spins: security protocols for sensor networks adrian perrig, robert szewczyk, victor wen, david...
Post on 21-Dec-2015
225 views
TRANSCRIPT
![Page 1: SPINS: Security Protocols for Sensor Networks Adrian Perrig, Robert Szewczyk, Victor Wen, David Culler, and J.D. Tygar – University of California, Berkeley](https://reader035.vdocuments.site/reader035/viewer/2022062714/56649d6a5503460f94a48aff/html5/thumbnails/1.jpg)
SPINS: Security Protocols for Sensor
NetworksAdrian Perrig, Robert Szewczyk,
Victor Wen, David Culler, and J.D. Tygar – University of California,
Berkeley
Presented By: Kimberly Yonce
![Page 2: SPINS: Security Protocols for Sensor Networks Adrian Perrig, Robert Szewczyk, Victor Wen, David Culler, and J.D. Tygar – University of California, Berkeley](https://reader035.vdocuments.site/reader035/viewer/2022062714/56649d6a5503460f94a48aff/html5/thumbnails/2.jpg)
Outline Wireless Sensor Networks SPINS Building Blocks
SNEP TESLA
Related Work Limitations/Future Work/Comments
![Page 3: SPINS: Security Protocols for Sensor Networks Adrian Perrig, Robert Szewczyk, Victor Wen, David Culler, and J.D. Tygar – University of California, Berkeley](https://reader035.vdocuments.site/reader035/viewer/2022062714/56649d6a5503460f94a48aff/html5/thumbnails/3.jpg)
Wireless Sensor Networks (WSN) A wireless network
consisting of spatially distributed autonomous devices using sensors to cooperatively monitor different locations.
Types of Sensors: temperature, sound, vibration, pressure, motion, and light.
![Page 4: SPINS: Security Protocols for Sensor Networks Adrian Perrig, Robert Szewczyk, Victor Wen, David Culler, and J.D. Tygar – University of California, Berkeley](https://reader035.vdocuments.site/reader035/viewer/2022062714/56649d6a5503460f94a48aff/html5/thumbnails/4.jpg)
WSN Applications Habitat monitoring
ZebraNet: Animals are equipped with tracking nodes that contain GPS to monitor position and speed of movement and light sensors to indicate current environment.
![Page 5: SPINS: Security Protocols for Sensor Networks Adrian Perrig, Robert Szewczyk, Victor Wen, David Culler, and J.D. Tygar – University of California, Berkeley](https://reader035.vdocuments.site/reader035/viewer/2022062714/56649d6a5503460f94a48aff/html5/thumbnails/5.jpg)
WSN Applications Fire Detection
SmokeNet: Sensors monitor smoke detection in a building. Sensors worn by firefighters monitor heart rate and air tank level as well as their location.
![Page 6: SPINS: Security Protocols for Sensor Networks Adrian Perrig, Robert Szewczyk, Victor Wen, David Culler, and J.D. Tygar – University of California, Berkeley](https://reader035.vdocuments.site/reader035/viewer/2022062714/56649d6a5503460f94a48aff/html5/thumbnails/6.jpg)
WSN Applications Medical Uses
Vital Sign Monitoring Patient Tracking Emergency Triage Stroke Rehabilitation
![Page 7: SPINS: Security Protocols for Sensor Networks Adrian Perrig, Robert Szewczyk, Victor Wen, David Culler, and J.D. Tygar – University of California, Berkeley](https://reader035.vdocuments.site/reader035/viewer/2022062714/56649d6a5503460f94a48aff/html5/thumbnails/7.jpg)
WSN Applications Military Uses
Military Vehicle Tracking
Mine Fields Sniper Localization
Traffic Monitoring Intrusion Detection
![Page 8: SPINS: Security Protocols for Sensor Networks Adrian Perrig, Robert Szewczyk, Victor Wen, David Culler, and J.D. Tygar – University of California, Berkeley](https://reader035.vdocuments.site/reader035/viewer/2022062714/56649d6a5503460f94a48aff/html5/thumbnails/8.jpg)
Sensor Network at UC Berkeley
![Page 9: SPINS: Security Protocols for Sensor Networks Adrian Perrig, Robert Szewczyk, Victor Wen, David Culler, and J.D. Tygar – University of California, Berkeley](https://reader035.vdocuments.site/reader035/viewer/2022062714/56649d6a5503460f94a48aff/html5/thumbnails/9.jpg)
Sensor Hardware
![Page 10: SPINS: Security Protocols for Sensor Networks Adrian Perrig, Robert Szewczyk, Victor Wen, David Culler, and J.D. Tygar – University of California, Berkeley](https://reader035.vdocuments.site/reader035/viewer/2022062714/56649d6a5503460f94a48aff/html5/thumbnails/10.jpg)
Sensor Hardware SmartDust TinyOS CPU: 8-bit, 4MHz Storage: 8 KB instruction
