Presentation is loading. Please wait.

Presentation is loading. Please wait.

Anonymous Path Routing Protocol in Wireless Sensor Networks Jang-Ping Sheu* §, Jehn-Ruey Jiang* and Ching Tu* National Central University* and National.

Published byJulius Knight Modified over 9 years ago

Similar presentations

Presentation on theme: "Anonymous Path Routing Protocol in Wireless Sensor Networks Jang-Ping Sheu* §, Jehn-Ruey Jiang* and Ching Tu* National Central University* and National."— Presentation transcript:

1 Anonymous Path Routing Protocol in Wireless Sensor Networks Jang-Ping Sheu* §, Jehn-Ruey Jiang* and Ching Tu* National Central University* and National Tsing-Hua University § Taiwan, R.O.C.

2 2/35ICC 2008 Outline  Introduction  Related Work  Anonymous Path Routing (APR) Protocol  Security Analysis  Implementation and Evaluation  Conclusion

3 3/35ICC 2008 Outline  Introduction  Related Work  Anonymous Path Routing (APR) Protocol  Security Analysis  Implementation and Evaluation  Conclusion

4 4/35ICC 2008 Introduction  Security is important for MANETs and WSNs  Adversaries can easily overhear messages.  It is more challenging to keep WSNs secure  Sensor nodes have limited capability  Sensor nodes are easier to be captured and compromised  It is harder to prevent the network topology from being analyzed in a WSN than in a MANET because the former has a more dynamic topology than the latter.  We focus on keeping WSNs secure

5 5/35ICC 2008 Introduction  General attacks in WSNs  Active attacks Forging attacks Replay attacks Denial of service (DoS) attacks …  Passive attacks Data eavesdropping attacks Traffic analysis attacks … They are “ invisible ” and harder to detect. They may be the prelude of active attacks.

6 6/35ICC 2008 Introduction  We rely on anonymous communication for resisting the attacks.  Anonymous communication  A new paradigm to resist attacks  Since identities of nodes are hidden, the network topology is difficult to be analyzed.  It can also prevent most of active attacks.

7 7/35ICC 2008 Outline  Introduction  Related Work  Anonymous Path Routing (APR) Protocol  Security Analysis  Implementation and Evaluation  Conclusion

8 8/35ICC 2008 Related Work  ANODR  ACM MobiHoc, 2003  An ANonymous On-Demand Routing protocol based on trapdoor one-way function and boomerang onion  SDAR  IEEE LCN, 2004  A Secure Distributed Anonymous Routing protocol based on public key cryptography

9 9/35ICC 2008 Related Work  AnonDSR  ACM SASN, 2005  An Anonymous Dynamic Source Routing protocol based on shared secret key used in source and destination nodes, and public key cryptography used in the intermediate nodes  MASK  IEEE INFOCOM, 2005  An anonymous on-demand routing protocol based on bilinear pairing

10 10/35ICC 2008 Drawbacks of Existent Methods  High computing overhead  Each node should try all its shared secret keys for receiving an anonymous packet (ANODR)  Public key cryptography (AnonDSR, SDAR)  Bilinear mapping function (MASK)  Existent methods are not applicable to WSNs.

11 11/35ICC 2008 Outline  Introduction  Related Work  Anonymous Path Routing (APR) Protocol  Security Analysis  Implementation and Evaluation  Conclusion

12 12/35ICC 2008 Three Schemes of APR  Anonymous one-hop communication  Anonymous multi-hop path routing  Anonymous data forwarding

13 13/35ICC 2008 Anonymous One-hop Communication  In the initial period  One-hop pair-wise key establishment  Data encryption key establishment  MAC (Message Authentication Code) key establishment  Bidirectional hidden identity (HI) establishment  Link table establishment for storing all keys and HIs  Afterwards  One-hop communication by HI  One-hop acknowledgement for avoiding packet loss problem

14 14/35ICC 2008 One-Hop Key Establishment  PIKE is applied to set one-hop pairwise keys and random nonces  PIKE assumes that O(  n) pre-established pairwise keys have been set when n sensors are deployed Node 14 shares different pair-wise keys with each of Nodes 1* and *4. Node 91 shares different pair-wise keys with each of Nodes 9* and *1. Nodes 11 and 94 share distinct pairwise keys with 91 and 14: Choose the “closer” node

15 15/35ICC 2008 One-Hop Key Establishment  PIKE is applied to set one-hop pairwise keys and random nonces  Two more keys are then set  Data encryption key: K 0 AB-enc = H(K AB ⊕ C 1 ), C 1 is a constant  MAC function key: K 0 AB-mac = H(K AB ⊕ C 2 ), C 2 is a constant  The two keys will change dynamically  Data encryption key: K i+1 AB-enc = H(K i AB-enc )  MAC function key: K i+1 AB-mac = H(K i AB-mac ) PIKE A J B H I K AB, rn Encrypted by K AI Encrypted by K BI rn: random nonce Key reply

