1 / 22

Security Technologies in USN

Ubiquitous IT Europe Forum 2008. Security Technologies in USN. Dooho Choi (dhchoi@etri.re.kr) Information Security Research Division. Definition of USN. Security Issues in USN. Current Research on USN Security in ETRI. Conclusions. I. II. III. IV. Content.

zarola
Download Presentation

Security Technologies in USN

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Ubiquitous IT Europe Forum 2008 Security Technologies in USN Dooho Choi (dhchoi@etri.re.kr) Information Security Research Division

  2. Definition of USN Security Issues in USN Current Research on USN Security in ETRI Conclusions I II III IV Content

  3. Definition of USN– broad meaning USN (Ubiquitous Sensor Network) : From Tag and/or Sensor node imbedded in various objects(Ubiquitous) Sensing and Generating Context information and Knowledge-based contents (Sensor) Network Infra for user-oriented application services to anyone at anywhere and anytime(Network) Source : Figure 1 – USN application image at ITU-T TSAG – C 22, A preliminary study on the Ubiquitous Sensor Network, Feb. 2007

  4. Definition of USN– narrow meaning Sensor Node Application Network Sink Node (Base Station) Similar to the WSN(Wireless Senor Network) WSN(from Wikipedia) : A wireless network consisting of spatially distributed autonomous devices using sensors to cooperatively monitor physical or environmental conditions, such as temperature, sound, vibration, pressure, motion or pollutants, at different locations Sensor Field

  5. Definition of USN – Features of USN • USN consists of large number of small and low cost Sensor Nodes • The node has sensing, processing, and wireless communication capabilities • USN is densely deployed inside/close to the phenomenon • USN node position is not engineered or predetermined • Nodes are deployed in inaccessible terrain or harsh environments • Protocols and algorithms have self-organization capabilities • Nodes have to cooperate and partially process sensed data

  6. Definition of USN - USNApplications • Environmental applications • ecology, geophysics • Agriculture, Forest fire detection, Flood detection, etc. • Health applications • Interfaces for the disabled • Tele-monitoring of human physiological data • Home applications • Home network applications • Smart building (Intelligent Building System) • Military applications • Enemy detection, DMZ guard

  7. Definition of USN Security Issues in USN Current Research on USN Security in ETRI Conclusions I II III IV Content

  8. Security Issues in USN • We can make a Sensor Network to be secure (if we can apply existing cryptography to Sensor Network) • That is, most of attacks can be prevented by using elaborate cryptography (e.g. data encryption, message authentication, etc.) • However, the features of Sensor Network make it impossible to apply “existing cryptography & security technology” into Sensor Network • Sensor Node • is vulnerable to attacks such as tampering and SCA(Side Channel Attack), etc. • is hard to apply existing security technology for its resource constraints • Sensor Network • is vulnerable to attack for its wireless communication feature • is hard to adopt existing network security technology for its ad-hoc network features (actually, Sensor Network is special class of ad-hoc network)

  9. Possible Attacks on USN • Sensor Node can be attacked easily… • A node can be compromised by adversary  the critical information in a sensor node is known to attacker • Compromised node can be used as a new attacking node (it is on the data path) • Ex) Sinkhole attack, Sybil attack, Hello flood attack • Sensor Network can also be attacked easily… • The Sensor network attack can affect the routing topology • The attacks can be on the forwarding user data • Adversary nodes are invisible to other nodes • Ex) Selective forwarding, wormhole attack

  10. Eavesdropping - Encryption can hide the message from the passive attack Node capturing - Tamper resistant technology can block this attack Bogus/Malfunctioning nodes - Proper bogus & malfunctioning nodes detection methods are required Traffic Analysis - Proper traffic analysis mechanisms are required Routing Attack - Authentication and secure routing methods are required DoS Attack - RF Jamming & Power consumption attack detection are required Possible Attacks on USN

  11. Possible Attacks on Sensor Node • Attacks on Sensor Node • Cloning attack, EM(Electromagnatic) attack, SCA, Power exhaustion attack, Fault injection attack are possible to a Sensor Node • Many attacks are possiblebecause it is hard to implement tamper resistant technology to a Sensor Node for its resource constraints Cloning Attack EM Attack SCA Power Exhaustion Attack Fault injection Attack

