using the cc2420 with aes support

22
Using the CC2420 with AES Support Eric Famiglietti and Simone Willett

Upload: dalit

Post on 23-Mar-2016

41 views

Category:

Documents


7 download

DESCRIPTION

Using the CC2420 with AES Support. Eric Famiglietti and Simone Willett. WSN Encryption Issues. Lack of physical protection Resource constraints Public-key cryptography, RSA Unsuitable for low power and limited memory Key establishment/distribution problem Symmetric-key algorithms. - PowerPoint PPT Presentation

TRANSCRIPT

Page 1: Using the CC2420 with AES Support

Using the CC2420 with AES Support

Eric Famiglietti and Simone Willett

Page 2: Using the CC2420 with AES Support

WSN Encryption IssuesLack of physical protectionResource constraints

Public-key cryptography, RSAUnsuitable for low power and limited memory

Key establishment/distribution problemSymmetric-key algorithms

Page 3: Using the CC2420 with AES Support

WSN Encryption ExamplesIdentity-based encryption

http://eprint.iacr.org/2007/020.pdfSolves problem of public-key exchange

RSA, Elliptic curve cryptographyhttp://www.cs.wayne.edu/~weisong/papers/walters

05-wsn-security-survey.pdfTinySec

DES, RC5, Skipjack, AES

Page 4: Using the CC2420 with AES Support

AESAdvanced Encryption Standard

Successor of DESSymmetric key encryption standardUsed worldwideFixed block size of 128 bitsKey size of 128, 192, or 256 bitsNumber of rounds of encryption

10, 12, 14 respectively

Page 5: Using the CC2420 with AES Support

AES: PerformanceFaster in hardware

Good performance was an explicit goalPerforms well on a variety of hardware

Page 6: Using the CC2420 with AES Support

Trust ManagementWe are primarily concerned with authorization,

as opposed to authentication. Authentication is the mechanism whereby

systems may securely identify their users.Authorization is the mechanism by which a

system determines what level of access a particular authenticated user should have to secured resources controlled by the system.

Page 7: Using the CC2420 with AES Support

Trust Management, the bottomline

Page 8: Using the CC2420 with AES Support

Main GoalWe would like to set up a public key encryption

to authorize the sender and receiver then establish AES session keys.Verification takes 2 minutes. - unrealistic

Sprocket currently works with software created AES keys that are sent across the air and verified by the nodes.

Do all AES encryption on the chip.

Page 9: Using the CC2420 with AES Support

Trust Mangement = RT0Flexible approach to access control in distributed

systemsAccess control decisions are based on the policy

statements, called credentials, Permissions in RT0 are represented by roles. Credentials are made by different principals and

stored in a distributed manner

Page 10: Using the CC2420 with AES Support

CredentialA credential is a statement

Signed by the issuerAbout a subjectContaining info about the subject.

Requirements:Unforgeable.Verifiable (belongs to the entity asking for the

service)SignedHave well defined semantics.

Page 11: Using the CC2420 with AES Support

Example

Page 12: Using the CC2420 with AES Support
Page 13: Using the CC2420 with AES Support

CertificateContains credential information in an over the

air format.A role A.r denotes the set of entities that are

members of it.Example: UVM.studentId Alice

Entities can define roles, issue credentials, and make requests.

In our case identities are pubic keys.

Page 14: Using the CC2420 with AES Support

Certificate ValidityCredentials contain private information and

should be treated as such (e.g. medical record).Since an authorizer receives certificates from an

unknown potentially untrustworthy entities, the validity must be checked

SignaturesCertificate must not have expired.

Page 15: Using the CC2420 with AES Support

Show Verify ExampleForm 1 is A.r EForm 1Public Key 40 bytes.Role 1Pub Key2 40 bytes.Signature 2(21) = 42 bytes.Total 124 bytes.

Page 16: Using the CC2420 with AES Support

Project Currently symmetric keys are being used to

encrypt with software.We want to use the hardware to make this a

faster process.CC2420 chip that has AES support.

Allow for multiple keys and decryptionMany motes talking at once

http://focus.ti.com/lit/ds/swrs041b/swrs041b.pdf

Page 17: Using the CC2420 with AES Support

Steps1) Use the hardware version of AES in a simple

Blink program.2) Use hardware AES to send and receive packets

that are encrypted.3) Integrate into the overall project.4) Test and optimize.

Page 18: Using the CC2420 with AES Support

Encryption on CC2420Use Hardware security in CC2420.The encryption provides a plain AES encryption,

with 128 bit plaintext and 128 bit keys. To encrypt a plaintext, a node first writes the

plaintext to the stand-alone buffer SABUF, and issues a SAES command to initiate the encryption.

When encryption is complete, the ciphertext is written to the buffer, overwriting the plaintext.

Page 19: Using the CC2420 with AES Support

Interfacesinterface CC2420Register as SECCTRL0; interface CC2420Register as SECCTRL1; interface CC2420Ram as KEY0; interface CC2420Ram as SABUF; interface CC2420Strobe as SAES; interface CC2420Strobe as SNOP;

Page 20: Using the CC2420 with AES Support

How to startFirst power up the chip.Initialize the key.Encrypt.SendDecrypt.

Page 21: Using the CC2420 with AES Support

Show AES Standalone example

Page 22: Using the CC2420 with AES Support

Referenceswww.cs.purdue.edu/homes/ninghui/readings/trus

t/rt_slides.pdf.

Theory.stanford.edu/~ninghui/talks/rt_oakland02_slides.pdf.

Cis.sjtu.edu.cn/…/The_Standalone_AES_Encryption_of_CC2420_(TinyOS_2.10_and_MICAz)