A Key Management Scheme for Distributed Sensor Networks Laurent Eschaenauer and Virgil D. Gligor.

Slides:

Advertisements

Similar presentations

Chris Karlof and David Wagner

Advertisements

Security in Wireless Sensor Networks: Key Management Approaches

Message Integrity in Wireless Senor Networks CSCI 5235 Instructor: Dr. T. Andrew Yang Presented by: Steven Turner Abstract.

1 Efficient Self-Healing Group Key Distribution with Revocation Capability by Donggang Liu, Peng Ning, Kun Sun Presented by Haihui Huang

Distribution and Revocation of Cryptographic Keys in Sensor Networks Amrinder Singh Dept. of Computer Science Virginia Tech.

Presented By: Hathal ALwageed 1.  R. Anderson, H. Chan and A. Perrig. Key Infection: Smart Trust for Smart Dust. In IEEE International Conference on.

Efficient Public Key Infrastructure Implementation in Wireless Sensor Networks Wireless Communication and Sensor Computing, ICWCSC International.

 Introduction  Benefits of VANET  Different types of attacks and threats  Requirements and challenges  Security Architecture  Vehicular PKI.

Introduction to Wireless Sensor Networks

Computer Science Dr. Peng NingCSC 774 Adv. Net. Security1 CSC 774 Advanced Network Security Topic 7. Wireless Sensor Network Security.

Distributed Detection Of Node Replication Attacks In Sensor Networks Presenter: Kirtesh Patil Acknowledgement: Slides on Paper originally provided by Bryan.

Introduction to Sensor Networks Rabie A. Ramadan, PhD Cairo University 4.

Monday, June 01, 2015 ARRIVE: Algorithm for Robust Routing in Volatile Environments 1 NEST Retreat, Lake Tahoe, June

1 Security in Wireless Sensor Networks Group Meeting Fall 2004 Presented by Edith Ngai.

Roberto Di Pietro, Luigi V. Mancini and Alessandro Mei.

A Pairwise Key Pre-Distribution Scheme for Wireless Sensor Networks Wenliang (Kevin) Du, Jing Deng, Yunghsiang S. Han and Pramod K. Varshney Department.

Kemal AkkayaWireless & Network Security 1 Department of Computer Science Southern Illinois University Carbondale CS 591 – Wireless & Network Security Lecture.

A Key Management Scheme for Wireless Sensor Networks Using Deployment Knowledge Presenter: Todd Fielder.

Efficiently Authenticating Code Images in Dynamically Reprogrammed Wireless Sensor Networks PerSec 2006 Speaker: Prof. Rick Han Coauthors Jing Deng and.

ITIS 6010/8010 Wireless Network Security Dr. Weichao Wang.

SUMP: A Secure Unicast Messaging Protocol for Wireless Ad Hoc Sensor Networks Jeff Janies, Chin-Tser Huang, Nathan L. Johnson.

Random Key Predistribution Schemes for Sensor Networks Authors: Haowen Chan, Adrian Perrig, Dawn Song Carnegie Mellon University Presented by: Johnny Flowers.

T H E O H I O S T A T E U N I V E R S I T Y Computer Science and Engineering 1 Wenjun Gu, Xiaole Bai, Sriram Chellappan and Dong Xuan Presented by Wenjun.

Privacy and Security in Embedded Sensor Networks Daniel Turner 11/18/08 CSE237a.

INSENS: Intrusion-Tolerant Routing For Wireless Sensor Networks By: Jing Deng, Richard Han, Shivakant Mishra Presented by: Daryl Lonnon.

Random Key Predistribution Schemes For Sensor Networks Haowan Chen, Adrian Perigg, Dawn Song.

ITIS 6010/8010 Wireless Network Security Dr. Weichao Wang.

Key Distribution in Sensor Networks (work in progress report) Adrian Perrig UC Berkeley.

Security in Wireless Sensor Networks Perrig, Stankovic, Wagner Jason Buckingham CSCI 7143: Secure Sensor Networks August 31, 2004.

Revisting Random Key Pre-distribution Schemes for Wireless Sensor Network By Joengmin Hwang and Yongdae Kim, Computer Science and Engineering, University.

Establishing Pairwise Keys in Distributed Sensor Networks Donggang Liu, Peng Ning Jason Buckingham CSCI 7143: Secure Sensor Networks October 12, 2004.

