privacy and security in embedded sensor networks
DESCRIPTION
Daniel Turner 11/18/08 CSE237a. Privacy and Security in Embedded Sensor Networks. The Problem. Capture Attacks Wireless Communication Limited Power Resource drain attack Extra message length costly Limited Resources CPU: No asymmetric crypto RAM / Flash: minimal state. - PowerPoint PPT PresentationTRANSCRIPT
![Page 1: Privacy and Security in Embedded Sensor Networks](https://reader036.vdocument.in/reader036/viewer/2022082818/56812d7a550346895d928d2f/html5/thumbnails/1.jpg)
Privacy and Security in Embedded Sensor Networks
Daniel Turner
11/18/08
CSE237a
![Page 2: Privacy and Security in Embedded Sensor Networks](https://reader036.vdocument.in/reader036/viewer/2022082818/56812d7a550346895d928d2f/html5/thumbnails/2.jpg)
The Problem
Capture Attacks Wireless Communication Limited Power
Resource drain attack Extra message length costly
Limited Resources CPU: No asymmetric crypto RAM / Flash: minimal state
![Page 3: Privacy and Security in Embedded Sensor Networks](https://reader036.vdocument.in/reader036/viewer/2022082818/56812d7a550346895d928d2f/html5/thumbnails/3.jpg)
Confidentiality (Encryption)
Block Cipher: DES, Skipjack, AES, ... Init Vector:
Additional Randomness TinySec: CBC (10% pwr increase)
IV = 4 Bytes MiniSec: OCB (8.3% pwr increase)
No text expansion
![Page 4: Privacy and Security in Embedded Sensor Networks](https://reader036.vdocument.in/reader036/viewer/2022082818/56812d7a550346895d928d2f/html5/thumbnails/4.jpg)
Authenticity (MAC)
MAC: cryptographic secure checksum TinySec:
Replace CRC with MAC (3% pwr increase) MiniSec:
Instead of an IV OCB produces a MAC
![Page 5: Privacy and Security in Embedded Sensor Networks](https://reader036.vdocument.in/reader036/viewer/2022082818/56812d7a550346895d928d2f/html5/thumbnails/5.jpg)
Additional Areas
Secure Routing Prevent Black holes
Replay Attacks Counters and Bloom filters
Keying Global key Pair wise keys Something between
![Page 6: Privacy and Security in Embedded Sensor Networks](https://reader036.vdocument.in/reader036/viewer/2022082818/56812d7a550346895d928d2f/html5/thumbnails/6.jpg)
Future Work
Better Keying Methods Optimized Ciphers Break implicit assumptions about loose
synch between nodes
![Page 7: Privacy and Security in Embedded Sensor Networks](https://reader036.vdocument.in/reader036/viewer/2022082818/56812d7a550346895d928d2f/html5/thumbnails/7.jpg)
Questions?
![Page 8: Privacy and Security in Embedded Sensor Networks](https://reader036.vdocument.in/reader036/viewer/2022082818/56812d7a550346895d928d2f/html5/thumbnails/8.jpg)
Key Management
Bad: All pairs or Single key LEAP Keys
Base-station Pair: Computed at boot from K_in Cluster: pairwise sending of cluster key Global
re-keying: Controller revokes node, sends new key
![Page 9: Privacy and Security in Embedded Sensor Networks](https://reader036.vdocument.in/reader036/viewer/2022082818/56812d7a550346895d928d2f/html5/thumbnails/9.jpg)
Replay Attacks
TinySec: No protection MiniSec:
Counters in unicast (3 bit overhead) Bloom filter in broadcast
![Page 10: Privacy and Security in Embedded Sensor Networks](https://reader036.vdocument.in/reader036/viewer/2022082818/56812d7a550346895d928d2f/html5/thumbnails/10.jpg)
Secure Routing
Create a routing table using signed IDs Challenges: prevent liars No node duplication: prevent Sybil
![Page 11: Privacy and Security in Embedded Sensor Networks](https://reader036.vdocument.in/reader036/viewer/2022082818/56812d7a550346895d928d2f/html5/thumbnails/11.jpg)
Secure Routing
![Page 12: Privacy and Security in Embedded Sensor Networks](https://reader036.vdocument.in/reader036/viewer/2022082818/56812d7a550346895d928d2f/html5/thumbnails/12.jpg)
Secure Routing
Create a routing table using signed IDs Challenges: prevent liars No node duplication: prevent Sybil
Route via Multi-path forwarding 3 paths per group (Random) direction string
Honeybee to eliminate bad nodes