Presentation is loading. Please wait.

Presentation is loading. Please wait.

Using the CC2420 with AES Support

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Using the CC2420 with AES Support"— Presentation transcript:

1 Using the CC2420 with AES Support
Eric Famiglietti and Simone Willett

2 WSN Encryption Issues Lack of physical protection Resource constraints
Public-key cryptography, RSA Unsuitable for low power and limited memory Key establishment/distribution problem Symmetric-key algorithms

3 WSN Encryption Examples
Identity-based encryption Solves problem of public-key exchange RSA, Elliptic curve cryptography wsn-security-survey.pdf TinySec DES, RC5, Skipjack, AES

4 AES Advanced Encryption Standard Symmetric key encryption standard
Successor of DES Symmetric key encryption standard Used worldwide Fixed block size of 128 bits Key size of 128, 192, or 256 bits Number of rounds of encryption 10, 12, 14 respectively

5 AES: Performance Faster in hardware
Good performance was an explicit goal Performs well on a variety of hardware

6 Trust Management We are primarily concerned with authorization, as opposed to authentication. Authentication is the mechanism whereby systems may securely identify their users. Authorization is the mechanism by which a system determines what level of access a particular authenticated user should have to secured resources controlled by the system. Obviously a real implementation of authorization will depend on authentication

7 Trust Management, the bottomline

8 Main Goal We would like to set up a public key encryption to authorize the sender and receiver then establish AES session keys. Verification takes 2 minutes. - unrealistic Sprocket currently works with software created AES keys that are sent across the air and verified by the nodes. Do all AES encryption on the chip.

9 Trust Mangement = RT0 Flexible approach to access control in distributed systems Access control decisions are based on the policy statements, called credentials, Permissions in RT0 are represented by roles. Credentials are made by different principals and stored in a distributed manner

10 Credential A credential is a statement Requirements:
Signed by the issuer About a subject Containing info about the subject. Requirements: Unforgeable. Verifiable (belongs to the entity asking for the service) Signed Have well defined semantics.

11 Example

12

13 Certificate Contains credential information in an over the air format.
A role A.r denotes the set of entities that are members of it. Example: UVM.studentId Alice Entities can define roles, issue credentials, and make requests. In our case identities are pubic keys.

14 Certificate Validity Credentials contain private information and should be treated as such (e.g. medical record). Since an authorizer receives certificates from an unknown potentially untrustworthy entities, the validity must be checked Signatures Certificate must not have expired.

15 Show Verify Example Form 1 is A.r  E Form 1 Public Key 40 bytes.
Role 1 Pub Key2 40 bytes. Signature 2(21) = 42 bytes. Total 124 bytes.

16 Project Currently symmetric keys are being used to encrypt with software. We want to use the hardware to make this a faster process. CC2420 chip that has AES support. Allow for multiple keys and decryption Many motes talking at once

17 Steps Use the hardware version of AES in a simple Blink program.
Use hardware AES to send and receive packets that are encrypted. Integrate into the overall project. Test and optimize.

18 Encryption on CC2420 Use Hardware security in CC2420.
The encryption provides a plain AES encryption, with 128 bit plaintext and 128 bit keys. To encrypt a plaintext, a node first writes the plaintext to the stand-alone buffer SABUF, and issues a SAES command to initiate the encryption. When encryption is complete, the ciphertext is written to the buffer, overwriting the plaintext.

19 Interfaces interface CC2420Register as SECCTRL0;
interface CC2420Ram as KEY0; interface CC2420Ram as SABUF; interface CC2420Strobe as SAES; interface CC2420Strobe as SNOP;

20 How to start First power up the chip. Initialize the key. Encrypt.
Send Decrypt.

21 Show AES Standalone example

22 References des.pdf. Theory.stanford.edu/~ninghui/talks/rt_oakland02_slides .pdf. Cis.sjtu.edu.cn/…/The_Standalone_AES_Encryption_o f_CC2420_(TinyOS_2.10_and_MICAz)

Download ppt "Using the CC2420 with AES Support"

Similar presentations

Authentication Applications. will consider authentication functions will consider authentication functions developed to support application-level authentication.

Authentication Applications. will consider authentication functions will consider authentication functions developed to support application-level authentication.
Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.

Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.
Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York.

Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York.
COMP043-Cryptology Week 4 – Certs and Sigs. Digital Signatures Digital signatures provide –Integrity –Authenticity and –Non-repudiation How do they work?

COMP043-Cryptology Week 4 – Certs and Sigs. Digital Signatures Digital signatures provide –Integrity –Authenticity and –Non-repudiation How do they work?
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
Grid Security Infrastructure Tutorial Von Welch Distributed Systems Laboratory U. Of Chicago and Argonne National Laboratory.

Grid Security Infrastructure Tutorial Von Welch Distributed Systems Laboratory U. Of Chicago and Argonne National Laboratory.
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.

CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
 A public-key infrastructure ( PKI ) is a set of hardware, software, people, policies, and procedures needed to create, manage, distribute, use, store,

 A public-key infrastructure ( PKI ) is a set of hardware, software, people, policies, and procedures needed to create, manage, distribute, use, store,
Digital Signatures. Anononymity and the Internet.

Digital Signatures. Anononymity and the Internet.
Chapter 14 From Cryptography and Network Security Fourth Edition written by William Stallings, and Lecture slides by Lawrie Brown, the Australian Defence.

Chapter 14 From Cryptography and Network Security Fourth Edition written by William Stallings, and Lecture slides by Lawrie Brown, the Australian Defence.
Authentication Cristian Solano. Cryptography is the science of using mathematics to encrypt and decrypt data. Public Key Cryptography –Problems with key.

Authentication Cristian Solano. Cryptography is the science of using mathematics to encrypt and decrypt data. Public Key Cryptography –Problems with key.
Chapter 9: Using and Managing Keys Security+ Guide to Network Security Fundamentals Second Edition.

Chapter 9: Using and Managing Keys Security+ Guide to Network Security Fundamentals Second Edition.
Lesson Title: Introduction to Cryptography Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas

Lesson Title: Introduction to Cryptography Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas
Wireless Security In wireless networks. Security and Assurance - Goals Integrity Modified only in acceptable ways Modified only by authorized people Modified.

Wireless Security In wireless networks. Security and Assurance - Goals Integrity Modified only in acceptable ways Modified only by authorized people Modified.
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.

BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.
8-1 What is network security? Confidentiality: only sender, intended receiver should “understand” message contents m sender encrypts message m receiver.

8-1 What is network security? Confidentiality: only sender, intended receiver should “understand” message contents m sender encrypts message m receiver.
Symmetric Key Distribution Protocol with Hybrid Crypto Systems Tony Nguyen.

Symmetric Key Distribution Protocol with Hybrid Crypto Systems Tony Nguyen.
Presented by Xiaoping Yu Cryptography and PKI Cosc 513 Operating System Presentation Presented to Dr. Mort Anvari.

Presented by Xiaoping Yu Cryptography and PKI Cosc 513 Operating System Presentation Presented to Dr. Mort Anvari.
Securing Information Transfer in Distributed Computing Environments AbdulRahman A. Namankani.

Securing Information Transfer in Distributed Computing Environments AbdulRahman A. Namankani.

Similar presentations

Ads by Google