650 likes | 939 Vues
Wireless Network Security and Sensor Networks. Topics. Brief review of wireless security Sensor networks: Architecture and Issues of Security of SNs SNEP Tesla. 802.11. 802.11 a, b, … Components Wireless station A desktop or laptop PC or PDA with a wireless NIC. Access point
E N D
Topics • Brief review of wireless security • Sensor networks: Architecture and Issues of • Security of SNs • SNEP • Tesla
802.11 • 802.11 a, b, … • Components • Wireless station • A desktop or laptop PC or PDA with a wireless NIC. • Access point • A bridge between wireless and wired networks • Radio • Wired network interface (usually 802.3) • Bridging software • Aggregates access for multiple wireless stations to wired network.
802.11 modes • Infrastructure mode • Basic Service Set • One access point • Extended Service Set • Two or more BSSs forming a single subnet. • Most corporate LANs in this mode. • Ad-hoc mode (peer-to-peer) • Independent Basic Service Set • Set of 802.11 wireless stations that communicate directly without an access point. • Useful for quick & easy wireless networks.
Infrastructure mode Access Point Basic Service Set (BSS) – Single cell Station Extended Service Set (ESS) – Multiple cells
Ad-hoc mode Independent Basic Service Set (IBSS)
802.11b Security Services • Two security services provided: • Authentication • Shared Key Authentication • Encryption • Wired Equivalence Privacy
Wired Equivalence Privacy • Shared key between • Stations. • An Access Point. • Extended Service Set • All Access Points will have same shared key. • No key management • Shared key entered manually into • Stations • Access points • Key management a problem in large wireless LANs
WEP – Sending • Compute Integrity Check Vector (ICV). • Provides integrity • 32 bit Cyclic Redundancy Check. • Appended to message to create plaintext. • Plaintext encrypted via RC4 • Provides confidentiality. • Plaintext XORed with long key stream of pseudo random bits. • Key stream is function of • 40-bit secret key • 24 bit initialisation vector • Ciphertext is transmitted.
WEP Encryption IV Cipher text Initialisation Vector (IV) || PRNG Key Stream Seed Secret key Plaintext || 32 bit CRC ICV Message
WEP – Receiving • Ciphertext is received. • Ciphertext decrypted via RC4 • Ciphertext XORed with long key stream of pseudo random bits. • Check ICV • Separate ICV from message. • Compute ICV for message • Compare with received ICV
Shared Key Authentication • When station requests association with Access Point • AP sends random number to station • Station encrypts random number • Uses RC4, 40 bit shared secret key & 24 bit IV • Encrypted random number sent to AP • AP decrypts received message • Uses RC4, 40 bit shared secret key & 24 bit IV • AP compares decrypted random number to transmitted random number
Wepcrack • First tool to demonstrate attack using IV weakness. • Open source • Three components • Weaker IV generator. • Search sniffer output for weaker IVs & record 1st byte. • Cracker to combine weaker IVs and selected 1st bytes.
Airsnort • Automated tool • Does it all! • Sniffs • Searches for weaker IVs • Records encrypted data • Until key is derived.
Safeguards • Security Policy & Architecture Design • Treat as untrusted LAN • Discover unauthorised use • Access point audits • Station protection • Access point location • Antenna design
Bluetooth Security • Mode 1 – non-secure. • Mode 2 – service level enforced security. • Initiated after the channel is established. • Mode 3 – link level enforced security • Initiated before the channel is established. • Trusted Devices • Unrestricted access to all services. • Untrusted Devices • Services requiring Authorisation and Authentication. • Services requiring Authentication. • Open services.
Link Layer services • Link Layer • Authentication of Peers • Encryption of information • Unique public device address • BD_ADDR • 48 bits, allocated by IEEE
Connecting Two Devices • Two devices with no prior connection • For low security connections • 128 bit Unit link key from one device used. • Created when device is manufactured. • For higher security connections • 128 bit Combination link key generated • Provides • Confidentiality • Integrity • Authentication
Combination Key • Identical PIN code entered into both devices. • 128 bit initialisation link key generated. • PIN code • Device Address • Random number • Combination key now generated. • Combination key stored for future use.
