1 / 20

Message-In-a-Bottle: User-Friendly and Secure Key Deployment for Sensor Nodes

Message-In-a-Bottle: User-Friendly and Secure Key Deployment for Sensor Nodes. Cynthia Kuo, Mark Luk, Rohit Negi, Adrian Perrig(CMU), Sensys07 2007. 11.22 Kim Taesung. Contents. Introduction Problem Definition, Assumptions and Attacker Model Protocol for Key Deployment Security Analysis

zavad
Télécharger la présentation

Message-In-a-Bottle: User-Friendly and Secure Key Deployment for Sensor Nodes

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Message-In-a-Bottle: User-Friendly and Secure Key Deployment for Sensor Nodes Cynthia Kuo, Mark Luk, Rohit Negi, Adrian Perrig(CMU), Sensys07 2007. 11.22 Kim Taesung

  2. Contents • Introduction • Problem Definition, Assumptions and Attacker Model • Protocol for Key Deployment • Security Analysis • Implementation • Radio Measurement • User Study • MIB for Multiple Nodes • Discussion • Comparison Related Work • Conclusion A Secure Group Key Management Scheme for Wireless Cellular Network

  3. Introduction • Deploying cryptographic key in a secure manner to sensor node is a prerequisite for secure sensor network. • Secure key establishment rely on a pre-existing shared secret. • TinySec, SPINS, ZigBee security. • ZigBee security provides two suggestions • Cryptographic keys could be sent in the clear. • Factory could imprint keys on sensor nodes. • Message-In-a-Bottle(MIB) • Secure mechanism for initial key setup • Four properties • No physical interfaces • Secure key deployment, wirelessly • Key deployment by non-expert • Batch deployment for multiple nodes A Secure Group Key Management Scheme for Wireless Cellular Network

  4. Problem Definition • How can a shared secret be set up between a trusted base station and each new uninitialized node? • Solution provides properties. • Key secrecy • Key authenticity • Forward secrecy • Demonstrative identification • Robust to user error • Cost effective • No public key cryptography title

  5. Protocol for Key Deployment • MIB Participants • Base Station • The base station is not directly involved with key deployment. • New Node • Three states: uninitialized, initialized, and rejected • Keying Device • The keying device sends keying information to the new node when the Faraday cage is closed. • Keying Beacon • Three purposes: 1) detect when the Faraday cage is closed; 2) jam the communication channel; 3)inform the user of outcome of the deployment. • User • The user of MIB is the person who performs key deployment title

  6. Overview of MIB Protocol Each mote has three color LEDs: Red, Green, and Blue. You will be working with three types of motes: Controller, Numbered Mote, Secret Keeper. Step 1. Verify that all three LEDs (red, green, and blue) on the Controller and the Secret Keeper are blinking simultaneously. Gently place the Numbered mote in the container. Step 2. Screw the cap on the container snugly. When no radio signals can escape the container, the Controller’s blue LED will be lit. Step 3. Wait until the Controller begins to blink its blue LED. This should take about 5 seconds. Step 4. Open the container and remove the Numbered mote. Record the result on the Results page. • If the Controller’s green LED is lit, encryption keys were successfully exchanged. • If the Controller’s red LED is lit, the key exchange process was not successful. • It does not matter what color (if any) the Numbered mote is lit. title

  7. Overview of MIB Protocol • Why is a Faraday cage insufficient? • In practice, Faraday cage is imperfect; it can not block radio signals completely. • Usability issues. • Protecting shielded messages • Faraday cage. • Messages are transmitted at minimum power. • Keying beacon jams the wireless frequency. • No spread spectrum. • The secret key is a function of all the shielded messages. title

  8. Detailed Description title

  9. Notation title

  10. Setup Keying Device and Keying Beacon title

  11. Heartbeat Messages title

  12. Deploy Cryptographic Keys title

  13. Key Activation and Verification title

  14. After Key Deployment • Initialized node M • Node identifies itself with ID M, counter c and keying device’s ID D. • Base station can generate KM • Base station possesses the master secret. title

  15. Security Analysis • Obtain Key KM through eavesdropping • Inject a malicious key onto the new node • Compromise the network by compromising the keying device • Initiate key deployment before the Faraday cage • Prevent the keying beacon from jamming during key deployment • Wait for the user to make an error title

  16. Implementation title

  17. User study title

  18. MIB for Multiple Nodes title

  19. Comparison with Related Work title

  20. Time for • Any questions? Thank you for listening ! A Secure Group Key Management Scheme for Wireless Cellular Network

More Related