  12. Side Channel Information(Timing, Power Trace, EM signal,…) Smart Card Analysis Secret key d Secret key d V V - t t Possible Attacks on Sensor Node • Side Channel Attack plaintext Pi ciphertext Ci Source : Tsuyoshi Takagi, Future University Hakodate, Japan , Efficient and Secure Implementation of Pairing Based Cryptosystems

  13. Security threats and Countermeasures • Security threats and Countermeasures on USN which are classified from the viewpoints of Layer of USN Network Layer Security Technology Possible Attacks Physical Layer Physical Tampering Jamming Tamper proofing Spread-spectrum, priority messages Lower duty cycle Link Layer Collision Exhaustion Unfairness Error-correcting code Rate limitation Small frames Link Layer Network Layer Neglect and greed Homing Misdirection Black holes Redundancy, Probing Cryptographically Encryption Authorization, Monitoring Authorization, Redundancy Transport Layer Flooding De-synchronization Monitoring, Client puzzles Data origin authentication

  14. Definition of USN Security Issues in USN Current Research on USN Security in ETRI Conclusions I II III IV Content

  15. Current Research on USN Security in ETRI • ETRI is developing the light-weight Crypto Modules for RFID and/or Sensor node • Implementation of light weight Symmetric key crypto modules(AES, ARIA) • Implementation of light weight Asymmetric key crypto modules (scalar multiplication for ECC, modular exponentiation for RSA, pairing computation for pairing based cryptography) • ETRI is also developing the Secure Node for USN • Research on Side Channel Analysis and its Countermeasures • Development of Secure Sensor Node • Development of Security extension of TinyOS (TinySec)

  16. Current Research on USN Security in ETRI • Light weight AES Crypto module • 20uW, 4K gates AES H/W IP • Secure Passive RFID Tag – compatible with ISO 18000-6 Type C • Data encryption/authentication on the passive RFID environment • Low power ECC Crypto module • Low power consumed architecture - 21K gates H/W IP • Secure Sensor Node - ECDH, ECDSA • Low power RSA Crypto module • Low power consumed architecture - 65K gates H/W IP • Secure Sensor Node – Key distribution, certificate based

  17. Current Research on USN Security in ETRI • Research on Side Channel Analysis Number of Traces DPA Analysis Start Select a target S-box Input value of Selected S-box Frequency domain based DPA analysis result Frequency domain Energy-based DPA analysis result Frequency domain Pattern recognition–based DPA analysis result Key Crack Success

  18. Current Research on USN Security in ETRI • Development of a Secure Sensor Node • Strong security is provided with low power consumed H/W crypto module • Compatible with TinySec • Provides secure data communication, integrity and authentication • Resistant to DPA (Differential Power Analysis : SCA) attack EEPROM : light weight Security ModuleH/W configuration data Storage Sensor : Si Photodiode USB to serial : Host PC serial communication RF (CC2420) : IEEE 802.15.4 WPAN Features of ETRI Crypto Module • AES, ECC, RSA crypto algorithms • Low power consumption • Performance tuned at the level of Sensor OS RF Antenna : SMP & PCB pattern antenna Xilinx FPGA : MSP 430 uP: Main processor TinyOS porting Flash Memory : Sensor Security Platform Code Storage

  19. Current Research on USN Security in ETRI • Summary of Security Enhancing Technology for Sensor Network ETRI’s Current Research Topics

  20. Definition of USN Security Issues in USN Current Research on USN Security in ETRI Conclusions I II III IV Content

  21. Conclusions • Everyone knows the USN technology is promising technology • However, the possible security threats may spoil the technology and market • So, it requires the development of security technology for USN • The high resource constraints (low power consumption & low computing capability) should be considered to make security technologies for USN • Also, the back-end USN infrastructure (such as middleware, etc.) and network features (such as Ad-hoc and wireless) should be considered to make proper security technologies for USN network.

  22. Thank You!

More Related