300 likes | 411 Views
WIRELESS SENSOR NETWORK Pair-Wise Key Establishment. Presented By: Mohammed Saleh CS 599b Summer07. WSN. Background WSN Architecture WSN Security Issues and requirements Problem & Proposed Network Architecture Pair-wise key establishment Conclusion. Background. 100/1000 nodes
E N D
WIRELESS SENSOR NETWORK Pair-Wise Key Establishment Presented By: Mohammed Saleh CS 599b Summer07
WSN • Background • WSN Architecture • WSN Security Issues and requirements • Problem & Proposed • Network Architecture • Pair-wise key establishment • Conclusion
Background • 100/1000 nodes • Low cost solution • Limited resources • Controlled or uncontrolled environment
WSN Components A sensor Nodes Consist of: • Battery • Memory • Processor • Radio links for communicating
Sensor Node Constraints • Battery Power/ Energy • Processor • Rechargeability • Sleep Patterns Memory
Network constraints • Limited Pre-Configuration • Unreliable communications • Frequent Routing Changes
Security Requirements • Confidentiality • Authenticity • Availability • Integrity • Freshness • Scalability • Accessibility • Self-Organization • Flexibility
Security in Wireless Networks • Attacks -Poor physical protection -Attacks not only from outside but also from within the network from compromised nodes.
Security in Wireless Networks Security concepts: • RSA • Cryptography - Public/private key • Diffie-Hellman
Problem The initialization process of a previously study known as SHELL. No Pair-Wise key establishment
Proposed We propose a pair-wise key establishment of neighboring sensor nodes for the improvement of the network architecture that can be vulnerable for an attack or compromising. This schema can be efficiently applied to the protection of distributing keys throughout the network; sensor nodes can’t only provide an equal level of security but also reduce the consequences of node compromise.
Goal • Establishing pair-wise key • Improving the initialization process or the network bootstrapping. • Protecting against node capturing
SHELL • Introduces a novel heuristic for key assignment that decreases the probability of capturing the network through the compromised node • very few additional keys would be revealed when colluding. • SHELL boosts the network resiliency to node capture while conservatively consuming the network’s critical resources such as energy.
EBS EBS (Exclusion Basis System) • Eltoweissy et al • methodology for group key management. • EBS eliminates the need of storing a large number of keys at each sensor node. • It further allows trading off the number of keys stored versus • amount of network traffic due to the rekeying operations. • Simplifies the addition and eviction of nodes. • Performs key refreshing through the exchange of few messages. • EBS-based schemes can be prone to collusion attacks.
Network Architecture • Command Node • Gateway • Sensors
Network Architecture • There are two basic categories of nodes that comprise the system: • Sensing nodes (N1 nodes) • memory and processing nodes (N2 nodes)
Network Bootstrapping The phase of system initialization that precedes actual operations is referred to as network bootstrapping. • Sensor Implementation • Cluster Assignment • Gateway Registration
Pair-wise Key Establishment The rationale for establishing a set of protocols for shared key interaction is to improve security and decrease nodal Vulnerability. The proposed model accounts for scenarios in which there is only one node needed for key establishment or, in contrast, an unlimited number of nodes that can participate in the key establishment process. In either situation, the backbone architecture is considered secure.
Pair-wise Key Establishment • Backhaul – In order to create the conditions necessary for backhaul, an N1 node and an N2 node must share a common key. • Neighboring nodes with Limitation – This scenario permits inter-nodal communication between two N1 nodes in the same neighborhood. • Neighboring Nodes Open Trust – To establish connectivity in this scenario, N1 nodes can establish session keys through a sequence of mutual N1 nodes key matching.
Pair-wise Key Establishment With this key Establishment we can have • significant increase in the number of keys stored by all N1 nodes. • Protecting against Attacks and failure between N1 & N2 nodes. • Maintaining a low energy consumption. • key assignment that decreases the probability of capturing • would share most keys with reachable nodes and, thus, very few additional keys would be revealed when colluding
Conclusion A key feature of our approach is that it exploits the availability of multiple transmission power levels at sensor nodes in terms of elevated security schemes. We introduced different approaches; the description of how to establish a pair-wise key between two neighboring nodes can be established by the discussed approach and applied to Younis approach for more efficiency. In doing so we can reduce the possibility of data being lost from all nodes if the chance of a network is captured.