16 16/35ICC 2008 Hidden Identity Establishment  His are bidirectional  HI Seq A  B = H(K AB ⊕ ID B ⊕ Seq * rn)  HI Seq B  A = H(K BA ⊕ ID A ⊕ Seq * rn) A E S J B HI A  B HI B  A HI J  A HI A  J HI S  A HI A  S HI E  A HI A  E HI-inHI-out

17 17/35ICC 2008 One-hop communication by HI HI 0 A  B, DATA, MAC link table of B IDSeqHI-inHI-out K enc K mac A0HI 0 A  B HI 0 B  A K 0 AB-enc K 0 AB-mac C0HI 0 C  B HI 0 B  C K 0 BC-enc K 0 BC-mac D0HI 0 D  B HI 0 B  D K 0 BD-enc K 0 BD-mac E0HI 0 E  B HI 0 B  E K 0 BE-enc K 0 BE-mac H0HI 0 H  B HI 0 B  H K 0 BH-enc K 0 BH-mac It ’ s for me!!  A sends data to B A E S J B C H D Not for me!!

18 18/35ICC 2008 One-Hop Acknowledgement  To solve the packet loss problem AB Update link table HI A  B, DATA HI B  A, ACK HI A  B, DATA

19 19/35ICC 2008 ACK Loss  ACK loss problem  B updates sequence number and HI but A doesn ’ t  Sequence numbers and HIs become different  Solution: storing last HI-in AB Update link table Timeout!!!! It matches with “ last HI-in ” Update link table Keep link table intact HI A  B, DATA HI B  A, ACK

20 20/35ICC 2008 Anonymous Multi-hop Path Routing  Two more pseudonyms  HIPs (Hidden Identity for routing Path) are established for any possible source node and stored in HIP table for each path. (A path is represented by two end nodes of the path: the source node and the destination node.)  PathIDs are established and used in the routing table  Two messages  Anonymous Path Routing Request (APR-REQ)  Anonymous Path Routing Reply (APR-REP)  Two cases for the source and destination nodes  With a pre-distributed pair-wise key Shown next  Without pre-distributed pair-wise key Integrate PIKE into APR

21 21/35ICC 2008 Anonymous Multi-hop Path Routing with a Pre-distributed Pair-wise Key Between S and D HIPSourceKey ……… HIP SD SK SD HIP table of D AC E S J B H D M K F G I HIP SD = H(K SD ⊕ ID S ⊕ ID D )  Flooding APR-REQ to the entire network D is the destination!! HIPSour (Dest) Key ……… HIP SD DK SD HIP table of S HIP SD, S HIP SD, A HIP SD, B

22 22/35ICC 2008  D sends APR-REP back to S A C E S J B H D M K I PathID SD HI D  B HI B  A HI A  S PathID SD PathIDPre-hopNext-hopSour (Dest) PathID SD BNullS PathIDPre-hopNext-hopSour (Dest) PathID SD ADNull PathIDPre-hopNext-hopSour (Dest) PathID SD NullAD PathIDPre-hopNext-hopSour (Dest) PathID SD SBNull Routing table of D Routing table of B Routing table of A Routing table of S Anonymous Multi-hop Path Routing with a Pre-distributed Pair-wise Key Between S and D

23 23/35ICC 2008 Anonymous Data Forwarding  S sends data to D A C E S J B H D M K I PathID SD HI B  D HI A  B HI S  A PathID SD PathIDPre-hopNext-hopSour (Dest) PathID SD BNullS PathIDPre-hopNext-hopSour (Dest) PathID SD ADNull PathIDPre-hopNext-hopSour (Dest) PathID SD NullAD PathIDPre-hopNext-hopSour (Dest) PathID SD SBNull Routing table of D Routing table of B Routing table of A Routing table of S It is from S!!! HI D  B HI B  A HI A  S  D sends data to S

24 24/35ICC 2008 Outline  Introduction  Related Work  Anonymous Path Routing (APR) Protocol  Security Analysis  Implementation and Evaluation  Conclusion

25 25/35ICC 2008 Security Analysis  APR can resist the following attacks  Traffic analysis attacks No node can identify the sender and receiver except the two communicating nodes  Forging attacks If adversaries send a malicious packet with forged HI, the packet will be accepted with probability 1/ 2 h+m –h is the length of HI –m is the length of MAC –A typical setting: h = 16 and m = 32

26 26/35ICC 2008 Security Analysis  Replay attacks If adversaries use the legal packets sent before, every packet will only be accepted by receiving node only once  Denial of service (DoS) attacks Without correct HI, DoS attack packets will be ignored directly APR can limit the damage caused by DoS attacks in a local area

27 27/35ICC 2008 Outline  Introduction  Related Work  Anonymous Path Routing (APR) Protocol  Security Analysis  Implementation and Evaluation  Conclusion

28 28/35ICC 2008 Implementation  Implementation  Symmetric key algorithm: Skipjack  One-way hash function: SHA-1  Message authentication code function: CBC-MAC  Platform: Berkeley MICAz (128KB Program Flash and 4 KB SRAM ) with TinyOS  Assumption: Some pre-distributed keys are stored in program flash.

