1 CS 577 “TinySec: A Link Layer Security Architecture for Wireless Sensor Networks” Chris Karlof, Naveen Sastry, David Wagner UC Berkeley Summary presented.

Slides:



Advertisements
Similar presentations
TinySec: Security for TinyOS C. Karlof, N. Sastry, D. Wagner November 20, 2002.
Advertisements

MAC Raushan. DES simple fiestel network 3131 PlainText Blocks 2*4=8bits 31 f f =0011 xor 0011=0000 = 0 f(r,k)=(2*r+k^2)%8 f(1,5)=(2*1+5^2)%8=3 xor 3 3.
“Advanced Encryption Standard” & “Modes of Operation”
Encipherment Using Modern Symmetric-Key Ciphers. 8.2 Objectives ❏ To show how modern standard ciphers, such as DES or AES, can be used to encipher long.
CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (3) Information Security.
Efficient Public Key Infrastructure Implementation in Wireless Sensor Networks Wireless Communication and Sensor Computing, ICWCSC International.
Transport Layer Security (TLS) Protocol Introduction to networks and communications(CS555) Prof : Dr Kurt maly Student:Abhinav y.
TinySec: Security for TinyOS Chris Karlof Naveen Sastry David Wagner January 15, 2003
TinySec: A Link Layer Security Architecture for Wireless Sensor Networks C. Karlof, N. Sastry, D. Wagner SPINS: Security Protocol for Sensor Networks A.
Cryptography1 CPSC 3730 Cryptography Chapter 6 Triple DES, Block Cipher Modes of Operation.
TinySec: A Link Layer Security Architecture for Wireless Sensor Networks Seetha Manickam.
1 Enhancing Wireless Security with WPA CS-265 Project Section: 2 (11:30 – 12:20) Shefali Jariwala Student ID
Intercepting Mobiles Communications: The Insecurity of Danny Bickson ACNS Course, IDC Spring 2007.
Security Issues In Sensor Networks By Priya Palanivelu.
Wired Equivalent Privacy (WEP)
Security in Wireless LAN Layla Pezeshkmehr CS 265 Fall 2003-SJSU Dr.Mark Stamp.
TinySec: A Link Layer Security Architecture for Wireless Sensor Networks Chris Karlof, Naveen Sastry, David Wagner SenSys 2004.
Modes of Operation CS 795. Electronic Code Book (ECB) Each block of the message is encrypted with the same secret key Problems: If two identical blocks.
1 TinySec: A Link Layer Security Architecture for Wireless Sensor Networks Chris Karlof, Naveen Sastry, David Wagner Presented by Paul Ruggieri.
Privacy and Security in Embedded Sensor Networks Daniel Turner 11/18/08 CSE237a.
SPINS: Security Protocols for Sensor Networks Adrian Perrig, Robert Szewczyk, Victor Wen, David Culler, J.D. Tygar Research Topics in Security in the context.
TinySec: Link Layer Security Chris Karlof, Naveen Sastry, David Wagner University of California, Berkeley Presenter: Todd Fielder.
SPINS: Security Protocols for Sensor Networks Adrian Perrig, Robert Szewczyk, Victor Wen, David Culler, and J.D. Tygar – University of California, Berkeley.
TinySec: Performance Characteristics Chris K :: Naveen S :: David W January 16, 2004.
Network Security. Contents Security Requirements and Attacks Confidentiality with Conventional Encryption Message Authentication and Hash Functions Public-Key.
Chapter 8.  Cryptography is the science of keeping information secure in terms of confidentiality and integrity.  Cryptography is also referred to as.
A Methodology for Evaluating Wireless Network Security Protocols David Rager Kandaraj Piamrat.
Block Cipher Transmission Modes CSCI 5857: Encoding and Encryption.
Wireless security & privacy Authors: M. Borsc and H. Shinde Source: IEEE International Conference on Personal Wireless Communications 2005 (ICPWC 2005),
Modes of Operation. Topics  Overview of Modes of Operation  EBC, CBC, CFB, OFB, CTR  Notes and Remarks on each modes.
Security Considerations for IEEE Networks Karthikeyan Mahadevan.
1 TinySec: A Link Layer Security Architecture for Wireless Sensor Networks Hai Yan Computer Science & Engineering University of Connecticut.
TinySec: A Link Layer Security Architecture for Wireless Sensor Networks – Chris Karlof, Naveen Sastry & David Wagner Dr. Xiuzhen Cheng Department of Computer.
