SECURITY PROTOCOLS FOR WIRELESS SENSOR NETWORK Presented by Chetan Rana U08CO213

INTODUCTION Wireless Sensor Networks are networks that consists of sensors which are distributed in an ad hoc manner. These sensors work with each other to sense some physical phenomenon and then the information gathered is processed to get relevant results. Wireless sensor networks consists of protocols and algorithms with self-organizing capabilities.

Ref:

WSN ARCHITECHTURE Sensor motes (Field devices) – capable of routing packets on behalf of other devices. Gateway or Access points – A Gateway enables communication between Host application and field devices. Network manager – A Network Manager is responsible for configuration of the network, scheduling communication between devices (i.e., configuring super frames), management of the routing tables and monitoring and reporting the health of the network. Security manager – The Security Manager is responsible for the generation, storage, and Management of keys.

WSN ARCHITECTURE

WSN Topologies Wireless Links – Numerous paths to Connect to the same destination Topology - Star - Mesh - Hybrid

Star Topology Single Hop to Gateway Gateway serves to communicate between nodes Nodes cannot send data to each other directly

Star Topology ( Contd…) Pros -Lowest Power consumption -Easily Scalable Cons -Not very reliable as one point of failure No alternate communication paths

Mesh Topology Multi-Hopping Systems Nodes can communicate with each other directly Multi-Hopping Systems Nodes can communicate with each other directly

Mesh Topology ( Contd…)

Hybrid Topology Sensors are arranged in a star topology around the routers The routers arrange themselves in a mesh form Sensors are arranged in a star topology around the routers The routers arrange themselves in a mesh form

Hybrid Topology ( Contd…)

WSN CHARACTERISTICS Power consumption constrains for nodes using batteries or energy harvesting Ability to cope with node failures Mobility of nodes Dynamic network topology Communication failures Heterogeneity of nodes Scalability to large scale of deployment Ability to withstand harsh environmental conditions Ease of use Unattended operation Power consumption

HARDWARE Low-power processor. –Limited processing. Memory. –Limited storage. Radio. –Low-power. –Low data rate. –Limited range. Sensors. –Scalar sensors: temperature, light, etc. –Cameras, microphones. Power. Storage Sensors Processor Radio POWERPOWER WSN device schematics

TinyOS OS/Runtime model designed to manage the high levels of concurrency required Gives up IP, sockets, threads Uses state-machine based programming concepts to allow for fine grained concurrency Provides the primitive of low-level message delivery and dispatching as building block for all distributed algorithms

Key Software Requirements Capable of fine grained concurrency Small physical size Efficient Resource Utilization Highly Modular Self Configuring

SECURITY ATTACKS IN WSN DoS/Physical Layer/Jamming Transmission of a radio signal that interferes with the radio frequencies being used by the sensor network. Jamming the channel with an interrupting signal. DoS/Data Link Layer/Collision. DoS/Network Layer/Flooding.

DoS/Physical Layer/Tampering. Physical Tampering. Nodes are vulnerable to physical harm, or tampering (i.e. reverse engineering). DoS/Network Layer/Spoofing. Misdirection. Adversaries may be able to create routing loops, attract or repel network traffic, extend or shorten source routes, generate false error messages, partition the network, increase end-to-end latency, etc.

Sybil attack "malicious device illegitimately taking on multiple identities". Adversary can "be in more than one place at once" as a single node presents multiple identities to other nodes in the network which can significantly reduce the effectiveness of fault tolerant schemes such as distributed storage, dispersity and multipath. Sybil attacks also pose a significant threat to geographic routing protocols.

In the wormhole attack, an adversary tunnels messages received in one part of the network over a low latency link and replays them in a different part. An adversary situated close to a base station may be able to completely disrupt routing by creating a well-placed wormhole. An adversary could convince nodes who would normally be multiple hops from a base station that they are only one or two hops away via the wormhole.

A node replication attack involves an attacker inserting a new node into a network which has been cloned from an existing node, such cloning being a relatively simple task with current sensor node hardware. This new node can act exactly like the old node or it can have some extra behavior, such as transmitting information of interest directly to the attacker. A node replication attack is serious when the base station is cloned.

REQUIREMENTS FOR SENSOR NETWORK SECURITY Data Confidentiality A sensor network should not leak sensor readings to neighboring networks. Encrypt the data with a secret key that only intended receivers possess, hence achieving confidentiality

Data authentication Network reprogramming or controlling sensor node duty cycle Data authentication allows a receiver to verify that the data really was sent by the claimed sender. Informally, data authentication allows a receiver to verify that the data really was sent by the claimed sender.

Data Integrity Data integrity ensures the receiver that the received data is not altered in transit by an adversary. Data Freshness Informally, data freshness implies that the data is recent, and it ensures that no adversary replayed old messages.

Two types of freshness: weak freshness, which provides partial message ordering, but carries no delay information, and strong freshness, which provides a total order on a request-response pair, and allows for delay estimation. Weak freshness is required by sensor measurements, while strong freshness is useful for time synchronization within the network.

