1 / 28

A Practical Secure Neighbor Verification Protocol for Wireless Sensor Networks

A Practical Secure Neighbor Verification Protocol for Wireless Sensor Networks. Reza Shokri, Marcin Poturalski, Gael Ravot, Panos Papadimitratos, and Jean-Pierre Hubaux Laboratory for Computer Communications and Applications, EPFL, Switzerland

callum
Download Presentation

A Practical Secure Neighbor Verification Protocol for Wireless Sensor Networks

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. A Practical Secure Neighbor Verification Protocol for Wireless Sensor Networks Reza Shokri, Marcin Poturalski, Gael Ravot, Panos Papadimitratos, and Jean-Pierre Hubaux Laboratory for Computer Communications and Applications, EPFL, Switzerland Second ACM Conference on Wireless Network Security (WiSec'09) March 2009 Zurich, Switzerland

  2. Wormhole Attack

  3. Wormhole Attack Wormhole

  4. Wormhole Attack False Links over the Wormhole

  5. Neighbor Verification Protocol Motivation - The other proposed methods are not implementable on sensor networks (e.g., directional antennas) or are not secure enough considering the sensor networks’ limitations (e.g., tight time synchronization in nanosecond precision is required). - Our goal is to propose a secure and practical protocol for WSN. Our Main Idea Local geometric consistency tests Protocol Stages • Ranging • Exchanging the Neighbor Tables (include distance) • Neighbor Verification (security tests)

  6. The Ranging Protocol

  7. The Ranging Protocol C D ? ? B ? A

  8. The Ranging Protocol Fresh Random Nonce A B C tREQ/A REQ tREQ/B

  9. The Ranging Protocol A B C tREQ/A REQ tREQ/B tREP/B REP tREP/A

  10. The Ranging Protocol A B C tREQ/A REQ tREQ/B tREP/B REP tREP/A tRNG/A RNG (Ultra)Sound tRNG/B

  11. The Ranging Protocol A B C tREQ/A REQ tREQ/B tREP/B REP tREP/A tRNG/A RNG (Ultra)Sound tRNG/B ACK

  12. A B C tREQ/A tREQ/B REQ tREP/B tREP/A REP tRNG/A RNG tRNG/B (Ultra)Sound ACK The Ranging Protocol Node B: Empirical Synchronization Error “Synchronization Test” Speed of sound

  13. B >= dwb + dwb A dbc >= dwb + dwb C The Ranging Protocol (Over Attack) dwb dwa B A dwc dbc C The adversary can change adjust the distance between nodes only by introducing different delay values while relaying RNG messages

  14. Neighbor Table Exchange C D E F B G A Each node broadcasts its neighbor table to its direct neighbors. Neighbor tables include distance between nodes. We assume nodes are deployed on a plane. (it can be extended to 3D)

  15. Neighbor Verification (Security Tests)

  16. Neighbor Verification (Security Tests) (1) d(B->A) = d(A->B) Link Symmetry Test

  17. R Neighbor Verification (Security Tests) (1) (2) d(B->A) = d(A->B) d(B->A) < R Link Symmetry Test Maximum Range Test

  18. R Neighbor Verification (Security Tests) (1) (2) d(B->A) = d(A->B) d(B->A) < R Link Symmetry Test Maximum Range Test (3) Quadrilateral Test Each 4 neighbors that form a clique must belong to a quadrilateral. (embedding graph on a plane)

  19. R Neighbor Verification (Security Tests) (1) (2) d(B->A) = d(A->B) d(B->A) < R Link Symmetry Test Maximum Range Test (3) (4) Quadrilateral Test Each 4 neighbors that form a clique must belong to a quadrilateral. (embedding graph on a plane) Quadrilateral Convexity Test A link will be marked as verified link if it belongs to a convex quadrilateral.

  20. Security Analysis

  21. Security Analysis To successfully create a false link: the attacker has to convince 4 nodes that form a convex quadrilateral (2-2) D A C B A (3-1) D B C

  22. Security Analysis (2-2) D A C B D A A D B C C B Nodes’ perception (2) Nodes’ perception (1) We have proved that neither of these perceptions are possible. Thus, 2-2 attack is impossible.

  23. Security Analysis A (3-1) D B C A Nodes’ perception D B C We have proved that the attack is possible only if: A D B C

  24. Experimental Results Settings The ranging protocol has been implemented on Crossbow Cricket motes

  25. Experimental Results Settings The ranging protocol has been implemented on Crossbow Cricket motes Results Time Synchronization Error: 99.55% below 5 microsecond Distance Measurement Error: Below 5cm error (Range up to 4m) Link Symmetry Error: 97% below 7cm (74% below 2cm)

  26. Performance Evaluation in Benign Setting Links have to satisfy the convex quadrilateral test to be verified by our protocol. Yet, even in a benign setting, some links might not belong to any convex quadrilateral, and therefore remain unverifiable. How percentage of true links can be verified?

  27. Performance Evaluation in Benign Setting Coverage Uniform distribution of nodes in a field measuring 400m*400m “R”: Transmission range = 100m “e”: Maximum distance estimation error as percentage of R.

  28. Conclusion • Neighbor Verification Protocol for Wireless Sensor Networks • Based on estimation of node distance and simple, local tests • Practical solution, implemented on Cricket motes • Formal analysis and proof of correctness • Highly effective against powerful adversaries • Adding detection of adversary increases security (see tech-report)

More Related