ayush snep ppt

A Seminar on

SECURITY PROTOCOL FOR SENSOR

NETWORK Presented by

Ayush RanjanB.E Comp. 2Roll No. - 02 

 Under the Kind Guidance of

Prof. S.B. Vanjale

OVERVIEW

Introduction to Sensor Networks.

Need of Security 0n Sensor Networks

Sensor Hardware.

Is Security on Sensors Possible?.

Requirements for Sensor Network Security.

Sensor Network Security Building Blocks

Implementation and Evaluation.

Conclusion.

WIRELESS SENSOR NETWORK

A wireless sensor network (WSN) consists of spatially distributed autonomous sensors to cooperatively monitor physical or environmental conditions, such as temperature, sound, vibration, pressure, motion or pollutants.

• Initially motivated by military applications such as battlefield surveillance.• Initially motivated by military applications such as battlefield surveillance.

• In addition to one or more sensors, each node is equipped with a wireless communications device, a small microcontroller and an energy source (Battery).

• Now used in many industrial and civilian application areas:

• Machine health monitoring• Industrial process monitoring and control

• Environment and habitat monitoring

• Traffic control

NEED OF SECURITY ON SENSOR NETWORK

• As sensor networks edge closer towards wide-spread deployment, security issues become a central concern.

• So far, much research has focused on making sensor networks feasible and useful, and has not concentrated on security.

• Without security, third parties can read or tamper with sensor data.

• In the future, we envision wireless sensor networks being used for emergency and life-critical systems – and here the questions of security are foremost.

SENSOR HARDWARE

• At UC Berkeley, researchers are building prototype networks of small sensor devices under the SmartDust program.

• The current prototype consists of nodes, small battery powered devices that communicate with a more powerful base station, which in turn is connected to an outside network.

Table summarizes the performance characteristics of these devices.

CPU 8-bit, 4 MHz

STORAGE 8KB Instruction Flash512 bytes RAM512 bytes EEPROM

Communication 916 MHz Radio

Bandwidth 10 Kilobits per Second

OS Code Space 3500 bytes

Available Code Space 4500 bytes

Operating System TinyOS

TinyOS is an embedded operating system written in the nesC programming language as a set of cooperating tasks and processes. It is intended to be incorporated into smartdust.

Smartdust is a hypothetical wireless network of tiny microelectromechanical sensors (MEMS), robots, or devices that can detect light, temperature, or vibration.

Is Security on Sensors Possible?

• Tight constraints make it impractical to use the majority of the current secure algorithms.

• But, Researchers have implemented all of these primitives Their measurements show that adding security to a highly resource-constrained sensor network is feasible.

• For example, the working memory of a sensor node is insufficient to even hold the variables that are required in asymmetric cryptographic algorithms

REQUIREMENTS FOR

SENSOR NETWORK SECURITY

Data Confidentiality :

Data Authentication :

A sensor network should not leak sensor readings to neighboring networks.

Data authentication allows a receiver to verify that the data really was sent by the claimed sender.

Data Integrity:

Data integrity ensures the receiver that the received data is not altered

Data Freshness:

Data freshness implies that the data is recent,and it ensures that no adversary replayed old messages.

SENSOR NETWORK SECURITYBUILDING BLOCKS

• To achieve the security requirements the researchers have designed and implemented two security building blocks:

1. SNEP (Sensor Network Security Protocol).

2. µTESLA

SNEP provides a number of unique advantages.

• It has low communication overhead, adds 8 bytes per message only.

• It achieves even semantic security.

• It also gives us data authentication, replay protection, and message freshness.

Semantic security:

A strong security property which prevents eavesdroppers from inferring the message content from the encrypted message.

  The counter value is incremented after each message, the same message is encrypted differently each time.

Replay protection:  The counter value prevents replaying old messages. Without counter value an adversary could easily replay messages.

Message freshness:  If the message is verified correctly, a receiver knows that the message must have been sent after the previous message it received correctly and this enforces a message ordering and provides message freshness.

µTESLA is a new protocol which provides authenticated broadcast for severely resource-constrained environments.• Without authenticated broadcast any compromised receiver could forge messages from the sender.

• µTESLA uses asymmetric mechanism through a delayed disclosure of symmetric keys, which results in an efficient broadcast authentication scheme.

• µTESLA requires that the base station and nodes are loosely time synchronized.

• To send an authenticated packet, the base station simply computes a MAC on the packet with a key that is secret at that point in time.

• When a node gets a packet, it can verify that the corresponding MAC key was not yet disclosed by the base station

• The node stores the packet in a buffer

IMPLEMENTATION

• A hard constraint is the memory size:

Due to the tight resource constraints of the sensor nodes, the implementation of the cryptographic primitives is a major challenge.

The sensor nodes have 8 KBytes of read-only program memory, and 512 bytes of RAM

• To save program memory we implement all cryptographic primitives from single block cipher

Block cipher:

• RC5 is used because of its small code size and high efficiency.

• It does not rely on multiplication, and does not require large tables.

• Using RC5 helps in achieving an additional 40% reduction in code size.

Encryption function:

• To save code space, the same function is used for both encryption and decryption.

EVALUATION

Evaluation of the implementation of the protocols is done in terms of Code size, Performance, Energy costs and communication overheads.

Code size:

The smallest version of the crypto routines occupies about 20% of the available code space.

Implementation of µTESLA protocol uses another 574 bytes.Together, the crypto library and the protocol implementation consume about 2 KBytes of program memory

Energy Cost:

The performance of the cryptographic primitives is adequate for the bandwidth supported by the current generation of network sensors.

Most Energy costs will come from extra transmissions required by the protocols but we use a stream cipher for encryption.

Performance:

CONCLUSION

Security protocols for sensor networks are feasible and can be successfully implemented on a sensor network.

The design is Universal and can be easily applied to all sensor networks.

The computation costs of cryptography are low and communication costs are also small.

With these techniques, it is believed that security systems can become an integral part of practical sensor networks.

Thank You….

Questions