieve
end
-
to
-
end encryption, integrity and
freshness
of response messages sent by motes to
the master

9


SPEDA 2010


August, 23
-
25, 2010, Atlanta, GA, USA

Enhanced Tenet software

architecture (1/2)

10


Master side

Improvement of the master side:



at application level:


-

introduction of the
ECC Library
to perform
ECC operations


-

addition of the
pubKeyExchange

element
to

the Tasking Library;


-

modification of the
TenetAPI

in order to
implement the digital signature of task
messages sent from masters to motes



at OS level:


-

integration of a cryptographic system, with the
management of the
keyfiles

containing the
secret keys shared between the master and
each of the motes

Tenet Applications

ECC
Library

Tasking

Library


+

pubKeyExchange

element

+

modified

TenetAPI

TinyOS_system
-
Minisec

Application

layer

OS
layer

Key
store



Application layer
: includes Tenet applications running on masters, and the Tenet Tasking Library,
which implements a collection of
composable

tasklet
.



OS layer
: implemented by
TinyOS

SPEDA 2010


August, 23
-
25, 2010, Atlanta, GA, USA

Enhanced Tenet software

architecture (2/2)

11


Mote side

Improvement of the mote side by
adding:



at application level: the new
tasklet

pubKeyExchange

to the Mote Tasking
Library, that aims to perform ECC
security operations according to the
ECDH key agreement technique



at OS level: integration of a
cryptographic system, with the
management of the
keyfile

containing
the secret key shared between the
master and the mote

Mote
Tasking

Library



+

TinyECC

library

+
pubKeyExchange

tasklet

+

modified

TaskInstaller

component

TinyOS_system
-
Minisec

Application

layer

Key file

OS
layer

SPEDA 2010


August, 23
-
25, 2010, Atlanta, GA, USA

Adopted technologies


TinyOS

and
MiniSec
:
MiniSec

provides a secure network layer by
modifying the
TinyOS

network
stack:


GenericComm



generic network stack


AMStandard



Active Message
transmission


Provides data confidentiality,
authentication and replay protection


provides for authentication and secrecy
with a few block cipher calls (OCB
mode)



better

security and low energy
consumption



Implementation for
Telos

motes


300 bytes of RAM, 3KB of code memory

12



TinyECC
: a configurable library for
ECC operations in wireless sensor
networks


Includes
support

for

the ECC
schemes
:


ECDH
-

key agreement scheme


ECDSA
-

digital signature scheme


ECIES


encryption scheme



Easily integrated in sensor networks
applications



It has been tested on
MicaZ
,
TelosB

and Imote2 platforms running
TinyOS



SPEDA 2010


August, 23
-
25, 2010, Atlanta, GA, USA

1
-

Key agreement

13



Achieved via Tenet
tasking system by
adding a new
tasklet

which performs ECC
security operations
according to the
ECDH key
agreement
tecnique


pubKeyExchange
(
PPx
,
PPy
)
-
>Send()


SPEDA 2010


August, 23
-
25, 2010, Atlanta, GA, USA

2
-

Broadcast
a
uthentication


Broadcast tasking messages from master to motes must be authenticated
in such a way each mote can verify the identity of the master node:



master node signs tasking messages with its own private key and sends
them to motes together with the signature.



on mote side the signature is verified with the master public key.



Achieved by implementing the ECDSA scheme by using the primitives
provided by
TinyECC
.



Constraints:



during the initialization phase of the system the master should generate a
key pair (private key


public key) and store its private key in the
ECC
Library
.



each mote should be preloaded with the public key of the master

14


SPEDA 2010


August, 23
-
25, 2010, Atlanta, GA, USA

3
-

End
-
to
-
end confidentiality, integrity


and freshness of response messages

15



Achieved by opportunely integrating the
MiniSec

security layer into the Tenet system:





plain

task

Encrypted

response

message

shared

key

MASTER

MOTE



Motes perform encryption of
outgoing task response
messages which are identified
with a specific
tag
;




Master decrypts incoming
task response messages
identified with the above
mentioned specific tag



SPEDA 2010


August, 23
-
25, 2010, Atlanta, GA, USA

16


Conclusions and future works


We have proposed the design of a hybrid cryptosystem aimed to
secure the Tenet architecture.


We have combined symmetric and asymmetric cryptographic
schemes in order to achieve key exchange mechanisms (through
the definition of a specific
tasklet
), end
-
to
-
end encryption, integrity
and freshness of response packets sent from motes to the master,
and broadcast authentication of tasking messages coming from the
master to motes




In Future works we plan to set up a more complete
testbed

for the
evaluation of our schemes in terms of achieved security level,
energy consumption and performances. Furthermore we intend to
port our code to
TinyOS

2.x in order to be compliant with Tenet
-
t2
release as well as to port it to other sensor platforms.

SPEDA 2010


August, 23
-
25, 2010, Atlanta, GA, USA

17


Thanks for your kind attention


For any questions contact us