WIRELESS SENSOR NETWORK Pair-Wise Key Establishment Presented By: Mohammed Saleh CS 599b Summer07.
-
date post
18-Dec-2015 -
Category
Documents
-
view
217 -
download
0
Transcript of WIRELESS SENSOR NETWORK Pair-Wise Key Establishment Presented By: Mohammed Saleh CS 599b Summer07.
WIRELESS SENSOR NETWORK Pair-Wise Key Establishment
Presented By:
Mohammed Saleh
CS 599b Summer07
WSNWSN
• Background• WSN Architecture• WSN Security Issues and requirements• Problem & Proposed• Network Architecture• Pair-wise key establishment• Conclusion
BackgroundBackground
• 100/1000 nodes
• Low cost solution
• Limited resources
• Controlled or uncontrolled environment
WSN ArchitectureWSN Architecture
WSN ComponentsWSN Components
A sensor Nodes Consist of:• Battery• Memory• Processor• Radio links for communicating
Sensor Node ConstraintsSensor Node Constraints
• Battery Power/Energy
• Processor
• Rechargeability
• Sleep PatternsMemory
Network constraintsNetwork constraints
• Limited Pre-Configuration
• Unreliable communications
• Frequent Routing Changes
WSN ArchitectureWSN Architecture
Security in Wireless NetworksSecurity in Wireless Networks
Security RequirementsSecurity Requirements
• Confidentiality• Authenticity• Availability• Integrity• Freshness• Scalability• Accessibility• Self-Organization• Flexibility
Security in Wireless NetworksSecurity in Wireless Networks
• Attacks
-Poor physical protection
-Attacks not only from outside but
also from within the network from
compromised nodes.
WSN AttacksWSN Attacks
Security in Wireless NetworksSecurity in Wireless Networks
Security concepts:• RSA
• Cryptography
- Public/private key
• Diffie-Hellman
Problem & ProposedProblem & Proposed
ProblemProblem
The initialization process of a previously study known as SHELL.
No Pair-Wise key establishment
ProposedProposed
We propose a pair-wise key establishment of neighboring sensor nodes for the improvement of the network architecture that can be vulnerable for an attack or compromising. This schema can be efficiently applied to the protection of distributing keys throughout the network; sensor nodes can’t only provide an equal level of security but also reduce the consequences of node compromise.
GoalGoal
• Establishing pair-wise key
• Improving the initialization process or the network bootstrapping.
• Protecting against node capturing
SHELLSHELL
• Introduces a novel heuristic for key assignment that decreases the probability of capturing the network through the compromised node
• very few additional keys would be revealed when colluding.
• SHELL boosts the network resiliency to node capture while conservatively consuming the network’s critical resources such as energy.
EBSEBSEBS (Exclusion Basis System)• Eltoweissy et al • methodology for group key management. • EBS eliminates the need of storing a large number of keys
at each sensor node. • It further allows trading off the number of keys stored
versus• amount of network traffic due to the rekeying operations. • Simplifies the addition and eviction of nodes. • Performs key refreshing through the exchange of few
messages.• EBS-based schemes can be prone to collusion attacks.
Network ArchitectureNetwork Architecture
• Command Node
• Gateway
• Sensors
Network ArchitectureNetwork Architecture
• There are two basic categories of nodes that comprise the system:
• Sensing nodes (N1 nodes)
• memory and processing nodes (N2 nodes)
Network BootstrappingNetwork Bootstrapping
The phase of system initialization that precedes actual operations is referred to as network bootstrapping.
• Sensor Implementation • Cluster Assignment • Gateway Registration
Pair-wise Key EstablishmentPair-wise Key Establishment
The rationale for establishing a set of protocols for shared key
interaction is to improve security and decrease nodal
Vulnerability.
The proposed model accounts for scenarios in which there is
only one node needed for key establishment or, in contrast,
an unlimited number of nodes that can participate in the key
establishment process. In either situation, the backbone
architecture is considered secure.
Pair-wise Key EstablishmentPair-wise Key Establishment
• Backhaul – In order to create the conditions necessary for backhaul, an N1 node and an N2 node must share a common key.
• Neighboring nodes with Limitation – This scenario permits inter-nodal communication between two N1 nodes in the same neighborhood.
• Neighboring Nodes Open Trust – To establish connectivity in this scenario, N1 nodes can establish session keys through a sequence of mutual N1 nodes key matching.
