1 / 67

Wireless Sensor Networks

sherise
Télécharger la présentation

Wireless Sensor Networks

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

    1. Wireless Sensor Networks

    2. Wireless Sensor Networks Previous Lecture Current Model of Programming WSNs NesC, C, Assembly, Zigbee Stack on bare metal Virtual Machines Mate Database Centric TinyDB Macro-programming Regiment File System Centric Unix, Plan 9, Inferno

    3. Wireless Sensor Networks Thought for the Day

    4. Wireless Sensor Networks Outline of This Lecture Need for security Attacks on WSNs How to exploit them? Challenges in WSN Security

    5. Wireless Sensor Networks Sensor Networks are Here! Burglar alarm in museum Semiconductor fabrication plant Chemical manufacturing plant, oil refinery Biology measurements Structural health monitoring What if anyone had access to this sensitive data?

    6. Wireless Sensor Networks Security: Why? Vitek Boden Arrested in Queensland, Australia on April 23, 2000 Found guilty of computer hacking Took control of municipal water system Dumped ~1 million liters of raw sewage into local waterways and parks Who cares if someone steals the temperature data? Ummm nobody?

    7. Wireless Sensor Networks Example: Hotel Sensor Network Every room is equipped with a sensor node measuring light intensity, temperature, and humidity Applications Determine occupancy to direct fire fighters Detect energy drainage caused by open windows Detect water leaks Detect break-ins Detect fire

    8. Wireless Sensor Networks Private Information Disclosure Much private information is leaked by temperature, humidity, and light measurements Light intensity readings may reveal: Shadows cast onto sensor can reveal information about motion of people Fine-grained light intensity values can reveal TV channel Humidity readings may reveal: Presence of people People talking Alcohol consumption

    9. Wireless Sensor Networks Need for Security? Hotel sensor network simply sends all sensed information over wireless network to base station, without using encryption Security not necessary, right? Wrong!

    10. Wireless Sensor Networks Security is Important! Even for seemingly benign hotel application, security is crucial Privacy risks Burglars can figure out room occupancy Pranksters can fake fire alarm Some may argue that same issues exist without sensor network Can easily listen on door, try to spy through window However, sensors make large-scale attacks trivial! Wireless Sensor Networks Easily obtain instant information about entire hotel

    11. Wireless Sensor Networks Importance of Security in Sensor Applications Manufacturing applications: prevent competitor from detecting production volumes or potential manufacturing problems Pollution monitoring: prevent data tampering Healthcare applications: privacy! Power grid surveillance: prevent malicious data injection SCADA networks: can blow up refineries, chemical plants

    12. Wireless Sensor Networks A Quick Tutorial of Encryption

    13. Wireless Sensor Networks Some definitions ???pt?? krypts "hidden," and the verb ???f? grfo to write" Cryptology: the study of communication over non-secure channels, and related problems Cryptography: the process of designing secure communication over channels Cryptanalysis: Analysis of cryptographic codes, and the methods to break them Coding theory: ensures that received message is the correct one.

    14. Wireless Sensor Networks The basic setup TRIVIA: Alice and Bob. Generally, Alice wants to send a message to Bob. These names were used by Ron Rivest in the 1978 Communications of the ACM article presenting the RSA cryptosystem, and in A Method for Obtaining Digital Signatures and Public-Key Cryptosystems published April 4, 1977, suggested by others.

    15. Wireless Sensor Networks The basic setup

    16. Wireless Sensor Networks Basic Elements Plaintext: original message with no transformation Ciphertext: plaintext message after modification to obscure it from normal usage and readability encryption converts plaintext into ciphertext decryption converts ciphertext into plaintext Cryptographic algorithm: mathematical operation used to convert plain text into ciphertext Key: secret key used to encrypt or decrypt the message good algorithms: NOT necessary to keep the algorithm secret!

