Efficiently Authenticating Code Images in Dynamically Reprogrammed Wireless Sensor Networks PerSec 2006 Speaker: Prof. Rick Han Coauthors Jing Deng and.

Slides:



Advertisements
Similar presentations
Chris Karlof and David Wagner
Advertisements

Security in Sensor Networks By : Rohin Sethi Aranika Mahajan Twisha Patel.
Computer Science Dr. Peng NingCSC 774 Adv. Net. Security1 CSC 774 Advanced Network Security Topic 6. Security in Mobile Ad-Hoc Networks.
1 Computer Networks: A Systems Approach, 5e Larry L. Peterson and Bruce S. Davie Chapter 8 Network Security Copyright © 2010, Elsevier Inc. All rights.
Distribution and Revocation of Cryptographic Keys in Sensor Networks Amrinder Singh Dept. of Computer Science Virginia Tech.
Efficient Public Key Infrastructure Implementation in Wireless Sensor Networks Wireless Communication and Sensor Computing, ICWCSC International.
A Distributed Security Framework for Heterogeneous Wireless Sensor Networks Presented by Drew Wichmann Paper by Himali Saxena, Chunyu Ai, Marco Valero,
Queensland University of Technology CRICOS No J Mitigating Sandwich Attacks against a Secure Key Management in WSNs for PCS/SCADA Hani Alzaid, DongGook.
DoS Attacks on Sensor Networks Hossein Nikoonia Department of Computer Engineering Sharif University of Technology
An Efficient Scheme for Authenticating Public Keys in Sensor Networks Wenliang (Kevin) Du (Syracuse) Ronghua Wang (Syracuse) Peng Ning (North Carolina.
LOGO Multi-user Broadcast Authentication in Wireless Sensor Networks ICU Myunghan Yoo.
Introduction to Sensor Networks Rabie A. Ramadan, PhD Cairo University 4.
TinySec: A Link Layer Security Architecture for Wireless Sensor Networks C. Karlof, N. Sastry, D. Wagner SPINS: Security Protocol for Sensor Networks A.
Secure Routing in WSNs: Attacks & Countermeasures Chris Karlof & David Wagner, UC Berkeley 1 st IEEE International Workshop on Sensor Network Protocols.
A Pairwise Key Pre-Distribution Scheme for Wireless Sensor Networks Wenliang (Kevin) Du, Jing Deng, Yunghsiang S. Han and Pramod K. Varshney Department.
Security Issues In Sensor Networks By Priya Palanivelu.
Secure Routing in Sensor Networks: Attacks and Countermeasures First IEEE International Workshop on Sensor Network Protocols and Applications 5/11/2003.
Research Trends in MANETs at CIIT, Islamabad Mohammad Mahboob Yasin, PhD COMSATS Institute of Information Technology.
INSENS: Intrusion-Tolerant Routing For Wireless Sensor Networks By: Jing Deng, Richard Han, Shivakant Mishra Presented by: Daryl Lonnon.
Key Distribution in Sensor Networks (work in progress report) Adrian Perrig UC Berkeley.
Security in Wireless Sensor Networks Perrig, Stankovic, Wagner Jason Buckingham CSCI 7143: Secure Sensor Networks August 31, 2004.
SPINS: Security Protocols for Sensor Networks Adrian Perrig, Robert Szewczyk, Victor Wen, David Culler, J.D. Tygar Research Topics in Security in the context.
SPINS: Security Protocols for Sensor Networks Adrian Perrig Robert Szewczyk Victor Wen David Culler Doug TygarUC Berkeley.
A Lightweight Hop-by-Hop Authentication Protocol For Ad- Hoc Networks Speaker: Hsien-Pang Tsai Teacher: Kai-Wei Ke Date:2005/01/20.
ITIS 6010/8010: Wireless Network Security Weichao Wang.
Key management in wireless sensor networks Kevin Wang.
LEAP: Efficient Security Mechanisms for Large-Scale Distributed Sensor Networks By: Sencun Zhu, Sanjeev Setia, and Sushil Jajodia Presented By: Daryl Lonnon.
Computer Science CSC 774 Adv. Net. SecurityDr. Peng Ning1 CSC 774 Advanced Network Security Topic 4. Broadcast Authentication.
Security Considerations for Wireless Sensor Networks Prabal Dutta (614) Security Considerations for Wireless Sensor Networks.
Bob can sign a message using a digital signature generation algorithm
Mitigating DoS Attacks against Broadcast Authentication in Wireless Sensor Networks Peng Ning, An Liu North Carolina State University and Wenliang Du Syracuse.
Computer Science Secure Hierarchical In-network Data Aggregation for Sensor Networks Steve McKinney CSC 774 – Dr. Ning Acknowledgment: Slides based on.
Secure Aggregation for Wireless Networks Lingxuan Hu David Evans [lingxuan, Department of Computer.
KAIS T A lightweight secure protocol for wireless sensor networks 윤주범 ELSEVIER Mar
MOBILE AD-HOC NETWORK(MANET) SECURITY VAMSI KRISHNA KANURI NAGA SWETHA DASARI RESHMA ARAVAPALLI.
