1 / 27

Multi-user Broadcast Authentication in Wireless Sensor Networks

Multi-user Broadcast Authentication in Wireless Sensor Networks. ICU 20082065 Myunghan Yoo. Contents. Introduction Preliminaries The Proposed Scheme CAS DAS BAS HAS Performance Analysis Conclusions Discussion. Introduction.

fergus
Download Presentation

Multi-user Broadcast Authentication in Wireless Sensor Networks

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Multi-user Broadcast Authentication in Wireless Sensor Networks ICU 20082065 MyunghanYoo

  2. Contents • Introduction • Preliminaries • The Proposed Scheme • CAS • DAS • BAS • HAS • Performance Analysis • Conclusions • Discussion

  3. Introduction • In Wireless Sensor Networks, broadcast/multicast from not only sink, but also a sensor node becomes crucial function • Authentication of them is highly important • Several symmetric key cryptography based μTESLA-likeschemes have been proposed

  4. Introduction • Weak points of μTESLA-like schemes • All the receivers have to buffer all the messages within one time interval • Wormhole attacks • Caused by forged message, due to delay of the disclosed keys • Arbitrary flooding in current time interval • Nodes should buffer • Transmission is expensive • Denial-of-Service attacks

  5. Introduction • Solutions • TIK protocol • Require a heavy burden of memory • Public key cryptography based • No longer impractical primitive

  6. Preliminaries Initial Configuration Verification • The Bloom Filter • Hashing input value k times • If all bits are 1, true member • Otherwise, discard • False positive probability

  7. Preliminaries The Merkle hash tree

  8. CAS M: Message, tt: time-stamp, SIG{}: signature, UID: user’s ID, SK: Secret key, PK: public key, CertUID: user’s certificate, ExpT: expiration time, and h():hashed value • The Certificate-Based Authentication Scheme • Drawbacks • Communication overhead • Including Certification • Computation overhead • Two signature verification

  9. DAS • The Direct Storage Based Authentication Scheme • Instead of certificate, list is used • User’s ID & public key • Scalability problem

  10. BAS • The Bloom Filter Based Authentication Scheme • System Preparation • Sink construct Bloom filter & counting Bloom filter

  11. BAS

  12. BAS • Message Signing and Authentication • Based on ECDSA’s partial message recovery

  13. BAS • Message Signing and Authentication • Broadcast • Check authenticity by verifying public key Wpub’s membership with bloom filter • Hashing { UID || Wpub} specific times • If all hashed values on the bloom filter are 1, OK • Otherwise, discard received message

  14. BAS • Message Signing and Authentication • Verify signature

  15. BAS Update counting bloom filter Update bloom filter Update bloom filter of every node User Revocation

  16. BAS • User Addition • Generate more (ID, PK) pairs than need in system preparation phase, assign a pair when new nodes join WSN • Add user, after revocation of old members • No increasing the probability of a false positive • Procedure is same as revocation’s one

  17. BAS F (The probability of False Positive) Generate PK/SK pairs: computationally feasible m/N (bits/User) m: storage space bits N: the number of users The minimum probability of a false positive regarding

  18. BAS The number of users Thus, we need to consider of trade-off between the maximum supported number of users and the probability of a false positive given a fixed storage

  19. HAS • The Hybrid Authentication Scheme (HAS) • Supporting more users using the Merkle Hash tree & Bloom filter • Trading the message length for the storagespace • System Preparation • Calculate trade-off • maximum number of user & false positive rate • Construct of Merkle hash tree • Each leaf is user’s public key • The sink prunes it into a small tree • Generate Bloom filter • Elements of group are small trees

  20. HAS Auxiliary Authentication Information of node ID • Message Signing and Authentication • Broadcast • Received node • Calculate the corresponding root node using AAIUID • Verify the root node value using bloom filter • Verify the signature in the same way of BAS

  21. Performance Analysis Communication Overhead

  22. Performance Analysis • Computational Overhead • Measure energy consumption of signature verification on two processor

  23. Performance Analysis • Security Strength • BAS • Instant authentication • Impossible to launch attack using authentication delay • Suitable for military application with freq=6.36*10-20 • Protection from replay attack with time stamp • Jamming attacks emitting random bits • CAS is weak, since every message has certificate • HAS and BAS are robust • Authentication using Bloom filter is cheap

  24. Performance Analysis • Security Strength • Jamming attacks using valid PK attached to irregularly modified message • HAS and BAS • After verifying signature, recognize that message is bed. • Implement an alert report mechanism • When failing to authenticate messages in a row • Repot to the sink • The sink invest the network • Detection & Remedy are out of scope in this paper

  25. Conclusions • Reveal the problems of SKC based multi user broadcast authentication schemes • Authentication delay • Vulnerabilities • Propose PKC based schemes using Bloom filter & Merkel hash tree • Minimizing energy dissipation • Analyze performance & security

  26. Discussion • Shortcoming • Evaluate overhead of only proposed schemes • We can’t know how much energy resource is consumed compared to when μTESLA-likeschemes are used.

  27. Thank you

More Related