Data Consistency in Sensor Networks: Secure Agreement

1. Data Consistency in Sensor Networks: Secure Agreement Fatemeh Borran Supervised by: PanosPapadimitratos, MarcinPoturalski Prof. Jean-Pierre Hubaux IC-29 Self-Organised Wireless and Sensor Networks

2. Outline • Introduction • Problem Statement • Assumptions • System Model • Algorithms • Results • Conclusion March 6, 2007 2

3. Introduction • Classical Sensor Networks • centralized and reliable base station • one-to-many association • Distributed Sensor Networks • decentralized architecture • every node could be faulty or malicious • many-to-many association March 6, 2007 3

4. Problem Statement • Environment produces single actual value α • Each sensor node measures the noisy environment • Measurement error is bounded by ε • All sensor nodes don’t behave correctly • incorrect measurement or malicious behavior • Problem: value of single sensor node is not reliable • Goal: ensure data consistency among sensor nodes • Approach: agreement on actual value α March 6, 2007 4

5. Fault Model • Correct Sensor: • behave according to the protocol specification • measurement error is bounded by ε • Faulty Sensor: • measurement error is not bounded • follow assigned protocol • Byzantine Sensor: • under control of a unique adversary • behave arbitrary (crash-failure, omission-failure,…) |C|≥ n-k-t |F|≤ k |B|≤ t March 6, 2007 5

6. System Model • System • Synchronous: transmission delay and process speed are bounded and known • Asynchronous: slow process is not detectable • Authentication • Unique identity and signature • A modified message is detectable • Communication Channels • Integrity: every received message was previously sent • No-duplication: each message is received at most once • Reliability: messages sent by a correct node are received by all nodes and are not modified. March 6, 2007 6

7. Secure Agreement Problem • Properties: • Validity: if sidecides v, then |v-vi|≤ε and vi is initial value of some non-Byzantine node • Strong Validity: if si decides v, then |v-α|≤ε • Agreement: if si decides vi and sj decides vj then |vi-vj|≤Φ • Termination: every non-Byzantine node eventually decides • Primitives: • broadcast(vi) • decide(v) March 6, 2007 7

8. Algorithm I: Synchronous One-hop Vp := <p,xp> r := 1 while r < t+1 do broadcast(Vp) to all nodes Vp := VpU {Vq | Vq is received from q} r := r + 1 end while T := all duplicated values in Vp Vp := Vp- T decide(f(Vp)) f: trimming and averaging function r ≤ 1 Wp := reduce(Vp,k+t-|T|/2) f(Vp) := mean(Wp) March 6, 2007 8

9. S S S S y x x y x x P Q P Q P Q P Q <S, x> <S, y> <S, x> <S, x> <S, x> <S, y> <S, x> <S, x> <S, y> Round 2 Round 2 Round 1 Round 1 Theorem I Theorem I: Algorithm I solves secure agreement for one-hop synchronous sensor networks with authenticated messages. Lemma I: After t+1 rounds, all nodes have the same set. Lemma II: All nodes apply the same deterministic function: f. Communication complexity: O((t+1)n2) S is Byzantine March 6, 2007 9

10. Algorithm II: Synchronous One-hop r := 1 whiletruedo broadcast(xp) to all nodes Vp := U{<q,xq> | xq is received from q} Wp := reduce(Vp,t+k) xp := median(Wp) if (δ(Wp) < Φ) then decide(xp) end if r := r + 1 end while δ(Wp):= max(Wp) – min(Wp) Φ = ε => one round is required Φ < ε => two rounds are required March 6, 2007 10

11. Theorem II Theorem II: Algorithm II solves secure agreement for one-hop synchronous sensor networks with authenticated messages. Lemma I: Wpcontains only the values from correct nodes. Lemma II: Every faulty node corrects its value after first round. Communication complexity: O(n) Question: Is it possible to achieve O(c)complexity? March 6, 2007 11

12. Algorithm III: Synchronous One-hop r := 1 S := arbitrary set of 2t+2k+1 nodes whiletruedo if p in S then broadcast(xp) to all nodes end if … // same as Algorithm II r := r + 1 end while Communication complexity: O(2t+2k+1) March 6, 2007 12

