1 / 42

Anonymous Path Routing Protocol in Wireless Sensor Networks

Anonymous Path Routing Protocol in Wireless Sensor Networks. Jang-Ping Sheu* § , Jehn-Ruey Jiang* and Ching Tu* National Central University* and National Tsing-Hua University § Taiwan, R.O.C. Outline. Introduction Related Work Anonymous Path Routing (APR) Protocol Security Analysis

kieve
Download Presentation

Anonymous Path Routing Protocol in Wireless Sensor Networks

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Anonymous Path Routing Protocol in Wireless Sensor Networks • Jang-Ping Sheu*§ , Jehn-Ruey Jiang* and Ching Tu* • National Central University* and National Tsing-Hua University§ • Taiwan, R.O.C.

  2. Outline • Introduction • Related Work • Anonymous Path Routing (APR) Protocol • Security Analysis • Implementation and Evaluation • Conclusion

  3. Outline Introduction Related Work Anonymous Path Routing (APR) Protocol Security Analysis Implementation and Evaluation Conclusion

  4. Introduction • Security is important for MANETs and WSNs • Adversaries can easily overhear messages. • It is more challenging to keep WSNs secure • Sensor nodes have limited capability • Sensor nodes are easier to be captured and compromised • It is harder to prevent the network topology from being analyzed in a WSN than in a MANET because the former has a more dynamic topology than the latter. • We focus on keeping WSNs secure

  5. Introduction • General attacks in WSNs • Active attacks • Forging attacks • Replay attacks • Denial of service (DoS) attacks • … • Passive attacks • Data eavesdropping attacks • Traffic analysis attacks • … They are “invisible” and harder to detect. They may be the prelude of active attacks.

  6. Introduction • We rely on anonymous communication for resisting the attacks. • Anonymous communication • A new paradigm to resist attacks • Since identities of nodes are hidden, the network topology is difficult to be analyzed. • It can also prevent most of active attacks.

  7. Outline Introduction Related Work Anonymous Path Routing (APR) Protocol Security Analysis Implementation and Evaluation Conclusion

  8. Related Work ANODR ACM MobiHoc, 2003 An ANonymous On-Demand Routing protocol based on trapdoor one-way function and boomerang onion SDAR IEEE LCN, 2004 A Secure Distributed Anonymous Routing protocol based on public key cryptography

  9. Related Work • AnonDSR • ACM SASN, 2005 • An Anonymous Dynamic Source Routing protocol based on shared secret key used in source and destination nodes, and public key cryptography used in the intermediate nodes • MASK • IEEE INFOCOM, 2005 • An anonymous on-demand routing protocol based on bilinear pairing

  10. Drawbacks of Existent Methods • High computing overhead • Each node should try all its shared secret keys for receiving an anonymous packet (ANODR) • Public key cryptography (AnonDSR, SDAR) • Bilinear mapping function (MASK) • Existent methods are not applicable to WSNs.

  11. Outline Introduction Related Work Anonymous Path Routing (APR) Protocol Security Analysis Implementation and Evaluation Conclusion

  12. Three Schemes of APR • Anonymous one-hop communication • Anonymous multi-hop path routing • Anonymous data forwarding

  13. Anonymous One-hop Communication • In the initial period • One-hop pair-wise key establishment • Data encryption key establishment • MAC (Message Authentication Code) key establishment • Bidirectional hidden identity (HI) establishment • Link table establishment • for storing all keys and HIs • Afterwards • One-hop communication by HI • One-hop acknowledgement • for avoiding packet loss problem

  14. One-Hop Key Establishment PIKE is applied to set one-hop pairwise keys and random nonces PIKE assumes that O(n) pre-established pairwise keys have been set when n sensors are deployed Node 14 shares different pair-wise keys with each of Nodes 1* and *4. Node 91 shares different pair-wise keys with each of Nodes 9* and *1. Nodes 11 and 94 share distinct pairwise keys with 91 and 14: Choose the “closer” node

  15. PIKE is applied to set one-hop pairwise keys and random nonces Two more keys are then set Data encryption key: K0AB-enc = H(KAB⊕C1), C1 is a constant MAC function key: K0AB-mac = H(KAB⊕C2), C2 is a constant The two keys will change dynamically Data encryption key: Ki+1AB-enc = H(KiAB-enc) MAC function key: Ki+1AB-mac = H(KiAB-mac) One-Hop Key Establishment I Encrypted by KAI KAB, rn Encrypted by KBI KAB, rn H J KAB, rn PIKE KAB, rn rn: random nonce B A Key reply

  16. Hidden Identity Establishment • His are bidirectional • HISeqAB= H(KAB ⊕ IDB ⊕ Seq * rn) • HISeqBA= H(KBA ⊕ IDA ⊕ Seq * rn) HI-in HI-out J B HIJA HIBA HIAJ HIAB A HIAS HIAE HISA HIEA S E

  17. One-hop communication by HI • A sends data to B H D Not for me!! J B HI0AB , DATA, MAC C Not for me!! S A link table of B It’s for me!! E Not for me!!

