1 / 12

Privacy and Security in Embedded Sensor Networks

Daniel Turner 11/18/08 CSE237a. Privacy and Security in Embedded Sensor Networks. The Problem. Capture Attacks Wireless Communication Limited Power Resource drain attack Extra message length costly Limited Resources CPU: No asymmetric crypto RAM / Flash: minimal state.

louis-gill
Download Presentation

Privacy and Security in Embedded Sensor Networks

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Daniel Turner 11/18/08 CSE237a Privacy and Security in Embedded Sensor Networks

  2. The Problem Capture Attacks Wireless Communication Limited Power Resource drain attack Extra message length costly Limited Resources CPU: No asymmetric crypto RAM / Flash: minimal state

  3. Confidentiality (Encryption)‏ Block Cipher: DES, Skipjack, AES, ... Init Vector: Additional Randomness TinySec: CBC (10% pwr increase)‏ IV = 4 Bytes MiniSec: OCB (8.3% pwr increase)‏ No text expansion

  4. Authenticity (MAC)‏ MAC: cryptographic secure checksum TinySec: Replace CRC with MAC (3% pwr increase)‏ MiniSec: Instead of an IV OCB produces a MAC

  5. Additional Areas • Secure Routing • Prevent Black holes • Replay Attacks • Counters and Bloom filters • Keying • Global key • Pair wise keys • Something between

  6. Future Work Better Keying Methods Optimized Ciphers Break implicit assumptions about loose synch between nodes

  7. Questions?

  8. Key Management Bad: All pairs or Single key LEAP Keys Base-station Pair: Computed at boot from K_in Cluster: pairwise sending of cluster key Global re-keying: Controller revokes node, sends new key

  9. Replay Attacks TinySec: No protection MiniSec: Counters in unicast (3 bit overhead)‏ Bloom filter in broadcast

  10. Secure Routing Create a routing table using signed IDs Challenges: prevent liars No node duplication: prevent Sybil

  11. Secure Routing

  12. Secure Routing Create a routing table using signed IDs Challenges: prevent liars No node duplication: prevent Sybil Route via Multi-path forwarding 3 paths per group (Random) direction string Honeybee to eliminate bad nodes

More Related