1 / 35

SUMP: Secure Unicast Messaging Protocol

SUMP: Secure Unicast Messaging Protocol. Jeff Janies, Chin-Tser Huang, and Nathan Johnson Presentation by: Jeff Janies. Outline. Sensor Network Background Related Work Routing level attacks SUMP Overview Strengths and Weaknesses. Definitions.

wilsonryan
Télécharger la présentation

SUMP: Secure Unicast Messaging Protocol

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. SUMP: Secure Unicast Messaging Protocol Jeff Janies, Chin-Tser Huang, and Nathan Johnson Presentation by: Jeff Janies

  2. Outline • Sensor Network Background • Related Work • Routing level attacks • SUMP Overview • Strengths and Weaknesses

  3. Definitions • Sensor Network – A network of devices for monitoring or tracking physical phenomenon • Wireless Ad hoc Sensor Network – A sensor network of constrained devices that automatically organizes and communicates through wireless means

  4. Military Target tracking Perimeter defense Battle field assessment Troop monitoring Personal Low cost home security Commercial Inventory tracking Building Control Systems Environmental Forest Fire early detection Animal population monitoring Applications

  5. Layout • Two network entities • Sensor nodes (Sensors) • Base station • Sensor records readings • Base station is the aggregation point

  6. Devices • Sensors – the X-Bow MICA2 mote • Limited power • Powered by 2 AA batteries • Limited Computing power • 8-bit Atmel processor • Limited Memory • 512-bits programmable memory • Base station – Laptop • Limitless computational ability and power

  7. Security Concerns • Because of the sensors limitations security is a growing concern • The RSA keys cannot fit in sensor’s memory • Exponentiation is resource consuming • Communication is on a lossy channel

  8. Security Concerns • Confidentiality –communications must not be overheard • Integrity – errors in messages must be detectable • Availability – if possible, a message must be deliverable • Non-repudiation – no one can send a message then deny sending it

  9. Assumptions • There are no compromised nodes in the network during the initialization of the network. • The base station cannot be compromised. • The base station shares a unique symmetric key with each node • The base station is aware of all nodes in the network prior to deployment. • Nodes are fixed in location.

  10. Related Works • LEAP (Localized Encryption and Authentication Protocol) • SPINS (Security Protocol for Sensor Networks) • μ-Tesla – multi-cast • SNEP – point-to-point communication

  11. LEAP • Uses pairwise keying • Path establishment through breadth first searching • Similar to wired network establishment with ARP

  12. LEAP • Advantages • Efficient routing of messages • Each node has an understanding of the network’s connectivity • Disadvantages • Infeasible in modern sensor networks • To resource consuming • Memory requirements are too great

  13. SPINS • μ-Tesla • A key chain is calculated and the keys are used in reverse order • Uses delayed key distribution • Messages are decrypted at the end of a time step (after receiving the key for the time step)

  14. SPINS • SNEP (Secure Network Encryption Protocol) • Uses Symmetric keys shared by the base station and individual nodes • Provides the protection from replay, forgery, and information leakage

  15. SPINS • Advantages • A complete package for secure communication • Provides both unicast and multicast protection • Disadvantages • Message is propagated through flooding • The method is vulnerable to routing level attacks

  16. Routing Level Attacks • Routing level Attack – Any attack by which an adversary causes a breakdown of communication through the use of route establishment

  17. Worm Hole • When a group of malicious nodes forwards messages faster then legitimate paths • Receiving nodes are convinced the malicious path is the best S4 BS S2 S1 S3 A1 S5 A2 S6 S7

  18. Black hole • A node convinces other nodes to forward through it • The node arbitrarily drops packets • Creates holes in the sensing environment S3 BS S2 S4 A1 S1 S5 S8 S6 S7

  19. SUMP OverviewCountering Routing Attacks • Grouping by Level opposed to locality • Group management becomes an issue • How does a node know its group? • How does a node determine if a message is legitimate?

  20. Approaches to Group authentication • Cryptographic accumulators • Only a single value is stored • Computation of the value is resource consuming • Key chain commitment • Easy to authentication • Increases the storage requirement of the sensors.

  21. A light-weight Alternative • Using merkle hash trees the computational intensity is limited • Authentication is preformed with log(n) hashes • Nodes only store one value

  22. H(H(ID5). H(ID9)) H(ID5) H(ID9) ID5 ID9 Merkle Hash Trees • A hash of the nodes’ IDs form the leaves of the tree. • All other elements are hashes of the concatenation of the elements children • Each node stores the root value of the tree

  23. Merkle Hash Trees • Authentication chains • A list of the sibling values of each element in the path from the leaf to the root. • If the root can be produced, the authentication is successful. Auth chain for 1: {H(1), H(H(3).H(4))} H(H(H(1).H(2)).H(H(3).H(4))) H(H(1).H(2)) H(H(3).H(4)) H(1) H(2) H(3) H(4)

  24. BS A B Hello(BS).1 Hello(BS).2 Reply(1.IDA) Reply(2.IDB) Reply(2.IDB. IDA) Path Establishment • Base Station transmits hello message • Nodes record the hop count, increment the count, and retransmit the hello packet • Nodes reply including there own ID • Nodes forward replies and Concatenate their ID to the reply

  25. Path Establishment • Base station records all path information from each reply • The first reply received from a sensor is the primary path (fastest turnaround time) • All other paths are recorded as alternate paths Reply(2.IDB. IDA) Level of B: 2 Path to B: {A, B}

  26. Path Establishment • After path establishment • Base station groups all sensors of the same level, and produces a Mekle Hash Tree for each level • The IDs of the sensors are the leaves • The root of the tree is distributed

  27. Base Station All sensors’ IDs All sensors’ level All sensors’ symmetric keys A representation of the Merkle Hash Tree for each level Sensors ID Level symmetric key Root of its level’s Merkle Hash Tree Storage requirement

  28. Message propagation • Base station: • Concatenates the message, msg, to the ID of the destination sensor • Produces the authentication chain for the sensor, and concatenates the message to the chain. • encrypts the resulting message with the symmetric key of the sensor

  29. Message propagation (Outgoing) • Base station (cont.) • The base station concatenates the authentication chain of each sensor in the path to the destination in reverse order, and encrypts with the symmetric key of the intermediate sensor. • Below is an example message to sensor 2. K5({auth5}.K3({auth3}. K2({auth2}.ID2.MSG)))

  30. Message propagation (Outgoing) • Sensors • Decrypt packet • Attempt to authenticate • If successful and more authentications present, remove used authentications and retransmit. • If successful and no more authentications are present, check the ID field and process accordingly. • If unsuccessful, drop packet.

  31. Strengths • Level by level authentication of messages • The base station has global view of the network • Network faults (node deaths) are detectable • Directed communication

  32. Weaknesses • Large message size • Outbound communications are limited in size • Limited group size

  33. Future Work • Integration with a multicast messaging service. • Experimentation with less constrained devices (i.e. pocketPC, SPOT) • Deployment in real world environments

  34. Conclusion • Routing level attacks are defendable with a level-wise grouping method • Merkle Hash trees provide a light-weight alternative to expensive group authentication • By increasing packet size storage requirements of sensors can be lessened

  35. Any Questions?

More Related