flash, 512 bytes RAM, 512 bytes EEPROM
916 MHz radio Bandwidth: 10 Kbps OS Code Space: 3500
bytes Available Code Space:
4500 bytes
![Page 11: SPINS: Security Protocols for Sensor Networks Adrian Perrig, Robert Szewczyk, Victor Wen, David Culler, and J.D. Tygar – University of California, Berkeley](https://reader035.vdocuments.site/reader035/viewer/2022062714/56649d6a5503460f94a48aff/html5/thumbnails/11.jpg)
WSN Challenges Severely resource-constrained
environments: Processing power Storage Bandwidth Energy
![Page 12: SPINS: Security Protocols for Sensor Networks Adrian Perrig, Robert Szewczyk, Victor Wen, David Culler, and J.D. Tygar – University of California, Berkeley](https://reader035.vdocuments.site/reader035/viewer/2022062714/56649d6a5503460f94a48aff/html5/thumbnails/12.jpg)
Is Security Possible? RSA
Performs operations on 2 large prime numbers N (modulus of the public and private keys) is
recommended to be at least 2048 bits long Digital Signatures
High communication overhead of 50-1000 bytes per packet
High overhead to create and verify the signatures
![Page 13: SPINS: Security Protocols for Sensor Networks Adrian Perrig, Robert Szewczyk, Victor Wen, David Culler, and J.D. Tygar – University of California, Berkeley](https://reader035.vdocuments.site/reader035/viewer/2022062714/56649d6a5503460f94a48aff/html5/thumbnails/13.jpg)
Is Security Possible? DES
64 bit block size Key length 56 bits 512-entry Sbox table 256-entry table for various permutations
AES 128 bit fixed block size Key size of 128, 192, or 256 bits 800 bytes of lookup tables
![Page 14: SPINS: Security Protocols for Sensor Networks Adrian Perrig, Robert Szewczyk, Victor Wen, David Culler, and J.D. Tygar – University of California, Berkeley](https://reader035.vdocuments.site/reader035/viewer/2022062714/56649d6a5503460f94a48aff/html5/thumbnails/14.jpg)
WSN Communication Patterns Sensor Readings
Node to Base Station Specific Requests
Base Station to Node Reprogramming
Network, Routing Beacons Base Station broadcast
to all Nodes
![Page 15: SPINS: Security Protocols for Sensor Networks Adrian Perrig, Robert Szewczyk, Victor Wen, David Culler, and J.D. Tygar – University of California, Berkeley](https://reader035.vdocuments.site/reader035/viewer/2022062714/56649d6a5503460f94a48aff/html5/thumbnails/15.jpg)
Sensor Network Security Requirements Data Confidentiality Data Authentication Data Integrity Data Freshness
Weak Freshness Strong Freshness
![Page 16: SPINS: Security Protocols for Sensor Networks Adrian Perrig, Robert Szewczyk, Victor Wen, David Culler, and J.D. Tygar – University of California, Berkeley](https://reader035.vdocuments.site/reader035/viewer/2022062714/56649d6a5503460f94a48aff/html5/thumbnails/16.jpg)
SPINS Building Blocks SNEP
Data confidentiality Two-party data authentication Integrity Freshness
TESLA Authentication for data broadcasts
![Page 17: SPINS: Security Protocols for Sensor Networks Adrian Perrig, Robert Szewczyk, Victor Wen, David Culler, and J.D. Tygar – University of California, Berkeley](https://reader035.vdocuments.site/reader035/viewer/2022062714/56649d6a5503460f94a48aff/html5/thumbnails/17.jpg)
SNEP Low communication overhead Uses MAC to achieve two-party authentication
and data integrity A shared counter between sender and receiver
helps ensure semantic security
CKmacCK encrencrDCKMACDBA
,,: ,,
![Page 18: SPINS: Security Protocols for Sensor Networks Adrian Perrig, Robert Szewczyk, Victor Wen, David Culler, and J.D. Tygar – University of California, Berkeley](https://reader035.vdocuments.site/reader035/viewer/2022062714/56649d6a5503460f94a48aff/html5/thumbnails/18.jpg)
SNEP with Strong Freshness
AA RNBA ,:
CKBAmacCKB encrencrRCNKMACRAB ,, ,,:
![Page 19: SPINS: Security Protocols for Sensor Networks Adrian Perrig, Robert Szewczyk, Victor Wen, David Culler, and J.D. Tygar – University of California, Berkeley](https://reader035.vdocuments.site/reader035/viewer/2022062714/56649d6a5503460f94a48aff/html5/thumbnails/19.jpg)
TESLA TESLA authenticates initial packet with a
digital signature. TESLA uses only symmetric mechanisms.
Instead of disclosing a key in each packet, a key is disclosed once per epoch.
