1 / 15

Pair-wise path key establishment in wireless sensor networks

Pair-wise path key establishment in wireless sensor networks. Authors: Jang-Ping Sheu and Jui-Che Cheng Sources: Computer Communications, 2007, article in press. Reporter: Chun-Ta Li ( 李俊達 ). Outline. Motivation Pair-wise path key establishment protocol Comments. 2. 2. Motivation.

saskia
Télécharger la présentation

Pair-wise path key establishment in wireless sensor networks

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Pair-wise path key establishment in wireless sensor networks Authors:Jang-Ping Sheu and Jui-Che Cheng Sources: Computer Communications, 2007, article in press. Reporter: Chun-Ta Li (李俊達)

  2. Outline • Motivation • Pair-wise path key establishment protocol • Comments 2 2

  3. Motivation • Pair-wise key establishment using multiple node-disjoint paths • Weakness of single communication path • A node is compromised along the path • Byzantine attack (alter, inject, spoof, or sniff packets) • stop forwarding attack Compromised KS,D … I2 I1 S D Im intermediate nodes

  4. Motivation (cont.) • An example of multi-path key establishment with the (3, 4) secret sharing scheme • Malicious node detection and identification procedure

  5. (a,b) ∪ .N = G(x,y) (x,y)=(1,1) Pair-wise path key establishment protocol • Group-based key pre-distribution .g = a*b hexagonal grids .G(x,y): a group of sensors .c = N/g .G(x,y) includes sensors with IDs from c((x-1)b+y-1)+1 to c((x-1)b+y) Assume that each group has 100 sensor nodes, a=10, and b=5, the G(2,3) has sensor nodes with IDs from 701 to 800.

  6. Pair-wise path key establishment protocol (cont.) • Establish a pair-wise key with neighbors ID, Group ID A B ID, Group ID KAB = KAB1∪KAB2 ∪ KAB3 1 EKA1(KAB1) EK1B(KAB1) 2 EKA2(KAB2) EK2B(KAB2) 3 EKA3(KAB3) EK3B(KAB3) assistance neighbors

  7. Pair-wise path key establishment protocol (cont.) • End-to-end path key establishment (SD) hm hm A B C hm hm RREQ RREQ E F G D S hm hm h0 = x and hm=H(hm-1) H I J hm hm

  8. Pair-wise path key establishment protocol (cont.) • End-to-end path key establishment (DS) A B C RREP RREP E F G D S H I J .The node IDs of the entire path are included in the RREP .Each intermediate node will record the next one-hop and next two-hop neighboring nodes in its routing table .Each intermediate node will check to see if it has a pair-wise key with its next two-hop node

  9. Pair-wise path key establishment protocol (cont.) • Malicious node detection and identification procedure KSD = KSD1∪KSD2 ∪ KSD3 KSD1 KSD1 A B C KSD1 KSD1 KSD2 KSD2 KSD2 KSD2 E F G D S KSD3 KSD3 KSD3 KSD3 H I J KBC{KSD1, hm-1,MAChm-1{KSD1}} KSA{KSD1, hm-1, MAChm-1{KSD1}} KAC{KSD1, hm-1,MAChm-1{KSD1}} KSB{KSD1, hm-1,MAChm-1{KSD1}} KBD{KSD1, hm-1,MAChm-1{KSD1}} D A B C S KAB{KSD1, hm-1,MAChm-1{KSD1}} KCD{KSD1, hm-1,MAChm-1{KSD1}} KSB{KSD1, hm-1,MAChm-1{KSD1}} KBD{KSD1, hm-1,MAChm-1{KSD1}} KAC{KSD1, hm-1,MAChm-1{KSD1}}

  10. Pair-wise path key establishment protocol (cont.) • Key disclosure request (ReqKey) odd path KEC{ReqKey} even path KEB{ReqKey} odd path KSA{hm-2} even path KSB{hm-2}

  11. Comments • Compromised node attacks • conspiracy attacks • The pair-wise path key can be derived if there are t intermediate nodes in t different routes • without perfect forward secrecy • Impersonation attacks • Lack of mutual authentication between source and destination node • Lack of anonymity between source and destination node

  12. Comments (cont.) G, P: a subgroup of elliptic curve group E(Fp) and its generator point P whose order is a large prime number q over E(Fp) • Deployment phase sink node 2 sensor Store credential ci = h(Ki||IDi||Ti||Li), IDi, Ti, and Li in sensor node 3 1 4 1. SensorSink node: (IDi,Ti,Li,M1) M1= cir1P 2. Sink nodeSensor: (M2,M3) M2= r2P , M3=h(IDs||r1P||M2||sk=r1r2P) Back-end system 3. SensorSink node: (M4) M4= h(IDi||IDs||sk=r1r2P)

  13. Comments (cont.) • Credential update sink node 2 sensor 3 1 4 1. Sink nodeSensor: (ci’,Ki’,Ti’,Li’) sk New credential ci’ = h(Ki’||IDi||Ti’||Li’) Back-end system

  14. Comments (cont.) • Intra-group communication 1. Sensor ASink node: (IDA,IDB,M1) M1= EskA[rxP] sink node 2. Sink nodeSensor A: (M2,M3) S M2= EskA[ryP] , M3=EK[IDS||IDA||IDB||rxP||TicketAB||TK||TL] A B K= rxryP , TicketAB=EskB[IDA||IDB||TK||TL] 3. Sensor ASink node: (MAC(K;ryP)) 4. Sensor ASensor B: (IDA,IDB,TicketAB,raP,MAC(TK;raP)) 5. Sensor BSensor A: (ETK[rbP], MAC(SKAB;rbP)) SKAB= rarbP 6. Sensor ASensor B: (MAC(SKAB;raP))

  15. Comments (cont.) • Inter-group communication 1. Sensor ASink node: (IDA,IDB,M1=EskA[rxP]) 2. Sink nodeSensor A: (M2,M3) sink node M2= EskA[ryP] , M3=EK[IDS1||IDA||IDB||rxP||TicketAB||TK||TL] S1 K= rxryP , TicketAB=EPSK[IDA||IDB||TK||TL] A 3. Sensor ASink node: (MAC(K;ryP)) 4. Sensor ASensor B: (IDA,IDB,TicketAB,raP,MAC(TK;raP)) 5. Sensor BSink node: (IDB,TicketAB,M4=EskB[rx’P]) 6. Sink nodeSensor B: (M5,M6) S2 M5= EskB[ry’P] , M6=EK’[IDS1||IDS2||IDA||IDB||rx’P||TK||TL] 7. Sensor BSink node: (MAC(K’;ry’P)) B 8. Sensor BSensor A: (ETK[rbP], MAC(SKAB;rbP)) 9. Sensor ASensor B: (MAC(SKAB;raP))

More Related