Secure Cell Relay Routing Protocol for Sensor Networks Xiaojiang Du, Fengiing Lin Department of Computer Science North Dakota State University 24th IEEE.
GZ06 : Mobile and Adaptive Systems A Secure On-Demand Routing Protocol for Ad Hoc Networks Allan HUNT Wandao PUNYAPORN Yong CHENG Tingting OUYANG.
A Design for Secure and Survivable Wireless Sensor Networks Yi Qian, Kejie Lu, David Tipper Presented by: William Newton University of Maryland, Baltimore.
Anonymous Path Routing Protocol in Wireless Sensor Networks Jang-Ping Sheu* §, Jehn-Ruey Jiang* and Ching Tu* National Central University* and National.
Secure routing in wireless sensor network: attacks and countermeasures Presenter: Haiou Xiang Author: Chris Karlof, David Wagner Appeared at the First.
Secure Routing in Wireless Sensor Networks: Attacks and Countermeasures Chris Karlof and David Wagner (modified by Sarjana Singh)
Rushing Attacks and Defense in Wireless Ad Hoc Network Routing Protocols ► Acts as denial of service by disrupting the flow of data between a source and.
TinySec : Link Layer Security Architecture for Wireless Sensor Networks Chris Karlof :: Naveen Sastry :: David Wagner Presented by Anil Karamchandani 10/01/2007.
Secure Routing in Wireless Sensor Networks: Attacks and Countermeasures Chris Karlof David Wagner University of California at Berkeley 1st IEEE International.
Computer Science CSC 774 Adv. Net. Security1 Presenter: Tong Zhou 11/21/2015 Practical Broadcast Authentication in Sensor Networks.
Computer Science 1 TinySeRSync: Secure and Resilient Time Synchronization in Wireless Sensor Networks Speaker: Sangwon Hyun Acknowledgement: Slides were.
Security in Mobile Ad Hoc Networks: Challenges and Solutions (IEEE Wireless Communications 2004) Hao Yang, et al. October 10 th, 2006 Jinkyu Lee.
Multi-user Broadcast Authentication in Wireless Sensor Networks Kui Ren, Wenjing Lou, Yanchao Zhang SECON2007 Manar Mahmoud Abou elwafa.
Efficient Distribution of Key Chain Commitments for Broadcast Authentication in Distributed Sensor Networks Donggang Liu and Peng Ning Department of Computer.
Shambhu Upadhyaya 1 Ad Hoc Networks – Network Access Control Shambhu Upadhyaya Wireless Network Security CSE 566 (Lecture 20)
SEAD: Secure Efficient Distance Vector Routing for Mobile Wireless Ad Hoc Network Raymond Chang March 30, 2005 EECS 600 Advanced Network Research, Spring.
Shambhu Upadhyaya 1 Sensor Networks – Hop- by-Hop Authentication Shambhu Upadhyaya Wireless Network Security CSE 566 (Lecture 22)
Security for Broadcast Network
Aggregation and Secure Aggregation. Learning Objectives Understand why we need aggregation in WSNs Understand aggregation protocols in WSNs Understand.
1 An Interleaved Hop-by-Hop Authentication Scheme for Filtering of Injected False Data in Sensor Networks Sencun Zhu, Sanjeev Setia, Sushil Jajodia, Peng.
1 Routing security against Threat models CSCI 5931 Wireless & Sensor Networks CSCI 5931 Wireless & Sensor Networks Darshan Chipade.
A Key Management Scheme for Distributed Sensor Networks Laurent Eschaenauer and Virgil D. Gligor.
Network Security Celia Li Computer Science and Engineering York University.
International Conference Security in Pervasive Computing(SPC’06) MMC Lab. 임동혁.
Security Review Q&A Session May 1. Outline  Class 1 Security Overview  Class 2 Security Introduction  Class 3 Advanced Security Constructions  Class.
Aggregation and Secure Aggregation. [Aggre_1] Section 12 Why do we need Aggregation? Sensor networks – Event-based Systems Example Query: –What is the.
 Attacks and threats  Security challenge & Solution  Communication Infrastructure  The CA hierarchy  Vehicular Public Key  Certificates.
Security of the Internet of Things: perspectives and challenges
Round-Efficient Broadcast Authentication Protocols for Fixed Topology Classes Haowen Chan, Adrian Perrig Carnegie Mellon University 1.
Path key establishment using multiple secured paths in wireless sensor networks CoNEXT’05 Guanfeng Li  University of Pittsburgh, Pittsburgh, PA Hui Ling.
Data Integrity: Applications of Cryptographic Hash Functions
Security Of Wireless Sensor Networks
Security of Wireless Sensor Networks
Aggregation.
Outline A. Perrig, R. Szewczyk, V. Wen, D. Culler, and J. D. Tygar. SPINS: Security protocols for sensor networks. In Proceedings of MOBICOM, 2001 Sensor.
Presentation transcript:

Efficiently Authenticating Code Images in Dynamically Reprogrammed Wireless Sensor Networks PerSec 2006 Speaker: Prof. Rick Han Coauthors Jing Deng and Prof. Shiv Mishra University of Colorado at Boulder Department of Computer Science

Reprogramming Wireless Sensor Networks (WSNs) Reprogramming in situ sensor nodes through wireless medium. –Important for sensor network management. Patch buggy code, change run-time parameters. Install new applications and unanticipated features. Very important for hostile and/or rugged terrain. General properties of WSNs –Resource constraints –Tree-structured routing FireWxNet MobiSys 2006 Base station Tree-structured topology of WSN

Secure Reprogramming in WSNs Security is critical for Reprogramming. –Scientific applications – lives may depend on the data (FireWxNet) –Military applications –Commercial applications – inject false code Types of attacks: –Prevent an adversary from injecting malicious or bogus code image to sensor nodes. Data authenticity and integrity – a focus of this paper –Prevent an adversary from a DoS flooding attack – our approach has resilience to this –Prevent an adversary from understanding program code Confidentiality – not a focus of this paper –In WSNs, an adversary can compromise a node! Efficiently protect authenticity and integrity of program code image disseminated from base station

A System Model for Reprogramming Sensor Nodes BS n m … Entire code image is segmented into pages, each page contains a certain number of packets. Page level: a node has to receive page by page sequentially. Packet level: a node broadcasts all packets in a page in “Round-Robin” way. After receiving ACK/NACK messages from neighbors nodes, it broadcasts lost packets, and so on, until all packets are received by neighbors. program code Provides an efficient way to reliably disseminate a large amount of data to the entire network. Deluge, others… 24,5,n n 2

