Introduction to Ad-hoc & Sensor Networks Security In The Name of God ISC Student Branch in KNTU 4 th Workshop Ad-hoc & Sensor Networks Security
Outline Ad-hoc Networks Sensor Networks Motivation for Security Issues Key Distribution Schemes Some Basic Schemes Calculation of Their Parameters An Improvement April 14-15, 2011 Intro. to Ad-hoc & Sensor Networks Security 2
Outline Ad-hoc Networks Sensor Networks Motivation for Security Issues Key Distribution Schemes Some Basic Schemes Calculation of Their Parameters An Improvement April 14-15, 2011 Intro. to Ad-hoc & Sensor Networks Security 3
Ad-hoc Network: Motivation April 14-15, 2011 Intro. to Ad-hoc & Sensor Networks Security 4
Ad-hoc Network: Properties Without any Infrastructure (Self-Organized) Minimal Configuration & Quick Deployment Dynamic Topology Each Node Participates in Routing Constrained Resources Battery Power Wireless Transmitter Range Computational Power April 14-15, 2011 Intro. to Ad-hoc & Sensor Networks Security 5
Ad-hoc Network: Applications Started by DARPA (1970s) Military Conflicts Emergency Services or Natural Disasters Commercial Environments Location-Aware Services Entertainment April 14-15, 2011 Intro. to Ad-hoc & Sensor Networks Security 6
Outline Ad-hoc Networks Sensor Networks Motivation for Security Issues Key Distribution Schemes Some Basic Schemes Calculation of Their Parameters An Improvement April 14-15, 2011 Intro. to Ad-hoc & Sensor Networks Security 7
Sensor Network: Definition A Collection of Sensors Gathering and Sending Information Self-Organized Similar to Ad-hoc Network Monitoring Sending Alarms On-Demand Querying Information April 14-15, 2011 Intro. to Ad-hoc & Sensor Networks Security 8
Sensor Node Micro Controller Radio Transceiver Battery Sensor Temperature Motion Pollution … April 14-15, 2011 Intro. to Ad-hoc & Sensor Networks Security 9
Sensor Network: Applications Battlefield Surveillance Industrial Process Monitoring Environment Monitoring Forest Fire Detection Air Pollution Monitoring Greenhouse (Humidity & Temperature) Health Care (Tracking Patients, …) Traffic Control Home Automation … April 14-15, 2011 Intro. to Ad-hoc & Sensor Networks Security 10
Sensor Network: Properties Lots of Sensors Spread Randomly over Target Area Not Controlled by Human No Movement (often) Size & Cost Constraints More Tight Constraints on: Power Consumption Memory Size Computational Power Communicational Power April 14-15, 2011 Intro. to Ad-hoc & Sensor Networks Security 11
Outline Ad-hoc Networks Sensor Networks Motivation for Security Issues Key Distribution Schemes Some Basic Schemes Calculation of Their Parameters An Improvement April 14-15, 2011 Intro. to Ad-hoc & Sensor Networks Security 12
Security Issues Vulnerabilities: Broadcast Channel Physical Access to Nodes Cannot be made Tamper Proof Why Standard Models Are not Applicable? Computational Constraints Memory Constraints Infeasibility of Public-Key Cryptosystem Some More Considerations on Private -Key Cryptosystem April 14-15, 2011 Intro. to Ad-hoc & Sensor Networks Security 13
Key Management Key Distribution (or Pre-Distribution) Key Discovery Key Establishment Key Update April 14-15, 2011 Intro. to Ad-hoc & Sensor Networks Security 14
Key Distribution Which node should store which keys? April 14-15, 2011 Intro. to Ad-hoc & Sensor Networks Security 15
Outline Ad-hoc Networks Sensor Networks Motivation for Security Issues Key Distribution Schemes Some Basic Schemes Calculation of Their Parameters An Improvement April 14-15, 2011 Intro. to Ad-hoc & Sensor Networks Security 16
Trivial Schemes April 14-15, 2011 Intro. to Ad-hoc & Sensor Networks Security 17 Single Master Key Distinct Pair-wise Keys Large Memory Low Security Infeasible
Evaluation Metrics Memory Usage Connectivity Processing Overhead Communication Overhead Resiliency Against Node Capture April 14-15, 2011 Intro. to Ad-hoc & Sensor Networks Security 18
Evaluation Metrics (cont’d) April 14-15, 2011 Intro. to Ad-hoc & Sensor Networks Security 19 Fail (s) = % Compromised Links When s Nodes Are Compromised Fail(s) s 1 1 Single Master Key Fail(s) s 1 1 2/N N-1 Distinct Pair-wise Keys
Classification- I April 14-15, 2011 Intro. to Ad-hoc & Sensor Networks Security 20 DeterministicProbabilistic Large Number of Keys 2 Keys in each node Connected Communicational & Computational Overhead Arbitrary Features
Classification- II April 14-15, 2011 Intro. to Ad-hoc & Sensor Networks Security 21 Location Independent Location aware Better PerformanceMore Realistic