SENSOR NETWORK SECURITY Group Members Pardeep Kumar Md. Iftekhar Salam Ahmed Galib Reza 1 Presented by: Iftekhar Salam 1.
COEN 350 Mobile Security. Wireless Security Wireless offers additional challenges: Physical media can easily be sniffed. War Driving Legal? U.S. federal.
Intercepting Mobile Communications: The Insecurity of Nikita Borisov Ian Goldberg David Wagner UC Berkeley Zero-Knowledge Sys UC Berkeley Presented.
CS526: Information Security Prof. Sam Wagstaff September 16, 2003 Cryptography Basics.
Module 3 – Cryptography Cryptography basics Ciphers Symmetric Key Algorithms Public Key Algorithms Message Digests Digital Signatures.
WEP Protocol Weaknesses and Vulnerabilities
Network Security David Lazăr.
Security for Sensor Networks: Cryptography and Beyond David Wagner University of California at Berkeley In collaboration with: Chris Karlof, David Molnar,
Sensor Network Security: Survey Team Members Pardeep Kumar Md. Iftekhar Salam Ah. Galib Reza 110/28/2015.
Security on Sensor Networks Presented by Min-gyu Cho SPINS: Security Protocol for Sensor Networks TinySec: Security for TinyOS SPINS: Security Protocol.
IPsec IPsec (IP security) Security for transmission over IP networks –The Internet –Internal corporate IP networks –IP packets sent over public switched.
Shambhu Upadhyaya Security – AES-CCMP Shambhu Upadhyaya Wireless Network Security CSE 566 (Lecture 13)
Security in WSN Vinod Kulathumani West Virginia University.
Modes of Operation INSTRUCTOR: DANIA ALOMAR. Modes of Operation A block cipher can be used in various methods for data encryption and decryption; these.
TinySec: A Link Layer Security Architecture for Wireless Sensor Networks Chris Karlof :: Naveen Sastry :: David Wagner Presented by Roh, Yohan October.
TinySec : Link Layer Security Architecture for Wireless Sensor Networks Chris Karlof :: Naveen Sastry :: David Wagner Presented by Anil Karamchandani 10/01/2007.
TinySec: Performance Characteristics Chris K :: Naveen S :: David W January 16, 2004.
Intercepting Mobiles Communications: The Insecurity of ► Paper by Borisov, Goldberg, Wagner – Berkley – MobiCom 2001 ► Lecture by Danny Bickson.
Lecture 23 Symmetric Encryption
Privacy and Integrity: “ Two Essences of Network Security” Presenter Prosanta Gope Advisor Tzonelih Hwang Quantum Information and Network Security Lab,
Wireless Security: The need for WPA and i By Abuzar Amini CS 265 Section 1.
Wireless Security Rick Anderson Pat Demko. Wireless Medium Open medium Broadcast in every direction Anyone within range can listen in No Privacy Weak.
INFORMATION SECURITY MANAGEMENT P ROTECTION M ECHANISMS - C RYPTOGRAPHY.
TinySec: A Link Layer Security Architecture for Wireless Sensor Networks Seetha Manickam Modified by Sarjana Singh.
IPSec is a suite of protocols defined by the Internet Engineering Task Force (IETF) to provide security services at the network layer. standard protocol.
Wired Equivalent Privacy (WEP) Chris Overcash. Contents What is WEP? What is WEP? How is it implemented? How is it implemented? Why is it insecure? Why.
WLAN Security1 Security of WLAN Máté Szalay
MiniSec: A Secure Sensor Network Communication Architecture Carnegie Mellon UniversityUniversity of Maryland at College Park Mark Luk, Ghita Mezzour, Adrian.
Block Cipher Modes Last Updated: Aug 25, ECB Mode Electronic Code Book Divide the plaintext into fixed-size blocks Encrypt/Decrypt each block independently.
Modes of Operation block ciphers encrypt fixed size blocks – eg. DES encrypts 64-bit blocks with 56-bit key need some way to en/decrypt arbitrary amounts.
Computer and Network Security
TinySec: Security for TinyOS
Block Cipher Modes CS 465 Make a chart for the mode comparisons
ANALYSIS OF WIRED EQUIVALENT PRIVACY
Security Of Wireless Sensor Networks
Security of Wireless Sensor Networks
Counter With Cipher Block Chaining-MAC
Presentation transcript:

