Securing Wireless Sensor Networks

Securing Wireless Sensor NetworksWenliang (Kevin) DuDepartment of Electrical Engineering and Computer ScienceSyracuse UniversityExcerpted from http://www.cis.syr.edu/~wedu/Research/slides/Purdue04.ppt

OverviewOverview of Wireless Sensor Networks (WSN).Security in wireless sensor networks.Why is it different? Our work on key pre-distribution in WSNDeployment-based scheme (INFOCOM04)Pair-wise Scheme (ACM CCS03)Summary.

Wireless SensorsBerkeley Motes

Mica MotesMica Mote: Processor: 4MhzMemory: 128KB Flash and 4KB RAMRadio: 916Mhz and 40Kbits/second.Transmission range: 100 FeetTinyOS operating System: small, open source and energy efficient.

Spec Motes

Wireless Sensor Networks (WSN)Sensors

Applications of WSNBattle ground surveillanceEnemy movement (tanks, soldiers, etc)Environmental monitoringHabitat monitoring Forrest fire monitoringHospital tracking systemsTracking patients, doctors, drug administrators.

Securing WSNMotivation: why security?Why not use existing security mechanisms?WSN features that affect security.Our work: Two key management schemes.

Why Security?Protecting confidentiality, integrity, and availability of the communications and computationsSensor networks are vulnerable to security attacks due to the broadcast nature of transmissionSensor nodes can be physically captured or destroyed

Why Security is Different?Sensor Node ConstraintsBattery,CPU power,Memory.Networking Constraints and FeaturesWireless, Ad hoc,Unattended.

Sensor Node ConstraintsBattery Power ConstraintsComputational Energy ConsumptionCrypto algorithmsPublic key vs. Symmetric keyCommunications Energy ConsumptionExchange of keys, certificates, etc.Per-message additions (padding, signatures, authentication tags)

Constraints (Cont.)Public Key EncryptionSlow1000 times slower than symmetric encryptionHardware is complicatedEnergy consumption is high

ProcessorEnergy Consumption (mJ/Kb)RSA/E/VRSA/D/SAESMIPS R40000.8116.70.00115MC68328428400.0130

Memory ConstraintsProgram Storage and Working MemoryEmbedded OS, security functions (Flash)Working memory (RAM)

Mica Motes:128KB Flash and 4KB RAM

Objectives of Our ResearchLong-term GoalsStudy how WSNs constraints/features affect the design of security mechanisms.Develop security mechanisms for WSN.Current ProjectsKey Management ProblemsData Fusion Assurance

Key Management Problem

Key Management ProblemSensors

Key Management ProblemSecure ChannelsSensors

Approaches Trusted-Server SchemesFinding trusted servers is difficult.Public-Key SchemesExpensive and infeasible for sensors.Key Pre-distribution Schemes

Loading Keys into sensor nodes prior to deploymentTwo nodes find a common key between them after deploymentChallengesMemory/Energy efficiencySecurity: nodes can be compromisedScalability: new nodes might be added laterKey Pre-distribution

Nave SolutionsMaster-Key ApproachMemory efficient, but low security.Needs Tamper-Resistant Hardware.Pair-wise Key ApproachN-1 keys for each node (e.g. N=10,000).Security is perfect.Need a lot of memory and cannot add new nodes.

Eschenauer-Gligor SchemeEach noderandomly selects m keysABEKey Pool SDCWhen |S| = 10,000, m=75Pr (two nodes have a common key) = 0.50

Establishing Secure ChannelsACBDE

Exercise 7Write a program to calculate the probability:Input: G=(V,E)Pr (two nodes have a common key) = Output:Let EE denote the subset of secure channels, calculate the probability that G=(V,E) is a connected graph.Due: June 4th

Example 1=1/2

=2/3Example 2

Input Format31 22 33 1|V|=3Undirected edges (1,2) (2,3) (3,1)Note: the given graph may not be complete.