29 29/35ICC 2008 Implementation Results  Memory Footprint  Required programming memory: 9436 bytes  Required SRAM size: Depended on network size and node density 50 bytes for an entry of the link table 8 bytes for an entry in routing table

30 30/35ICC 2008 Implementation Results  Computing Time  Transmission Time ImplementationTime (ms) Data Encryption (Skipjack, 24Bytes)1.51 Link Table Update1.27 MAC Computing0.81 Payload LengthTime (ms) 24 Bytes27.5

31 31/35ICC 2008 Implementation Results (Cont.)  Routing Time 574.2 ms

32 32/35ICC 2008  Environment  Test field: 5R x 5R (R is the communication range)  Number of nodes: 25~200  Multi-hop communications per node: 5~20  Average link table size 1.1 Kbytes Implementation Results (Cont.)

33 33/35ICC 2008  Average routing table size 1.6 Kbytes Implementation Results (Cont.)

34 34/35ICC 2008  Average memory overhead for varying numbers of nodes 1.88 Kbytes 1.72 Kbytes Implementation Results (Cont.) route requests per node route requests per node

35 35/35ICC 2008 Outline  Introduction  Related Work  Anonymous Path Routing (APR) Protocol  Security Analysis  Implementation and Evaluation  Conclusion

36 36/35ICC 2008 Conclusion  In APR, data can be encrypted by pair-wise keys and transmitted with pseudonyms  between neighboring sensor nodes (link level)  between the source and destination nodes of a multi-hop communication path (routing level)  APR can resist several types of attacks  Traffic analysis attacks  Forging attacks  Replay attacks  Denial of service (DoS) attacks  We have implemented APR on the sensor platform of MICAz with TinyOS  To demonstrate APR’s applicability and communication capability

37 37/35ICC 2008 ~ Thank you for your listening ~ Q & A

38 38/35ICC 2008 Anonymous Multi-hop Communication – End-to-end Key Establishment A C E S J B H D M K F G I  M wants to communicate with D K SD, rn Anonymous path from M to I Anonymous path from I to D

39 39/35ICC 2008 Anonymous Path Routing (APR) Request with Key Reply Message A C E S J B H D M K F G I  D launch anonymous multi-hop path routing HIP DM, D, Key reply

40 40/35ICC 2008 PathID Collision Problem  Case 1: Different Pre-hop nodes  Pre-hop nodes are different  Forwarding node can choose proper node for forwarding  Ex. The packet with the PathID is 12 comes from L should be send to N The packet with the PathID is 12 comes from K should be send to I PathIDPre-hopNext-hopSour (Dest) 12LNNull 12KINull I F K N L Routing table of F 12

41 41/35ICC 2008 PathID Collision Problem (Cont.) P O R Q PathIDPre-hopNext-hopSour (Dest)OriginalChange PathID 13QRNulltrueNull 13QPNullfalse14 QPNullfalse13 Routing table of O 13 14 13  Case 2: Same Pre-hop node

42 42/35ICC 2008 PathID Collision Problem (Cont.) P O R Q PathIDPre-hopNext-hopDest (Sour)OriginalChange PathID 13ID Q ID R NullTrueNull 13ID Q ID P NullFalse14 13ID Q ID X NullFalse15 14ID Q ID P NullFalse13 15ID Q ID X NullFalse13 Routing table of O 13 14 13 X 15 Back

Download ppt "Anonymous Path Routing Protocol in Wireless Sensor Networks Jang-Ping Sheu* §, Jehn-Ruey Jiang* and Ching Tu* National Central University* and National."

Similar presentations

Chris Karlof and David Wagner

Chris Karlof and David Wagner
Jason Li Jeremy Fowers. Background Information Wireless sensor network characteristics General sensor network security mechanisms DoS attacks and defenses.

Jason Li Jeremy Fowers. Background Information Wireless sensor network characteristics General sensor network security mechanisms DoS attacks and defenses.
Computer Science Dr. Peng NingCSC 774 Adv. Net. Security1 CSC 774 Advanced Network Security Topic 6. Security in Mobile Ad-Hoc Networks.