Classification- III April 14-15, 2011 Intro. to Ad-hoc & Sensor Networks Security 22 Homogenous Hierarchical Resilient against more overhead Easier to Establish- More Realistic
Outline Ad-hoc Networks Sensor Networks Motivation for Security Issues Key Distribution Schemes Some Basic Schemes Calculation of Their Parameters An Improvement April 14-15, 2011 Intro. to Ad-hoc & Sensor Networks Security 23
Blom Polynomial Scheme April 14-15, 2011 Intro. to Ad-hoc & Sensor Networks Security 24 m m n n
EG Probabilistic Scheme April 14-15, 2011 Intro. to Ad-hoc & Sensor Networks Security 25 Connected with arbitrary probability near 1
Liu Scheme April 14-15, 2011 Intro. to Ad-hoc & Sensor Networks Security 26
Transversal Design Scheme April 14-15, 2011 Intro. to Ad-hoc & Sensor Networks Security 27
Outline Ad-hoc Networks Sensor Networks Motivation for Security Issues Key Distribution Schemes Some Basic Schemes Calculation of Their Parameters An Improvement April 14-15, 2011 Intro. to Ad-hoc & Sensor Networks Security 28
Fail(s) for EG Scheme It is claimed that Fail(1) = k/P sometimes < 2/n Assumption: 1 node is captured Event A = An arbitrary link is compromised Event B = The captured node is one end of the considered link Fail(1) = Pr{A} = Pr{A|B}Pr{B} + Pr{A|B’}Pr{B’} Pr{B} = 2/n Pr{B’} = 1 – 2/n Pr{A|B} = 1 Pr{A|B’} = k/P fail(1) = 1 * 2/n + k/P * (1-2/n) ≈ 2/n + k/P April 14-15, 2011 Intro. to Ad-hoc & Sensor Networks Security 29
Comparison April 14-15, 2011 Intro. to Ad-hoc & Sensor Networks Security 30 SchemeAvg hopsMemoryFail(1) Pair-wise1n-12/n Blom1k2/n. EG2-qk2/n + k/P Liu 2-k/(n-1) 2 k=n/m+m-2 2√n < k < n-1 2/n TD(k,√n)1<2-k/(√n+1)<2k < √n1 / √n
Outline Ad-hoc Networks Sensor Networks Motivation for Security Issues Key Distribution Schemes Some Basic Schemes Calculation of Their Parameters An Improvement April 14-15, 2011 Intro. to Ad-hoc & Sensor Networks Security 31
An improvement to EG April 14-15, 2011 Intro. to Ad-hoc & Sensor Networks Security 32
An improvement to EG April 14-15, 2011 Intro. to Ad-hoc & Sensor Networks Security 33
Result April 14-15, 2011 Intro. to Ad-hoc & Sensor Networks Security 34 Pr{Share a common Key} Memory Size
Resiliency against node capture Broken Completely: 2 / n + k 2 / P 2 2k / P of links (Half Security) April 14-15, 2011 Intro. to Ad-hoc & Sensor Networks Security 35
References April 14-15, 2011 Intro. to Ad-hoc & Sensor Networks Security 36 [1] R. Blom, "An optimal class of symmetric key generation systems", in: T. Beth, N. Cot, I. Ingemarsson (eds.), Advances in Cryptology -EUROCRYPT ’84, vol. 209 of LNCS, Springer-Verlag, pp. 335–338, [2] C. Blundo, A. D. Santis, A. Herzberg, S. Kutten, U. Vaccaro, M. Yung, "Perfectly-secure key distribution for dynamic conferences", in: E. F. Brickell (ed.), Advances in Cryptology -CRYPTO ’92, vol. 740 of LNCS, Springer-Verlag, pp. 471–486, [3] Y. Cheng, D. P. Agrawal, “An improved key distribution mechanism for large-scale hierarchical wireless sensor networks”, ELSEVIER Ad Hoc Networks 5, pp. 35–48, [4] J. Lee, D. R. Stinson, "On the construction of practical key predistribution schemes for distributed sensor networks using combinatorial designs", ACM Trans. Inf. Syst. Secur. 11 (2), pp. 1–35, [5] S. A. Camtepe, B. Yener, "Key distribution mechanisms for wireless sensor networks: a survey", Tech. Rep. TR , Rensselaer Polytechnic Institute, [6] K.M. Martin, M.B. Paterson, D.R. Stinson."Key Predistribution for Homogeneous Wireless Sensor Networks with Group Deployment of Nodes". Cryptology ePrint Archive, [7]A. Parakh, S. Kah, "A Key Distribution Scheme for Sensor Networks Using Structured Graphs", arxiv e-Print archive, 2010.
References April 14-15, 2011 Intro. to Ad-hoc & Sensor Networks Security 37 [8]J. Lopez, J. Zhou. "Wireless Sensor Network Security". IOS Press, [9] M. Ren, J. Jaworski, K. Rybarczyk, "Random key predistribution for wireless sensor networks using deployment knowledge", 8th Central European Conference on Cryptography, [10] H. Chan, A. Perrig, D. Song, "Random Key Predistribution Schemes for Sensor Networks", Proceedings of the 2003 IEEE Symposium on Security and Privacy, p.197, [11]L. Eschenauer, V.D. Gligor. "A Key-Management Scheme for Distributed Sensor Networks". Proceedings of the 9th ACM conference on Computer and communications security, pp 41-47, 2002
April 14-15, 2011 Intro. to Ad-hoc & Sensor Networks Security 38 Thank you!