1 / 16

SPINS: Security Protocols for Sensor Networks

SPINS: Security Protocols for Sensor Networks. Adrian Perrig et al. University of California, Berkeley Mobicom 2001 Presenter: Ryan Babbitt. Outline. Background Protocols SNEP μ TESLA Example applications Authenticated Routing Node-to-node key agreement Conclusions. Background.

rdonahue
Download Presentation

SPINS: Security Protocols for Sensor Networks

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. SPINS: Security Protocols for Sensor Networks Adrian Perrig et al. University of California, Berkeley Mobicom 2001 Presenter: Ryan Babbitt

  2. Outline • Background • Protocols • SNEP • μTESLA • Example applications • Authenticated Routing • Node-to-node key agreement • Conclusions

  3. Background • Sensor networks • Nodes • Base stations • Communication channel • Communication patterns • Trust framework • Resource restrictions

  4. Security Goals for Sensor Networks • Data Confidentiality • Semantic security • Data Authentication • Point-to-point • Broadcast • Data Integrity • Data Freshness • Weak • Strong

  5. Notation

  6. Secure Network Encryption Protocol (SNEP) • Purpose: secure two-party communication • Elements • Symmetric key • Message Authentication Code • Block cipher in counter mode • Shared counter

  7. SNEP Communication • Weak Version • Strong Version

  8. SNEP Implementation • Key Setup • Bootstrap secret master key • Key generation • Encryption • RC5 • Message Authentication Code • CBC-MAC (one per packet) • {M}KE, MAC(KMAC, {M}KE)

  9. SNEP Questions • What if counters lose synchronization? • What if packets are lost (MAC)?

  10. μTESLA • Purpose: authenticated broadcast • Phases • Sender setup • Broadcasting • Bootstrapping receivers • Receiving broadcast packets

  11. μTESLA – Sender Side • Key chain generation • Randomly pick last key Kn • Repeatedly apply one-way function F Fn(Kn) <- ... <- F(F(F(Kn)) <- F(F(Kn) <- F(Kn) <- Kn K0 = F(K1) = F(F(K2) = … • Broadcast • Key disclosure schedule • Time intervals • Current key • Interval offset

  12. μTESLA – Receiver Side • Bootstrapping new receivers • Key commitment • Loose time synchronization • Key disclosure schedule • Authenticating packets • Check “security condition”

  13. Applications • Authenticated routing • Build routing tree based on authenticated packets received • Pair-wise key agreement

  14. Questions • What about broadcast confidentiality? • What if too many keys are lost? • What if a node wants to broadcast? • What about group communication?

  15. Conclusions • SNEP • Basic node-to-base station security • Susceptible to synchronization loss? • Susceptible to packet loss? • μTESLA • Authenticated broadcast • No confidentiality • Scalability problems • Node broadcast • Pairwise/group communication

  16. Performance

More Related