TESLA restricts number of authenticated senders.
Broadcast from Base Station vs. Broadcast from a node
![Page 20: SPINS: Security Protocols for Sensor Networks Adrian Perrig, Robert Szewczyk, Victor Wen, David Culler, and J.D. Tygar – University of California, Berkeley](https://reader035.vdocuments.site/reader035/viewer/2022062714/56649d6a5503460f94a48aff/html5/thumbnails/20.jpg)
Cryptography Implementation Block Cipher
RC5 – small code size and high efficiency Variable block size (32, 64, or 128 bits) Key Size (0 to 255) # of Rounds (0 to 255) Modular additions and XORs Feistal like structure
![Page 21: SPINS: Security Protocols for Sensor Networks Adrian Perrig, Robert Szewczyk, Victor Wen, David Culler, and J.D. Tygar – University of California, Berkeley](https://reader035.vdocuments.site/reader035/viewer/2022062714/56649d6a5503460f94a48aff/html5/thumbnails/21.jpg)
Encryption Function Counter (CTR) Mode
Same function for encryption and decryption Stream cipher in nature
![Page 22: SPINS: Security Protocols for Sensor Networks Adrian Perrig, Robert Szewczyk, Victor Wen, David Culler, and J.D. Tygar – University of California, Berkeley](https://reader035.vdocuments.site/reader035/viewer/2022062714/56649d6a5503460f94a48aff/html5/thumbnails/22.jpg)
MAC Generation
![Page 23: SPINS: Security Protocols for Sensor Networks Adrian Perrig, Robert Szewczyk, Victor Wen, David Culler, and J.D. Tygar – University of California, Berkeley](https://reader035.vdocuments.site/reader035/viewer/2022062714/56649d6a5503460f94a48aff/html5/thumbnails/23.jpg)
Key Setup
![Page 24: SPINS: Security Protocols for Sensor Networks Adrian Perrig, Robert Szewczyk, Victor Wen, David Culler, and J.D. Tygar – University of California, Berkeley](https://reader035.vdocuments.site/reader035/viewer/2022062714/56649d6a5503460f94a48aff/html5/thumbnails/24.jpg)
Evaluation Code Size
RAM Requirements
![Page 25: SPINS: Security Protocols for Sensor Networks Adrian Perrig, Robert Szewczyk, Victor Wen, David Culler, and J.D. Tygar – University of California, Berkeley](https://reader035.vdocuments.site/reader035/viewer/2022062714/56649d6a5503460f94a48aff/html5/thumbnails/25.jpg)
Evaluation Energy Costs
20%1%
1%
1%
7%
2%
71%
MAC Transmission
Encryption Computation
EncryptionTransmissionComputation
Freshness Transmission
MAC Computation
Data Transmission
![Page 26: SPINS: Security Protocols for Sensor Networks Adrian Perrig, Robert Szewczyk, Victor Wen, David Culler, and J.D. Tygar – University of California, Berkeley](https://reader035.vdocuments.site/reader035/viewer/2022062714/56649d6a5503460f94a48aff/html5/thumbnails/26.jpg)
Related Work Carman, Kruus, and Matt analyze a variety
of approaches for key agreement and distribution in sensor networks.
TEA by Wheeler and Needham or TREYFER by Yuval are smaller alternatives as symmetric ciphers.
Karlof and Wagner investigate security goals for routing in sensor networks.
Deng et al. analyze attacks against the base station.
![Page 27: SPINS: Security Protocols for Sensor Networks Adrian Perrig, Robert Szewczyk, Victor Wen, David Culler, and J.D. Tygar – University of California, Berkeley](https://reader035.vdocuments.site/reader035/viewer/2022062714/56649d6a5503460f94a48aff/html5/thumbnails/27.jpg)
Limitations/Future Work TESLA requires loose time
synchronization between nodes Counter must be updated at sender and
receiver Information leakage through covert
channels Only ensure that a compromised sensor
does not reveal the keys of all the sensors in the network
![Page 28: SPINS: Security Protocols for Sensor Networks Adrian Perrig, Robert Szewczyk, Victor Wen, David Culler, and J.D. Tygar – University of California, Berkeley](https://reader035.vdocuments.site/reader035/viewer/2022062714/56649d6a5503460f94a48aff/html5/thumbnails/28.jpg)
Limitations/Future Work Does not consider DoS Does not achieve non-repudiation Relies on the base station being trusted,
and therefore does not consider attacks on the base station itself.
![Page 29: SPINS: Security Protocols for Sensor Networks Adrian Perrig, Robert Szewczyk, Victor Wen, David Culler, and J.D. Tygar – University of California, Berkeley](https://reader035.vdocuments.site/reader035/viewer/2022062714/56649d6a5503460f94a48aff/html5/thumbnails/29.jpg)
Questions/Comments