Computer Science Dr. Peng NingCSC 774 Adv. Net. Security1 CSC 774 Advanced Network Security Topic 6. Security in Mobile Ad-Hoc Networks.
Mitigating Routing Misbehavior in Mobile Ad-Hoc Networks Reference: Mitigating Routing Misbehavior in Mobile Ad Hoc Networks, Sergio Marti, T.J. Giuli,

Mitigating Routing Misbehavior in Mobile Ad-Hoc Networks Reference: Mitigating Routing Misbehavior in Mobile Ad Hoc Networks, Sergio Marti, T.J. Giuli,
Presented By: Hathal ALwageed 1.  R. Anderson, H. Chan and A. Perrig. Key Infection: Smart Trust for Smart Dust. In IEEE International Conference on.

Presented By: Hathal ALwageed 1.  R. Anderson, H. Chan and A. Perrig. Key Infection: Smart Trust for Smart Dust. In IEEE International Conference on.
Efficient Public Key Infrastructure Implementation in Wireless Sensor Networks Wireless Communication and Sensor Computing, 2010. ICWCSC 2010. International.

Efficient Public Key Infrastructure Implementation in Wireless Sensor Networks Wireless Communication and Sensor Computing, ICWCSC International.
Authors : Chris Karlof, David Wagner Presenter : Shan Bai Secure Routing in Wireless Sensor Networks : Attacks and Countermeasures.

Authors : Chris Karlof, David Wagner Presenter : Shan Bai Secure Routing in Wireless Sensor Networks : Attacks and Countermeasures.
A Survey of Secure Wireless Ad Hoc Routing

A Survey of Secure Wireless Ad Hoc Routing
Security and Privacy Issues in Wireless Communication By: Michael Glus, MSEE EEL 6788 11.

Security and Privacy Issues in Wireless Communication By: Michael Glus, MSEE EEL
Using Auxiliary Sensors for Pair-Wise Key Establishment in WSN Source: Lecture Notes in Computer Science (2010) Authors: Qi Dong and Donggang Liu Presenter:

Using Auxiliary Sensors for Pair-Wise Key Establishment in WSN Source: Lecture Notes in Computer Science (2010) Authors: Qi Dong and Donggang Liu Presenter:
Network Access Control for Mobile Ad Hoc Network Pan Wang North Carolina State University.

Network Access Control for Mobile Ad Hoc Network Pan Wang North Carolina State University.
1 LINK STATE PROTOCOLS (contents) Disadvantages of the distance vector protocols Link state protocols Why is a link state protocol better?

1 LINK STATE PROTOCOLS (contents) Disadvantages of the distance vector protocols Link state protocols Why is a link state protocol better?
Nov.6, 2002 Secure Routing Protocol for Ad Hoc Networks Li Xiaoqi.

Nov.6, 2002 Secure Routing Protocol for Ad Hoc Networks Li Xiaoqi.
Efficiently Authenticating Code Images in Dynamically Reprogrammed Wireless Sensor Networks PerSec 2006 Speaker: Prof. Rick Han Coauthors Jing Deng and.

Efficiently Authenticating Code Images in Dynamically Reprogrammed Wireless Sensor Networks PerSec 2006 Speaker: Prof. Rick Han Coauthors Jing Deng and.
Secure Data Communication in Mobile Ad Hoc Networks Authors: Panagiotis Papadimitratos and Zygmunt J Haas Presented by Sarah Casey Authors: Panagiotis.

Secure Data Communication in Mobile Ad Hoc Networks Authors: Panagiotis Papadimitratos and Zygmunt J Haas Presented by Sarah Casey Authors: Panagiotis.
ITIS 6010/8010 Wireless Network Security Dr. Weichao Wang.

ITIS 6010/8010 Wireless Network Security Dr. Weichao Wang.
Secure Routing in Sensor Networks: Attacks and Countermeasures First IEEE International Workshop on Sensor Network Protocols and Applications 5/11/2003.

Secure Routing in Sensor Networks: Attacks and Countermeasures First IEEE International Workshop on Sensor Network Protocols and Applications 5/11/2003.
SUMP: A Secure Unicast Messaging Protocol for Wireless Ad Hoc Sensor Networks Jeff Janies, Chin-Tser Huang, Nathan L. Johnson.

SUMP: A Secure Unicast Messaging Protocol for Wireless Ad Hoc Sensor Networks Jeff Janies, Chin-Tser Huang, Nathan L. Johnson.
Security in Wireless LAN 802.11 Layla Pezeshkmehr CS 265 Fall 2003-SJSU Dr.Mark Stamp.

Security in Wireless LAN Layla Pezeshkmehr CS 265 Fall 2003-SJSU Dr.Mark Stamp.
Random Key Predistribution Schemes for Sensor Networks Authors: Haowen Chan, Adrian Perrig, Dawn Song Carnegie Mellon University Presented by: Johnny Flowers.

Random Key Predistribution Schemes for Sensor Networks Authors: Haowen Chan, Adrian Perrig, Dawn Song Carnegie Mellon University Presented by: Johnny Flowers.

Similar presentations

Ads by Google