1 / 28

An Efficient Scheme for Authenticating Public Keys in Sensor Networks

An Efficient Scheme for Authenticating Public Keys in Sensor Networks . Wenliang (Kevin) Du (Syracuse) Ronghua Wang (Syracuse) Peng Ning (North Carolina State). Sensors. Deploy. Wireless Sensor Networks. Sensors. Deploy. Key Distribution in WSN. Secure Channels. Existing Approaches.

jacie
Télécharger la présentation

An Efficient Scheme for Authenticating Public Keys in Sensor Networks

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. An Efficient Scheme for Authenticating Public Keys in Sensor Networks Wenliang (Kevin) Du (Syracuse) Ronghua Wang (Syracuse) Peng Ning (North Carolina State)

  2. Sensors Deploy Wireless Sensor Networks

  3. Sensors Deploy Key Distribution in WSN Secure Channels

  4. Existing Approaches • Key Pre-distribution Schemes • Eschenauer and Gligor, CCS’02 • Chan, Perrig, and Song, S&P’03 • Du, Deng, Han, and Varshney, CCS’03 • Du, Deng, Han, Chen, Varshney, INFOCOM’04 • Liu and Ning, CCS’03 • Assumption • Public Keys are impractical for WSN • We need to use Symmetric Keys

  5. Three Years Later • Has Public-Key Cryptography (PKC) became practical yet? • The answer might still be NO, but … • Recent Studies on using PKC on sensors • PKC is feasible for WSN • ECC signature verification takes 1.6s on Crossbow motes (Gura et al.)

  6. The Advantage of PKC • Resilience versus Connectivity • SKC-based schemes have to make tradeoffs between resilience and connectivity • PKC-based Key Distribution • 100% resilience • 100% connectivity

  7. Let’s Switch to PKC? • Sorry, I forgot to mention one thing: The gap between SKC and PKC is not going to change much unless a breakthrough in PKC occurs. • Computation costs • RC5 is 200 times faster than ECC • Communication costs • Signatures: ECC (320 bits), RSA (1024 bits), SHA1 (160 bits)

  8. New Focuses • My observation: We will be able to use PKC, but we will use SKC if that can save energy. • We are doing this in traditional networks • Example: session keys • Research Problem Can we reduce the amount of PKC computations with the help of SKC?

  9. Public Key Authentication • Before a public key is used, it must to authenticated • In traditional networks: we use certificates. • Verifying certificates is a public key operation • Can we do it more efficiently in WSN? • A simple way: each node carries the hash of other nodes’ public keys • Memory usage is too much (N-1 hash values)

  10. Using Merkle Trees

  11. Performance • Memory Usage • 1 + log(N) hash values (compared to N-1) • 1: the root • Log(N): the height of the Merkle tree • Computation Cost • Log(N) hash operations • Communication Overhead • If we use 160-bit SHA1 • 160 * log(N) bits • When N=10,000, cost=2080 bits, worse than PKC • We need to reduce the height

  12. Trimming the Merkle Tree

  13. A Smarter Trimming A B C

  14. Deployment Knowledge • How do we know that some nodes might more likely be neighbors than others? • Deployment knowledge model.

  15. A Group-Based Deployment Scheme

  16. A Group-Based Deployment Scheme

  17. Modeling of The Group-Based Deployment Scheme Deployment Points

  18. Trimming Strategy

  19. Deployment-based Trimming

  20. Minimize C = w0• a + w1• b + w2• c + w3• d  Subject to Finding Optimal a,b,c, and d • The optimization problem: • S: number of sensors in each deployment group • mmax: maximum amount of memory

  21. Evaluation

  22. Communication Overhead vs. Memory Usages

  23. Communication Overhead vs. Network Size

  24. Impact of Deployment Knowledge: σ

  25. Impact of Modeling Accuracy

  26. Energy consumption

  27. Comparing Energy cost with RSA / ECC Performance of authenticating public keys using various algorithms

  28. Conclusion and Future Work • Public Key Cryptography (PKC) • Will soon be available for sensor networks • Usage of PKC should still be minimized • We propose an efficient scheme to achieve public key authentication. • Future work • Optimize other PKC computations

More Related