1 / 27

Research on Sensor Network Security

2005 TRES meeting. Research on Sensor Network Security. Peng Ning Cyber Defense Laboratory Department of Computer Science NC State University. Outline. Background Challenges Our research strategy Investigated problems Key management Broadcast authentication Secure location discovery

quito
Download Presentation

Research on Sensor Network Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. 2005 TRES meeting Research on Sensor Network Security Peng Ning Cyber Defense Laboratory Department of Computer Science NC State University

  2. Outline • Background • Challenges • Our research strategy • Investigated problems • Key management • Broadcast authentication • Secure location discovery • Secure clock synchronization • Possible collaboration

  3. Background on Sensor Networks • A sensor network consists of a large number of sensor nodes • Low cost • Resource constrained • Wireless communication • Sensor networks are ideal candidates for • Critical infrastructure protection • Environment monitoring • Military operations • …

  4. Challenges in Sensor Network Security • Resource constraints • Limited storage, computation, and communication • Expensive mechanisms such as public key cryptography is not practical • Depletable resources (e.g. battery power) • Resource consumption attacks • Threat of node compromises • Sensor nodes are usually deployed in an unattended fashion • Subject to node captures

  5. Challenges (Cont’d) • Local computation/communication v.s. global threat • Sensor network applications often depend on local computation and communication due to resource constraints • A determined attacker may • Attack any node in a network, and • Use information gathered from compromised nodes to attack non-compromised ones

  6. Research Strategy • Cryptographic services • Broadcast authentication • Key management • Security mechanisms for fundamental services • Clock synchronization • Secure location discovery • Secure aggregation and in-network processing • Cluster formation/cluster head election

  7. Research Strategy (Cont’d) • Securing sensor network applications • Surveillance • Tracking of moving targets • … • Other desirable security services • Example: Intrusion detection • A desirable component • Require different solutions than traditional techniques

  8. Investigated Research Problems • Pairwise key establishment • Broadcast authentication • Secure location discovery • Secure clock synchronization Supported by NSF Cyber Trust and CAREER

  9. Pairwise Key Establishment • Problem: How to establish pairwise keys between nodes that may communicate with each other? • Between arbitrary pairs of nodes • Between neighbor nodes • Challenges • Resource constraints (limited computation, storage, communication capabilities) • Threat of compromised nodes • Our solutions • Polynomial-pool based key pre-distribution (TinyKeyMan) • Location-based key pre-distribution • Group-based key pre-distribution

  10. The Polynomial-Based Scheme • Blundo et al. CRYPTO’92 • Pre-distribution: • A t-degree f(x,y) over finite field Fq: f(x,y)=f(y,x) • Each node i gets assigned a polynomial sharef(i,x) Node j Node i f(j,x) f(i,x) f(j,i) f(i,j) =

  11. Properties and Limitations • Properties • Threshold property: unconditionally secure for up to t compromised nodes even they collude together • Storage: (t +1)log q bits • Computation: t modular multiplications and t modular additions • No communication overhead • Limitations • Insecure when more than t sensor nodes are compromised • An invitation for node compromise attacks

  12. Polynomial Pool Based Key Pre-Distribution • The main idea • Use multiple polynomials (polynomial pool) • Three phases: • Pre-Distribution: pre-distribute secrets • Direct key establishment: setup direct keys • Path key establishment: setup indirect keys

  13. A subset: {fj(i, y), …, fk(i, y)} Predetermination Random f1(x,y), f2(x,y), …, fn(x,y) i Random polynomial pool F Phase 1: Pre-Distribution • The key issue: Subset Assignment

  14. {f1(i,y), f3(i,y), f9(i,y)} {f2(j,y), f3(j,y), f8(j,y)} 1,3,9 j i 2,3,8 j{2,3,8} Phase 2: Direct Key Establishment • The key issue: Share Discovery 1. Real-time Discovery 2. Predetermination

  15. {1,5,6} j i {2,7,10} {1,2,7} j{k} Phase 3: Path Key Establishment • The key issue: Path Discovery {2,4,8} {1,3,9} 1. Real-time Discovery 2. Predetermination

  16. f1(x,y), f2(x,y), …, fn(x,y) One Simple Instance:Random Subset Assignment Scheme • Phase 1: Subset assignment • Random A random subset: {fj(i, y), …, fk(i, y)} i Random polynomial pool F

  17. Broadcast a list of challenges. Broadcast IDs in clear text. fj, …, fk , Ekv(), v = 1, …, m. i i j j Random Subset Assignment (Cont’d) • Phase 2: Polynomial share discovery • Real-time discovery

  18. i j k Random Subset Assignment (Cont’d) • Phase 3: Path discovery • Node i contacts nodes with which it shares a key; any node that also shares a key with j replies.

  19. Resilience against Compromised Sensors • Comparison with basic probability and q-composite schemes • Probability to establish direct keys p = 0.33 • Each sensor has storage equivalent to 200 keys

  20. More Schemes • Random key pre-distribution • Grid-based pairwise key pre-distribution • Hybercube-based pairwise key pre-distribution • Location-based key pre-distribution • Pre-deployment knowledge • sensors’ expected locations • Post-deployment knowledge • Group-based key pre-distribution • Related publications • ACM CCS 03, ACM SASN 03, ACM TISSEC 05, ACM TOSN (under revision)

  21. Key: n bits l bits each f1(i,y) f2(i,y) fr(i,y) Polynomials over Fq’ Same storage as 1 polynomial over Fq node ID j Implementation: TinyKeyMan • Observations • Node IDs are chosen from a field much smaller than keys • Field for cryptographic keys: Fq • Field for node IDs: Fq’ • Special fields: q’=216+1, q’ = 28+1 • No division operation is needed for modular multiplications

  22. Computational Cost

  23. Memory Requirements

  24. Broadcast Authentication • Problem: How to broadcast authenticated messages in large sensor networks • Previous solution TESLA isn’t scalable • Our solutions • Multi-level TESLA (NDSS 03, ACM TECS 04) • Merkle tree based TESLA (under review) • Also address revocation of broadcasting nodes

  25. Secure Location Discovery • Problem: How can sensors securely determine their locations even if there are malicious external or insider attacks • Our solutions • Detect localization anomalies using deployment knowledge (IPDPS 05) • Beaconless location discovery (Infocom 05) • Tolerate malicious location references (under review) • Detect malicious beacon nodes (under review)

  26. Secure Clock Synchronization • Problem: How to distribute a common clock throughout sensor networks • Our solutions • Resilient clock distribution (under review) • Multi-path-based resilient clock distribution (under review) • Cluster-wise fault tolerant clock synchronization (under revision)

  27. Possible Collaboration • My interests • Long-term • Anything about information security • Short-term • Sensor and ad-hoc network security • Intrusion detection • Software security

More Related