1 CS 577 “TinySec: A Link Layer Security Architecture for Wireless Sensor Networks” Chris Karlof, Naveen Sastry, David Wagner UC Berkeley Summary presented by Gary Woo

2 CS 577 Outline Sensor Networks Design goals Design Analysis Implementation Evaluation Conclusion

3 CS 577 Sensor Networks “heterogeneous system combining tiny sensors and actuators with general-purpose computing elements” Nodes are low cost and low power Applications: –Habitat monitoring –Burglar alarms –Medical monitoring –Emergency response –Battlefield management

4 CS 577 Security –Message integrity (MAC) –Confidentiality (Encryption) –Replay protection (Counter/IV) Performance –Increase in processor/RAM demand is bad –Increase in message length is worse Ease of use Transparency Portability Design goals

5 CS 577 Design Modes –Authentication (TinySec-Auth) –Authenticated encryption (TinySec-AE) Encryption –Cipher Block Chaining –IV (8 bytes) formed by destination address, Active Message type, length, source, and 2 byte counter Message Integrity –MAC computed over entire message

6 CS 577 Cipher Block Chaining All nodes share secret key Provable secure when IV not repeated Pre-encrypt IV to avoid IV and Plain text incremented by 1 leakage Ciphertext stealing, min size = 8 bytes, otherwise same size as plaintext Plain text Initialization Vector Cipher text Encryption key Plain text Cipher text Encryption key

7 CS 577 Initialization Vector Counters provides 2 n + 1 packets before reuse Random provides 2 n/2 packets before reuse due to the birthday paradox (for any 23 people two will have matching birthdays greater than 50% of the time) Reuse destination address, active message type, and length New fields: source, 2 byte counter

8 CS 577 CBC MAC Ensures that bits changed in the message will be detected Reuse of CBC algorithm saves code space XORs the encryption of the message length with the first plaintext block (uses encrypted message length as IV)

9 CS 577 Packet format Early rejection (header not encrypted) Replaces 2 byte CRC and 1 byte group field with MAC TinySec-AE has Src (2 bytes) and Ctr (2 bytes) that TinySec-Auth doesn’t, which has 1 more byte than TinyOS

10 CS 577 Analysis MAC is 4 bytes, 1 in 2 32 chance of forging correctly 19.2kb/s channels allows only 40 attempts per second (2 31 attempts will take 20 months!) Denial of service, as link will be captured Avoids birthday paradox (uses counter) Each node can send 2 16 messages before reuse of IV CBC mode with IV reuse leaks longest shared prefix of the 2 messages (must be same src/dst pair, length, AM type) Should update keys before reuse

11 CS 577 Implementation Security –MAC and CBC for encryption Performance –Runs with 728 bytes of ram and 7146 bytes of program space Ease of use –Add “TINYSEC=true” when making code

12 CS 577 Implementation (cont.) Transparency –Runs at the Link Layer Portability –Distributed with TinyOS

13 CS 577 Implementation (cont.) TinySec implemented in 3000 lines of nesC Modified task scheduler (cryptographic operations higher priority than others) Uses top 2 bits of length selects TinySec mode –Max payload length is 29 bytes

14 CS 577 Evaluation Increased message length –Reduces bandwidth –Increase latency –Increases energy consumption Added cryptography –Increased computation time –Increased energy consumption

15 CS 577 Evaluation (Increased send time) Increased send time depends on TinySec mode About 1.6% increase for each byte

16 CS 577 Evaluation (Encryption computation time) Byte time must be small CBC operates on blocks of 8 bytes Rule of thumb: less than a few byte times

17 CS 577 Evaluation (Energy costs) Yellow shading shows extra energy costs of computing MAC and performing CBC Blue shading shows extra energy from increased message length TinyOS TinySec Auth TinySec AE

18 CS 577 Evaluation (Energy costs cont.) Increase for TinySec-Auth –1% from increased packet length –2% from extra computation Increase for TinySec-AE –6% from increased packet length –4% from extra computation

19 CS 577 Evaluation (Throughput) TinySec-Auth performs just as No TinySec TinySec-AE performs ~6% lower at >5 senders

20 CS 577 Evaluation (Latency) Increased message length –TinySec-Auth: 1 byte –TinySec-AE: 5 bytes

21 CS 577 Evaluation (Latency cont.) TinySec-Auth increase by 1.1 byte times TinySec-AE increase by 4.6 byte times

22 CS 577 Evaluation (Ease of use) No changes needed to higher layers (TinySec is at Link Layer) Need to modify makefile to enable TinySec Current work: –TinyPK (RSA to exchange keys) –TinyCrypt (elliptical curve cryptography) –SRI’s key exchange –SecureSense’s dynamic security service –Bosch burglar alarm

23 CS 577 Conclusion TinySec-Auth –Provides message integrity –Increases energy consumption by 3% TinySec-AE –Provides message integrity and confidentiality –Increases energy consumption by 10% Limited gains switching to hardware as increase message length is the cause

24 CS 577 References and Acknowledgements Author’s electronic version of paper (other figures and tables were taken from this document): – sensys04.pdf

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.