References • RSA Encryption Standard, Version 1.4. San Mateo, Ca.: RSA Data Security, Inc., 1991. • W. Diffie and M.E. Hellman, New directions in cryptography, IEEE Transactions on Information Theory 22 (1976), 644-654. • Multicast Security: A Taxonomy and Efficient Constructions. IEEE Press, 1999. • Ten Emerging Technologies That Will Change The World, Feb.2003. • Mihaela Cardei My T. Thai Yingshu Li Weili Wu, Energy-Efficient Target Coverage in Wireless Sensor Networks, IEEE INFOCOM 2005. • A. D. Wood and J. A. Stankovic. Denial of service in sensor networks. Computer 35(10):54–62, 2002. • J. Newsome, E. Shi, D. Song, and A. Perrig. The Sybil attack in sensor networks: analysis & defenses. Proceedings of the third international symposium on Information processing in sensor networks, pp. 259–268. ACM Press, 2004. • Wireless Sensor Network Security: A Survey John Paul Walters, Zhengqiang Liang, Weisong Shi, and Vipin Chaudhary Department of Computer Science Wayne State University5143 Cass Ave, MI 48202, USA
References • J. Deng, R. Han, and S. Mishra. Countermeasuers against traffic analysis in wireless sensor networks. Tech. Rep. CU-CS-987-04, University of Colorado at Boulder, 2004. • Peng Peng , P2P-HGKM: An Efficient Hierarchical Group Key Management Protocol for Mobile Ad-Hoc Networks, B.Sc., Peking University, 2000 Eric Ricardo Anton, Otto Carlos Muniz Bandeira Duarte, Group Key Establishment in Wireless Ad Hoc Networks , Workshop em Qualidade de Serviço e Mobilidade – 2002. • N. Asokan, V. Schoup, and M. Waidner, Optimistic fair exchange of digital signa-tures, IEEE Journal on Selected Area in Communications, vol. 18, no. 4, pp. 593,610, 2000. • Y. Amir, Y. Kim, C. Nita-Rotaru, and G. Tsudik, On the performance of group key agreement protocols," in Proceedings of the 22nd IEEE International Conference on Distributed Computing Systems, (Viena, Austria), June 2002. • Cliques Project team, \Cliques," 1999. http://sconce.ics.uci.edu/cliques/. • Cristina Nita-Rotaru, High-Performance Secure Group Communication, (Baltimore, Maryland), June 2003
References • A Logic for the Exclusion Basis System, Samuel T. Redwine, Jr., James Madison University Harrisonburg, Va. 22807, Proceedings of the 37th Hawaii International Conference on System Sciences – 2004. • Distributed Clustering in Ad-hoc Sensor Networks: A Hybrid, Energy-Efficient Approach Younis, O., Fahmy, S.: Distributed clustering in ad-hoc sensor networks. In: Proceedings of the IEEE Conference on Computer Communications (INFOCOM), Hong Kong (2004)", • Mohamed F. Younis, Senior Member, IEEE, Kajaldeep Ghumman, and Mohamed Eltoweissy, Senior Member, IEEE Location-Aware Combinatorial Key Management Scheme for Clustered Sensor Networks. IEEE Vol 17, No.8, August 2006
References • Du., W. et al. “A Key Management Scheme for Wireless Sensor Networks Using • Deployment Knowledge.” IEEE INFOCOM, 2004. • Hill, J. et al. “System Architecture directions for Networked Sensors.” Architectural Support for Programming Languages and Operating systems, 2000: 93-104. • Hu, Y., Perrig, A., and Johnson, D. Ariadne: a secure on-demand routing protocol for ad hoc networks. New York: ACM Press, (2002): 12-23. • Patrick Traynor, Heesook Choi, Guohong Cao, Sencun Zhu and Tom La Porta • Networking and Security Research Center Department of Computer Science and Engineering The Pennsylvania State University, Establishing Pair-wise Keys in Heterogeneous Sensor Networks.