SECURITY PROTOCOLS FOR WSN SPINS: Security Protocols For Sensor Networks SPINS has two secure building blocks: SNEP and µTESLA. SNEP includes: data confidentiality, two-party data authentication, and evidence of data freshness. µTESLA provides authenticated broadcast for severely resource-constrained environments.

SNEP: Sensor Network Encryption Protocol SNEP provides a number of following advantages. It has low communication overhead as it only adds 8 bytes per message. It uses a counter, but avoids transmitting the counter value by keeping state at both end points. SNEP achieves semantic security, which prevents eavesdroppers from inferring the message content from the encrypted message. Finally, SNEP protocol offers data authentication, replay protection, and weak message freshness.

SNEP offers the following properties: Semantic security: Since the counter value is incremented after each message, the same message is encrypted differently each time. Data authentication: If the MAC verifies correctly, the receiver can be assured that the message originated from the claimed sender.

Replay protection: The counter value in the MAC prevents replaying old messages. Weak freshness: If the message verified correctly, the receiver knows that the message must have been sent after the previous message it received correctly (that had a lower counter value Low communication overhead: The counter state is kept at each end point and does not need to be sent in each message.

µTESLA A sender will broadcast a message generated with a secret key. After a certain period of time, the sender will disclose the secret key. The receiver is responsible for buffering the packet until the secret key has been disclosed. After disclosure the receiver can authenticate the packet, provided that the packet was received before the key was disclosed. Limitation of µTesla is that some initial information must be unicast to each sensor node before authentication of broadcast messages can begin.

TINYSEC It is designed as the replacement for the unfinished SNEP, known as TinySec. A major difference between TinySec and SNEP is that there are no counters used in TinySec. Single shared global cryptographic key. For encryption, it uses CBC mode with cipher text stealing, and for authentication, CBC-MAC is used. TinySec XORs the encryption of the message length with the first plaintext block in order to make the CBC-MAC secure for variably sized messages Link layer encryption and integrity protection  transparent to applications

MINISEC It is a secure network layer protocol that claims to have lower energy consumption than TinySec while achieving a level of security which matches that of Zigbee. A major feature of MiniSec is that it uses offset codebook (OCB) mode as its block cipher mode of operation, which offers authenticated encryption with only one pass over the message data. Normally two passes are required for both secrecy and authentication.

LEAP: Localized Encryption And Authentication Protocol LEAP is designed to support secure communications in sensor networks; therefore, it provides the basic security services such as confidentiality and authentication. LEAP supports the establishment of four types of keys for each sensor node – an individual key shared with the base station, a pairwise key shared with another sensor node, a cluster key shared with multiple neighboring nodes, and a group key that is shared by all the nodes in the network.

ZIGBEE Zigbee Coordinator acts as “Trust Manager”, which allows other devices to join the network and also distributes the keys. It plays the three roles as follows : - Trust manager, whereby authentication of devices requesting to join the network is done. - Network manager, maintaining and distributing network keys. - Configuration manager, enabling end-to-end security between devices.

Provides link layer security services, and has three modes of operation, unsecured, an Access Control List (ACL) mode and secured mode. In unsecured mode, as the name implies, no security services are provided. In ACL mode the device maintains a list of devices with which it can communicate. Communication from devices not on the list is ignored. No cryptographic security.

Secured mode offers seven security suites and depending on which is used any of four security services are offered, access control data encryption frame integrity sequential freshness.

References [1] Y. Zou, K. Chakrabarty, "Sensor deployment and target localization based on virtual forces",INFOCOM Twenty- Second Annual Joint Conference of the IEEE Computer and Communications Societies. IEEE, Volume: 2, Pages: , April [2] J. P. Kaps, G. Gaubatz, and B. Sunar. Cryptography on a Speck of Dust. IEEE Computer. [3] J. Hill, R. Szewczyk, A. Woo, S. Hollar, D. Culler, and K. Pister. System architecture directions for networked sensors. In Proceedings of the 9th International Conference on Architectural Support for Programming Languages and Operating Systems, November [4] Adrian Perrig, Robert Szewczyk, Victor Wen, David Culler, and J. D. Tygar. SPINS: Security protocols for sensor networks. In Seventh Annual ACM International Conference on Mobile Computing and Networks (MobiCom 2001), July [5] C. Karlof, N. Sastry, and D. Wagner, "TinySec: a link layer security architecture for wireless sensor networks," in 2nd international conference on Embedded networked sensor systems, Baltimore, MD, USA, 2004, 162 – 175. [6] D. Liu and P. Ning, “Establishing pairwise keys in distributed sensor networks,” in Proceedings of 10th ACM Conference on Computer and Communications Security (CCS’03), October 2003, pp. 52–61. [7] ZigBee Specification v1.0: ZigBee Specification (2005), San Ramon, CA, USA: ZigBee Alliance. Asphttp://

THANK YOU