The Sybil Attack in Sensor Networks: Analysis & Defenses James Newsome, Elaine Shi, Dawn Song, Adrian Perrig Presenter: Yi Xian.

LEAP: Efficient Security Mechanisms for Large-Scale Distributed Sensor Networks By: Sencun Zhu, Sanjeev Setia, and Sushil Jajodia Presented By: Daryl Lonnon.

Computer Science 1 Research on Sensor Network Security Peng Ning Cyber Defense Laboratory Department of Computer Science NC State University 2005 TRES.

MOBILE AD-HOC NETWORK(MANET) SECURITY VAMSI KRISHNA KANURI NAGA SWETHA DASARI RESHMA ARAVAPALLI.

Secure Cell Relay Routing Protocol for Sensor Networks Xiaojiang Du, Fengiing Lin Department of Computer Science North Dakota State University 24th IEEE.

Denial of Service (DoS) Attacks in Green Mobile Ad–hoc Networks Ashok M.Kanthe*, Dina Simunic**and Marijan Djurek*** MIPRO 2012, May 21-25,2012, Opatija,

1 A Location-ID Sensitive Key Establishment Scheme in Static Wireless Sensor Networks Proceedings of the international conference on mobile technology,applications,and.

GZ06 : Mobile and Adaptive Systems A Secure On-Demand Routing Protocol for Ad Hoc Networks Allan HUNT Wandao PUNYAPORN Yong CHENG Tingting OUYANG.

1 Securing Wireless Sensor Networks Wenliang (Kevin) Du Department of Electrical Engineering and Computer Science Syracuse University Excerpted from

A Design for Secure and Survivable Wireless Sensor Networks Yi Qian, Kejie Lu, David Tipper Presented by: William Newton University of Maryland, Baltimore.

A Routing-Driven Elliptic Curve Cryptography Based Key Management Scheme for Heterogeneous Sensor Networks Author: Xiaojiang Du, Guizani M., Yang Xiao.

Hao Yang, Fan Ye, Yuan Yuan, Songwu Lu, William Arbaugh (UCLA, IBM, U. Maryland) MobiHoc 2005 Toward Resilient Security in Wireless Sensor Networks.

Computer Science 1 CSC 774 Advanced Network Security Distributed detection of node replication attacks in sensor networks (By Bryan Parno, Adrian Perrig,

Distributed Detection of Node Replication Attacks in Sensor Networks Bryan Parno, Adrian perrig, Virgil Gligor IEEE Symposium on Security and Privacy 2005.

Secure routing in wireless sensor network: attacks and countermeasures Presenter: Haiou Xiang Author: Chris Karlof, David Wagner Appeared at the First.

The Sybil Attack in Sensor Networks: Analysis & Defenses

Securing Distributed Sensor Networks Udayan Kumar Subhajit Sengupta Sharad Sonapeer.

Secure Routing in Wireless Sensor Networks: Attacks and Countermeasures Chris Karlof and David Wagner (modified by Sarjana Singh)

Rushing Attacks and Defense in Wireless Ad Hoc Network Routing Protocols ► Acts as denial of service by disrupting the flow of data between a source and.

A Highly Scalable Key Pre- Distribution Scheme for Wireless Sensor Networks.

A Two-Layer Key Establishment Scheme for Wireless Sensor Networks Yun Zhou, Student Member, IEEE, Yuguang Fang, Senior Member, IEEE IEEE TRANSACTIONS ON.

Security in Mobile Ad Hoc Networks: Challenges and Solutions (IEEE Wireless Communications 2004) Hao Yang, et al. October 10 th, 2006 Jinkyu Lee.

Key management for wireless sensor networks Sources: ACM Transactions on Sensor Networks, 2(4), pp , Sources: Computer Communications, 30(9),

Ad Hoc Network.

Revisting Random Key Pre-distribution Schemes for Wireless Sensor Network By Joengmin Hwang and Yongdae Kim, Computer Science and Engineering, University.

Shambhu Upadhyaya 1 Ad Hoc Networks – Network Access Control Shambhu Upadhyaya Wireless Network Security CSE 566 (Lecture 20)

1 Adaptive key pre-distribution model for distributed sensor networks Author: C.-S. Laih, M.-K. Sun, C.-C. Chang and Y.-S. Han Source: IET Communications,

Author: Hangyang Dai and Hongbing Xu

Weichao Wang, Bharat Bhargava Youngjoo, Shin

CSCI Research Topics in Computer Science (Fall 2007) A Key-Management Scheme for Distributed Sensor Networks Deepesh Jain Wireless and Sensor Networks.