Wireless Transport Layer Security (WTLS) • Provides security services between the mobile device (client) and the WAP gateway • Data integrity • Privacy (through encryption) • Authentication (through certificates) • Denial-of-service protection (detects and rejects messages that are replayed)
WAP Gateway Architecture Application Servers HTTP/SSL Wireless Gateway WTLS HTTP/SSL
WTLS Record Protocol • Takes info from the next higher level and encapsulates them into a PDU • Payload is compressed • A MAC is computed • Compressed message plus MAC code are encrypted using symmetric encryption • Record protocol adds a header to the beginning to encrypted payload
Alert Protocol • Convey WTLS-related alerts to the peer entity • Alert messages are compressed and encrypted • A fatal warning terminates the connection (i.e. incorrect MAC, unacceptable set of security parameters in the handshake • Certificate problems usually cause a non-fatal error
SSL vs. WTLS • Datagram support ( UDP) • Expanded set of alerts • Optimized handshake – 3 levels of client/server authentication • New Certificate Format – WTLS certificates are small in size and simple to parse • Support client identities • Additional cipher suites – RC5, short hashes • Explicit shared secret mode
Sensor Network What is it?
What and Where/When • What? • Low cost, low power, multi-functional sensor nodes • Communicates within short distances • Enabled by MEMS, wireless, and digital electronics • Where: • Military, health, environmental
Ad hoc Networks vs. SNs • Number of nodes several orders larger • Densely deployed • More prone to failures • Dynamic topology (frequent changes) • SNs use broadcasts instead of PP • Power, CPU, and memory limitations • No global IDS
Applications • Military • c4ISRT, NBC detection etc. • Environmental • Forest fire, bio-complexity analysis, flood detection • Health • Tele-monitoring, tracking, drug admin. • Commercial • Environmental control of office buildings • Potential for $55B/year saving &, reduction of 35 mmt of CO2 emission • Detection of vehicle thefts (Not Really SensorNets..) • Inventory control (Mostly RFIDs not nets)
Design Goals • Fault tolerance • Scalability • Cost ~= $1/node • (what do batteries cost? ) • Hardware constraints • Transmission constraints • Power constraints • SWAP (Size Weight and Power) critical for military apps
Sensor Networks Overview • Sensor Nodes • Sensor networks are made up of large number of ad hoc sensor nodes • Power supply • Memory • Sensing hardware • Data processing • Communication components
Sensor Networks Overview (cont.) • Sensor networks communication architecture • Sensor nodes and sink node (Monitoring Station) • Each of these scattered sensor nodes has the capabilities to collect data and route data back to the Monitoring Station
Sensor Networks Overview (cont.) • Procedure • The source starts transmitting data packets toward the sink (a) • When a node joins the network it starts transmitting and receiving packets and sending a neighbor announcement message (b) • When the process completes, the group of newly active neighbors that have joined the network make the delivery of data from source to sink more reliable (c) • Self-organizing sensor networks topology • Alberto Cerpa and Deborah Estrin 2002
Sensor Networks (cont.) • 4 State transitions of sensor nodes When a node starts, it initializes in theteststate; it sets up a timer Tt. When Tt expires, the node enters the active state; Before Tt expire, the number ofactiveneighbors > the neighbor threshold (NT),the node moves to passive state; When a node enters the passive state, it sets up a timer Tp. When Tp expires, the node enters thesleep state. Before Tp expire, , the number of neighbours is < NT(…), the node moves to teststate; When a node enter thesleep turns the radio off, sets a timer Ts and goes tosleep.When Ts expires, the node moves intopassive state.
Area Monitoring • Jean Carle et al paper, 2003 • 3 sub problems for area monitoring • Select sensors that are needed for area coverage, other sensors to sleep mode - to reduce the number of sensor needed to monitor the area to extend network life; • Construct broadcasting tree from monitoring station to all active sensors: minimum energy broadcasting or dominating set based; • Sensors report events to monitoring station using reverse broadcast tree.
