1
Securing Wireless Sensor Networks
Wenliang (Kevin) DuDepartment of Electrical Engineering and
Computer ScienceSyracuse University
Excerpted from http://www.cis.syr.edu/~wedu/Research/slides/Purdue04.ppt
2
Overview
• Overview of Wireless Sensor Networks (WSN).• Security in wireless sensor networks.
– Why is it different? • Our work on key pre-distribution in WSN
– Deployment-based scheme (INFOCOM’04)– Pair-wise Scheme (ACM CCS’03)
• Summary.
3
Wireless Sensors
Berkeley Motes
4
Mica Motes
• Mica Mote: – Processor: 4Mhz– Memory: 128KB Flash and 4KB RAM– Radio: 916Mhz and 40Kbits/second.– Transmission range: 100 Feet
• TinyOS operating System: small, open source and energy efficient.
5
Spec Motes
6
Wireless Sensor Networks (WSN)
DeploySensors
7
Applications of WSN
• Battle ground surveillance– Enemy movement (tanks, soldiers, etc)
• Environmental monitoring– Habitat monitoring – Forrest fire monitoring
• Hospital tracking systems– Tracking patients, doctors, drug administrators.
8
Securing WSN
• Motivation: why security?• Why not use existing security mechanisms?
– WSN features that affect security.• Our work:
– Two key management schemes.
9
Why Security?
• Protecting confidentiality, integrity, and availability of the communications and computations
• Sensor networks are vulnerable to security attacks due to the broadcast nature of transmission
• Sensor nodes can be physically captured or destroyed
10
Why Security is Different?• Sensor Node Constraints
– Battery,– CPU power,– Memory.
• Networking Constraints and Features– Wireless, – Ad hoc,– Unattended.
11
Sensor Node Constraints
• Battery Power Constraints– Computational Energy Consumption
• Crypto algorithms• Public key vs. Symmetric key
– Communications Energy Consumption• Exchange of keys, certificates, etc.• Per-message additions (padding, signatures,
authentication tags)
12
• Slow– 1000 times slower than symmetric encryption
• Hardware is complicated• Energy consumption is high
Constraints (Cont.)Public Key Encryption
Processor Energy Consumption (mJ/Kb)RSA/E/V RSA/D/S AES
MIPS R4000 0.81 16.7 0.00115
MC68328 42 840 0.0130
13
Memory Constraints
• Program Storage and Working Memory– Embedded OS, security functions (Flash)– Working memory (RAM)
• Mica Motes:• 128KB Flash and 4KB RAM
14
Objectives of Our Research
• Long-term Goals– Study how WSN’s constraints/features affect the
design of security mechanisms.– Develop security mechanisms for WSN.
• Current Projects– Key Management Problems– Data Fusion Assurance
15
Key Management Problem
16
Key Management Problem
DeploySensors
17
Key Management Problem
Secure Channels
DeploySensors
18
Approaches
• Trusted-Server Schemes– Finding trusted servers is difficult.
• Public-Key Schemes– Expensive and infeasible for sensors.
• Key Pre-distribution Schemes
19
Loading Keys into sensor nodes prior to deployment
Two nodes find a common key between them after deployment
Challenges Memory/Energy efficiency Security: nodes can be compromised Scalability: new nodes might be added later
Key Pre-distribution
20
Naïve Solutions
Master-Key Approach Memory efficient, but low security. Needs Tamper-Resistant Hardware.
Pair-wise Key Approach N-1 keys for each node (e.g.
N=10,000). Security is perfect. Need a lot of memory and cannot add
new nodes.
21
Eschenauer-Gligor Scheme
Each noderandomly selects m keys
A B E
Key Pool S
DC• When |S| = 10,000, m=75
Pr (two nodes have a common key) = 0.50
43.057.011 1000075
992575
CC
22
Establishing Secure Channels
A
C
B
D
E
23
Exercise 7
• Write a program to calculate the probability:– Input:
• G=(V,E)• Pr (two nodes have a common key) =
– Output:• Let E’E denote the subset of secure channels,
calculate the probability that G=(V,E’) is a connected graph.
– Due: June 4th
24
Example 1
=1/2
25
21
881
81
81
81
81
26
2720
)132
32
32()3
31
32
32(
=2/3
Example 2
27
Input Format
31 22 33 1
• |V|=3• Undirected edges (1,2)
(2,3) (3,1)• Note: the given graph
may not be complete.
Recommended
