Presentation is loading. Please wait.

Presentation is loading. Please wait.

ITIS 6010/8010 Wireless Network Security Dr. Weichao Wang.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "ITIS 6010/8010 Wireless Network Security Dr. Weichao Wang."— Presentation transcript:

1 ITIS 6010/8010 Wireless Network Security Dr. Weichao Wang

2 2 Pairwise key establishment in sensor networks –In many of secure routing mechanisms, we have assumed the knowledge of keys –We will investigate how these keys are established among wireless nodes

3 3 Key predistribution method –In early 2000s, symmetric encryption is still the only choice for sensors –No trusted third party for key distribution –Predistribution Group key Pairwise key Each has its problems: sensor compromise, add new node, forward/backward secrecy

4 4 Probabilistic key sharing –A pool of P keys are generated offline –Every sensor will randomly get k keys when it is deployed –With a certain probability, any pair of sensors may share at least one key –For those that do not share keys, multihop path can be used to establish such a key

5 5 Example: P = 10,000, how may keys should every sensor have so that the probability is 0.5? (75) Some simple analysis Shared key discovery b/w neighbors –Broadcast key identifiers –Broadcast plaintext and corresponding ciphertexts

6 6 Path key establishment –Establish keys through shared neighbors Revocation –A compromised sensor only discloses a small part of the keys Addition of new sensors A question: can we link the pre-distributed keys to node identity or other information? –What will be the advantages and disadvantages?

7 7

8 8 Three extensions: –q-composite –Multipath reinforcement –Random pairwise key –Evaluation criteria: Resilience to node capture Revocation Scale Clone attack

9 9 q-composite pre-distribution –A pair of nodes have to share at least q keys to establish a secure link b/w them –When q increases, attackers have to compromise more nodes to break a link –We still need to preserve a certain probability that any pair of sensors can establish a key –How to balance the two factors?

10 10 A simple analysis –What is the probability that a pair of sensors have exactly i shared keys? –The probability that a pair of nodes have at least q shared keys is: 1- p(0) - p(1) - …… - p(q-1) –Improvements in resilience to node capture q-composite demonstrates better resilience than basic scheme when a small group of sensors are compromised It makes the system more robust since it is more difficult to compromise a large group of sensors

11 11

12 12 Multipath key reinforcement –Try to establish a link key through multiple paths –It will be great to use with the basic mechanism, but not the q-composite –Now the malicious node has to compromise more keys to get the link key

13 13 Let us assume that A and B have already find a single shared key Now A and B will determine a new link key through multiple independent paths –A locates j link-disjoint paths –Each link in the paths has established a link key –A generates j random numbers and each random number will be sent through a different path –the final key will be k xor R1 xor R2 xor --- xor Rj –The final key is protected by all j random numbers

14 14 The more paths –The safer is the key –The more communication overhead For each path, the longer is the path –The higher probability that it is not safe 2-hop multipath –Only go through the shared neighbors

15 15 If the probability that an attacker compromises one link key is b, then the probability that it compromises a k two-hop path key is b (2b – b^2)^k Why multipath and q-composite should not work together? –q-composite needs a smaller key space

16 16

17 17 Random pairwise key scheme –In the basic scheme, we cannot authenticate the node –The malicious node can conduct Sybil attack –We need to link the knowledge of a key and the identity of the node Every key is known by only two nodes Every node remembers m keys and the other “half” that knows the key

18 18 Can be used to –Authenticate the other node –Conduct intruder identification –Prevent Sybil attacks –Support node revocation

Download ppt "ITIS 6010/8010 Wireless Network Security Dr. Weichao Wang."

Similar presentations

Message Integrity in Wireless Senor Networks CSCI 5235 Instructor: Dr. T. Andrew Yang Presented by: Steven Turner Abstract.

Message Integrity in Wireless Senor Networks CSCI 5235 Instructor: Dr. T. Andrew Yang Presented by: Steven Turner Abstract.
Self-Healing in Wireless Networks. The self-healing property is expected in many aspects in wireless networks: – Encryption algorithms – Key distribution.

Self-Healing in Wireless Networks. The self-healing property is expected in many aspects in wireless networks: – Encryption algorithms – Key distribution.
Trust relationships in sensor networks Ruben Torres October 2004.

Trust relationships in sensor networks Ruben Torres October 2004.
Distribution and Revocation of Cryptographic Keys in Sensor Networks Amrinder Singh Dept. of Computer Science Virginia Tech.

