1 / 22

A New Approach for Establishing Pairwise Keys for Securing Wireless Sensor Networks

A New Approach for Establishing Pairwise Keys for Securing Wireless Sensor Networks. Arno Wacker, Dept. of D.S, University Stuttgart (SenSys ’05). Sep. 19 th , 2006 Kim, Chano. Contents. Introduction System modeling and Requirements Multi-path key establishment

tocho
Télécharger la présentation

A New Approach for Establishing Pairwise Keys for Securing Wireless Sensor Networks

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. A New Approach for Establishing Pairwise Keys for Securing Wireless Sensor Networks Arno Wacker, Dept. of D.S, University Stuttgart (SenSys ’05) Sep. 19th, 2006 Kim, Chano

  2. Contents • Introduction • System modeling and Requirements • Multi-path key establishment • RKEP : The Recursive Key Establishment Protocol • Related work • Conclusion and future work A New Approach for Establishing Pairwise Keys for Securing W.S.Ns

  3. Introduction • Securing is crucial factor for home automations • Invade an individual’s personal life (ex. Breaking into private home) • Encryption is basic technique for securing communications • Require keys to be exchanged before secret communications • In this paper, • A secure key exchange scheme especially geared toward resource constrained environments like wireless sensor networks • Decentralized key distribution scheme avoids a single point of trust • Even if a device is subverted, the key exchange for the remainder of the network remains functional A New Approach for Establishing Pairwise Keys for Securing W.S.Ns

  4. System model & Requirements • Assumption • Consists of sensors, each with own processor and memory • Communicate over an insecure wireless channel (only eavesdropping) • Transport layer mechanism that recovers from packet loss • The number of devices is not predetermined • Not consider device failures or byzantine behavior • Requirements • The key distribution scheme must be decentralized • Symmetric cryptography is used in order to deal with resource limited devices A New Approach for Establishing Pairwise Keys for Securing W.S.Ns

  5. kAE2 kAE2 kAE2 kAE1 kAE1 Multi-Path Key Establishment • Terminology • Key graph : Undirected graph g=(V,E) • V : the set of devices in the network • E : between devices where , share a symmetric key • S-node-disjoint paths : The number of S-paths between a source and a destination do not share any intermediate nodes • Key Establishment (S=2) D C E A B A New Approach for Establishing Pairwise Keys for Securing W.S.Ns

  6. Multi-Path Key Establishment • Problem : Finding node-disjoint paths is not trivial • Each node has complete knowledge of the key graph • Reactive protocol • Run a path discovery protocol every time a key exchange takes place E.X) Distance Vector Routing Algorithm (source Routing) • Large networks have long paths between nodes, require larger memory • Overall memory needed by 2 algorithms exceeds Ω(n) • A reactive algorithm that establishes additional edges in the key graph with the intent of shortening the s node-disjoint paths to a length of 2 • Advantageous properties in terms of memory usage and network message size • Time complexity of O(kn), constant memory on each device A New Approach for Establishing Pairwise Keys for Securing W.S.Ns

  7. Query Cancel Query Established Established Query Established Established Query Cancel RKEP : Recursive Key Establishment Protocol • This protocol consists of • graph construction algorithm • key establishment protocol • Simple RKEP Example (s=2) C D Source E A Target B A New Approach for Establishing Pairwise Keys for Securing W.S.Ns

  8. RKEP • Data Structure • This : The device ID of the device running the procedure • MyDeviceList : List of all devices this device shares a key with • QueryID : triple {SourceID, TargetID, Couter} • QuerySet : A set all queries which device has seen so far and still active • Key : The QueryID of this query • EstablishedSet : set of devices which answered that share a key with target • Requesting Set : the set of all devices received from QueryID A New Approach for Establishing Pairwise Keys for Securing W.S.Ns

  9. RKEP • Reaction on receiving a KeyEstablishmentQuery-message A New Approach for Establishing Pairwise Keys for Securing W.S.Ns