  18. To solve the packet loss problem One-Hop Acknowledgement HIAB , DATA HIAB , DATA A B HIBA , ACK Update link table Update link table

  19. ACK Loss • ACK loss problem • B updates sequence number and HI but A doesn’t • Sequence numbers and HIs become different • Solution: storing last HI-in It matches with “last HI-in” Timeout!!!! HIAB , DATA A B HIBA , ACK Update link table Update link table Keep link table intact

  20. Anonymous Multi-hop Path Routing • Two more pseudonyms • HIPs (Hidden Identity for routing Path) are established for any possible source node and stored in HIP table for each path. (A path is represented by two end nodes of the path: the source node and the destination node.) • PathIDs are established and used in the routing table • Two messages • Anonymous Path Routing Request (APR-REQ) • Anonymous Path Routing Reply (APR-REP) • Two cases for the source and destination nodes • With a pre-distributed pair-wise key • Shown next • Without pre-distributed pair-wise key • Integrate PIKE into APR

  21. Anonymous Multi-hop Path Routing with aPre-distributed Pair-wise Key Between S and D • Flooding APR-REQ to the entire network HIP table of D HIPSD = H(KSD⊕IDS⊕IDD) I K H D is the destination!! G D J M HIPSD, B B F HIP table of S HIPSD, A A C S E HIPSD, S

  22. Anonymous Multi-hop Path Routing with aPre-distributed Pair-wise Key Between S and D Routing table of D • D sends APR-REP back to S I Routing table of B K PathIDSD H HIDB D J Routing table of A M B HIBA HIAS A PathIDSD C Routing table of S S E PathIDSD

  23. Anonymous Data Forwarding • D sends data to S Routing table of D • S sends data to D It is from S!!! I Routing table of B K PathIDSD H HIDB HIBD D J Routing table of A M B HIAB HIBA HIAS HISA A PathIDSD C Routing table of S S E PathIDSD

  24. Outline Introduction Related Work Anonymous Path Routing (APR) Protocol Security Analysis Implementation and Evaluation Conclusion

  25. Security Analysis • APR can resist the following attacks • Traffic analysis attacks • No node can identify the sender and receiver except the two communicating nodes • Forging attacks • If adversaries send a malicious packet with forged HI, the packet will be accepted with probability 1/ 2h+m • h is the length of HI • m is the length of MAC • A typical setting: h = 16 and m = 32

  26. Security Analysis • Replay attacks • If adversaries use the legal packets sent before, every packet will only be accepted by receiving node only once • Denial of service (DoS) attacks • Without correct HI, DoS attack packets will be ignored directly • APR can limit the damage caused by DoS attacks in a local area

  27. Outline Introduction Related Work Anonymous Path Routing (APR) Protocol Security Analysis Implementation and Evaluation Conclusion

  28. Implementation • Implementation • Symmetric key algorithm: Skipjack • One-way hash function: SHA-1 • Message authentication code function: CBC-MAC • Platform: Berkeley MICAz (128KB Program Flash and 4 KB SRAM ) with TinyOS • Assumption: Some pre-distributed keys are stored in program flash.

  29. Implementation Results Memory Footprint Required programming memory: 9436 bytes Required SRAM size: Depended on network size and node density 50 bytes for an entry of the link table 8 bytes for an entry in routing table

  30. Implementation Results • Computing Time • Transmission Time

  31. Implementation Results (Cont.) • Routing Time 574.2 ms

  32. Implementation Results (Cont.) • Environment • Test field: 5R x 5R (R is the communication range) • Number of nodes: 25~200 • Multi-hop communications per node: 5~20 • Average link table size 1.1 Kbytes

  33. Implementation Results (Cont.) • Average routing table size 1.6 Kbytes

  34. Implementation Results (Cont.) • Average memory overhead for varying numbers of nodes 1.88 Kbytes 1.72 Kbytes route requests per node route requests per node

  35. Outline Introduction Related Work Anonymous Path Routing (APR) Protocol Security Analysis Implementation and Evaluation Conclusion

  36. Conclusion • In APR, data can be encrypted by pair-wise keys and transmitted with pseudonyms • between neighboring sensor nodes (link level) • between the source and destination nodes of a multi-hop communication path (routing level) • APR can resist several types of attacks • Traffic analysis attacks • Forging attacks • Replay attacks • Denial of service (DoS) attacks • We have implemented APR on the sensor platform of MICAz with TinyOS • To demonstrate APR’s applicability and communication capability

  37. ~ Thank you for your listening ~Q & A

  38. Anonymous Multi-hop Communication –End-to-end Key Establishment M wants to communicate with D Anonymous path from M to I Anonymous path from I to D I KSD, rn G K KSD, rn H KSD, rn KSD, rn D J M B F A C S E

  39. Anonymous Path Routing (APR) Request with Key Reply Message D launch anonymous multi-hop path routing I G K HIPDM, D, Key reply H D J M B F A C S E

  40. PathID Collision Problem Case 1: Different Pre-hop nodes Pre-hop nodes are different Forwarding node can choose proper node for forwarding Ex. The packet with the PathID is 12 comes from L should be send to N The packet with the PathID is 12 comes from K should be send to I Routing table of F L 12 K 12 F 12 12 I N

  41. PathID Collision Problem (Cont.) Case 2: Same Pre-hop node 14 13 Q 13 14 O 13 13 R P Routing table of O

  42. PathID Collision Problem (Cont.) 15 13 14 Q 15 13 14 O 13 13 R 13 P X Routing table of O Back

More Related