Area Coverage - Algorithm 1 • Ye, Zhong,Chen, Lu, Zhang 2003 • A sensor sleeps for a while, then decides to be active iff there is no active sensor closer than a threshold distance • Onceactive, it remains active until life ends • Non-active periodically reevaluates decision • High probability of full coverage if threshold < ≈ 0.3 sensing radius • The disadvantage • Probabilistic not ensure the full coverage
Area Coverage - Algorithm 2 • Tian 2002 • Each sensor knows position of all neighbors • If neighbors cover its sensing area then sensor sends withdrawal message after timeout = negative acknowledgement (goes to sleep mode) • Otherwise, remain active • Repeats periodically • Neighbor sensors may disappear without notice • Covering sensors may not be connected • Require priori knowledge of all neighboring nodes
Area Coverage - Algorithm 3 • Carle, Simplot, Stojmenovic, 2003 • Area dominating set algorithm • Covered = active neighbors are connected and together cover its sensing area • If not covered at end of timeout then send positive ack, otherwise send negative ack • Positive and negative ack variant • Positive only acks variant (shorter network life) Central node decides to be non-dominant (sleep) Central node decides to be dominant (active) (area is covered by active neighbors but these neighbors are not connected)
Area Coverage - Algorithm 3 (Cont.) • The Election of Covering Nodes E.g. Nodes 0,1,2,3,4 are active,Node 5 decides to be inactive • If node 5 does not announce its deactivation, • Node 6 decides to be active • Else, node 5 announce its status • Node 6 decides to be inactive • Negative ack may reduce the number of active sensors (prolong network life) • Experiments show that “positive and negative ack” leads to four times smaller area dominating sets than “positive only ack” for dense networks.
Broadcasting - Monitoring Station to Sensors • Distribute requests from monitoring station to the whole sensor nodes • Broadcasting is a common and important operation for route finding, information dissemination or request diffusion • Research on energy efficient broadcast protocols • Aim at reducing the number of sensors which participate in broadcasting
Broadcasting Tree (I)- Monitoring Station to Sensors • F.Dai and J.Wu, 2003 • Dominant punning scheme • Applied on area dominant set • The dominant punning method is the same process as constructing area dominant set • 20% reduction with most of saving the border of monitored area according to the experimental data
Broadcasting Tree (II)- Monitoring Station to Sensors • A.Qayyum, et al. Multipoint Relay (MPR) Protocols • Select a minimal set of one-hop neighbors that cover the same network as the complete set of neighbors • Each node find its relay set • Repeats periodically, add to the relay subset the neighboring node which covers • The list of relay nodes are attached to the retransmitted packet • Applied on area dominating sets, MPR constructs relay subsets which contain nearly all nodes
Reporting Events – Sensors to Monitoring Station • Sensor measurements – sensors report only important information (data aggregation) • Spanning tree induced by flooding over area dominating set (reduce the number of sensors and energy saving)
Management • Ruiz, L.B, et al, 2003 • Three-layer sensor networks management architecture • Service - Executed by a set of function; • Management functions - Five possible states: ready, not-ready, executing, done, and failed; • Wireless sensor networks Models – Dynamic in time
Management (cont.) Sensor nodes differ in their hardware physical capabilities • Manager –Collects and distribute information from all agents and controls the entire networks • Sink node–Host an intermediate manager • Agent – Raise some questions related to the location nodes
Management (cont.) Agents in hierarchical homogeneous • Manager - Collects and distribute information from all agents and controls the entire networks • Agent - Raise some questions related to the location nodes • Cluster-head - Response for sending data to a base station; execute correlation of management data (no sink node) • Base Station- Connect, communicate and secure networks
Sensor Network Security • What do we mean by sensor network security? • Conventional view of security from cryptography community: cryptographically unbreakable design in practical sense • Network Reality: very few security breaches in practice are to exploit flaws in cryptographic algorithms; side channel attacks • Malicious versus selfish (DoS vs. resource gobbler) • Security v.s. robustness, fault tolerance, resiliency • Security is not a black/white world, it is progressive • We must secure entire networked system, not just an individual component • Solutions must be robust/adapt to new threats as much as possible