1 / 25

Security in Wireless Sensor Networks

Security in Wireless Sensor Networks. Group Meeting Fall 2004 Presented by Edith Ngai. Outline. Wireless Sensor Networks (WSN) Security in WSN Key Management Approaches Straight Forward Approach Basic Probabilistic Approach Deployment-based Approach Conclusion References.

charmaine
Download Presentation

Security in Wireless Sensor Networks

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Security in Wireless Sensor Networks Group Meeting Fall 2004 Presented by Edith Ngai

  2. Outline • Wireless Sensor Networks (WSN) • Security in WSN • Key Management Approaches • Straight Forward Approach • Basic Probabilistic Approach • Deployment-based Approach • Conclusion • References

  3. Wireless Sensor Networks • A sensor network is composed of a large number of sensor nodes • Sensor nodes are small, low-cost, low-power devices that have following functionality: • communicate on short distances • sense environmental data • perform limited data processing • The network usually also contains “sink” node which connects it to the outside world Berkeley Motes

  4. Applications • WSN can be used to monitor the conditions of various objects / processes • Military: battlefield surveillance, biological attack detection, targeting • Ecological: fire detection, flood detection, agricultural uses • Health related: human physiological data monitoring • Miscellaneous: car theft detection, inventory control, home applications • Sensors are densely deployed either inside or very close to the monitored object / process

  5. Security in WSN • Main security threats in WSN are: • Radio links are insecure – eavesdropping / injecting faulty information is possible • Sensor nodes are not temper resistant – if it is compromised the attacker obtains all security information • Protecting confidentiality, integrity, and availability of the communications and computations

  6. Why Security is Different? • Sensor Node Constraints • Battery • CPU power • Memory • Networking Constraints and Features • Wireless • Ad hoc • Unattended

  7. Key Management: Goals • The protocol must establish a key between all sensor nodes that must exchange data securely • Node addition / deletion should be supported • It should work in undefined deployment environment • Unauthorized nodes should not be allowed to establish communication with network nodes

  8. Sensors Deploy Key Management Problem Secure Channels

  9. Approaches • Trusted-server schemes • Finding trusted servers is difficult • Public-key schemes • Expensive and infeasible for sensors • Key pre-distribution schemes

  10. Key Pre-distribution • Loading Keys into sensor nodes prior to deployment • Two nodes find a common key between them after deployment • Challenges • Memory/Energy efficiency • Security: nodes can be compromised • Scalability: new nodes might be added later

  11. Straight Forward Approach • Single mission key is obviously unacceptable • Pairwise private key sharing between every two nodes is impractical because of the following reasons: • it requires pre-distribution and storage of n-1 keys in each node which is n(n-1)/2 per WSN • most of the keys would be unusable since direct communication is possible only in the nodes neighborhood • addition / deletion of the node and re-keying are complex

  12. Basic Probabilistic Approach • Proposed by Eschenauer and Gligor • Relies on probabilistic key sharing among nodes of WSN • Uses simple shared-key discovery protocol for key distribution, revocation and node re-keying • Three phases are involved: key pre-distribution, shared-key discovery, path-key establishment

  13. Eschenauer-Gligor Scheme Key Pool S Each node randomly selects m keys A B C D E • When |S| = 10,000, m=75 • Pr (two nodes have a common key) =0.50

  14. Establishing Secure Channels B A C

  15. Observations and Objectives A B F Problem: How to pick a large key pool while maintaining high connectivity? (i.e. maintain resilience while ensuring connectivity)

  16. Deployment-based Scheme • Proposed by Du, et. al (IEEE Infocom 2004) • Improves Random Key Predistribution (Eschenauer and Gligor) by exploiting Location Information • Studies a Gaussian distribution for deployment of Sensor nodes to improve security and memory usage

  17. Deployment-based Scheme • Groups select from key group S (i,j) • Probability node is in a certain group is (1 / tn).

  18. Step 1 : Key Pre-distribution - Key Sharing Among Key Pools - Horizontal a B C A b b a D F a a Vertical Diagonal a b b G H I b a

  19. Step 1 : Key Pre-distribution - Key Sharing Among Key Pools - • Determining |Sc| • When |S| = 100,000, t = n = 10, a = 0.167, b = 0.083 |Sc| = 1770

  20. Step 2: Shared-key Discovery • Takes place during initialization phase after WSN deployment. Each node discovers its neighbor in communication range with which it shares at least one key • Nodes can exchange IDs of keys that they poses and in this way discover a common key • A more secure approach would involve broadcasting a challenge for each key in the key ring such that each challenge is encrypted with some particular key. The decryption of a challenge is possible only if a shared key exists

  21. Step 3: Path-key Establishment • During the path-key establishment phase path-keys are assigned to selected pairs of sensor nodes that are within communication range of each other, but do not share a key • Find secure path by using flooding method • Limit the lifetime of the flooding message to three hops to reduce flooding overhead • Share random key K by using secure path

  22. Local Connectivity • With 100 keys, location management improves local connectivity from 0.095 to 0.687

  23. Network Resilience • What is the damage when x nodes are compromised? • These x nodes contain keys that are used by the good nodes • What percentage of communications can be affected?

  24. Conclusion • Robust security mechanisms are vital to the wide acceptance and use of senor networks for many applications • Security in WSN is quite different from traditional (wired) network security • Various peculiarities of WSN make the development of good key scheme a challenging task • We have discussed several approaches to key management in WSN

  25. References • I. F. Akyildiz, W. Su, Y. Sankarasubramaniam, and E. Cyirci. Wireless Sensor Networks: A Survey. Computer Networks, 38(4):393-422, 2002. • L. Eschenauer and V. Gligor. A Key-Management Scheme for Distributed Sensor Networks. In Proc. of ACM CCS’02, November 2002. • H. Chan, A. Perrig, and D. Song. Random Key Predistribution Schemes for Sensor Networks. In 2003 IEEE Symposium on Research in Security and Privacy. • W. Du, J. Deng, Y. Han, S. Chen, and P. Varshney. A Key Management Scheme for Wireless Sensor Networks Using Deployment Knowledge. IEEE Infocom 2004.

More Related