    17. Wireless Sensor Networks Eves goals Read the message Find the key and read all the messages Corrupt Bobs message into another message Masquerade as Bob, and communicate with Alice, who thinks she is communicating with Bob

    18. Wireless Sensor Networks Eves possible attacks Ciphertext only Known plaintext: Eve knows both Plain and ciphertext Chosen Plaintext: Eve has access to the encryption machine Chosen ciphertext: Eve gains access to the decryption machine

    19. Wireless Sensor Networks Kerchoffss Principle In assessing the security of a cryptosystem, one should always assume the enemy knows the method being used The security of the system will depend exclusively on the key and not on the obscurity of the algorithm Two types of keys: Private or symmetric keys Public keys

    20. Wireless Sensor Networks Breaking a Cryptographic Algorithm Crypto-analysis: trace patterns based on plaintext to re-generate key good algorithms generate noisy ciphertext with no discernible patterns Brute-force guessing: keys longer than 128-bits (1038 possibilities) are considered to be acceptable

    21. Wireless Sensor Networks Private or Symmetric Key Systems Private or symmetric key systems rely on symmetric encryption algorithms where information encrypted with a key K can only be decrypted with K. communicating parties share a cryptographic key or password also called a secret. The key should never be transmitted

    22. Wireless Sensor Networks Type of ciphers Stream ciphers: data are fed into algorithm in small pieces (bits) and the output is made of corresponding small pieces Easy to break Not used anymore Block ciphers: a block of input bits is collected and fed into an algorithm and the output is a block of bits Increased security Used in symmetric key cryptography

    23. Wireless Sensor Networks Symmetric Cryptography Secret key is exchanged via some other secure means (hand-delivery, over secured lines, pre-established convention) Examples: Data Encryption Standard (DES) from the 70s 56-bit keys and encryption is done in 64-bit blocks uses cipherblock chaining: encryption of each block depends on the contents of the previous one can be broken! Triple DES, DESX, GDES and RDES decrease the risks of DES by using longer keys message is encrypted with one secret key, next decrypted with a second secret key, and finally encrypted again with the first secret key equivalent to 112-bit keys

    24. Wireless Sensor Networks Symmetric Cryptography (cont.) RC2, RC4 and RC5 proprietary algorithms proposed by RSA Data Security Inc. variable-length keys as long as 2048 bits algorithms using 40-bits or less are used in browsers to satisfy export constraints IDEA (International Data Encryption Algorithm, patented) 128-bit secret key, more secure than unmodified DES used in email encryption software such as PGP and RSA Blowfish unpatented symmetric algorithm; uses a variable-length key up to 448 bits long becoming popular in many commercial and freeware encryption products

    25. Wireless Sensor Networks Advanced Encryption Standard (AES) New standard chosen by NIST in 2000 Came into effect in 2002 Most used symmetric key cryptographic system AES has a fixed block size of 128 bits and a key size of 128, 192 or 256 bits More secure than DES Fast, easy to implement, requires little memory

    26. Wireless Sensor Networks Limitations of Symmetric Cryptography Parties that have not previously met cannot communicate securely what about spontaneous communications on the internet Many people need to communicate with a server (many-to-one communications) cannot keep server key secret for long Once the secret key is compromised, the security of all subsequent messages is suspect and a new key has to be generated Authentication service must know private key privacy implications---someone else knows your key two possible points of attack changing authentication service requires a new key

    27. Wireless Sensor Networks Public Key Cryptography Idea: each player has a pair of keys, one is published (called the public key) and the other is secret (called the private key) Encryption: use the players public key Decryption: only the player with the private key can decrypt Signature: encrypted using a private key, everyone else could verify it using the public key Was a revolution in cryptography first suggested by Diffie-Hellman

    28. Wireless Sensor Networks Examples of Public Key Algorithms RSA (named for its inventors Ronald Rivest, Adi Shamir and Leonard Adelman) patented by RSA Data Security Inc. basis for all Web and secure e-mail software variable key lengths ranging from 512 to 1024 bits El Gamal (named for its inventor, Taher El Gamal) variable key-lengths ranging from 512 to 1024 bits

    29. Wireless Sensor Networks Properties of Public Key Algorithms These algorithms are based on computationally intensive problems such as finding the prime factors of large numbers. Longer the length of the key pair, the more time it takes to compute the private key Keys used in todays internet will take millions of years to crack using todays technologies

    30. Wireless Sensor Networks Public Key Problems Keys are usually very long and encryption is expensive RSA encryption is a 1000 times slower than typical symmetric algorithms hard to remember secret key - where do you store it? typically only used for authentication, then a random key and a symmetric encryption algorithm is used for subsequent communication Multicast is problematic Better to authenticate using public key algorithm, then use random key with symmetric algorithm How do you know you have the right public key for a principal? Public key is usually distributed as a document signed by a well known and trusted certification authority (e.g. Verisign). This is called a certificate. How do you determine if signature is up-todate?What if the key has been compromised?