Threat Model and Security Goals Threat Model –Adversary can eavesdrop on all packets nearby. –Adversary can inject (any types of ) data nearby. –Adversary can compromise a sensor node and obtain all information inside it, including code image and keys. –Adversary cannot compromise the base station. Security Goals 1.Protect authenticity and integrity of code image. Adversary cannot inject his malicious program code even given compromised sensor nodes. 2.Preventing adversary from launching Denial of Services attacks by flooding bogus packets. Every node can verify the authenticity of code image as soon as it receives it. Otherwise adversary can inject bogus packets to launch DoS attacks or force a node to drop correct data. 3.Low cost. The communication/computing overhead are acceptable. BS Does not protect against: –Local jamming attacks. Can countermeasure it. –Data confidentiality. M M M

Limiting Public Key Operations Difficult to construct a pure symmetric key approach. –Global key –Transitory global key - to deal with node compromise, but still has problems… –Pairwise keys – issues raised in earlier talk, etc. –Key distribution problem Are public key algorithms feasible on standard sensor nodes? Yes, just barely. –Computing overhead RSA –2-3 seconds (512 bits of key) on mica2. Elliptic Curve Cryptographic algorithm –D. Malan: 40 seconds to encrypt 16 bytes of data on MICA2 –P. Ning: TinyECC takes 12 to 16 seconds to verify a signature on MICAz –V. Gupta: Sizzle from Sun, hundreds or thousands milliseconds on Atmel chip (haven’t seen source code yet) –Communication overhead: RSA: 512 bits of key, Elliptic curve : 168 bits of key Our approach: –combine public key and fast cryptographic hash schemes, but limit public key executions –Predistribute the public key of the base station, and a cryptographic hash

Signed Hash Tree Scheme Motivation: to make our scheme more efficient when some data packets are lost. Solution: send all hashes first, then send data packets. Build a hash tree, hashes in high level packets can be used to authenticate hashes/data in low level packets. –P 2,0 =Hash(P 3,0 )||Hash(P 3,1 ) Send packets from high level to low level. After a node received packet P, it can receive disordered children (hash/data) packets of P. An attacker can’t modify packets undetected Compromise reveals public key and hash A node can verify immediately each packet, even if out of order Sender can disseminate packets similar to Round-Robin. P 4,0 P 4,1 P 4,2 P 4,3 P 4,4 P 4,5 P 4,6 P 4,7 P 3,0 P 3,1 P 3,2 P 3,3 P 2,0 P 2,2 P 1,0 signature

New Results: Compare to a Signed Hash Chain Scheme Similar approaches published in operating systems, SenSys 05 poster, etc. The base station has a private key, and all sensors have the public key. Each packet contains the secure hash value of next packet. The first packet P 0 value contains the signature of the secure hash value signed with private key. When a node receives packet P 0, it can verify the authenticity of the hash value H 1 with the public key. When a node receives packet P k, it can verify its authenticity with H k it received before. Protects data authenticity and integrity. Problems: –Maliciously breaking the chain => can’t verify subsequent packets –Not efficient when packet loss rate is high. –To verify packet H k, B have to receive all packets from H 0 to H k-1. (cannot run Round-robin scheme with NACK) A B

New Results: Linked Hash-tree Scheme Motivation –Conform with code dissemination protocol of Deluge – enforces per page ordering, so can out-of-order packets within a page, but not out-of- order pages => per-page public key! –Reduce memory cost Each page contains a hash tree for code image authentication. Use a signed hash chain to link the root nodes of all hash trees. To appear in IPSN 2006

New Results: Simulations Scenario –A node disseminates 32KB data to 20 neighbors. Packet size 128B, hash size 4B. Hash chain scheme is very expensive since every receiver needs to send an ACK message back to sender. Hash tree scheme consumes too much memory. Hybrid hash chain/tree scheme has feasible moderate cost. (more simulation results are in the IPSN paper) Deluge4KB Hash Chain4 bytes Hash Tree32KB Hybrid4.1KB Memory Consumption

Summary Presented a signed hash tree scheme for efficient and secure dissemination of code to WSNs –Form a signed hash tree –Release hashes a priori –Immediate verification –Out-of-order verification New results show that a hybrid signed chain-tree is the best combination of low overhead, low memory, and low delay –performance is close to insecure Deluge scheme

Fine

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.