SECURITY PROTOCOLS FOR WIRELESS SENSOR NETWORK
Download
Report
Transcript SECURITY PROTOCOLS FOR WIRELESS SENSOR NETWORK
SECURITY PROTOCOLS
FOR WIRELESS SENSOR
NETWORK
Presented by
Chetan Rana
U08CO213
INTODUCTION
• Wireless Sensor Networks are networks that
consists of sensors which are distributed in
an ad hoc manner.
• These sensors work with each other to sense
some physical phenomenon and then the
information gathered is processed to get
relevant results.
• Wireless sensor networks consists of
protocols and algorithms with self-organizing
capabilities.
Ref:http://esd.sci.univr.it/images/wsn-example.png
WSN ARCHITECHTURE
• Sensor motes (Field devices) – capable of routing
packets on behalf of other devices.
• Gateway or Access points – A Gateway enables
communication between Host application and field
devices.
• Network manager – A Network Manager is
responsible for configuration of the network,
scheduling communication between devices (i.e.,
configuring super frames), management of the
routing tables and monitoring and reporting the health
of the network.
• Security manager – The Security Manager is
responsible for the generation, storage, and
Management of keys.
WSN ARCHITECTURE
WSN Topologies
• Wireless Links – Numerous paths to
Connect to the same destination
• Topology
- Star
- Mesh
- Hybrid
Star Topology
• Single Hop to Gateway
• Gateway serves to communicate between
nodes
• Nodes cannot send data to each other
directly
Star Topology ( Contd…)
• Pros
-Lowest Power consumption
-Easily Scalable
• Cons
-Not very reliable as one point of
failure
• No alternate communication paths
Mesh Topology
• Multi-Hopping Systems
• Nodes can communicate with each other directly
Mesh Topology ( Contd…)
• Pros
– Reliable as no single point of failure
– Many alternate communication paths
–Easily Scalable
• Cons
– Significantly higher power consumption
– Increased Latency
Hybrid Topology
• Sensors are arranged in a star topology around
the routers
• The routers arrange themselves in a mesh form
Hybrid Topology ( Contd…)
• Pros
- Reliable as no single point of failure
- Many alternate communication paths
- Lower power consumption as compared to mesh
topology
• Cons
- Scalability becomes an issue when range is
extended
WSN CHARACTERISTICS
• Power consumption constrains for nodes using
batteries or energy harvesting
• Ability to cope with node failures
• Mobility of nodes
• Dynamic network topology
• Communication failures
• Heterogeneity of nodes
• Scalability to large scale of deployment
• Ability to withstand harsh environmental conditions
• Ease of use
• Unattended operation
• Power consumption
HARDWARE
• Low-power processor.
– Limited processing.
Sensors
Storage
Processor
Radio
P
O
W
E
R
• Memory.
– Limited storage.
• Radio.
– Low-power.
– Low data rate.
– Limited range.
• Sensors.
WSN device schematics
– Scalar sensors:
temperature, light, etc.
– Cameras, microphones.
• Power.
TinyOS
• OS/Runtime model designed to manage the high
levels of concurrency required
• Gives up IP, sockets, threads
• Uses state-machine based programming concepts to
allow for fine grained concurrency
• Provides the primitive of low-level message delivery
and dispatching as building block for all distributed
algorithms
Key Software Requirements
•
•
•
•
•
Capable of fine grained concurrency
Small physical size
Efficient Resource Utilization
Highly Modular
Self Configuring
SECURITY ATTACKS IN
WSN
• DoS/Physical Layer/Jamming Transmission
of a radio signal that interferes with the radio
frequencies being used by the sensor
network. Jamming the channel with an
interrupting signal.
• DoS/Data Link Layer/Collision.
• DoS/Network Layer/Flooding.
• DoS/Physical Layer/Tampering. Physical
Tampering. Nodes are vulnerable to physical
harm, or tampering (i.e. reverse engineering).
• DoS/Network Layer/Spoofing. Misdirection.
Adversaries may be able to create routing
loops, attract or repel network traffic, extend
or shorten source routes, generate false error
messages, partition the network, increase
end-to-end latency, etc.
• Sybil attack "malicious device illegitimately
taking on multiple identities".
• Adversary can "be in more than one place at
once" as a single node presents multiple
identities to other nodes in the network which
can significantly reduce the effectiveness of
fault tolerant schemes such as distributed
storage , dispersity and multipath.
• Sybil attacks also pose a significant threat to
geographic routing protocols.
• In the wormhole attack, an adversary
tunnels messages received in one part of the
network over a low latency link and replays
them in a different part.
• An adversary situated close to a base station
may be able to completely disrupt routing by
creating a well-placed wormhole.
• An adversary could convince nodes who
would normally be multiple hops from a base
station that they are only one or two hops
away via the wormhole.
• A node replication attack involves an attacker
inserting a new node into a network which
has been cloned from an existing node, such
cloning being a relatively simple task with
current sensor node hardware.
• This new node can act exactly like the old
node or it can have some extra behavior,
such as transmitting information of interest
directly to the attacker.
• A node replication attack is serious when the
base station is cloned.
REQUIREMENTS FOR SENSOR
NETWORK SECURITY
Data Confidentiality
•
A sensor network should not leak sensor
readings to neighboring networks.
• Encrypt the data with a secret key that only
intended receivers possess, hence achieving
confidentiality
Data authentication
• Network reprogramming or controlling sensor
node duty cycle
• Data authentication allows a receiver to verify
that the data really was sent by the claimed
sender.
• Informally, data authentication allows a
receiver to verify that the data really was sent
by the claimed sender.
Data Integrity
Data integrity ensures the receiver that the
received data is not altered in transit by an
adversary.
Data Freshness
• Informally, data freshness implies that the
data is recent, and it ensures that no
adversary replayed old messages.