    31. Wireless Sensor Networks Properties of Public Key Cryptosystems They are slow, really slow! three orders of magnitude slower than DES mainly used as key exchange tool Scientists are supposed to be real smart and love to solve difficult problems but even they hope to never solve factoring if you can find a quick solution, fame, dollars and perhaps even danger lurk!

    32. Wireless Sensor Networks Public vs Private Key Systems Private key: + encryption is fast identity is not easily portable across authentication services secret key must be held by server + good for structured, organizational security Public key: encryption is slow + identity is inherently portable + secret key need not ever be revealed + provides digital signatures + good for individuals in loosely structured networks

    33. Wireless Sensor Networks Common Key Establishment Key Agreement Every pair agrees on a key (public key exchange) Completely decentralized Authentication problem (Alice is not Alice), need a trusted entity Computationally expensive Key distribution (Blom Key Pre-distribution scheme) The keys are distributed to users Easier to implement Requires a trusted source to manage the process Bound produce to bottlenecks

    34. Wireless Sensor Networks Key Agreement Allows two parties to agree on a shared key Provides part of the required secure channel for exchanging a conventional encryption key

    35. Wireless Sensor Networks Hash Functions Creates a unique fingerprint for a message Anyone can alter the data and calculate a new hash value Hash has to be protected in some way

    36. Wireless Sensor Networks Message Authentication Codes (MACs) Adds a password/key to a hash

    37. Wireless Sensor Networks Now, lets return to our original programming

    38. Wireless Sensor Networks Threats to WSNs Attacker Model: Outsider Attack: attacker is not part of the network Eavesdropping, replay, block, modify, forge Jamming Disable sensor nodes by exhausting its resources Tamper, destroy nodes Insider Attack: attacker is part of the network (compromised or intruder) Runs malicious code Compatible radio Authorized to participate in the sensor network Knows the key and is authenticated

    39. Wireless Sensor Networks Security Requirements Robustness against Outsider Attacks: Standard cryptographic techniques can be applied Resource constraints and spatial distribution make the problem not trivial Detection of failed nodes Resilience to Insider Attacks Ensure graceful degradation Develop intruder detection algorithm Revoke key Ostracize from the network Reconfiguration

    40. Wireless Sensor Networks Security Requirements Data Authentication Necessary to detect maliciously injected packets Provides data integrity Does not provide solution to Insiders attacks Data Secrecy Effective against eavesdropping Cryptographic techniques Encryption function Shared key Insiders attack prove more difficult to counter Use multiple range of the of keys limit the attack

    41. Wireless Sensor Networks Security Requirements Availability: Preserve functionality of nodes during their lifetime Jamming, Denial of service attacks affect availability Service Integrity Localization, data aggregation, estimation, control can all be affected by both insider and outsider attacks

    42. Wireless Sensor Networks Sensor Security Requirements

    43. Wireless Sensor Networks Sensor Security Requirements

    44. Wireless Sensor Networks Sensor Security Requirements

    45. Wireless Sensor Networks Generic Attacks Need to defend against generic attacks Denial-of-service attacks Battery-drainage attacks Sybil attacks Node replication attacks

    46. Wireless Sensor Networks Sensor Network DoS Attacks What sensor network resources are susceptible to DoS attacks? Energy! Sensor nodes run off a battery, usually node unavailable after battery drained Communication: especially since communication requires much battery energy Computation: slow processor makes many operations expensive Digital Signature (RSA 1024): ~10s generation, ~1s verification However, computation is much cheaper than communication: sending/receiving 1 bit requires as much energy as executing Wireless Sensor Networks 10,000 instructions!