  10. RKEP (5/11) • RKEP Deadlock Target J I H E G F D C A B • To avoid this, a device has at least s neighbors that already share a key with target device A New Approach for Establishing Pairwise Keys for Securing W.S.Ns

  11. S = 2, planar graph composed of triangles • S = 3, tetrahedrons in 3D • S = arbitrary, S+1 Fully Connected clique S+1 3-clique S+1 : S - Connector S+1 2-Connector S+1 S+1 S+1 S+1 RKEP (5/11) • Key Graph Construction Algorithm consists of two methods • Adding a new node to a (possibly empty) key graph • Removing a node from a key graph while preserving properties • Adding a Device to the Network (s=2) A New Approach for Establishing Pairwise Keys for Securing W.S.Ns

  12. RKEP (5/11) • Removing a Device from the Network • A device from the key graph makes all arrangements before leaving • Preserving the s-connected property, (s+1)-clique • Preserving the s-connected key graph • Pretend that device to be removed had never been there in the first place Vb1 Vb2 Vb3 Vbn B - after Vj Vj A-set : During construction Va1 Va2 Va3 Van A New Approach for Establishing Pairwise Keys for Securing W.S.Ns

  13. Request Neighbor list (B,C) G E Leaving (B,C) C F B A H RKEP (5/11) • Removing a device from the network (s=2) E G D C F B A H A New Approach for Establishing Pairwise Keys for Securing W.S.Ns

  14. Practical consideration “ How can this structure be generated in a practical setting ?” • User-driven Introduction : Balance the amount of keys D A Out of band New device Send (IDB,IDC) B C Out of band key establish with C by user • Master Programming Device : primary target of attack D A New device Send (IDB,IDC) C Master device generate a uinque key A unique key with each device Master Device A New Approach for Establishing Pairwise Keys for Securing W.S.Ns

  15. Practical consideration • Automatic Key Establishment : Balance the amount of keys • User establishes new keys with s randomly en devices of the network D A B C User RKEP New device • Having established new keys with a correct s-connector, the initial keys exchanged by the user can be removed. A New Approach for Establishing Pairwise Keys for Securing W.S.Ns

  16. Extended Attack Model • More realistic attacker model the analysis of the active attacker • Fail-stop attack : silently halts all functions of a device • Byzantine attack: Prevent the key distribution • Denial of Service (Physical layer : Jamming the frequency) • Introduction of redundancy • Key graph connectivity level of Z > S • F device failures with f<Z-S, S cooperating devices left • Byzantine attack: replication, voting A New Approach for Establishing Pairwise Keys for Securing W.S.Ns

  17. Network Setup Key Establishment Memory O(1) O(1) Traffic O(n) O(n) Properties and evaluation • RKEP Performance • Graph Structure “Chain”- form “Random”- form A New Approach for Establishing Pairwise Keys for Securing W.S.Ns

  18. Simulation Result (memory requirement) Memory usage on a device during key establishment Maximum memory usage on a device A New Approach for Establishing Pairwise Keys for Securing W.S.Ns

  19. Simulation Result (network traffic) Network Traffic during network setup Network Traffic during key establishment A New Approach for Establishing Pairwise Keys for Securing W.S.Ns

  20. Cryptography Need Program memory Uses Symmetric 7.15 kbyte Communication Asymmetric (ECC) 30kbyte Key Exchange Related work • Several solutions employ asymmetric cryptography • Not feasible due to delay, energy and memory constraint • Still use considerably more valuable resources • Moore’s law downward (smaller and cheaper than computation) • Random key pre-distribution is probablilistic • Decentralized approach does not address change of devices A New Approach for Establishing Pairwise Keys for Securing W.S.Ns

  21. Conclusion • In this paper • A novel, memory efficient approach for key establishment • Adjust the value of s according to the security needs • Does not consider • Extended attacker model (devices fail, malicious behavior) • In the process of • Intergrating protocols into Tiny-Sec on the Mica2 Motes • Practical experience in a realistic environments A New Approach for Establishing Pairwise Keys for Securing W.S.Ns

  22. Question A New Approach for Establishing Pairwise Keys for Securing W.S.Ns

More Related