The Cryptographic Sensor

FTO

Libor Dostálek , Václav Novák

The Cryptographic Sensor

Wireless sensor networks

• Low power consumption• In the past, finding

alternative cryptographic algorithms

The Cryptographic Sensor

The proposed solution

• Each of us carry a number of things equipped with cryptographic processors (credit cards, mobile phones, passports, ID cards etc.)

• What if such a processor connect to a node of wireless sensor network?

• Such processors today produced in millions, and thus they have a low price

• The solution is to convert the energy-intensive cryptographic operations from the microcontroller of WSN to the cryptographic processor.

• Not store important cryptographic assets to FALSH memory of node of WSN, but in the cryptographic processor.

The Cryptographic Sensor

The proposed solution

• For the first experiments we connect a smart card to the node of WSN

• We connected smart card like are connected sensors to the node of WSN.

• We obtained The Cryptographic Sensor

UART

The Cryptographic Sensor

Cryptographic operations

• Operations before deploying WSN node (personalization of cryptographic sensor).

• Operations during security initialization of node into WSN.• Operations when regular communication node in WSN.

The Cryptographic Sensor

Energy demands - Personalization

• Personalization of cryptographic sensor performs during the sensor is connected to an external power source. For operation the node in the WSN is not relevant.

During personalization will into a cryptographic sensor load:•Public key of certification authority. •Pair public and private key of cryptographic sensor.•Certificate of public key of cryptographic sensor.•Secret key for secure messaging - secure communication between a node and its cryptographic sensor.•Optionally additional secret key for secure communication between crypto-graphic sensor and base station of WSN. This communication can be useful, for example in the case of a renewal certificate of the certification authority.

The Cryptographic Sensor

Energy demands - Security Initialization

• During security initialization node uses cryptographic sensor. Outside the security initialization cryptographic sensor is switched off. Frequency of initialization is of the order of days, weeks or months depending on the specific WSN. Although, cryptographic initialization is energy intensive (< 25 mWs) and due to the fact that during the life cycle of the sensor is activated a few times, so the total share of the consumption of the sensor will be negligible.

The Cryptographic Sensor

Energy demands - Current communication

• Public key cryptography don't use. Cryptographic operations does not increase the current state of energy intensity (the cryptographic sensor is off).

Used cryptographic protocol1.The neighbors shall exchange their cryptographic sensor’s certificates of public keys (certificates are stored in the cryptographic sensors during its initialization).2.Both neighbors verify the received certificate by the public key of certification authority stored in the cryptographic modules during their personalization.3.Nodes generate random numbers and encrypt it by public key of neighbor. The result sign by its private key.4.Nodes exchange results of previous step.5.Nodes verify arrived message: (a) verify digital signature of neighbor, (2) decrypt content of message by its private key.6.Nodes derived from decrypted content: secret session cryptographic keys, initialization vectors and shared secret for MAC calculation from received random numbers.

UART UART

The Cryptographic Sensor

Nodes with cryptographic sensors and nodes without cryptographic sensors•Node with a cryptographic sensor can report an event to prove the authenticity of the supplement information (e.g. MAC).•The base station can subsequently ask sensor node equipped with cryptographic sensor of proof of authenticity of the information (e.g.. MAC)

UART

The Cryptographic Sensor

Sensor nodes with cryptographic provide guaranteed information

Event

The Cryptographic Sensor

What we are solving with now?•How many nodes must be equipped with cryptographic sensor to get information that the event undoubtedly occurred?•May be nodes with cryptographic sensor randomly scattered in WSN? •The aim is to minimize the consumption of all components sensors. On the one hand, more efficient measurement the values and on the other hand found nearby power-optimized cryptographic algorithm

The Cryptographic Sensor

SenzorsProcesorSenzorsProcesor

Cryptographic procesor

Cryptographic procesor

Battery PackBattery Pack

The Cryptographic Sensor

Debuger for sensors

procesor

Debuger for sensors

procesor MasterMaster

Sensor Sensor

Q & A

{libor.dostalek, vacnovak}@prf.jcu.cz