1 Routing security against Threat models CSCI 5931 Wireless & Sensor Networks CSCI 5931 Wireless & Sensor Networks Darshan Chipade.

Efficient Pairwise Key Establishment Scheme Based on Random Pre-Distribution Keys in Wireless Sensor Networks Source: Lecture Notes in Computer Science,

Toward Resilient Security in Wireless Sensor Networks Rob Polak Feb CSE 535.

International Conference Security in Pervasive Computing(SPC’06) MMC Lab. 임동혁.

Hao Yang, Fan Ye, Yuan Yuan, Songwu Lu, William Arbaugh (UCLA, IBM, U. Maryland) MobiHoc 2005 Toward Resilient Security in Wireless Sensor Networks.

Draft-dvir-roll-security-authentication-01 and draft-dvir-roll-security-key-agreement Amit Dvir Laboratory of Cryptography and System Security (CrySyS)

A Secure Routing Protocol with Intrusion Detection for Clustering Wireless Sensor Networks International Forum on Information Technology and Applications.

SPIN: Sensor Protocols for Information via Negotiation

Path key establishment using multiple secured paths in wireless sensor networks CoNEXT’05 Guanfeng Li University of Pittsburgh, Pittsburgh, PA Hui Ling.

Presentation transcript:

A Key Management Scheme for Distributed Sensor Networks Laurent Eschaenauer and Virgil D. Gligor

Introduction Constraints Problems with Current Solutions Key Distribution Key Revocation, Re-Keying, and Node Capture Resiliency Analysis and Simulation Problems

Constraints Power Computation Key Transmission Digital Signatures Storage Space Code Keys

Problems with Current Solutions Global Keys Compromise Is Drastic Pair-Wise Keys Storage Problems Inefficiency Re-keying and Node Additions Are Expensive

Key Distribution Key pre-distribution phase Preconfigured keys Generation of key pool Randomly chosen sets of keys from key pool  key ring Probability 2 nodes share key is very high Key identifiers are remembered by base station, and base station shares key with every node

Key Distribution Cont’d. Shared key discovery phase Nodes broadcast key identifiers If 2 nodes share a key identifier then a secure link is set up Links at routing layer are only set up if a shared key exists Can protect this exchange with a encrypted challenge

Key Distribution Cont’d. Path key establishment phase Enables two nodes not sharing a key to communicate via a multi-hop link Relies on the fact that many keys on a key ring remain unused after shared key discovery phase

Revocation Revoke keys of a compromised node Base station broadcast a signed message containing all keys to be removed from key ring To sign message base station generates new key and unicasts it to each node Node uses this key to verify signature of revocation message

Re-Keying Keys may have a lifetime shorter than that of node Nodes simply remove key from key ring and begin shared key discovery phase again

Node Capture Resiliency 2 threat levels Sensor input manipulation Bogus data Difficult to detect, harder to prevent Data correlation for redundant sensors Physical Compromise Tamper-proof construction

Node Capture Resiliency Cont’d. Automatic key erasure Global key = complete compromise Pair-wise keys = n-1 links to compromised are available Key distribution scheme = k << n are compromised

Analysis Probability and Graph Theory Expected degree of a node to ensure connectivity? Sizes of key ring, key pool, and network

Analysis Cont’d. Key sharing probabilities Logarithmic increase: as network size increases key ring increases logarithmicaly

Simulations Effects on Network Topology Dependent on size of key ring Multi-hop neighbors can use path only once

Simulations Cont’d.

Resiliency revisited Node compromise limits number of links attacker gains access to:

Analysis Relatively simple operation Complicated staging and pre- deployment Need to take future into account when deciding on key-sizes and key-lifetimes. Achieves relatively low power and computation

Problems No authentication in key discovery phase Open to selective forwarding attack: Compromised node C tells hears node A tell node B it has key 4. C then tells A it also has key 4. A might then send info to C, and C can drop packets. Limited since C can’t actually encrypt anything since it doesn’t actually have key 4.

Problems Cont’d. Compromised node could keep broadcasting a different key identifier list causing neighbors to waste bandwith searching their key list. Sibyl attack where compromised node repeatedly sends out different key identifier lists. Possibly making a nodes link table grow too large