13. Modified Algorithm II: Asynchronous One-hop r := 1 whiletruedo broadcast(xp) to all nodes Vp := U{<q,xq> | xq is received from q} if (|Vp| ≥ n-t) then Wp := reduce(Vp,t+k) xp := median(Wp) if (δ(Wp) < Φ) then decide(xp) end if end if r := r + 1 end while |V|: cardinality of V Φ = ε => one round is required in best case Φ < ε => t rounds are required in best case March 6, 2007 13

14. Correct node Faulty node Byzantine node Communication range Multi-hop Communication Connectivity: there is a path between each pair of non-Byzantine nodes in the network. t-connectivity: there are no t nodes whose removal disconnects the network unconnected network March 6, 2007 14

15. Correct node Faulty node Byzantine node Communication range Multi-hop Communication Connectivity: there is a path between each pair of non-Byzantine nodes in the network. t-connectivity: there are no t nodes whose removal disconnects the network unconnected network March 6, 2007 15

16. Correct node Faulty node Byzantine node Communication range Multi-hop Communication Connectivity: there is a path between each pair of non-Byzantine nodes in the network. t-connectivity: there are no t nodes whose removal disconnects the network connected network March 6, 2007 16

17. Modified Algorithm I: Synchronous Multi-hop Vp := <p,xp> r := 1 whiler < t+d+1 do broadcast(Vp) to all nodes Vp := VpU {Vq | Vq is received from q} r := r + 1 end while T := all duplicated values in Vp Vp := Vp– T decide(f(Vp)) f: trimming and averaging function r < d+1 Wp := reduce(Vp,k+t-|T|/2) f(Vp) := mean(Wp) d: network diameter March 6, 2007 17

18. Theorem III Theorem III: Algorithm I solves secure agreement for multi-hop synchronous sensor networks with authenticated messages. Lemma I: After t+d+1 rounds, all nodes have the same set. Lemma II: All nodes apply the same deterministic function: f. Lemma III: t-connectivity ensures agreement and termination. Communication complexity: O((t+d+1)n2) March 6, 2007 18

19. Algorithm IV: Asynchronous Multi-hop Vp := <p,xp> r := 1 whiletruedo broadcast(Vp) to all nodes Vp := VpU {Vq | Vq is received from q} if (|Vp| > 2(t+k)) then Wp := reduce(Vp,t+k) xp := median(Wp) if (δ(Wp) < Φ) then decide(xp) end if end if Vp := <p,xp> r := r + 1 end while Φ = ε => one round is required in best case Φ < ε => n-2t-2k rounds are required in best case March 6, 2007 19

20. Theorem IV Theorem IV: Algorithm IV solves secure agreement for multi-hop asynchronous sensor networks with authenticated messages. Lemma I: Within 2(t+k)+1 values, t+k+1 values are correct. Lemma II: All nodes apply the same deterministic function: f. Lemma III: t-connectivity ensures termination. Communication complexity: O(2(t+k)n) March 6, 2007 20

21. Results: One-hop Table I: Secure Agreement with Strong Validity * best case results March 6, 2007 21

22. Results: One-hop Table II: Secure Agreement with Validity * best case results March 6, 2007 22

23. Results: Multi-hop Table III: Secure Agreement with Strong Validity * best case results March 6, 2007 23

24. Results: Multi-hop Table IV: Secure Agreement with Validity * best case results March 6, 2007 24

25. Conclusion • Distributed sensor networks vs. Classical sensor networks. • save communication bandwidth • provide redundancy • eliminate single-point of failure • use broadcast instead of unicast • inform quickly and easily the end-user • Data consistency as agreement problem. • New variant of agreement problem: secure agreement. • Φ can be chosen arbitrarily small to get as close to consensus as desired. • t-connectivity is not required to be held in every round. March 6, 2007 25

26. Future works • Strong validity requires n>2(t+k) Impossibility results with n≤2(t+k)? • Asynchronous algorithm with constant communication complexity? • Analyse communication complexity of worst case in asynchronous algorithms? • Simulation results March 6, 2007 26