Pair-wise Key EstablishmentPair-wise Key Establishment
With this key Establishment we can have
• significant increase in the number of keys stored by all N1
nodes. • Protecting against Attacks and failure between N1 & N2 nodes.• Maintaining a low energy consumption.• key assignment that decreases the probability of
capturing• would share most keys with reachable nodes and, thus,
very few additional keys would be revealed when colluding
ConclusionConclusion
A key feature of our approach is that it exploits the availability of multiple transmission power levels at sensor nodes in terms of elevated security schemes. We introduced different approaches; the description of how to establish a pair-wise key between two neighboring nodes can be established by the discussed approach and applied to Younis approach for more efficiency. In doing so we can reduce the possibility of data being lost from all nodes if the chance of a network is captured.
ReferencesReferences• RSA Encryption Standard, Version 1.4. San Mateo, Ca.: RSA Data Security, Inc.,
1991.• W. Diffie and M.E. Hellman, New directions in cryptography, IEEE Transactions on
Information Theory 22 (1976), 644-654.• Multicast Security: A Taxonomy and Efficient Constructions. IEEE Press, 1999.• Ten Emerging Technologies That Will Change The World, Feb.2003.• Mihaela Cardei My T. Thai Yingshu Li Weili Wu, Energy-Efficient Target
Coverage in Wireless Sensor Networks, IEEE INFOCOM 2005.• A. D. Wood and J. A. Stankovic. Denial of service in sensor networks. Computer
35(10):54–62, 2002.• J. Newsome, E. Shi, D. Song, and A. Perrig. The Sybil attack in sensor networks:
analysis & defenses. Proceedings of the third international symposium on Informationprocessing in sensor networks, pp. 259–268. ACM Press, 2004.
• Wireless Sensor Network Security: A Survey John Paul Walters, Zhengqiang Liang,Weisong Shi, and Vipin Chaudhary Department of Computer Science Wayne StateUniversity5143 Cass Ave, MI 48202, USA
ReferencesReferences
• J. Deng, R. Han, and S. Mishra. Countermeasuers against traffic analysis in wireless sensor networks. Tech. Rep. CU-CS-987-04, University of Colorado at Boulder, 2004.
• Peng Peng , P2P-HGKM: An Efficient Hierarchical Group Key ManagementProtocol for Mobile Ad-Hoc Networks, B.Sc., Peking University, 2000 Eric Ricardo Anton, Otto Carlos Muniz Bandeira Duarte, Group Key Establishment in Wireless Ad Hoc Networks , Workshop em Qualidade de Serviço e Mobilidade – 2002.
• N. Asokan, V. Schoup, and M. Waidner, Optimistic fair exchange of digital signa-tures, IEEE Journal on Selected Area in Communications, vol. 18, no. 4, pp. 593,610, 2000.
• Y. Amir, Y. Kim, C. Nita-Rotaru, and G. Tsudik, On the performance of group key agreement protocols," in Proceedings of the 22nd IEEE International Conference on Distributed Computing Systems, (Viena, Austria), June 2002.
• Cliques Project team, \Cliques," 1999. http://sconce.ics.uci.edu/cliques/.• Cristina Nita-Rotaru, High-Performance Secure Group Communication,
(Baltimore, Maryland), June 2003
ReferencesReferences
• A Logic for the Exclusion Basis System, Samuel T. Redwine, Jr., James Madison University Harrisonburg, Va. 22807, Proceedings of the 37th Hawaii International Conference on System Sciences – 2004.
• Distributed Clustering in Ad-hoc Sensor Networks: A Hybrid, Energy-Efficient Approach Younis, O., Fahmy, S.: Distributed clustering in ad-hoc sensor networks. In: Proceedings of the IEEE Conference on Computer Communications (INFOCOM), Hong Kong (2004)",
• Mohamed F. Younis, Senior Member, IEEE, Kajaldeep Ghumman, and Mohamed Eltoweissy, Senior Member, IEEE Location-Aware Combinatorial Key Management Scheme for Clustered Sensor Networks. IEEE Vol 17, No.8, August 2006
ReferencesReferences
• Du., W. et al. “A Key Management Scheme for Wireless Sensor Networks Using
• Deployment Knowledge.” IEEE INFOCOM, 2004.• Hill, J. et al. “System Architecture directions for Networked Sensors.”
Architectural Support for Programming Languages and Operating systems, 2000: 93-104.
• Hu, Y., Perrig, A., and Johnson, D. Ariadne: a secure on-demand routing protocol for ad hoc networks. New York: ACM Press, (2002): 12-23.
• Patrick Traynor, Heesook Choi, Guohong Cao, Sencun Zhu and Tom La Porta• Networking and Security Research Center Department of Computer Science
and Engineering The Pennsylvania State University, Establishing Pair-wise Keys in Heterogeneous Sensor Networks.