Distribution and Revocation of Cryptographic Keys in Sensor Networks Amrinder Singh Dept. of Computer Science Virginia Tech.
Presented By: Hathal ALwageed 1.  R. Anderson, H. Chan and A. Perrig. Key Infection: Smart Trust for Smart Dust. In IEEE International Conference on.

Presented By: Hathal ALwageed 1.  R. Anderson, H. Chan and A. Perrig. Key Infection: Smart Trust for Smart Dust. In IEEE International Conference on.
Efficient Public Key Infrastructure Implementation in Wireless Sensor Networks Wireless Communication and Sensor Computing, 2010. ICWCSC 2010. International.

Efficient Public Key Infrastructure Implementation in Wireless Sensor Networks Wireless Communication and Sensor Computing, ICWCSC International.
Computer Science Dr. Peng NingCSC 774 Adv. Net. Security1 CSC 774 Advanced Network Security Topic 7. Wireless Sensor Network Security.

Computer Science Dr. Peng NingCSC 774 Adv. Net. Security1 CSC 774 Advanced Network Security Topic 7. Wireless Sensor Network Security.
Distributed Detection Of Node Replication Attacks In Sensor Networks Presenter: Kirtesh Patil Acknowledgement: Slides on Paper originally provided by Bryan.

Distributed Detection Of Node Replication Attacks In Sensor Networks Presenter: Kirtesh Patil Acknowledgement: Slides on Paper originally provided by Bryan.
Using Auxiliary Sensors for Pair-Wise Key Establishment in WSN Source: Lecture Notes in Computer Science (2010) Authors: Qi Dong and Donggang Liu Presenter:

Using Auxiliary Sensors for Pair-Wise Key Establishment in WSN Source: Lecture Notes in Computer Science (2010) Authors: Qi Dong and Donggang Liu Presenter:
Securing Wireless Sensor Networks Wenliang (Kevin) Du Department of Electrical Engineering and Computer Science Syracuse University.

Securing Wireless Sensor Networks Wenliang (Kevin) Du Department of Electrical Engineering and Computer Science Syracuse University.
Presented By : Ankita Jaiswal Guided By : Dr. Agrawal sir.

Presented By : Ankita Jaiswal Guided By : Dr. Agrawal sir.
1 Security in Wireless Sensor Networks Group Meeting Fall 2004 Presented by Edith Ngai.

1 Security in Wireless Sensor Networks Group Meeting Fall 2004 Presented by Edith Ngai.
Roberto Di Pietro, Luigi V. Mancini and Alessandro Mei.

Roberto Di Pietro, Luigi V. Mancini and Alessandro Mei.
CSCE 715 Ankur Jain 11/16/2010. Introduction Design Goals Framework SDT Protocol Achievements of Goals Overhead of SDT Conclusion.

CSCE 715 Ankur Jain 11/16/2010. Introduction Design Goals Framework SDT Protocol Achievements of Goals Overhead of SDT Conclusion.
A Pairwise Key Pre-Distribution Scheme for Wireless Sensor Networks Wenliang (Kevin) Du, Jing Deng, Yunghsiang S. Han and Pramod K. Varshney Department.

A Pairwise Key Pre-Distribution Scheme for Wireless Sensor Networks Wenliang (Kevin) Du, Jing Deng, Yunghsiang S. Han and Pramod K. Varshney Department.
ITIS 6010/8010 Wireless Network Security Dr. Weichao Wang.

ITIS 6010/8010 Wireless Network Security Dr. Weichao Wang.
Murat Demirbas Youngwhan Song University at Buffalo, SUNY

Murat Demirbas Youngwhan Song University at Buffalo, SUNY
Kemal AkkayaWireless & Network Security 1 Department of Computer Science Southern Illinois University Carbondale CS 591 – Wireless & Network Security Lecture.

Kemal AkkayaWireless & Network Security 1 Department of Computer Science Southern Illinois University Carbondale CS 591 – Wireless & Network Security Lecture.
A Key Management Scheme for Wireless Sensor Networks Using Deployment Knowledge Presenter: Todd Fielder.

A Key Management Scheme for Wireless Sensor Networks Using Deployment Knowledge Presenter: Todd Fielder.
Secure Data Communication in Mobile Ad Hoc Networks Authors: Panagiotis Papadimitratos and Zygmunt J Haas Presented by Sarah Casey Authors: Panagiotis.

Secure Data Communication in Mobile Ad Hoc Networks Authors: Panagiotis Papadimitratos and Zygmunt J Haas Presented by Sarah Casey Authors: Panagiotis.

Similar presentations

Ads by Google