Li Tie Yan

1
Infocomm security Lab. of ICSD at I2R
Security in Sensor network (Research issues)
Li Tie Yan InfoComm Security Department
(ICSD) Institute for Infocomm Research
(I2R) 19th, Jul. 2004
2
Outline

• Sensor constraints
• Security map of sensor network
• Research issues
• Light weight crypto-algorithms
• Security (attacks) analysis on distributed
  sensor network
• Key management schemes for distributed
  sensor network
• Other issues
• Secure location (context aware security)
• Secure data fusion (secure information
  aggregation)
• Challenges

3
Sensor constraints

• Light weight crypto-algorithms
• Goal Point-to-Point authentication and
  encryption not relying on hardware.
• Constraint Based on TinyOS of Berkeley Mote
  (Mica Motes feature a 4MHz processor, 128K of
  program space 4k RAM, 36 byte packets, and
  run on 2 AA batteries).
• Light-weight Less overhead per packet
  (conventionally, the overhead is 16 byte).
• Assumption Keys are pre-distributed and shared
  by sensors (simplest solution).
• Analysis Cryptanalysis, attack analysis
• Attacks TinyOS Bless protocols (suffer Bogus
  routing information, selective forwarding,
  sinkholes, Sybil, wormholes, HELLO floods)

• Related works
• 802.15.4, New standard supported by ChipCon 2240
  (Zigbee).
• TinySec, Link layer encryption mechanism of U.C.
  Berkeley

4
Security map
5
Security map
6
TinySec related researches

• TinySec related approaches
• TinyPK Authentication and DH key exchange
  (BBN).
• TinyCrypt ECC key exchange (Harvard Univ.)
• Light-weight key management Key exchange,
  group management, key revocation (SRI).
• Securesense Dynamic security service
  composition (UMASS).
• PKC Public key crypto in sensor. (WPI)
• SenSec (I2R)
• Others Many efforts in Industry

7
Research issues

• Attacks on sensor networks
• Denial of Service, by Wood et al. in IEEE
  Computer2002.
• Routing security, by Karlof et al. in 1st IEEE
  workshop SNPA03.
• Sybil attack, by Newsome et al. in ACM IPSN04.
• Key management schemes
• Key management, by Eschenauer et al. in ACM
  CCS02.
• SPINS, by Perrig et al. in Wireless Networks
  Journal (WINE), 2002.
• Random Key Assignment, by pietro et al. in ACM
  SASN '03.
• Establishing Pairwise Keys, by Liu et al. in ACM
  CCS03.
• LEAP, by Zhu et al. in proc. of ACM CCS03.
• Pairwise Key Pre-distribution, by Du et al. in
  ACM CCS03.
• Random Key Predistribution, by Chan et al. in
  IEEE SP03
• Deployment knowledge, by Du et al. in IEEE
  INFOCOM'04.

8
Other issues

• Location aware security (a problem of context
  aware security)
• Privacy-Aware Location, Gruteser et al. in
  USENIX HOTOS IX, 2003.
• Location-Based Pairwise Key Establishments, Liu
  et al. in ACM SASN '03.
• Location claims, by Sastry et al. in ACM
  WiSe03.
• Data fusion security (a problem known as False
  data injection)
• SIA, by Przydatek et al. in proc. of ACM
  SenSys03.
• Secure aggregation, by Hu et al. in workshop on
  security and assureance in Ad hoc Networks, 2003.
  
• Witeness, by Du et al. in proc. of IEEE
  GLOBECOM03.
• SEF, by Ye et al. in proc. of IEEE INFOCOM04.
• Integrity protection, by Vogt et al. in
  technical report no. 434, ETH Zrich.
• IHA, by Zhu et al. in proc. of IEEE SP04.
• uTESLA, by Perrig et al. in proc. of ACM
  Mobicom01.
• LEAP, by Zhu et al. in proc. of ACM CCS03.

Authentication based
9
Challenges

• Software only cryptography (best balance of
  security and performance, PKC)
• Efficient key management (support random key
  pre-distribution, PKC)
• Robust multi-hop routing protocols (against node
  compromise DoS attacks)
• Location aware security (or context aware
  security)
• Secure and resilient aggregation (towards False
  data injection)
• Secure data centric storage (secure indexing,
  secure overlay)

10
Collaboration
http//www.i2r.a-star.edu.sg/icsd/SecureSensor/
Key management, Calling for
Collaboration on PKC, Location
aggregation If you have passion on designing
symmetric/asymmetric crypto/security mechanisms
for wireless/constrained devices, lets do sth.
Interesting!
Thank you! Q A