• Two types of freshness: weak freshness,
which provides partial message ordering, but
carries no delay information, and strong
freshness, which provides a total order on a
request-response pair, and allows for delay
estimation.
• Weak freshness is required by sensor
measurements, while strong freshness is
useful for time synchronization within the
network.
SECURITY PROTOCOLS
FOR WSN
SPINS: Security Protocols For Sensor
Networks
• SPINS has two secure building blocks: SNEP
and µTESLA.
• SNEP includes: data confidentiality, two-party
data authentication, and evidence of data
freshness.
• µTESLA provides authenticated broadcast for
severely resource-constrained environments.
SNEP: Sensor Network Encryption
Protocol
• SNEP provides a number of following advantages.
• It has low communication overhead as it only adds 8
bytes per message.
• It uses a counter, but avoids transmitting the counter
value by keeping state at both end points.
• SNEP achieves semantic security, which prevents
eavesdroppers from inferring the message content
from the encrypted message.
• Finally, SNEP protocol offers data authentication,
replay protection, and weak message freshness.
SNEP offers the following properties:
• Semantic security: Since the counter value is
incremented after each message, the same
message is encrypted differently each time.
• Data authentication: If the MAC verifies
correctly, the receiver can be assured that the
message originated from the claimed sender.
• Replay protection: The counter value in the
MAC prevents replaying old messages.
• Weak freshness: If the message verified
correctly, the receiver knows that the
message must have been sent after the
previous message it received correctly (that
had a lower counter value
• Low communication overhead: The counter
state is kept at each end point and does not
need to be sent in each message.
µTESLA
• A sender will broadcast a message generated with a
secret key.
• After a certain period of time, the sender will disclose
the secret key.
• The receiver is responsible for buffering the packet
until the secret key has been disclosed.
• After disclosure the receiver can authenticate the
packet, provided that the packet was received before
the key was disclosed.
• Limitation of µTesla is that some initial information
must be unicast to each sensor node before
authentication of broadcast messages can begin.
TINYSEC
• It is designed as the replacement for the unfinished
SNEP, known as TinySec.
• A major difference between TinySec and SNEP is
that there are no counters used in TinySec.
• Single shared global cryptographic key.
• For encryption, it uses CBC mode with cipher text
stealing , and for authentication, CBC-MAC is used.
TinySec XORs the encryption of the message length
with the first plaintext block in order to make the
CBC-MAC secure for variably sized messages
• Link layer encryption and integrity protection
transparent to applications
MINISEC
• It is a secure network layer protocol that claims to
have lower energy consumption than TinySec while
achieving a level of security which matches that of
Zigbee.
• A major feature of MiniSec is that it uses offset
codebook (OCB) mode as its block cipher mode of
operation, which offers authenticated encryption with
only one pass over the message data.
• Normally two passes are required for both secrecy
and authentication.
LEAP: Localized Encryption And
Authentication Protocol
• LEAP is designed to support secure communications
in sensor networks; therefore, it provides the basic
security services such as confidentiality and
authentication.
• LEAP supports the establishment of four types of
keys for each sensor node – an individual key
shared with the base station, a pairwise key shared
with another sensor node, a cluster key shared with
multiple neighboring nodes, and a group key that is
shared by all the nodes in the network.
ZIGBEE
• Zigbee Coordinator acts as “Trust Manager”, which
allows other devices to join the network and also
distributes the keys.
• It plays the three roles as follows :
- Trust manager, whereby authentication of devices
requesting to join the network is done.
- Network manager, maintaining and distributing
network keys.
- Configuration manager, enabling end-to-end
security between devices.
802.15.4
• Provides link layer security services, and has three
modes of operation, unsecured, an Access Control
List (ACL) mode and secured mode.
• In unsecured mode, as the name implies, no security
services are provided.
• In ACL mode the device maintains a list of devices
with which it can communicate. Communication from
devices not on the list is ignored. No cryptographic
security.
• Secured mode offers seven security
suites and depending on which is used
any of four security services are offered,
access control
data encryption
frame integrity
sequential freshness.
References
[1] Y. Zou, K. Chakrabarty, "Sensor deployment and target localization based on virtual
forces",INFOCOM 2003. Twenty- Second Annual Joint Conference of the IEEE Computer and
Communications Societies. IEEE, Volume: 2, Pages: 1293 - 1303, April 2003.
[2] J. P. Kaps, G. Gaubatz, and B. Sunar. Cryptography on a Speck of Dust. IEEE Computer.
[3] J. Hill, R. Szewczyk, A. Woo, S. Hollar, D. Culler, and K. Pister. System architecture
directions for networked sensors. In Proceedings of the 9th International Conference on
Architectural Support for Programming Languages and Operating Systems, November 2000.
[4] Adrian Perrig, Robert Szewczyk, Victor Wen, David Culler, and J. D. Tygar. SPINS: Security
protocols for sensor networks. In Seventh Annual ACM International Conference on Mobile
Computing and Networks (MobiCom 2001), July 2001.
[5] C. Karlof, N. Sastry, and D. Wagner, "TinySec: a link layer security architecture for wireless
sensor networks," in 2nd international conference on Embedded networked sensor systems,
Baltimore, MD, USA, 2004, 162 – 175.
[6] D. Liu and P. Ning, “Establishing pairwise keys in distributed sensor networks,” in
Proceedings of 10th ACM Conference on Computer and Communications Security (CCS’03),
October 2003, pp. 52–61.
[7] ZigBee Specification v1.0: ZigBee Specification (2005), San Ramon, CA, USA: ZigBee
Alliance. http://www.zigbee.org/en/spec_download/download_request. Asp
http://en.wikipedia.org/wiki/Wireless_sensor_network
THANK YOU