    47. Wireless Sensor Networks Attacker Assumptions Attacker launches external and internal attacks External attack: attacker introduces additional nodes into sensor network, but does not know any cryptographic material Internal attack: attacker physically compromises sensor nodes and extracts all cryptographic keys Discussion: how realistic is physical compromise and what countermeasures can we apply against tampering?

    48. Wireless Sensor Networks Sensor Network DoS Attacks Analyze DoS attacks based on protocol layer Physical layer Link layer Network layer Transport layer Application layer

    49. Wireless Sensor Networks Physical Layer DoS Attacks External attacker can easily perform jamming attacks To jam communication, an attacker continuously sends or produces a signal, interfering and preventing standard communication Countermeasures Frequency hopping Spread spectrum communication Map jammed region and route around Consider attacker who jams with a compromised node, what are issues? Regular jamming will quickly drain battery Smart jamming only sends quick interference bursts to conserve battery energy

    50. Wireless Sensor Networks Link layer DoS Attacks Many attacks are possible on specific implementation of Medium Access Control protocol (MAC not to be confused with MAC) Packet collision attack is type of jamming Instance of smart jamming, short burst partially corrupts packet causing checksum computation to fail Exploit MAC layer protocols RTS/CTS: Single CTS packet prevents other nodes from communicating Backoff timers make DoS increasingly cheap Countermeasures Short frames result in less damage Authentication of all MAC-layer messages

    51. Wireless Sensor Networks Network & Transport Layer DoS Routing and forwarding provide for ample opportunities to perform DoS attacks Suggestions?

    52. Wireless Sensor Networks Application layer DoS Attacks Many applications susceptible to resource consumption attacks Any expensive operation can be exploited, e.g., signature generation or verification Mechanisms to increase efficiency for higher importance requests are often susceptible General DoS countermeasures (all layers) Rate limiting at all levels Authentication of all messages Require consensus/voting to limit effect of DoS to local neighborhood

    53. Wireless Sensor Networks The Sybil Attack The multiple identities attack Relevant in many wired and wireless contexts Voting Resource allocation Trust establishment

    54. Wireless Sensor Networks The Sybil Attack

    55. Wireless Sensor Networks Multi-path Routing

    56. Wireless Sensor Networks

    57. Wireless Sensor Networks Voting

    58. Wireless Sensor Networks Voting

    59. Wireless Sensor Networks Voting

    60. Wireless Sensor Networks

    61. Wireless Sensor Networks Sybil Attack Defenses Resource Testing, Douceur(IPTPS02) Computation Storage Communication

    62. Wireless Sensor Networks Standard Security Protocols Why not simply leverage standard security protocols? SSL/TLS, SSH, IPsec work just fine. Challenge: severe resource constraints! Limited battery lifetime Limited processing Limited memory capacity Asymmetric cryptographic operations may require on the order of seconds Sensor deployed in unprotected areas without tamperproof hardware

    63. Wireless Sensor Networks Sensor Nets vs. Ad Hoc Nets

    64. Wireless Sensor Networks Sensor Network Advantages Seems like sensor network security is quite impossible? Fortunately, sensor networks have features that support security Large-scale: time-consuming to physically compromise large fraction of nodes High redundancy: tolerate small fraction of compromised nodes Approximate results ok Single deploying entity, single trust domain

    65. Wireless Sensor Networks Ideal Secure Sensor Network Assume commodity low-cost sensors Provide simple configuration and maintenance Tolerate installation errors by non-expert installer Provide availability of application, integrity and secrecy of information, even if attacker compromises and controls fraction of sensor nodes

    66. Wireless Sensor Networks Secure Node-to-Node Communication Most basic security primitive is secret and authentic node-to-node communication Message encryption achieves secrecy Message authentication code achieves authenticity Assumptions Trusted base station Communicating nodes share secret key Approaches SPINS SNEP TinySec ZigBee MiniSec

    67. Wireless Sensor Networks Summary of Lecture Importance of security in Sensor Networks Crash course in cryptography Threat models Types of attacks

More Related