240 likes | 382 Views
Securing Distributed Sensor Networks. Udayan Kumar Subhajit Sengupta Sharad Sonapeer. Flow. Obstacles Security requirements Attacks Defense A probabilistic approach towards key management Base Station Security. Obstacles. Very limited resources Memory, power Unreliable communication
E N D
Securing Distributed Sensor Networks Udayan Kumar Subhajit Sengupta Sharad Sonapeer
Flow • Obstacles • Security requirements • Attacks • Defense • A probabilistic approach towards key management • Base Station Security
Obstacles • Very limited resources • Memory, power • Unreliable communication • Unreliable transfer • Conflicts while broadcasts • Latency • Unattended operation • Physical attacks • Managed remotely • No central point management
security requirements • Data confidentiality • Data integrity • Data freshness • Availability • Self Organization • Authentication
Attacks • Sybil Attack • Traffic analysis attack • Node Replication attack • Attack against privacy
Defense • Focus on two methods • Key management • Provides for data confidentiality, integrity, freshness and authentication • Securing base station • Traffic analysis attacks
A probabilistic approach towards key management • DSN Nodes have limited computation and communication capabilities. • DSN – a truly dynamic infrastructure. • So traditional approach is vulnerable and impractical. • FACT: Energy consumption for a RSA (1024-bit) is about 42 mJ whereas for a AES it is 0.104 mJ in Motorola MC68328 (a mid range processor).
Solution Approach • DSN node is given a key-ring of size k randomly chosen from a key pool of size P before deployment. • Because of the randomness; two sets of k keys may be completely different. • If a path of nodes sharing keys pair-wise exists then that path is used to exchange key, thus establishing a direct link.
Key Pre-Distribution • A large pool of P keys (~ 220) and their identifiers are generated. • k keys are drawn randomly without replacement to construct a particular key-ring and loaded to a node of DSN. • A trusted controller node saves the key identifiers of a key ring and associated sensor identifier. • only a small number of keys needed to ensure that any two nodes (at least) share a key with a certain probability. • Experimental result shows that, for a probability = 0.5, only 75 keys drawn randomly out of a pool of 10,000 keys need to be on any key ring of a node.
Shared-key discovery • Goal - discover the node with which it shares a key. • The easiest way - Broadcasting. • Hide key-sharing patterns among nodes from an attacker and establish private shared-key discovery. • The recipient decrypts it with the proper key. • Creates the routing topology that guarantees the existed secured link, as a link implies sharing of a key. Also sharing of 2 or more keys between sensor nodes doesn’t cause a link security exposure.
Path-key Establishment • A path-key is assigned to selected pairs of sensor nodes that do not share a key. • But they are connected by two or more links at the end of the discovery phase of the shared-key. • key-ring size (k) is determined anticipating the fact of revocation and incremental addition of new sensor nodes, since both may require the execution of the path key establishment phase after shared-key discovery.
Some issues of DSN • Revocation. • Re-Keying. • Resiliency to node capture.
Analysis p = prob. of existence a shared key between 2 nodes. n = number of nodes. d = p*(n-1) = expected number of edges connecting that node with its neighbor. • Now we will try to find d so that DSN will be connected. • We also want to determine the pool size of keys (P) given a limit for k keys in each node for a DSN of n nodes where d is given under a neighborhood connectivity constraint (say n’ = neighborhood connectivity of a node n’<< n). [ practically k is limited by memory size of a node]
Analysis…(contd.) • Pc = lim prob.[G (n,p) is connected]= exp (exp(-c)) n-> inf where p = (ln(n) /n) + (c/n) [c is any Real constant] • p’ = d/( n’ - 1) >> p. • So p’ precisely gives us the probability that 2 nodes share at least a key from their k sized key-ring that was chosen from a pool of size P [not a sensor design constraint and may be very big]. • Given n we can find p so that G is connected with Pc . • We have to find out P for a given k and for a p’ .
Analysis…(contd.) p’ =1-prob. ( two nodes don’t share a key) = 1 - (P-k ) Ck / P Ck Using Sterling Approximation : n ! ≈ (2)1/2 (n)n+(1/2) e-n So we have, p’ = 1- [(1-k/p)2(P-k+(1/2)) / (1-2k/P) (P-2k+(1/2))]
Important Conclusions • Size of a DSN (n) has little effect on the expected degree of a node required to have a connected graph. • If P = 10,000 then only k = 75 keys are required to be distributed to any two nodes to make p = 0.5 to share a key from their key ring. Now for k = 250 if we take P = 100,000. This proves the scalability. • “Almost certain” connectivity through shared-key for a 10,000-node DSN, a key ring of size only 250 have to be pre-distributed.
Base Station Security • Multi-path routing to multiple base stations • Confusion of address fields • Relocation of base station
Multiple Base Stations • Route Discovery • Route Request • Route Feedback
Multiple Base Stations • Multi-path data routing • Compute the connectivity information from the feedback messages • Compute global topology of the network • Compute redundant routes for each node • Construct forwarding tables for each node (forwarding table entry <D,S,IS> for each route node lies) • Dispatch the forwarding tables
Multiple Base Stations • Multi-path data routing (cont’d) (Computing 2-redundant routes) • Choose two independent paths for any desired node A • First path to the closest base station (Use BFS) • Second path to any base station (Three s1, s2, s3 sets of nodes)
During route discovery Reversible hash function H(x) , shared key Kc For each ID m, compute Cm = {x: H(x) = m} After route discovery Pair-wise keys for each neighbor nodes on the same route Sent along with the forwarding tables Disguising Base station location
Base Station Relocation • Uniform Random Deployment • Attack on vicinity of Base station • Both Base stations on the opposite edges
Base Station Relocation • Dense–sparse Graph • Attack on the center of the dense part • One Base station on dense-sparse edge • Other Base station on opposite to first